ERPNext Foundation ERPNext Cloud User Manual Blog Discuss Frappé* Donate

Use HTTPS / Socket.io in development environment

discussion
erpnext-version-11

#1

When setting up a development bench with ssl/https socket.io does not work:

bench init frappe-dev --python python3.7
cd frappe-dev
# Fix incompatible version error
./bin/pip3 install urllib3==1.24.2
bench get-app erpnext
bench switch-to-[branch]
bench new-site develop.[domain].com
bench set-config developer_mode 1
# https://github.com/frappe/erpnext/wiki/Setting-up-TLS-SSL-certificates-Let's-Encrypt-for-ERPNext-sites
bench set-ssl-certificate develop.[domain].com /etc/letsencrypt/live/develop.[domain].com/fullchain.pem
bench set-ssl-key develop.[domain].com /etc/letsencrypt/live/develop.[domain].com/privkey.pem
bench config dns_multitenant on
bench setup nginx
bench setup procfile
sudo ln -s `pwd`/config/nginx.conf /etc/nginx/conf.d/frappe-bench.conf
sudo service nginx restart
bench start

Resulting error:

GET https://develop.[domain].com:9000/socket.io/?EIO=3&transport=polling&t=Mfq3F1I net::ERR_CONNECTION_CLOSED
libs.min.js?ver=1556712335.0:1234:
  • Neither the NGINX nor the Bench/Frappe/ERPNext logs gave any hint
  • When using supervisor it does work
  • Executing supervisorctl start frappe-dev-web:frappe-dev-frappe-web, removing line web: bench serve --port 8000 from Procfile and executing bench start did work

Solution:
Changing following line in Procfile did the trick:
web: bench serve --port 8000
to
web: sudo bench serve --port 8000

Info:
The user, most likely frappe needs following sudo permission:

HEY! USE SCREEN -bash-4.2$ sudo -l

...

User frappe may run the following commands on erpnext:
    (root) /sbin/service
    (root) NOPASSWD: /sbin/service nginx *
    (root) NOPASSWD: /sbin/service supervisord *
    (root) /bin/systemctl
    (root) NOPASSWD: /bin/systemctl * nginx
    (root) NOPASSWD: /bin/systemctl * supervisord
    (root) NOPASSWD: /bin/supervisorctl
    (root) NOPASSWD: /sbin/nginx
    (root) NOPASSWD: /opt/certbot-auto
    (root) NOPASSWD: /bin/bench

Is this a ficable solution? Did I make any setup errors?

ERPNext: v11.1.23 (master)
Frappe Framework: v11.1.25 (master)
Bench: 4.1.0(master)
CentOS Linux release 7.6.1810 (Core)