<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <span style="font-family: helvetica,arial,sans-serif;"><br>
      Že by certbot nejdřív shodil nginx a pak si udělal vlastní server?
      Shodit by ho musel, jinak by měl stejný problém. To by mělo jít
      zjistit v nastavení certbotu, jakou používá metodu pro validaci. <br>
      <br>
      Tak mě napadá, že pokud by to tak bylo a certbot shodil nginx, tak
      leda by do toho zasáhl systemd a snažil se ho hned zase pustit,
      dřív než certbot dodělá práci. <br>
      <br>
      Ale zase otázka - bude to certbot dělat když nebude mít žádný
      certifikát k obnově?<br>
      <br>
      Š.<br>
      <br>
       
    </span>
    <div class="moz-cite-prefix">Dne 14. 10. 20 v 9:18 Lukáš Němec
      napsal(a):<br>
    </div>
    <blockquote type="cite"
      cite="mid:79DAE512-24D0-40F2-B8C7-23EE88C48097@gmail.com">
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
      A co ten certbot? Nesnaží se restartovat nginx nebo ho spustit
      jinak než přes sysctl? A spustí duplicitní procesy?
      <div class=""><br class="">
      </div>
      <div class="">Očividně je tam problém že něco jinýho se spustí na
        portu 80 a 443, není to ten certbot samotný aby si udělal
        acme-challenge?</div>
      <div class=""><br class="">
      </div>
      <div class="">Lukáš<br class="">
        <div><br class="">
          <blockquote type="cite" class="">
            <div class="">14. 10. 2020 v 9:16, Stepan Liska <<a
                href="mailto:stepan@comlinks.cz" class=""
                moz-do-not-send="true">stepan@comlinks.cz</a>>:</div>
            <br class="Apple-interchange-newline">
            <div class="">
              <meta http-equiv="Content-Type" content="text/html;
                charset=UTF-8" class="">
              <div class=""> <span style="font-family:
                  helvetica,arial,sans-serif;" class="">Ne že bych znal
                  nginx nějak dobře, ale přijde mi divné, že by sám od
                  sebe bez vnějšího povelu najednou 23:40 restartoval. A
                  jinak nechápu proč by dělal znovu listen. Klidně to
                  může být nějaký posthook na certbotu (ale ten to snad
                  dělá jenom když je nový certifikát, ne?). Koukni taky
                  na log CRONu nebo také máš systemd, tak ten má taky
                  nějaké naplánované úlohy. <br class="">
                  <br class="">
                  Přijde mi to, jak kdyby se pustil nějaký restart,
                  starý proces se nestihl z nějakého důvodu ukončit a už
                  se startoval nový. Je nad tímhle záznamem ještě něco
                  dalšího velmi blízko (< 2min) před tímto časem?<br
                    class="">
                  <br class="">
                  Neboli - prošel bych všechny systémové logy a podíval
                  se co se dělo okolo času 23:40 a pokusil se zjistit
                  příčinu restart nginx.<br class="">
                  <br class="">
                  Š.<br class="">
                    </span>
                <div class="moz-cite-prefix">Dne 14. 10. 20 v 8:48 <a
                    class="moz-txt-link-abbreviated"
                    href="mailto:petr.bolf@taborpolana.cz"
                    moz-do-not-send="true">petr.bolf@taborpolana.cz</a>
                  napsal(a):<br class="">
                </div>
                <blockquote type="cite"
                  cite="mid:bf1a159b-734d-251b-7436-daa585f9f963@taborpolana.cz"
                  class="">
                  <meta http-equiv="Content-Type" content="text/html;
                    charset=UTF-8" class="">
                  <p class=""><br class="">
                  </p>
                  <p class=""><br class="">
                  </p>
                  <p class="">sudo netstat -luntp | grep "80\|443"</p>
                  <p class=""><br class="">
                  </p>
                  <p class="">nic tam neběží na těch portech.</p>
                  <p class="">Server jsem spustil v cca 16 hod a ve
                    23.40 to spadlo. To se do toho musí motat nějaký
                    další program, možná by mohl být vinník certbot,
                    nebo nějaké nastavení v cronu? Ale nic podezřelého
                    nevidím.<br class="">
                  </p>
                  <p class="">sudo tail -f /var/log/nginx/error.log.1 <br
                      class="">
                    2020/10/13 23:40:34 [emerg] 19730#19730: bind() to
                    [::]:443 failed (98: Address already in use)<br
                      class="">
                    2020/10/13 23:40:34 [emerg] 19730#19730: bind() to
                    0.0.0.0:443 failed (98: Address already in use)<br
                      class="">
                    2020/10/13 23:40:34 [emerg] 19730#19730: bind() to
                    0.0.0.0:80 failed (98: Address already in use)<br
                      class="">
                    2020/10/13 23:40:34 [emerg] 19730#19730: bind() to
                    [::]:80 failed (98: Address already in use)<br
                      class="">
                    2020/10/13 23:40:34 [emerg] 19730#19730: bind() to
                    [::]:443 failed (98: Address already in use)<br
                      class="">
                    2020/10/13 23:40:34 [emerg] 19730#19730: bind() to
                    0.0.0.0:443 failed (98: Address already in use)<br
                      class="">
                    2020/10/13 23:40:34 [emerg] 19730#19730: bind() to
                    0.0.0.0:80 failed (98: Address already in use)<br
                      class="">
                    2020/10/13 23:40:34 [emerg] 19730#19730: bind() to
                    [::]:80 failed (98: Address already in use)<br
                      class="">
                    2020/10/13 23:40:34 [emerg] 19730#19730: still could
                    not bind()<br class="">
                    2020/10/13 23:40:37 [alert] 19672#19672: unlink()
                    "/run/nginx.pid" failed (2: No such file or
                    directory)</p>
                  <p class=""><br class="">
                  </p>
                  <p class="">sudo systemctl status nginx.service<br
                      class="">
                    ● nginx.service - A high performance web server and
                    a reverse proxy server<br class="">
                       Loaded: loaded
                    (/lib/systemd/system/nginx.service; enabled; vendor
                    preset: en<br class="">
                       Active: failed (Result: exit-code) since Tue
                    2020-10-13 23:40:36 CEST; 8h ago<br class="">
                         Docs: <a class="moz-txt-link-freetext"
                      href="man:nginx(8)" moz-do-not-send="true">man:nginx(8)</a><br
                      class="">
                      Process: 19729 ExecStartPre=/usr/sbin/nginx -t -q
                    -g daemon on; master_process<br class="">
                      Process: 19730 ExecStart=/usr/sbin/nginx -g daemon
                    on; master_process on; (cod<br class="">
                    <br class="">
                    Oct 13 23:40:35 domogled nginx[19730]: nginx:
                    [emerg] bind() to 0.0.0.0:80 faile<br class="">
                    Oct 13 23:40:35 domogled nginx[19730]: nginx:
                    [emerg] bind() to [::]:80 failed (<br class="">
                    Oct 13 23:40:36 domogled nginx[19730]: nginx:
                    [emerg] bind() to [::]:443 failed <br class="">
                    Oct 13 23:40:36 domogled nginx[19730]: nginx:
                    [emerg] bind() to 0.0.0.0:443 fail<br class="">
                    Oct 13 23:40:36 domogled nginx[19730]: nginx:
                    [emerg] bind() to 0.0.0.0:80 faile<br class="">
                    Oct 13 23:40:36 domogled nginx[19730]: nginx:
                    [emerg] bind() to [::]:80 failed (<br class="">
                    Oct 13 23:40:36 domogled nginx[19730]: nginx:
                    [emerg] still could not bind()<br class="">
                    Oct 13 23:40:36 domogled systemd[1]: nginx.service:
                    Control process exited, code<br class="">
                    Oct 13 23:40:36 domogled systemd[1]: nginx.service:
                    Failed with result 'exit-cod<br class="">
                    Oct 13 23:40:37 domogled systemd[1]: Failed to start
                    A high performance web serv<br class="">
                    lines 1-17/17 (END)<br class="">
                  </p>
                  <p class=""><br class="">
                  </p>
                  <div class="moz-cite-prefix">Dne 13. 10. 20 v 17:15
                    Jan Pleva napsal(a):<br class="">
                  </div>
                  <blockquote type="cite"
cite="mid:CAC+s-MLYNhEfm30-FeHA5SJyPRiy8-ZL9ckXWTChEp17Z9nX1g@mail.gmail.com"
                    class="">
                    <meta http-equiv="content-type" content="text/html;
                      charset=UTF-8" class="">
                    <div dir="ltr" class="">no, nabehne... prave ze
                      nenabehne... pokud tam ten web bezi v mezicase,
                      pak je dost mozna problem v tom, ze bud tam bezi
                      jiny webserver, nebo nejaka druha instance nginxu
                      o ketere ten start script nevi. Tak nebo onak,
                      nginx se nemuze poslouchat na 80/443 protoze uz na
                      tom portu neco jineho posloucha. At uz nginx,
                      Apache nebo neco jineho. 
                      <div class=""><br class="">
                      </div>
                      <div class="">Jak pise kolega, <font class=""
                          face="monospace"><i class="">netstat -luntp |
                            grep "80\|443"</i></font> by melo vnest
                        svetlo odkud vitr fouka. <br class=""
                          clear="all">
                        <div class="">
                          <div dir="ltr" class="gmail_signature"
                            data-smartmail="gmail_signature"> <br
                              class="">
                            S pozdravem<br class="">
                            <br class="">
                            Jan Pleva</div>
                        </div>
                        <br class="">
                      </div>
                    </div>
                    <br class="">
                    <div class="gmail_quote">
                      <div dir="ltr" class="gmail_attr">út 13. 10. 2020
                        v 16:03 odesílatel <a
                          href="mailto:petr.bolf@taborpolana.cz"
                          moz-do-not-send="true" class="">petr.bolf@taborpolana.cz</a>
                        <<a href="mailto:petr.bolf@taborpolana.cz"
                          moz-do-not-send="true" class="">petr.bolf@taborpolana.cz</a>>
                        napsal:<br class="">
                      </div>
                      <blockquote class="gmail_quote" style="margin:0px
                        0px 0px 0.8ex;border-left:1px solid
                        rgb(204,204,204);padding-left:1ex">dík<br
                          class="">
                        <br class="">
                        <br class="">
                        Mate mne, že server naběhne, nginx -t je
                        spokojený a chyba se projeví až <br class="">
                        po nějakém čase. Zatím se mi zdá, že jsem měl
                        bordel v jednom <br class="">
                        konfiguráku a jakoby to tam udělal certbot, a
                        nebo se tam něco omylem <br class="">
                        zkopírovalo.<br class="">
                        <br class="">
                        <br class="">
                        Když jsem měl chybu v konfiguraci serveru,
                        většinou se to projevilo už <br class="">
                        při startu, nebo při nginx -t.<br class="">
                        <br class="">
                        <br class="">
                        <br class="">
                        Petr<br class="">
                        <br class="">
                        Dne 13. 10. 20 v 15:31 Vojtěch Oram napsal(a):<br
                          class="">
                        > Ahoj,<br class="">
                        > neběží tim tam třeba ještě Apache? Vypadá
                        to, že Nginx nemůže <br class="">
                        > nastartovat, protože jsou porty 80 a 443 už
                        obsazené. Zkus se kouknout <br class="">
                        > na výstup "netstat -nlp", co tam běží na
                        portu 80 a 443.<br class="">
                        ><br class="">
                        > S přáním pěkného dne<br class="">
                        ><br class="">
                        > Vojtěch "Flaiming" Oram<br class="">
                        > <a href="https://vojtechoram.cz/"
                          rel="noreferrer" target="_blank"
                          moz-do-not-send="true" class="">https://vojtechoram.cz</a><br
                          class="">
                        ><br class="">
                        > Dne 13. 10. 20 v 14:57 <a
                          href="mailto:petr.bolf@taborpolana.cz"
                          target="_blank" moz-do-not-send="true"
                          class="">petr.bolf@taborpolana.cz</a>
                        napsal(a):<br class="">
                        >> zdravím,<br class="">
                        >><br class="">
                        >><br class="">
                        >> nevěděl by někdo s čím může být problém
                        - asi někde v konfiguraci <br class="">
                        >> serverů pro nginx.<br class="">
                        >><br class="">
                        >> sudo nginx -t<br class="">
                        >> nginx: the configuration file
                        /etc/nginx/nginx.conf syntax is ok<br class="">
                        >> nginx: configuration file
                        /etc/nginx/nginx.conf test is successful<br
                          class="">
                        >><br class="">
                        >><br class="">
                        >> sudo systemctl start nginx.service<br
                          class="">
                        >><br class="">
                        >> sudo systemctl status nginx.service<br
                          class="">
                        >> ● nginx.service - A high performance
                        web server and a reverse proxy <br class="">
                        >> server<br class="">
                        >>    Loaded: loaded
                        (/lib/systemd/system/nginx.service; enabled;
                        vendor <br class="">
                        >> preset: en<br class="">
                        >>    Active: active (running) since Tue
                        2020-10-13 14:49:08 CEST; 6min ago<br class="">
                        >>      Docs: <a
                          class="moz-txt-link-freetext"
                          href="man:nginx(8)" moz-do-not-send="true">man:nginx(8)</a><br
                          class="">
                        >>   Process: 16277
                        ExecStartPre=/usr/sbin/nginx -t -q -g daemon on;
                        <br class="">
                        >> master_process<br class="">
                        >>   Process: 16278
                        ExecStart=/usr/sbin/nginx -g daemon on; <br
                          class="">
                        >> master_process on; (cod<br class="">
                        >>  Main PID: 16279 (nginx)<br class="">
                        >>    Memory: 21.0M<br class="">
                        >>    CGroup: /system.slice/nginx.service<br
                          class="">
                        >>            ├─16279 nginx: master
                        process /usr/sbin/nginx -g daemon <br class="">
                        >> on; master_pr<br class="">
                        >>            ├─16280 nginx: worker
                        process<br class="">
                        >>            ├─16281 nginx: worker
                        process<br class="">
                        >>            ├─16282 nginx: worker
                        process<br class="">
                        >>            ├─16283 nginx: worker
                        process<br class="">
                        >>            ├─16284 nginx: worker
                        process<br class="">
                        >>            ├─16285 nginx: worker
                        process<br class="">
                        >>            ├─16286 nginx: worker
                        process<br class="">
                        >>            └─16287 nginx: worker
                        process<br class="">
                        >><br class="">
                        >><br class="">
                        >> jenže po nějakém čase server spadne.<br
                          class="">
                        >><br class="">
                        >><br class="">
                        >> sudo tail -f /var/log/nginx/error.log<br
                          class="">
                        >> 2020/10/13 02:39:01 [emerg] 7506#7506:
                        bind() to [::]:443 failed (98: <br class="">
                        >> Address already in use)<br class="">
                        >> 2020/10/13 02:39:01 [emerg] 7506#7506:
                        bind() to <a href="http://0.0.0.0:443/"
                          rel="noreferrer" target="_blank"
                          moz-do-not-send="true" class="">0.0.0.0:443</a>
                        failed <br class="">
                        >> (98: Address already in use)<br
                          class="">
                        >> 2020/10/13 02:39:01 [emerg] 7506#7506:
                        bind() to <a href="http://0.0.0.0/"
                          rel="noreferrer" target="_blank"
                          moz-do-not-send="true" class="">0.0.0.0:80</a>
                        failed <br class="">
                        >> (98: Address already in use)<br
                          class="">
                        >> 2020/10/13 02:39:01 [emerg] 7506#7506:
                        bind() to [::]:80 failed (98: <br class="">
                        >> Address already in use)<br class="">
                        >> 2020/10/13 02:39:01 [emerg] 7506#7506:
                        bind() to [::]:443 failed (98: <br class="">
                        >> Address already in use)<br class="">
                        >> 2020/10/13 02:39:01 [emerg] 7506#7506:
                        bind() to <a href="http://0.0.0.0:443/"
                          rel="noreferrer" target="_blank"
                          moz-do-not-send="true" class="">0.0.0.0:443</a>
                        failed <br class="">
                        >> (98: Address already in use)<br
                          class="">
                        >> 2020/10/13 02:39:01 [emerg] 7506#7506:
                        bind() to <a href="http://0.0.0.0/"
                          rel="noreferrer" target="_blank"
                          moz-do-not-send="true" class="">0.0.0.0:80</a>
                        failed <br class="">
                        >> (98: Address already in use)<br
                          class="">
                        >> 2020/10/13 02:39:01 [emerg] 7506#7506:
                        bind() to [::]:80 failed (98: <br class="">
                        >> Address already in use)<br class="">
                        >> 2020/10/13 02:39:01 [emerg] 7506#7506:
                        still could not bind()<br class="">
                        >> 2020/10/13 02:39:04 [alert] 7357#7357:
                        unlink() "/run/nginx.pid" <br class="">
                        >> failed (2: No such file or directory)<br
                          class="">
                        >><br class="">
                        >><br class="">
                        >> a když je spadlý tak<br class="">
                        >><br class="">
                        >><br class="">
                        >> sudo systemctl status nginx.service<br
                          class="">
                        >> [sudo] password for pruga:<br class="">
                        >> ● nginx.service - A high performance
                        web server and a reverse proxy <br class="">
                        >> server<br class="">
                        >>    Loaded: loaded
                        (/lib/systemd/system/nginx.service; enabled;
                        vendor <br class="">
                        >> preset: en<br class="">
                        >>    Active: failed (Result: exit-code)
                        since Tue 2020-10-13 02:39:04 <br class="">
                        >> CEST; 11h ag<br class="">
                        >>      Docs: <a
                          class="moz-txt-link-freetext"
                          href="man:nginx(8)" moz-do-not-send="true">man:nginx(8)</a><br
                          class="">
                        >>   Process: 7501
                        ExecStartPre=/usr/sbin/nginx -t -q -g daemon on;
                        <br class="">
                        >> master_process<br class="">
                        >>   Process: 7506
                        ExecStart=/usr/sbin/nginx -g daemon on; <br
                          class="">
                        >> master_process on; (code<br class="">
                        >><br class="">
                        >> Oct 13 02:39:03 domogled nginx[7506]:
                        nginx: [emerg] bind() to <br class="">
                        >> <a href="http://0.0.0.0/"
                          rel="noreferrer" target="_blank"
                          moz-do-not-send="true" class="">0.0.0.0:80</a>
                        failed<br class="">
                        >> Oct 13 02:39:03 domogled nginx[7506]:
                        nginx: [emerg] bind() to <br class="">
                        >> [::]:80 failed (9<br class="">
                        >> Oct 13 02:39:03 domogled nginx[7506]:
                        nginx: [emerg] bind() to <br class="">
                        >> [::]:443 failed (<br class="">
                        >> Oct 13 02:39:03 domogled nginx[7506]:
                        nginx: [emerg] bind() to <br class="">
                        >> <a href="http://0.0.0.0:443/"
                          rel="noreferrer" target="_blank"
                          moz-do-not-send="true" class="">0.0.0.0:443</a>
                        faile<br class="">
                        >> Oct 13 02:39:03 domogled nginx[7506]:
                        nginx: [emerg] bind() to <br class="">
                        >> <a href="http://0.0.0.0/"
                          rel="noreferrer" target="_blank"
                          moz-do-not-send="true" class="">0.0.0.0:80</a>
                        failed<br class="">
                        >> Oct 13 02:39:03 domogled nginx[7506]:
                        nginx: [emerg] bind() to <br class="">
                        >> [::]:80 failed (9<br class="">
                        >> Oct 13 02:39:04 domogled nginx[7506]:
                        nginx: [emerg] still could not <br class="">
                        >> bind()<br class="">
                        >> Oct 13 02:39:04 domogled systemd[1]:
                        nginx.service: Control process <br class="">
                        >> exited, code<br class="">
                        >> Oct 13 02:39:04 domogled systemd[1]:
                        nginx.service: Failed with <br class="">
                        >> result 'exit-cod<br class="">
                        >> Oct 13 02:39:04 domogled systemd[1]:
                        Failed to start A high <br class="">
                        >> performance web serv<br class="">
                        >><br class="">
                        >><br class="">
                        >> přičemž<br class="">
                        >><br class="">
                        >> sudo systemctl start nginx.service<br
                          class="">
                        >><br class="">
                        >><br class="">
                        >> ho zase nastartuje a zase chvilu běží.<br
                          class="">
                        >><br class="">
                        >><br class="">
                        >> díky<br class="">
                        >><br class="">
                        >><br class="">
                        >> Petr Bolf<br class="">
                        >><br class="">
                        >>
                        _______________________________________________<br
                          class="">
                        >> Community-list mailing list<br class="">
                        >> <a
                          href="mailto:Community-list@lists.vpsfree.cz"
                          target="_blank" moz-do-not-send="true"
                          class="">Community-list@lists.vpsfree.cz</a><br
                          class="">
                        >> <a
                          href="http://lists.vpsfree.cz/listinfo/community-list"
                          rel="noreferrer" target="_blank"
                          moz-do-not-send="true" class="">http://lists.vpsfree.cz/listinfo/community-list</a><br
                          class="">
                        >
                        _______________________________________________<br
                          class="">
                        > Community-list mailing list<br class="">
                        > <a
                          href="mailto:Community-list@lists.vpsfree.cz"
                          target="_blank" moz-do-not-send="true"
                          class="">Community-list@lists.vpsfree.cz</a><br
                          class="">
                        > <a
                          href="http://lists.vpsfree.cz/listinfo/community-list"
                          rel="noreferrer" target="_blank"
                          moz-do-not-send="true" class="">http://lists.vpsfree.cz/listinfo/community-list</a><br
                          class="">
                        _______________________________________________<br
                          class="">
                        Community-list mailing list<br class="">
                        <a href="mailto:Community-list@lists.vpsfree.cz"
                          target="_blank" moz-do-not-send="true"
                          class="">Community-list@lists.vpsfree.cz</a><br
                          class="">
                        <a
                          href="http://lists.vpsfree.cz/listinfo/community-list"
                          rel="noreferrer" target="_blank"
                          moz-do-not-send="true" class="">http://lists.vpsfree.cz/listinfo/community-list</a><br
                          class="">
                      </blockquote>
                    </div>
                    <br class="">
                    <fieldset class="mimeAttachmentHeader"></fieldset>
                    <pre class="moz-quote-pre" wrap="">_______________________________________________
Community-list mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Community-list@lists.vpsfree.cz" moz-do-not-send="true">Community-list@lists.vpsfree.cz</a>
<a class="moz-txt-link-freetext" href="http://lists.vpsfree.cz/listinfo/community-list" moz-do-not-send="true">http://lists.vpsfree.cz/listinfo/community-list</a>
</pre>
                  </blockquote>
                  <br class="">
                  <fieldset class="mimeAttachmentHeader"></fieldset>
                  <pre class="moz-quote-pre" wrap="">_______________________________________________
Community-list mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Community-list@lists.vpsfree.cz" moz-do-not-send="true">Community-list@lists.vpsfree.cz</a>
<a class="moz-txt-link-freetext" href="http://lists.vpsfree.cz/listinfo/community-list" moz-do-not-send="true">http://lists.vpsfree.cz/listinfo/community-list</a>
</pre>
                </blockquote>
                <br class="">
              </div>
              _______________________________________________<br
                class="">
              Community-list mailing list<br class="">
              <a href="mailto:Community-list@lists.vpsfree.cz" class=""
                moz-do-not-send="true">Community-list@lists.vpsfree.cz</a><br
                class="">
              <a class="moz-txt-link-freetext" href="http://lists.vpsfree.cz/listinfo/community-list">http://lists.vpsfree.cz/listinfo/community-list</a><br
                class="">
            </div>
          </blockquote>
        </div>
        <br class="">
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <pre class="moz-quote-pre" wrap="">_______________________________________________
Community-list mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Community-list@lists.vpsfree.cz">Community-list@lists.vpsfree.cz</a>
<a class="moz-txt-link-freetext" href="http://lists.vpsfree.cz/listinfo/community-list">http://lists.vpsfree.cz/listinfo/community-list</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>