Infos:

• Used Zammad version: 3.2
• Used Zammad installation source: DEB
• Operating system: Ubuntu
• Browser + version: Chrome 80.0.3987.122

Expected behavior:

• I am trying to move my Zammad system to a new server

Actual behavior:

• Did a backup on old server as described here: backup and restore
• Set up a new server with a new Zammad system
• Restored old data
• Got a CSRF failure
• Assigned old IP and domain to new server
• Still got a CSRF failure

Sorry for opening a new post, this would perfectly fit in here but that post was closed while I was typing :-/

Thanks for any help,
best regards,
Simon

This is my zammad.conf:

this is the nginx config for zammad

upstream zammad {
server localhost:3000;
}

upstream zammad-websocket {
server localhost:6042;
}

Added - Automatically redirect HTTP to HTTPS Nginx

server {
listen 80;
server_name my.domain.de;
return 301 https://$host$request_uri;
}

Added - HTTPS configuration for Zammad

server {
listen 443 http2 ssl;

ssl_certificate /etc/letsencrypt/live/my.domain.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/my.domain.de/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers “EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH”;
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport-Security “max-age=63072000; includeSubdomains”;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;

replace ‘localhost’ with your fqdn/domain name if you want to use zammad from remote

server_name my.domain.de;

root /opt/zammad/public;

access_log /var/log/nginx/zammad.access.log;
error_log /var/log/nginx/zammad.error.log;

client_max_body_size 50M;

location ~ ^/(assets/|robots.txt|humans.txt|favicon.ico) {
expires max;
}

location /ws {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “Upgrade”;
proxy_set_header CLIENT_IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 86400;
proxy_pass http://zammad-websocket;
}

location / {
proxy_set_header Host $http_host;
proxy_set_header CLIENT_IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 180;
proxy_pass http://zammad;

gzip on;
gzip_types text/plain text/xml text/css image/svg+xml application/javascript application/x-javascript application/json application/xml;
gzip_proxied any;
}
}

Please have a look at this thread, it will solve your issue:

Thank you very much! I figured it out now.
But here is the next problem:
Everything is restored, I did

zammad run rake searchindex:rebuild

but I am not able to login, this is the error I get:

Requesting a new password does not work either.

Any ideas?
Thanks in advance
Simon

Please don’t mix topics.
Lookup the provided ID with a friendly grep in your production log.

These error ids are generated randomly and have no real connection to learn what went wrong.

Hehe, thanks for the hint. It shows that I am not mixing topics, but that was lucky

[2020-03-07T14:49:42.690917 #2136-47063552666340] ERROR – : Error ID cSlzkeB p: CSRF token verification failed!

That error haunts me…

Fixed it.
What I did:

1.: Go to the old system.
2.: Find this in settings:

It was set to “https”, that was the mistake. Set it to “http”.
3. Do the backup
4. Restore on new server.
5. Get a beer.

=)

Glad you could solve it.
I see flaws in your list thoguh.

DId you mean:

[...]
3. Do the backup
4. Get a beer.
5. Restore on new server.
6. Get a beer.

?

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.