[Solved] Mattermost 7.9.1 stuck on loading after new installation

Hi All,
I’ve got a brand new mattermost installation, and I’m stuck after following the install guide. The “chat” interface (don’t have a better name for it) refuses to finish loading, while trying to use the domain name.

The cloud provider I’m on is set to block all connections, but allow :80, and :443 from Cloudflare IPs. Internal access is through overlay VPN. I can access the MM application & system console over the same VPN (i.e. by private ip address) on :8065. The failure seems to be limited only to accessing over the domain name over :80/:443 (which means: through cloudflare over SSL, using nginx as a reverse proxy).

A video demonstrating the behavior is available here:

I’ve followed the instructions available here: Installing Mattermost on Debian Buster — Mattermost documentation, only deviating where necessary for credentials; commands have been copy/pasted for the most part.

I’m installing this on a Debian-11 distribution. Host-to-cloudflare TLS is provided by let’s encrypt. Cloudflare’s SSL mode is set to strict.

The machine this is installed on is also hosting an instance of Akkoma, the Akkoma instance is hosted at: https://omglol.fun, and I would like the mattermost instance to be running from: https://mm.omglol.fun. Akkoma lived on the server first, and still works flawlessly.

One thing that may be confounding is the following routings:

https ://omglol.fun/api/v1… → should route to akkoma
https ://mm.omglol.fun/api/v[0-9]… → should route to mattermost

Honestly, I’m not entirely sure this is a mattermost issue, but maybe an issue were I don’t understand nginx perfectly.

Configs
NGINX’s nginx.conf
MM’s nginx config
MM’s config.json
Akkoma’s nginx config

Logs
MM’s log
Nginx error.log
Nginx access.log

There is some extremely strange behavior visible in the error log.

• There are references to an ip (10.10.10.2) – I have no idea where this comes from
• It’s clear there’s some cross pollenation between mm.omglol.fun and omglol.fun resources

If someone wouldn’t mind throwing an idiot a bone; I would really appreciate it.

As an update,

Bypassing cloudflare enables the application. I’m going to fiddle with cloudflare for a while to see if I can make the magic happen.

Cloudflare’s Rocketloader is incompatible with Mattermost. – Disabling it completely fixes page loading.

Hi @Crisp and welcome to the Mattermost forums!

I don’t really have a clear idea of what’s going south here with your setup, but I think it might be related to the distorted order of the javascripts being loaded when using Rocketloader, not sure how Mattermost could work around that, but I’ll alert the developers of this post and limitation, thanks for posting the solution!

Hello @agriesser, at this point I should probably rewrite the original post. There are a lot of confounding issues in the logs (some of the entries were from very early in the installation attempts.), and I was hoping for an easy configuration issue to fix rather than turn off cloudflare.

Just to be clearer about what my overall setup is, and what I’m trying to accomplish: I have a cloud-VM that I only want accessible through cloudflare’s waf; no ssh, no non-cloudflare traffic on the http endpoints. To that end, Cloudflare is setup to interpose itself (DNS Proxying, SSL proxying, WAF, and caching are all enabled); and I have an overlay VPN (e.g. zerotier, or tailscale or the like) for unfirewalled access to the machine (all ports are open when peering through the VPN).

All that is an awfully complicated setup to troubleshoot for a fresh installation. The only reason I started with that much accretion is because of the other application that also lives on the machine – and I wasn’t quite willing to expose that to the raw internet when I wrote the post.

Using the VPN to access the business-end of Mattermost (rather than the admin console) successfully gave me the kick in the pants necessary to bring the cloudflare portion of the setup under scrutiny. The problem solved soon after that.

Anyway, all the above is just for adding clarity and, in the case where someone else bumps their head in to this corner, maybe a solution.

Mattermost works fine behind Cloudflare, it’s maybe just really only the RocketLoader which is problematic and it should be safe to turn it off and have everything else still activated. The normal reverse proxy and SSL offloading on Cloudflare works with Mattermost in the background.