mirror of
https://github.com/bakito/adguardhome-sync.git
synced 2026-03-02 22:57:06 -05:00
Adguard Sync Error 403 Forbidden #72
Labels
No labels
Stale
bug
bug
dependencies
dependency to upstream
duplicate
enhancement
help wanted
missing Information
openapi_gen
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/adguardhome-sync#72
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @smorgan134 on GitHub (Dec 19, 2023).
I have 2 Adguard instances set up on two separate Google Cloud VPSs. They are not set up in docker. I have firewall rules to allow ports 8080, 80, and 443. I set up Adguard sync on a separate docker server according to the instructions provided and instructions I found in a couple of YouTube videos. When I published the container, I get the following error in the logs.
2023-12-18T16:21:20.639Z ERROR sync sync/sync.go:153 Error getting origin status {"from": "10.134.50.4:80", "error": "403 Forbidden(Forbidden)"}
github.com/bakito/adguardhome-sync/pkg/sync.(*worker).sync
/go/src/app/pkg/sync/sync.go:153
github.com/bakito/adguardhome-sync/pkg/sync.Sync.func3
/go/src/app/pkg/sync/sync.go:76
I can ping each of the adguard instances from the docker server, and I can reach the management console websites for each of the adguard instances. I'm at a loss for what's happening. Any help would be appreciated.
@bakito commented on GitHub (Dec 19, 2023):
Hi @smorgan134
Please provide debug logs, otherwise I an not assist you: https://github.com/bakito/adguardhome-sync?tab=readme-ov-file#log-level
@smorgan134 commented on GitHub (Dec 19, 2023):
Where can I get the debug logs?
@bakito commented on GitHub (Dec 19, 2023):
By setting the env variable
LOG_LEVEL=debug@smorgan134 commented on GitHub (Dec 19, 2023):
Here is the log entry I get...
2023-12-19T17:05:16.684Z INFO sync sync/sync.go:38 AdGuardHome sync {"version": "v0.5.2", "build": "2023-11-23T07:13:51Z", "os": "linux", "arch": "amd64"}
2023-12-19T17:05:16.685Z DEBUG sync types/types.go:70 Using config {"config": {"origin":{"url":"http://10.134.50.4","apiPath":"/control","username":"mn","password":"e$","insecureSkipVerify":false,"autoSetup":false,"interfaceName":""},"replica":{"url":"http://10.134.50.5","apiPath":"/control","username":"mn","password":"e$","insecureSkipVerify":false,"autoSetup":false,"interfaceName":""},"cron":"*/1 * * * ","runOnStart":true,"api":{"port":8080},"features":{"dns":{"accessLists":true,"serverConfig":true,"rewrites":true},"dhcp":{"serverConfig":true,"staticLeases":true},"generalSettings":true,"queryLogConfig":true,"statsConfig":true,"clientSettings":true,"services":true,"filters":true}}}
2023-12-19T17:05:16.685Z INFO sync sync/sync.go:65 Setup cronjob {"cron": "/1 * * * *", "next-execution": "2023-12-19T17:06:00.000Z"}
2023-12-19T17:05:16.685Z INFO sync sync/http.go:57 Starting API server {"port": 8080}
2023-12-19T17:05:16.685Z INFO sync sync/sync.go:75 Running sync on startup
2023-12-19T17:05:16.686Z DEBUG client client/client-methods.go:16 do get {"host": "10.134.50.4", "method": "GET", "path": "status", "username": "mvadmin"}
2023-12-19T17:05:16.768Z DEBUG client client/client-methods.go:32 got response {"host": "10.134.50.4", "method": "GET", "path": "status", "username": "mvadmin", "status": 403, "body": "Forbidden", "content-type": ["text/plain; charset=utf-8"]}
2023-12-19T17:05:16.768Z ERROR sync sync/sync.go:153 Error getting origin status {"from": "10.134.50.4", "error": "403 Forbidden(Forbidden)"}
github.com/bakito/adguardhome-sync/pkg/sync.(*worker).sync
/go/src/app/pkg/sync/sync.go:153
github.com/bakito/adguardhome-sync/pkg/sync.Sync.func3
/go/src/app/pkg/sync/sync.go:76
Additional information...I have this server pointed to BIND DNS servers for DNS, and the BIND DNS servers are forwarding to the Adguard instances. I don't think that's going to be the point of failure, but I'm sure it's useful info.
@bakito commented on GitHub (Dec 19, 2023):
403 means something is wrong with authentication.
How is your config?
How do you start the container?
Did you chechk https://github.com/bakito/adguardhome-sync/wiki/FAQ ?
@smorgan134 commented on GitHub (Dec 19, 2023):
Here is my docker-compose file...
version: "2.1"
services:
adguardhome-sync:
image: ghcr.io/bakito/adguardhome-sync
container_name: adguardhome-sync
command: run
environment:
LOG_LEVEL: "debug"
ORIGIN_URL: "http://10.134.50.4"
ORIGIN_USERNAME: "username"
ORIGIN_PASSWORD: 'password with special characters'
REPLICA_URL: "http://10.134.50.5"
REPLICA_USERNAME: "username"
REPLICA_PASSWORD: 'password with special characters'
CRON: "*/1 * * * *"
RUNONSTART: true
ports:
- 8080:8080
restart: unless-stopped
I changed the double quotes I had around the password for single quotes like it suggests because my password has special characters. It is still giving me the same error. See log below.
2023-12-19T17:33:00.030Z DEBUG client client/client-methods.go:16 do get {"host": "10.134.50.4", "method": "GET", "path": "status", "username": "mvadmin"}
2023-12-19T17:33:00.114Z DEBUG client client/client-methods.go:32 got response {"host": "10.134.50.4", "method": "GET", "path": "status", "username": "mvadmin", "status": 403, "body": "Forbidden", "content-type": ["text/plain; charset=utf-8"]}
2023-12-19T17:33:00.114Z ERROR sync sync/sync.go:153 Error getting origin status {"from": "10.134.50.4", "error": "403 Forbidden(Forbidden)"}
github.com/bakito/adguardhome-sync/pkg/sync.(*worker).sync
/go/src/app/pkg/sync/sync.go:153
github.com/bakito/adguardhome-sync/pkg/sync.Sync.func2
/go/src/app/pkg/sync/sync.go:59
github.com/robfig/cron/v3.FuncJob.Run
/go/pkg/mod/github.com/robfig/cron/v3@v3.0.1/cron.go:136
github.com/robfig/cron/v3.(*Cron).startJob.func1
/go/pkg/mod/github.com/robfig/cron/v3@v3.0.1/cron.go:312
I double checked the login information is correct on both instances, and they are indeed correct.
@bakito commented on GitHub (Dec 19, 2023):
can you reach the adguardhome instances from the server where adguardhome is running?
or with special characters
Please also check the logs of adguardhome, any errors there?
@smorgan134 commented on GitHub (Dec 19, 2023):
This is what I got using...
export AGH_AUTH=$(echo -n ':' | base64)
curl -H "Authorization: Basic ${AGH_AUTH}" http://10.134.50.4/control/status -v
< HTTP/1.1 200 OK
< Content-Type: application/json
< Server: AdGuardHome/v0.107.43
< Vary: Accept-Encoding
< Date: Tue, 19 Dec 2023 19:41:54 GMT
< Content-Length: 245
<
{"version":"v0.107.43","language":"","dns_addresses":["127.0.0.1","::1","10.134.50.4","fe80::4001:aff:fe86:3204%ens4"],"dns_port":53,"http_port":80,"protection_disabled_duration":0,"protection_enabled":true,"dhcp_available":true,"running":true}
I'm not sure where to find the Adguard Log files.
@bakito commented on GitHub (Dec 19, 2023):
do you have dollar signs in your password, then you'll need to escape them according to docker-compose documentation:
https://github.com/compose-spec/compose-spec/blob/master/spec.md#interpolation
Password: 'my$ecurePWD' -> docker-compose 'my$$ecurePWD'
@smorgan134 commented on GitHub (Dec 19, 2023):
I got the dollar signs out of my password and did the trick! Thanks for your help!