2

I have a Symfony project on an Apache server that uses Mercure and I try to setup the Mercure hub in production.

To run the Mercure hub in production, I extract the archive mercure_0.6.2_Linux_x86_64.tar.gz (https://github.com/dunglas/mercure/releases) into a subfolder mercure at the root of my project.

Then I run the command:

JWT_KEY='myJWTKey' ACME_HOSTS='example.com' ./mercure

with my informations

But the hub doesn't run with this error:

FATA[0000] listen tcp :443: bind: permission denied

I saw a similar question (How to run Mercure in production) but the proposed answer uses ADDR to change port, and according to the documentation, "Let's Encrypt only supports the default port: to use Let's Encrypt, do not set this variable.".

How do I run Mercure in production?

Stephan Vierkant
  • 9,674
  • 8
  • 61
  • 97
Alexis Mathias
  • 83
  • 1
  • 9
  • To answer your deleted question in my topic, no, I did not solve my problem so far, and I did not try for a while either. Overall, the reverse proxy seems to be the solution, with either nginx or apache. I once contacter the author of Mercure, and he told me to either run mercure as root, or use tools like authbind to solve the :445 issue. Didn't works though. If I can't solve this problem, I will simply look for a non-mercure solution. – Preciel Aug 30 '19 at 15:27

2 Answers2

4

Here are the steps I did to resolve my problem :

I run Mercure with this command:

JWT_KEY='aVerySecretKey' ADDR='myhub.com:3000' CORS_ALLOWED_ORIGINS='https://mywebsite.com' DEBUG=1 ALLOW_ANONYMOUS=1 ./mercure

So, Mercure run here: http://myhub.com:3000.

I use Apache as a proxy with this parameters:

ProxyPass / http://myhub.com:3000/
ProxyPassReverse / https://myhub.com/

So now, I can access the hub in HTTPS here https://myhub.com/hub from my domain https://mywebsite.com.

Thanks to dunglas, the author of Mercure.

Alexis Mathias
  • 83
  • 1
  • 9
2

I don't know if this is helpful, but after a lot of struggle I got Mercure working on a live server like this. (I'm using port 9090 throughout.) In Apache domain conf:

ProxyPass /hub/ http://localhost:9090/
ProxyPassReverse /hub/ http://localhost:9090/

In Javascript:

new URL('https://www.example.com/hub/.well-known/mercure');

In Symfony:

MERCURE_PUBLISH_URL=https://www.example.com/hub/.well-known/mercure

Being careful not to confuse MERCURE_JWT_TOKEN with MERCURE_JWT_SECRET.

From root, running Mercure server like this for testing:

docker run     -e JWT_KEY='!ChangeMe!' -e DEMO=1 -e ALLOW_ANONYMOUS=1 -e CORS_ALLOWED_ORIGINS='*' -e PUBLISH_ALLOWED_ORIGINS='*'     -p 9090:80     dunglas/mercure

So now everything is working, without https / 443 problems.

Tubusy
  • 31
  • 1
  • 7