W
Wasp-lang5mo ago
wardbox

Trying to run wasp over https locally, permission denied

I'm trying to run wasp over https locally to test oauth that requires https. I tried using the plugin-basic-ssl that comes with vite like so and it actually worked for a bit, but I had to run sudo wasp start to get it to work. When i tried running it again I got issues with not being able to find some of my modules and it seems something odd is happening when building wasp with sudo. If i run without sudo I just get this error: 
[ Client!] error when starting dev server:
[ Client!] Error: listen EACCES: permission denied 127.0.0.1:443
[ Client!]     at Http2SecureServer.setupListenHandle [as _listen2] (node:net:1881:21)
[ Client!]     at listenInCluster (node:net:1946:12)
[ Client!]     at GetAddrInfoReqWrap.doListen [as callback] (node:net:2116:7)
[ Client!]     at GetAddrInfoReqWrap.onlookup [as oncomplete] (node:dns:111:8)
[ Client!] error when starting dev server:
[ Client!] Error: listen EACCES: permission denied 127.0.0.1:443
[ Client!]     at Http2SecureServer.setupListenHandle [as _listen2] (node:net:1881:21)
[ Client!]     at listenInCluster (node:net:1946:12)
[ Client!]     at GetAddrInfoReqWrap.doListen [as callback] (node:net:2116:7)
[ Client!]     at GetAddrInfoReqWrap.onlookup [as oncomplete] (node:dns:111:8)
my vite config that worked with sudo wasp start 
import { defineConfig } from "vite";
import basicSsl from "@vitejs/plugin-basic-ssl";

export default defineConfig({
  server: {
    open: false,
    host: "local.mydomain.com",
    port: 443,
  },
  plugins: [
    basicSsl({
      name: "test",
    }),
  ],
});
import { defineConfig } from "vite";
import basicSsl from "@vitejs/plugin-basic-ssl";

export default defineConfig({
  server: {
    open: false,
    host: "local.mydomain.com",
    port: 443,
  },
  plugins: [
    basicSsl({
      name: "test",
    }),
  ],
});
5 Replies
kapa.ai
kapa.ai5mo ago
Hi @wardbox. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave: ---------------------- The error message you're seeing, Error: listen EACCES: permission denied 127.0.0.1:443, is indicating that the process doesn't have permission to bind to port 443. This is a common issue when trying to bind to ports below 1024, which are considered privileged ports and typically require root access to bind to. Running sudo wasp start would give the process the necessary permissions, but as you've noticed, it can cause other issues. This is because sudo runs the command as the root user, which can have different environment variables and permissions, leading to the issues with finding modules. One potential solution to this issue is to use a reverse proxy, such as Nginx or Apache, to forward traffic from port 443 to a higher, non-privileged port that your application is listening on. This would allow you to run your application without needing root permissions. Unfortunately, the knowledge sources provided do not contain specific instructions on how to set up a reverse proxy for Wasp. You may want to refer to the documentation for the reverse proxy software you choose to use for specific instructions. Another potential solution is to use a tool like authbind that allows a program that would normally require superuser privileges to access privileged network services to run as a non-privileged user. authbind allows the system administrator to permit specific users and groups access to bind to TCP and UDP ports below 1024. Please note that these are general solutions and may not work in all situations. Always ensure that you understand the security implications of the changes you're making to your system. ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ---------------------- Sorry @wardbox, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist: Perhaps try again in 15mins?
wardbox
wardboxOP5mo ago
should note i also have an entry in my hosts file for local.mydomain.com
martinsos
martinsos4mo ago
Hey @wardbox have you sovled this? I am not sure where to start with this one hm. I think first step would be figuring out if you can do this without sudo, as using sudo like this is not recommended from what I know and it will also be hard to fgiure out how to get that working.
wardbox
wardboxOP4mo ago
@miho was helping me out with a related but different issue and we ended up using npx localtunnel --port 3001 to forward requests to the backend over https which worked nicely i just had to set the redirect uri for the oauth service to the localtunnel domain that gets generated
wardbox
wardboxOP4mo ago
this stopped working for some unknown reason (just never loads the tunnel) so i switched over to cloudflared quick tunnels https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/do-more-with-tunnels/trycloudflare/
Cloudflare Docs
Quick Tunnels · Cloudflare Zero Trust docs
Developers can use the TryCloudflare tool to experiment with Cloudflare Tunnel without adding a site to Cloudflare’s DNS. TryCloudflare will launch a …
Want results from more Discord servers?
Add your server