skip to Main Content

I have a Symfony project on an Apache server that uses Mercure and I try to setup the Mercure hub in production.

To run the Mercure hub in production, I extract the archive mercure_0.6.2_Linux_x86_64.tar.gz (https://github.com/dunglas/mercure/releases) into a subfolder mercure at the root of my project.

Then I run the command:

JWT_KEY='myJWTKey' ACME_HOSTS='example.com' ./mercure

with my informations

But the hub doesn’t run with this error:

FATA[0000] listen tcp :443: bind: permission denied

I saw a similar question (How to run Mercure in production)
but the proposed answer uses ADDR to change port, and according to the documentation, “Let’s Encrypt only supports the default port: to use Let’s Encrypt, do not set this variable.”.

How do I run Mercure in production?

2

Answers


  1. Chosen as BEST ANSWER

    Here are the steps I did to resolve my problem :

    I run Mercure with this command:

    JWT_KEY='aVerySecretKey' ADDR='myhub.com:3000' CORS_ALLOWED_ORIGINS='https://mywebsite.com' DEBUG=1 ALLOW_ANONYMOUS=1 ./mercure
    

    So, Mercure run here: http://myhub.com:3000.

    I use Apache as a proxy with this parameters:

    ProxyPass / http://myhub.com:3000/
    ProxyPassReverse / https://myhub.com/
    

    So now, I can access the hub in HTTPS here https://myhub.com/hub from my domain https://mywebsite.com.

    Thanks to dunglas, the author of Mercure.


  2. I don’t know if this is helpful, but after a lot of struggle I got Mercure working on a live server like this. (I’m using port 9090 throughout.) In Apache domain conf:

    ProxyPass /hub/ http://localhost:9090/
    ProxyPassReverse /hub/ http://localhost:9090/
    

    In Javascript:

    new URL('https://www.example.com/hub/.well-known/mercure');
    

    In Symfony:

    MERCURE_PUBLISH_URL=https://www.example.com/hub/.well-known/mercure
    

    Being careful not to confuse MERCURE_JWT_TOKEN with MERCURE_JWT_SECRET.

    From root, running Mercure server like this for testing:

    docker run     -e JWT_KEY='!ChangeMe!' -e DEMO=1 -e ALLOW_ANONYMOUS=1 -e CORS_ALLOWED_ORIGINS='*' -e PUBLISH_ALLOWED_ORIGINS='*'     -p 9090:80     dunglas/mercure
    

    So now everything is working, without https / 443 problems.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search