Staticman Instance gives 'Internal Server Error'

[sachin10101998]

I tried hosting my own instance of Staticman on Heroku. I cloned the repo, added the Github access token, Private RSA Key and hosted it as heroku app.
It's currently being run at https://staticmanaima.herokuapp.com
When I visit the site, it gave 'Hello from Staticman version 3.0.0!
Then I added the account from which I had taken the GitHub access token and added it in collaborators of my main repo but when I try to connect it through
https://staticmanaima.herokuapp.com/v2/connect/sachin10101998/aima-exercises/ it gives 'Internal Server Error'
Has someone faced this issue before? Any help would be greatly appreciated.

[VincentTam]

Hi, it would be better if you provide more info about your instance.

1. What was the commit at which Staticman was deployed? Different versions of Staticman can behave differently, so it's better to make it clear.
2. It seems that you're using v2, so what is the associated GitHub bot? We can't see it from the collaborators of your aforementioned GitHub repo. When we try to reproduce this error, we need to invite your bot as a collaborator, so it's important that you provide us the user name of your bot.
3. Are you aware of GitHub legacy token authentication is broken #283, in which users report some broken legacy features? Revert "Add support for GitHub Apps" #285 might solve your problem.
4. Have you added support for Akismet and/or Mailgun? It would be better for us to know that for replicating the error.

[sachin10101998]

@VincentTam

1. I haven't added staticman.yml files to my repo yet. I use staticman v2. I cloned the Staticman repo, set up the config.development.json file and pushed it to heroku by adding github access token from @staticmanaima github account.
2. I invited @staticmanaima from my main account as collaborator and tried to accept the invite by visiting that url which I mentioned in the first place i.e https://staticmanaima.herokuapp.com/v2/connect/sachin10101998/aima-exercises/
3. Revert "Add support for GitHub Apps" #285 hasn't been merged. should I make these changes in my clone to make it work?
4. No, I havn't added that.

[VincentTam]

Thanks for your response. For my first question, I mean, the Git SHA1 hash of the HEAD of your remote branch heroku/master. For example, my bot @staticmanlab was at 8eb6c32 last week. Others can compare this with the HEAD of the dev branch: https://github.com/eduardoboucas/staticman/compare/dev..VincentTam:deploy, so that we know which version you are using, and what you have modified. You may issue the following command to obtain such info.

git rev-parse heroku/master

[sachin10101998]

I believe I have something misconfigured. When I tried to add staticmanlab as a collaborator and accepted the invite using https://usinginstanceurl/v2/connect/my-username/myrepo , It worked perfectly returning an OK.
Issuing the above stated command gave me this bec497b18e89d769eba0c204be120501df27eaac

[VincentTam]

Your bot @staticmanaima takes the role of "developer" in each project to which it has write access. It shouldn't own any project. That's why we need these API token to restrict the bot's access. I should have asked for the output of

git diff upstream/dev..heroku/master

instead. The upstream here means this repo: https://github.com/eduardoboucas/staticman.git. You may change it to origin if you've directly cloned it. Anyways, my question is what exactly you've changed. Note that the SHA1 hash bec497b1 above doesn't match any commits in this repo and in your fork.

---

I had read your first reply slowly, now I've almost got it. You've edited config.development.json, so what exactly is this file? As a non-developer, I spent several days to get right the API config with Heroku last year. I've never succeeded with NODE_ENV: development. I always deploy to Heroku with production instead. Anyways, it would be clearer if you provide us the exact technical details.

[sachin10101998]

I made another instance of staticman and made the following changes:

1. Created a Procfile with web: npm start inside it.
2. Created a config.production.json file with the following contents.

{
    "gitlabToken": process.env.GITLAB_TOKEN,
    "githubToken": process.env.GITHUB_TOKEN,
    "rsaPrivateKey": JSON.stringify(process.env.RSA_PRIVATE_KEY)
  }

3. Added !config.production.json to gitignore file
4. Created a private RSA key for use with the API: openssl genrsa -out key.pem and then set heroku config variables.

$heroku config:set NODE_ENV="production" 
$heroku config:set RSA_PRIVATE_KEY="$(cat key.pem)" 
$heroku config:set GITHUB_TOKEN="My Token"

Then i just heroku create new app and pushed it there.
I made no changes in the staticman-key.pub file and it's same as it is in the original Staticman repo.

[VincentTam]

OK. I got it finally from your repo. My mind blocked me. You're working on top of 4e2f33b. After #243, it's reported that legacy authentication has broken in #283. You may try #285 to rollback Staticman v3's use of GitHub App.

[sachin10101998]

Is there any other way around?
If not, how do I Merge a pr which hasn't been merged upstream as in this case #285 in my fork of the repo.

[VincentTam]

See the first two commands in this Stack Overflow answer: https://stackoverflow.com/a/28954238/3184351

Git, designed by Linus Torvalds, is a tool for testing stuff, so it's sensible to learn how to git merge new stuff that hasn't been merged into the official repo.

[sachin10101998]

Am still unable to get it running.
What changes do I need to make in staticman-key.pub file?

[VincentTam]

What changes do I need to make in staticman-key.pub file?

That file is irrelevant. I've tested that myself with my instance. It seems that 4eb5ce2 is breaking the legacy support.

[sachin10101998]

How come @staticmanlab is not affected by it and is running perfectly?

[VincentTam]

staticman-key.pub is for display only. It doesn't affect the functioning of the app. Btw, the README is incorrect due to #256.

[sachin10101998]

No, I meant that if you try to build a staticmanlab2 version , will #283 cause problems?

[VincentTam]

I dunno. I've chosen PR 231, which doesn't work with 4eb5ce2 or 9ce2c48. So I won't merge PR 283. You may test and tell us the results.

[sachin10101998]

This is too confusing. Can you finally tell what Staticman should I clone (yours or eduardoboucas?) and where exactly is your heroku code branch deploy as you mentioned above. I couldn't find it anywhere.

[VincentTam]

This is too confusing. Can you finally tell what Staticman should I clone (yours or eduardoboucas?) and where exactly is your heroku code branch deploy as you mentioned above. I couldn't find it anywhere.

There're no obligations, just suggestions based on hours of testing as an amateur. I'll keep using Git references (e.g. branch names, commit hash) to make things clear. My deploy branch is based on 55d1430 due to the reason in my previous comment. Here's the link to
deploy. I've tried incorporating #289 without the "rollback", so as to solve #90, but I didn't push that to GitHub. You can see from the commit history of that branch that I've merged #231. As the name "Staticman Lab" suggests, it's supposed to be a laboratory for testing new, often unmerged, features/PR's.

Regarding the official repo, I'm not including recent commits on dev/master branches, which are using #243. The reason is three-pronged. First, Staticman is for open source lovers. Some of them (like me) would like to see this app to rely only (at least, in principle) on open-source technology. Support for GitHub Apps are not in line with this pursuit. Second, every API has its limits. When everyone uses the same instance, then issue #222 is likely to resurface. The adoption of GitHub Apps doesn't really solve the "too many requests" and "invitation not found" problems, as you can see from #279. Third, I suggested using @staticmanlab (or self-hosting own instance) in #227, and some did invited my bot. @staticmanapp let them down, but I won't. Support for GitHub Apps in #255 has caused errors in v2 reported in #283, and significantly altered behavior of the v3 scheme (originally proposed in #22, firset implemented in #219) on GitHub. Therefore, merging #255 would break those users who have invited my bot.

Another reason for using alternative API instances is issue #83. I quote the project owner's response for your reference.

Our implementation of Akismet needs some work done. It's currently set to use whatever key is supplied in the Staticman API, which means one single Akismet account is used to filter spam on all sites. Akismet accounts have usage limits, so I believe it's disabled completely in the public Staticman instance.

We could take the same approach we used with reCAPTCHA and allow each site to supply their own Akismet API key, now that we support encryption.

This suggestion has been proposed in unmerged PR #195. You may see #298 for the possible impact after invitating a Staticman bot without reCAPTCHA setup. GitHub Apps don't prevent this problem.

You're right that things might seem confusing. Now, the official docs can't keep up with v3, and docs requests like #291 and #293 are inactive because it's a moving target. People are writing their own versions of guides, like

1. Data Science Blog
2. zcrc.me
3. Minimal Mistake's Staticman v3 guide
4. Staticman nested comments + email notifications

As a non developer, I started by understanding the basic ideas (without looking the code, since I don't know Node.JS), then testing PR's, searching for errors and asking for help. That's why I've built up demo deploy branches on GitHub and on Framagit, as well as Hugo/Jekyll demo sites, for newcomers to test/fork/clone.

When compared to Gitalk, Isso, Disqus, etc, the setup is more involved. On the other hand, Staticman offers a greater flexibility since Staticman is independent of blog generators (c.f. #264 (comment)), so you may customise your UI, and more importantly, own your comments.

[VincentTam]

Update: I've unmerged PR231, and tried merging 9ce2c48 in my instance for Framagit to avoid disrupting @staticmanlab's service.

moderation	true	false
GitHub	❌	✌️
GitLab	✌️	✌️

When moderation: true on GitHub, I got

{
  "success":false,
  "rawError":{"_smErrorCode":"GITHUB_CREATING_PR"},
  "errorCode":"GITHUB_CREATING_PR"
}

Need to give #288 a try.

[sachin10101998]

Please do not change anything in @staticmanlab as for now. I am bit occupied with figuring out the working of staticman after the private instance is running (which I am currently using yours). I'll get back to this issue in a day or two.

[VincentTam]

Please do not change anything in @staticmanlab as for now. I am bit occupied with figuring out the working of staticman after the private instance is running (which I am currently using yours). I'll get back to this issue in a day or two.

Both my instances for Framagit and GitLab are associated to @staticmanlab, so yes for the more popular one (later), and no for the less popular one, which I'll use for testing. In this case, the service of the bot will be reassured. In any case, they're supposed to be used for testing, and are hosted on free Heroku dyno. After 1000 hours, my free monthly hours will be used up, but that should be enough for @staticmanaima.

[sachin10101998]

If I give you another Heroku account and a Github Bot account, could you make a copy of @staticmanlab for me?

[VincentTam]

If I give you another Heroku account and a Github Bot account, could you make a copy of @staticmanlab for me?

Please don't do so. I've recently read the terms of service due to issue #298. Lemme find the relevant terms.

B. Account Terms

1. Account Controls

• Users. Subject to these Terms, you retain ultimate administrative control over your User Account and the Content within it.

3. Account Requirements

We have a few simple rules for User Accounts on GitHub's Service.

If you don't mind the webhook problem mentioned in #288, try that PR, and make the necessary modifications according to the self-host API guide on Data Science Blog (see the link above). (You can avoid errors by manually deleted merged branches by clicking the button on the PR page after the merge. That's just one more click per PR. One already clicks a button for merging.) Otherwise, you may base your modifications on #219.

[sachin10101998]

Alright, give me a day or two and I'll do that.
I'll get back to you real soon.

[sachin10101998]

I cloned Staticman from your deploy branch and everything is working perfectly now. @staticmanaima is working great now. Thanks for your help. Closing this issue now.

[VincentTam]

@sachin10101998 You may consider merging

• 9ce2c48 to include fixes for deprecated GitHub API methods
• Update octokit/rest API calls to 16.24.3 #288 if you don't mind the webhook error
• Multiline field markdowntable for Staticman v3 #301 to fix Fix line-break formatting in pull requests #90: compare @staticmanlab's merge request body before merging this PR
  https://gitlab.com/pcercuei/pcercuei.gitlab.io/merge_requests/123
  with the result after
  https://gitlab.com/pcercuei/pcercuei.gitlab.io/merge_requests/144

[sachin10101998]

Octokit/Rest part is already taken care of when I cloned it from your deploy I guess.
Everything is working fine now, so I don't want to experiment/test more as I have a deadline for my project. After the project is over, I'd certainly look forward to merging these changes or if anything breaks before it.

[sealedhermitbot]

Hi @VincentTam I tried deploying your staticman instance to heroku. I succesfully set up everything but when i post a comment on my website, it returns a error 500 - Internal server error which says time out or duplicate. Any leads on this?

The repositiory is https://github.com/sealedhermit/sealedhermit.github.io. The site is live at https://sealedhermit.github.io. It would be of great help if you can point me in a right direction. I have been on this for weeks now.

[sealedhermit]

Hi @VincentTam I tried deploying your staticman instance to heroku. I succesfully set up everything but when i post a comment on my website, it returns a error 500 - Internal server error which says time out or duplicate. Any leads on this?

The repositiory is https://github.com/sealedhermit/sealedhermit.github.io. The site is live at https://sealedhermit.github.io. It would be of great help if you can point me in a right direction. I have been on this for weeks now.

Nevermind. I figured that out. Everything works well now. Thank you.

[shaftoe]

Nevermind. I figured that out. Everything works well now. Thank you.

Out of curiosity, what was it? I think is a good idea to share it even if you solved it by yourself, in case someone else might be stepping on a similar kind of issue.