Summary
mattermost refuses to connect to internal slashcommand server and suggests adding to AllowedUntrustedInternalConnections in log.
Steps to reproduce
I am using
Mattermost Version: 5.17.3
Database Schema Version: 5.17.0
Database: postgres
Join the Mattermost community at mattermost.org
Copyright 2015 - 2020 Mattermost, Inc. All rights reserved
Terms of Service - Privacy Policy
Mattermost is made possible by the open source software used in our server, desktop and mobile apps.
Build Hash: 35ea48a071f2837d30217cefb2de7d7855fe7f77
EE Build Hash: none
Webapp Build Hash: 77c98e5d8a2da5be8c613dcb0ce9661e02c938f8
Build Date: Wed Jan 8 18:58:54 UTC 2020
I run in a docker container behind an ssl terminating HA Proxy and in general things works well.
I have checked the websockets and they work just fine.
I have the /var/opt/gitlab/mattermost/config.json below [1] with AllowedUntrustedInternalConnections set.
I have tried to…
… Alter the AllowedUntrustedInternalConnections
… enable cors. To restart and rebuild docker images.
… gitlab-ctl reconfigure
I would like to set those settings from the system console, but it is not showing up. I dont know if that is a related problem.
Expected behavior
I would expect to be able to run my slash command
Observed behavior
I get this error in the logs
{
"level": "error",
"ts": 1581938226.0263855,
"caller": "mlog/log.go:174",
"msg": "Command with a trigger of 'standup' failed",
"path": "/api/v4/commands/execute",
"request_id": "nzinbux67pgrxp39hhkaamdj7e",
"ip_addr": "192.168.2.54",
"user_id": "--------------------------------------",
"method": "POST",
"err_where": "command",
"http_code": 500,
"err_details": "Post http://slashbot.i.my.doma.in/standup: address forbidden, you may need to set AllowedUntrustedInternalConnections to allow an integration access to your internal network"
}
Question
What do I need to do in order to allow requests to slashbot.i.my.doma.in ?
Attachments
1. /var/opt/gitlab/mattermost/config.json
{
"ServiceSettings": {
"SiteURL": "http://chat.i.my.doma.in",
"WebsocketURL": "",
"LicenseFileLocation": "",
"ListenAddress": "127.0.0.1:8065",
"ConnectionSecurity": "",
"TLSCertFile": "",
"TLSKeyFile": "",
"TLSMinVer": "1.2",
"TLSStrictTransport": false,
"TLSStrictTransportMaxAge": 63072000,
"TLSOverwriteCiphers": [],
"UseLetsEncrypt": false,
"LetsEncryptCertificateCacheFile": "./config/letsencrypt.cache",
"Forward80To443": false,
"TrustedProxyIPHeader": [
"X-Forwarded-For",
"X-Real-IP"
],
"ReadTimeout": 300,
"WriteTimeout": 300,
"MaximumLoginAttempts": 10,
"GoroutineHealthThreshold": -1,
"GoogleDeveloperKey": "",
"EnableOAuthServiceProvider": false,
"EnableIncomingWebhooks": true,
"EnableOutgoingWebhooks": true,
"EnableCommands": true,
"EnableOnlyAdminIntegrations": true,
"EnablePostUsernameOverride": false,
"EnablePostIconOverride": false,
"EnableLinkPreviews": false,
"EnableTesting": false,
"EnableDeveloper": false,
"EnableSecurityFixAlert": true,
"EnableInsecureOutgoingConnections": false,
"AllowedUntrustedInternalConnections": " slashbot.i.my.doma.in git.i.my.doma.in",
"EnableMultifactorAuthentication": false,
"EnforceMultifactorAuthentication": false,
"EnableUserAccessTokens": false,
"AllowCorsFrom": "*",
"CorsExposedHeaders": "",
"CorsAllowCredentials": false,
"CorsDebug": true,
"AllowCookiesForSubdomains": false,
"SessionLengthWebInDays": 180,
"SessionLengthMobileInDays": 180,
"SessionLengthSSOInDays": 30,
"SessionCacheInMinutes": 10,
"SessionIdleTimeoutInMinutes": 43200,
"WebsocketSecurePort": 443,
"WebsocketPort": 80,
"WebserverMode": "gzip",
"EnableCustomEmoji": true,
"EnableEmojiPicker": true,
"EnableGifPicker": false,
"GfycatApiKey": "-------",
"GfycatApiSecret": "------------------------------------------------",
"RestrictCustomEmojiCreation": "all",
"RestrictPostDelete": "all",
"AllowEditPost": "always",
"PostEditTimeLimit": -1,
"TimeBetweenUserTypingUpdatesMilliseconds": 5000,
"EnablePostSearch": true,
"MinimumHashtagLength": 3,
"EnableUserTypingMessages": true,
"EnableChannelViewedMessages": true,
"EnableUserStatuses": true,
"ExperimentalEnableAuthenticationTransfer": true,
"ClusterLogTimeoutMilliseconds": 2000,
"CloseUnusedDirectMessages": false,
"EnablePreviewFeatures": true,
"EnableTutorial": true,
"ExperimentalEnableDefaultChannelLeaveJoinMessages": true,
"ExperimentalGroupUnreadChannels": "disabled",
"ExperimentalChannelOrganization": false,
"ImageProxyType": "",
"ImageProxyURL": "",
"ImageProxyOptions": "",
"EnableAPITeamDeletion": true,
"ExperimentalEnableHardenedMode": false,
"DisableLegacyMFA": true,
"ExperimentalStrictCSRFEnforcement": false,
"EnableEmailInvitations": false,
"ExperimentalLdapGroupSync": false,
"DisableBotsWhenOwnerIsDeactivated": true,
"EnableBotAccountCreation": false,
"EnableSVGs": true,
"EnableLatex": true
},
"TeamSettings": {
"SiteName": "my.doma.in Mattermost",
"MaxUsersPerTeam": 50,
"EnableTeamCreation": true,
"EnableUserCreation": true,
"EnableOpenServer": false,
"EnableUserDeactivation": false,
"RestrictCreationToDomains": "",
"EnableCustomBrand": false,
"CustomBrandText": "",
"CustomDescriptionText": "",
"RestrictDirectMessage": "any",
"RestrictTeamInvite": "all",
"RestrictPublicChannelManagement": "all",
"RestrictPrivateChannelManagement": "all",
"RestrictPublicChannelCreation": "all",
"RestrictPrivateChannelCreation": "all",
"RestrictPublicChannelDeletion": "all",
"RestrictPrivateChannelDeletion": "all",
"RestrictPrivateChannelManageMembers": "all",
"EnableXToLeaveChannelsFromLHS": false,
"UserStatusAwayTimeout": 300,
"MaxChannelsPerTeam": 2000,
"MaxNotificationsPerChannel": 1000000,
"EnableConfirmNotificationsToChannel": true,
"TeammateNameDisplay": "username",
"ExperimentalViewArchivedChannels": false,
"ExperimentalEnableAutomaticReplies": false,
"ExperimentalHideTownSquareinLHS": false,
"ExperimentalTownSquareIsReadOnly": false,
"ExperimentalPrimaryTeam": "",
"ExperimentalDefaultChannels": []
},
"ClientRequirements": {
"AndroidLatestVersion": "",
"AndroidMinVersion": "",
"DesktopLatestVersion": "",
"DesktopMinVersion": "",
"IosLatestVersion": "",
"IosMinVersion": ""
},
"SqlSettings": {
"DriverName": "postgres",
"DataSource": "user=gitlab_mattermost host=/var/opt/gitlab/postgresql port=5432 dbname=mattermost_production",
"DataSourceReplicas": [],
"DataSourceSearchReplicas": [],
"MaxIdleConns": 20,
"ConnMaxLifetimeMilliseconds": 3600000,
"MaxOpenConns": 300,
"Trace": false,
"AtRestEncryptKey": "--------------------------",
"QueryTimeout": 30
},
"LogSettings": {
"EnableConsole": true,
"ConsoleLevel": "INFO",
"ConsoleJson": true,
"EnableFile": true,
"FileLevel": "INFO",
"FileJson": true,
"FileLocation": "/var/log/gitlab/mattermost",
"EnableWebhookDebugging": true,
"EnableDiagnostics": true
},
"NotificationLogSettings": {
"EnableConsole": true,
"ConsoleLevel": "DEBUG",
"ConsoleJson": true,
"EnableFile": true,
"FileLevel": "INFO",
"FileJson": true,
"FileLocation": ""
},
"PasswordSettings": {
"MinimumLength": 5,
"Lowercase": false,
"Number": false,
"Uppercase": false,
"Symbol": false
},
snip