Weather Not Updating In Docker

Nicholas_Hunt · May 23, 2018, 2:46pm

Having an issue with the weather not updating using Docker on windows server 2016. Ive followed a few of the guides:
https://community.xibo.org.uk/t/xibo-weather-module-issues/13680/2

https://community.xibo.org.uk/t/using-tickers-forecast-twitter-and-other-external-resources-that-make-use-of-https-connections/46?source_topic_id=351&source_topic_id=13680

After injecting the cert nothing changes still wont update I have to restart the docker in order for it to update and then it only updates the one time. When running the docker command to update the cert I injected says

WARNING: ca-cert-cacert.pem does not contain exactly one certificate or CRL: skipping

I’ve run out of articles I can find on the matter any help would be appreciated.

alex · May 23, 2018, 3:09pm

First obtain a copy of the ca cert for your corporate proxy that is spoofing your SSL certificates.

Once you have it, you’ll need to add it in to the container, by running the following substituting the name of your cms-web container:

docker cp mycert.pem xibo_cms-web_1:/usr/local/share/ca-certificates
docker exec -ti xibo_cms-web_1 update-ca-certificates
docker restart xibo_cms-web_1

That should add your certificate, and the CMS should be able to connect to the Darksky servers.

If not, please run the following

docker exec -ti xibo_cms-web_1 sh
curl -v https://api.darksky.net
exit

What is returned?

Nicholas_Hunt · May 23, 2018, 3:34pm

We do not have a proxy here. I got the cert I injected from
https://curl.haxx.se/docs/caextract.html

*Had to add extra letters in the urls below or it wouldn’t let me post

Results from curl -v htttps://api.darksky.net

Rebuilt URL to: htttps://api.darksky.net/

Trying 192.155.88.106…

TCP_NODELAY set

Connected to api.darksky.nett (192.155.88.106) port 443 (#0)

ALPN, offering http/1.1

successfully set certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none

TLSv1.2 (OUT), TLS handshake, Client hello (1):

TLSv1.2 (IN), TLS handshake, Server hello (2):

TLSv1.2 (IN), TLS handshake, Certificate (11):

TLSv1.2 (IN), TLS handshake, Server key exchange (12):

TLSv1.2 (IN), TLS handshake, Server finished (14):

TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

TLSv1.2 (OUT), TLS change cipher, Client hello (1):

TLSv1.2 (OUT), TLS handshake, Finished (20):

TLSv1.2 (IN), TLS change cipher, Client hello (1):

TLSv1.2 (IN), TLS handshake, Finished (20):

SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384

ALPN, server accepted to use http/1.1

Server certificate:

subject: C=US; ST=Massachusetts; L=Cambridge; O=The Dark Sky Company LLC; CN=*.darksky.net

start date: Aug 18 00:00:00 2017 GMT

expire date: Sep 28 12:00:00 2018 GMT

subjectAltName: host “api.darksky.net” matched cert’s “*.darksky.net”

issuer: C=US; O=DigiCert Inc; CN=DigiCert SHA2 Secure Server CA

SSL certificate verify ok.
GET / HTTP/1.1
Host: api.darksky.nett
User-Agent: curl/7.59.0
Accept: /

< HTTP/1.1 404 Not Found
< Server: nginx
< Date: Wed, 23 May 2018 15:28:04 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 13
< Connection: keep-alive
< X-Response-Time: 0.319ms
<
Cannot GET /

Connection #0 to host api.darksky.nett left intact

alex · May 23, 2018, 3:36pm

The Docker containers come all pre-configured. There’s no need to try and inject another ca certificate ring.

The curl output shows SSL is working just fine. Your issue isn’t related to that.

Perhaps you could post whatever the log messages you’re getting are that suggest you’re having SSL issues?

It’s worth checking that you registered for a Darksky API key and added that in to the weather module configuration? It won’t work if you haven’t.

Nicholas_Hunt · May 23, 2018, 7:27pm

I didnt have any log messages that suggested, I only went that route as that was the only information I could find on the issue. I did check the darksky api and even generated a new code. I did just notice as far as Dark sky is concerned today for instance has only requested once. Even though i’ve gone into the layout and click get forcast maybe twenty times today just to see if it would update.

Reinstalled Docker and weather updated the one time nothing since.

alex · May 24, 2018, 8:48am

Weather is cached for around 6 hours I believe or so for a given location, so that sounds completely normal to me.

Nicholas_Hunt · May 24, 2018, 2:51pm

After Reinstalling Docker and I reran the curl so this is without me injecting the cert

/ # curl -v hhttps://api.darksky.net

Rebuilt URL to: htttps://api.darksky.net/
Could not resolve host: api.darksky.nett
Closing connection 0
curl: (6) Could not resolve host: api.darksky.net

I’ve verified the host machine can resolve just fine

Edit: I changed the DNS for Docker and it started to resolve again ill check in a few hours see if weather is updating properly.

Nicholas_Hunt · May 24, 2018, 4:41pm

I was able to solve this:
First Issue was change Docker DNS Settings from Automatic to Googles dns
Second changed cache time like suggested to something less, for our use every 15 mins
Third Change the update interval to the length of the layout

The cache and update interval are very confusing as I was under the impression the update interval is how often the api grabs the weather not how often the region updates. After understanding that, the weather is now updating correctly.
Thanks for the help