8️⃣ Common Troubleshooting¶
| Symptom | Likely Cause | Fix |
|---|---|---|
| HTTPS GUI fails with ENOENT | Gunbot cannot read /etc/letsencrypt |
Copy certs locally as localhost.key and localhost.crt |
| Nginx 502 | Wrong internal proxy port | Check config.js and proxy_pass values |
| SSH refused after reboot | UFW delay or service startup lag | Wait ~30s and retry connection |
| Certbot NXDOMAIN | Subdomain DNS not ready | Ensure A/AAAA records exist and propagated, then re‑run certbot |
| Nginx test fails (missing certs) | SSL paths set before cert creation | Obtain certs using port 80 block first, then enable SSL |
| 502/504 after HTTPS switch | Upstream still uses http://127.0.0.1:PORT while Gunbot GUI runs HTTPS |
Change to proxy_pass https://127.0.0.1:PORT; (LE certs don’t need ssl_verify off) |
| 502/504 on simulator only | gunbot-sim not bound to correct ports |
Ensure GUI.port=5002, ws.clientport=5002, ws.port=5003; restart PM2; test with curl -vk https://127.0.0.1:5002 |
| PM2 list empty after reboot | New PM2 daemon instance | Run pm2 resurrect then pm2 save |
| ROE = Infinity% / Unit cost = 0 | No trades or missing sim pair files | Wait for first buy or copy *PAIR*.json from live instance |
| Asset missing from balances | Held in Earn/Funding/Margin wallet | Move asset to Spot (disable Kraken Auto‑Earn if active) |
| Local certs not updating post‑renewal | Gunbot can’t read /etc/letsencrypt |
Add Certbot deploy‑hook to copy renewed certs and chown gunbot:gunbot |
Note — Kraken Auto‑Earn and Hidden Balances
If you have Kraken Auto‑Earn (Rewards) enabled for assets like BTC or ETH, those tokens are moved to Kraken’s staking wallet and won’t appear in your Spot balance.
Gunbot — like all API‑based bots — can only access Spot balances, so these assets will show as0.To trade them, disable Auto‑Earn or unstake the assets back to your Spot wallet before starting Gunbot.
Note — HTTPS Upstream Required
WhenGUI.https=true, Nginx must proxy tohttps://127.0.0.1:PORT.
Usinghttp://causes 502/504 or “Empty reply from server.”
proxy_ssl_verify off;is optional and only needed for self‑signed certs.Note — Simulator Port Check
After copying configs from live to sim, confirm:
GUI.port=5002,ws.clientport=5002,ws.port=5003
Then restart PM2. Mismatched ports commonly cause simulator‑only 502s.Note — PM2 Persistence Tips
Ifsystemctl restart pm2-gunbotshows no processes, run:
pm2 resurrect→pm2 save
For services that hang, remove--no-daemonand setType=simplein your systemd unit, then reload.