Changes in the master branch (and daily build packages) now check the ALLOWED_HOSTS setting for each master in your instance(s) in /etc/lava-server/settings.conf
Please check your /etc/lava-server/settings.conf support for ALLOWED_HOSTS in Django as this will be required to upgrade to the next release of LAVA Software.
Remember to always restart lava-server-gunicorn after any change to /etc/lava-server/settings.conf
See also https://master.lavasoftware.org/static/docs/v2/pipeline-debug.html#check-lav... and https://master.lavasoftware.org/static/docs/v2/pipeline-debug.html#displayin... (new help sections on using and checking LAVA setttings.
Django docs: https://docs.djangoproject.com/en/1.11/ref/settings/#allowed-hosts
""" This is a security measure to prevent HTTP Host header attacks, which are possible even under many seemingly-safe web server configurations. ... Django also allows the fully qualified domain name (FQDN) of any entries. Some browsers include a trailing dot in the Host header which Django strips when performing host validation. ... When DEBUG is True and ALLOWED_HOSTS is empty, the host is validated against ['localhost', '127.0.0.1', '[::1]']. """
If this setting is wrong, updated LAVA packages will fail to serve HTTP and the /var/log/lava-server/django.log file will record messages like:
ERROR 2018-11-26 18:12:52,091 exception Invalid HTTP_HOST header: 'lava.codehelp.co.uk'. You may need to add 'lava.codehelp.co.uk' to ALLOWED_HOSTS.
(In this case, that was exactly the correct action)
"ALLOWED_HOSTS": ["lava.codehelp.co.uk"], to /etc/lava-server/settings.conf and restarting lava-server-gunicorn fixed lava.codehelp.co.uk
See also https://git.lavasoftware.org/lava/lava/issues/173
When checking this change, it is useful to also set DEBUG to true as Django will then show you all of the headers and environment variables. Do remember to turn DEBUG back to false because these variables are a security risk in themselves.
Another setting which might be useful, depending on your configuration:
"USE_X_FORWARDED_HOST": true,
It is safe to make this change in advance of the upgrade of LAVA but do test on an instance which is as close as possible to the network configuration of your production instance(s).