<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<span style="font-family: helvetica,arial,sans-serif;"><br>
Že by certbot nejdřív shodil nginx a pak si udělal vlastní server?
Shodit by ho musel, jinak by měl stejný problém. To by mělo jít
zjistit v nastavení certbotu, jakou používá metodu pro validaci. <br>
<br>
Tak mě napadá, že pokud by to tak bylo a certbot shodil nginx, tak
leda by do toho zasáhl systemd a snažil se ho hned zase pustit,
dřív než certbot dodělá práci. <br>
<br>
Ale zase otázka - bude to certbot dělat když nebude mít žádný
certifikát k obnově?<br>
<br>
Š.<br>
<br>
</span>
<div class="moz-cite-prefix">Dne 14. 10. 20 v 9:18 Lukáš Němec
napsal(a):<br>
</div>
<blockquote type="cite"
cite="mid:79DAE512-24D0-40F2-B8C7-23EE88C48097@gmail.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
A co ten certbot? Nesnaží se restartovat nginx nebo ho spustit
jinak než přes sysctl? A spustí duplicitní procesy?
<div class=""><br class="">
</div>
<div class="">Očividně je tam problém že něco jinýho se spustí na
portu 80 a 443, není to ten certbot samotný aby si udělal
acme-challenge?</div>
<div class=""><br class="">
</div>
<div class="">Lukáš<br class="">
<div><br class="">
<blockquote type="cite" class="">
<div class="">14. 10. 2020 v 9:16, Stepan Liska <<a
href="mailto:stepan@comlinks.cz" class=""
moz-do-not-send="true">stepan@comlinks.cz</a>>:</div>
<br class="Apple-interchange-newline">
<div class="">
<meta http-equiv="Content-Type" content="text/html;
charset=UTF-8" class="">
<div class=""> <span style="font-family:
helvetica,arial,sans-serif;" class="">Ne že bych znal
nginx nějak dobře, ale přijde mi divné, že by sám od
sebe bez vnějšího povelu najednou 23:40 restartoval. A
jinak nechápu proč by dělal znovu listen. Klidně to
může být nějaký posthook na certbotu (ale ten to snad
dělá jenom když je nový certifikát, ne?). Koukni taky
na log CRONu nebo také máš systemd, tak ten má taky
nějaké naplánované úlohy. <br class="">
<br class="">
Přijde mi to, jak kdyby se pustil nějaký restart,
starý proces se nestihl z nějakého důvodu ukončit a už
se startoval nový. Je nad tímhle záznamem ještě něco
dalšího velmi blízko (< 2min) před tímto časem?<br
class="">
<br class="">
Neboli - prošel bych všechny systémové logy a podíval
se co se dělo okolo času 23:40 a pokusil se zjistit
příčinu restart nginx.<br class="">
<br class="">
Š.<br class="">
</span>
<div class="moz-cite-prefix">Dne 14. 10. 20 v 8:48 <a
class="moz-txt-link-abbreviated"
href="mailto:petr.bolf@taborpolana.cz"
moz-do-not-send="true">petr.bolf@taborpolana.cz</a>
napsal(a):<br class="">
</div>
<blockquote type="cite"
cite="mid:bf1a159b-734d-251b-7436-daa585f9f963@taborpolana.cz"
class="">
<meta http-equiv="Content-Type" content="text/html;
charset=UTF-8" class="">
<p class=""><br class="">
</p>
<p class=""><br class="">
</p>
<p class="">sudo netstat -luntp | grep "80\|443"</p>
<p class=""><br class="">
</p>
<p class="">nic tam neběží na těch portech.</p>
<p class="">Server jsem spustil v cca 16 hod a ve
23.40 to spadlo. To se do toho musí motat nějaký
další program, možná by mohl být vinník certbot,
nebo nějaké nastavení v cronu? Ale nic podezřelého
nevidím.<br class="">
</p>
<p class="">sudo tail -f /var/log/nginx/error.log.1 <br
class="">
2020/10/13 23:40:34 [emerg] 19730#19730: bind() to
[::]:443 failed (98: Address already in use)<br
class="">
2020/10/13 23:40:34 [emerg] 19730#19730: bind() to
0.0.0.0:443 failed (98: Address already in use)<br
class="">
2020/10/13 23:40:34 [emerg] 19730#19730: bind() to
0.0.0.0:80 failed (98: Address already in use)<br
class="">
2020/10/13 23:40:34 [emerg] 19730#19730: bind() to
[::]:80 failed (98: Address already in use)<br
class="">
2020/10/13 23:40:34 [emerg] 19730#19730: bind() to
[::]:443 failed (98: Address already in use)<br
class="">
2020/10/13 23:40:34 [emerg] 19730#19730: bind() to
0.0.0.0:443 failed (98: Address already in use)<br
class="">
2020/10/13 23:40:34 [emerg] 19730#19730: bind() to
0.0.0.0:80 failed (98: Address already in use)<br
class="">
2020/10/13 23:40:34 [emerg] 19730#19730: bind() to
[::]:80 failed (98: Address already in use)<br
class="">
2020/10/13 23:40:34 [emerg] 19730#19730: still could
not bind()<br class="">
2020/10/13 23:40:37 [alert] 19672#19672: unlink()
"/run/nginx.pid" failed (2: No such file or
directory)</p>
<p class=""><br class="">
</p>
<p class="">sudo systemctl status nginx.service<br
class="">
● nginx.service - A high performance web server and
a reverse proxy server<br class="">
Loaded: loaded
(/lib/systemd/system/nginx.service; enabled; vendor
preset: en<br class="">
Active: failed (Result: exit-code) since Tue
2020-10-13 23:40:36 CEST; 8h ago<br class="">
Docs: <a class="moz-txt-link-freetext"
href="man:nginx(8)" moz-do-not-send="true">man:nginx(8)</a><br
class="">
Process: 19729 ExecStartPre=/usr/sbin/nginx -t -q
-g daemon on; master_process<br class="">
Process: 19730 ExecStart=/usr/sbin/nginx -g daemon
on; master_process on; (cod<br class="">
<br class="">
Oct 13 23:40:35 domogled nginx[19730]: nginx:
[emerg] bind() to 0.0.0.0:80 faile<br class="">
Oct 13 23:40:35 domogled nginx[19730]: nginx:
[emerg] bind() to [::]:80 failed (<br class="">
Oct 13 23:40:36 domogled nginx[19730]: nginx:
[emerg] bind() to [::]:443 failed <br class="">
Oct 13 23:40:36 domogled nginx[19730]: nginx:
[emerg] bind() to 0.0.0.0:443 fail<br class="">
Oct 13 23:40:36 domogled nginx[19730]: nginx:
[emerg] bind() to 0.0.0.0:80 faile<br class="">
Oct 13 23:40:36 domogled nginx[19730]: nginx:
[emerg] bind() to [::]:80 failed (<br class="">
Oct 13 23:40:36 domogled nginx[19730]: nginx:
[emerg] still could not bind()<br class="">
Oct 13 23:40:36 domogled systemd[1]: nginx.service:
Control process exited, code<br class="">
Oct 13 23:40:36 domogled systemd[1]: nginx.service:
Failed with result 'exit-cod<br class="">
Oct 13 23:40:37 domogled systemd[1]: Failed to start
A high performance web serv<br class="">
lines 1-17/17 (END)<br class="">
</p>
<p class=""><br class="">
</p>
<div class="moz-cite-prefix">Dne 13. 10. 20 v 17:15
Jan Pleva napsal(a):<br class="">
</div>
<blockquote type="cite"
cite="mid:CAC+s-MLYNhEfm30-FeHA5SJyPRiy8-ZL9ckXWTChEp17Z9nX1g@mail.gmail.com"
class="">
<meta http-equiv="content-type" content="text/html;
charset=UTF-8" class="">
<div dir="ltr" class="">no, nabehne... prave ze
nenabehne... pokud tam ten web bezi v mezicase,
pak je dost mozna problem v tom, ze bud tam bezi
jiny webserver, nebo nejaka druha instance nginxu
o ketere ten start script nevi. Tak nebo onak,
nginx se nemuze poslouchat na 80/443 protoze uz na
tom portu neco jineho posloucha. At uz nginx,
Apache nebo neco jineho.
<div class=""><br class="">
</div>
<div class="">Jak pise kolega, <font class=""
face="monospace"><i class="">netstat -luntp |
grep "80\|443"</i></font> by melo vnest
svetlo odkud vitr fouka. <br class=""
clear="all">
<div class="">
<div dir="ltr" class="gmail_signature"
data-smartmail="gmail_signature"> <br
class="">
S pozdravem<br class="">
<br class="">
Jan Pleva</div>
</div>
<br class="">
</div>
</div>
<br class="">
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">út 13. 10. 2020
v 16:03 odesílatel <a
href="mailto:petr.bolf@taborpolana.cz"
moz-do-not-send="true" class="">petr.bolf@taborpolana.cz</a>
<<a href="mailto:petr.bolf@taborpolana.cz"
moz-do-not-send="true" class="">petr.bolf@taborpolana.cz</a>>
napsal:<br class="">
</div>
<blockquote class="gmail_quote" style="margin:0px
0px 0px 0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">dík<br
class="">
<br class="">
<br class="">
Mate mne, že server naběhne, nginx -t je
spokojený a chyba se projeví až <br class="">
po nějakém čase. Zatím se mi zdá, že jsem měl
bordel v jednom <br class="">
konfiguráku a jakoby to tam udělal certbot, a
nebo se tam něco omylem <br class="">
zkopírovalo.<br class="">
<br class="">
<br class="">
Když jsem měl chybu v konfiguraci serveru,
většinou se to projevilo už <br class="">
při startu, nebo při nginx -t.<br class="">
<br class="">
<br class="">
<br class="">
Petr<br class="">
<br class="">
Dne 13. 10. 20 v 15:31 Vojtěch Oram napsal(a):<br
class="">
> Ahoj,<br class="">
> neběží tim tam třeba ještě Apache? Vypadá
to, že Nginx nemůže <br class="">
> nastartovat, protože jsou porty 80 a 443 už
obsazené. Zkus se kouknout <br class="">
> na výstup "netstat -nlp", co tam běží na
portu 80 a 443.<br class="">
><br class="">
> S přáním pěkného dne<br class="">
><br class="">
> Vojtěch "Flaiming" Oram<br class="">
> <a href="https://vojtechoram.cz/"
rel="noreferrer" target="_blank"
moz-do-not-send="true" class="">https://vojtechoram.cz</a><br
class="">
><br class="">
> Dne 13. 10. 20 v 14:57 <a
href="mailto:petr.bolf@taborpolana.cz"
target="_blank" moz-do-not-send="true"
class="">petr.bolf@taborpolana.cz</a>
napsal(a):<br class="">
>> zdravím,<br class="">
>><br class="">
>><br class="">
>> nevěděl by někdo s čím může být problém
- asi někde v konfiguraci <br class="">
>> serverů pro nginx.<br class="">
>><br class="">
>> sudo nginx -t<br class="">
>> nginx: the configuration file
/etc/nginx/nginx.conf syntax is ok<br class="">
>> nginx: configuration file
/etc/nginx/nginx.conf test is successful<br
class="">
>><br class="">
>><br class="">
>> sudo systemctl start nginx.service<br
class="">
>><br class="">
>> sudo systemctl status nginx.service<br
class="">
>> ● nginx.service - A high performance
web server and a reverse proxy <br class="">
>> server<br class="">
>> Loaded: loaded
(/lib/systemd/system/nginx.service; enabled;
vendor <br class="">
>> preset: en<br class="">
>> Active: active (running) since Tue
2020-10-13 14:49:08 CEST; 6min ago<br class="">
>> Docs: <a
class="moz-txt-link-freetext"
href="man:nginx(8)" moz-do-not-send="true">man:nginx(8)</a><br
class="">
>> Process: 16277
ExecStartPre=/usr/sbin/nginx -t -q -g daemon on;
<br class="">
>> master_process<br class="">
>> Process: 16278
ExecStart=/usr/sbin/nginx -g daemon on; <br
class="">
>> master_process on; (cod<br class="">
>> Main PID: 16279 (nginx)<br class="">
>> Memory: 21.0M<br class="">
>> CGroup: /system.slice/nginx.service<br
class="">
>> ├─16279 nginx: master
process /usr/sbin/nginx -g daemon <br class="">
>> on; master_pr<br class="">
>> ├─16280 nginx: worker
process<br class="">
>> ├─16281 nginx: worker
process<br class="">
>> ├─16282 nginx: worker
process<br class="">
>> ├─16283 nginx: worker
process<br class="">
>> ├─16284 nginx: worker
process<br class="">
>> ├─16285 nginx: worker
process<br class="">
>> ├─16286 nginx: worker
process<br class="">
>> └─16287 nginx: worker
process<br class="">
>><br class="">
>><br class="">
>> jenže po nějakém čase server spadne.<br
class="">
>><br class="">
>><br class="">
>> sudo tail -f /var/log/nginx/error.log<br
class="">
>> 2020/10/13 02:39:01 [emerg] 7506#7506:
bind() to [::]:443 failed (98: <br class="">
>> Address already in use)<br class="">
>> 2020/10/13 02:39:01 [emerg] 7506#7506:
bind() to <a href="http://0.0.0.0:443/"
rel="noreferrer" target="_blank"
moz-do-not-send="true" class="">0.0.0.0:443</a>
failed <br class="">
>> (98: Address already in use)<br
class="">
>> 2020/10/13 02:39:01 [emerg] 7506#7506:
bind() to <a href="http://0.0.0.0/"
rel="noreferrer" target="_blank"
moz-do-not-send="true" class="">0.0.0.0:80</a>
failed <br class="">
>> (98: Address already in use)<br
class="">
>> 2020/10/13 02:39:01 [emerg] 7506#7506:
bind() to [::]:80 failed (98: <br class="">
>> Address already in use)<br class="">
>> 2020/10/13 02:39:01 [emerg] 7506#7506:
bind() to [::]:443 failed (98: <br class="">
>> Address already in use)<br class="">
>> 2020/10/13 02:39:01 [emerg] 7506#7506:
bind() to <a href="http://0.0.0.0:443/"
rel="noreferrer" target="_blank"
moz-do-not-send="true" class="">0.0.0.0:443</a>
failed <br class="">
>> (98: Address already in use)<br
class="">
>> 2020/10/13 02:39:01 [emerg] 7506#7506:
bind() to <a href="http://0.0.0.0/"
rel="noreferrer" target="_blank"
moz-do-not-send="true" class="">0.0.0.0:80</a>
failed <br class="">
>> (98: Address already in use)<br
class="">
>> 2020/10/13 02:39:01 [emerg] 7506#7506:
bind() to [::]:80 failed (98: <br class="">
>> Address already in use)<br class="">
>> 2020/10/13 02:39:01 [emerg] 7506#7506:
still could not bind()<br class="">
>> 2020/10/13 02:39:04 [alert] 7357#7357:
unlink() "/run/nginx.pid" <br class="">
>> failed (2: No such file or directory)<br
class="">
>><br class="">
>><br class="">
>> a když je spadlý tak<br class="">
>><br class="">
>><br class="">
>> sudo systemctl status nginx.service<br
class="">
>> [sudo] password for pruga:<br class="">
>> ● nginx.service - A high performance
web server and a reverse proxy <br class="">
>> server<br class="">
>> Loaded: loaded
(/lib/systemd/system/nginx.service; enabled;
vendor <br class="">
>> preset: en<br class="">
>> Active: failed (Result: exit-code)
since Tue 2020-10-13 02:39:04 <br class="">
>> CEST; 11h ag<br class="">
>> Docs: <a
class="moz-txt-link-freetext"
href="man:nginx(8)" moz-do-not-send="true">man:nginx(8)</a><br
class="">
>> Process: 7501
ExecStartPre=/usr/sbin/nginx -t -q -g daemon on;
<br class="">
>> master_process<br class="">
>> Process: 7506
ExecStart=/usr/sbin/nginx -g daemon on; <br
class="">
>> master_process on; (code<br class="">
>><br class="">
>> Oct 13 02:39:03 domogled nginx[7506]:
nginx: [emerg] bind() to <br class="">
>> <a href="http://0.0.0.0/"
rel="noreferrer" target="_blank"
moz-do-not-send="true" class="">0.0.0.0:80</a>
failed<br class="">
>> Oct 13 02:39:03 domogled nginx[7506]:
nginx: [emerg] bind() to <br class="">
>> [::]:80 failed (9<br class="">
>> Oct 13 02:39:03 domogled nginx[7506]:
nginx: [emerg] bind() to <br class="">
>> [::]:443 failed (<br class="">
>> Oct 13 02:39:03 domogled nginx[7506]:
nginx: [emerg] bind() to <br class="">
>> <a href="http://0.0.0.0:443/"
rel="noreferrer" target="_blank"
moz-do-not-send="true" class="">0.0.0.0:443</a>
faile<br class="">
>> Oct 13 02:39:03 domogled nginx[7506]:
nginx: [emerg] bind() to <br class="">
>> <a href="http://0.0.0.0/"
rel="noreferrer" target="_blank"
moz-do-not-send="true" class="">0.0.0.0:80</a>
failed<br class="">
>> Oct 13 02:39:03 domogled nginx[7506]:
nginx: [emerg] bind() to <br class="">
>> [::]:80 failed (9<br class="">
>> Oct 13 02:39:04 domogled nginx[7506]:
nginx: [emerg] still could not <br class="">
>> bind()<br class="">
>> Oct 13 02:39:04 domogled systemd[1]:
nginx.service: Control process <br class="">
>> exited, code<br class="">
>> Oct 13 02:39:04 domogled systemd[1]:
nginx.service: Failed with <br class="">
>> result 'exit-cod<br class="">
>> Oct 13 02:39:04 domogled systemd[1]:
Failed to start A high <br class="">
>> performance web serv<br class="">
>><br class="">
>><br class="">
>> přičemž<br class="">
>><br class="">
>> sudo systemctl start nginx.service<br
class="">
>><br class="">
>><br class="">
>> ho zase nastartuje a zase chvilu běží.<br
class="">
>><br class="">
>><br class="">
>> díky<br class="">
>><br class="">
>><br class="">
>> Petr Bolf<br class="">
>><br class="">
>>
_______________________________________________<br
class="">
>> Community-list mailing list<br class="">
>> <a
href="mailto:Community-list@lists.vpsfree.cz"
target="_blank" moz-do-not-send="true"
class="">Community-list@lists.vpsfree.cz</a><br
class="">
>> <a
href="http://lists.vpsfree.cz/listinfo/community-list"
rel="noreferrer" target="_blank"
moz-do-not-send="true" class="">http://lists.vpsfree.cz/listinfo/community-list</a><br
class="">
>
_______________________________________________<br
class="">
> Community-list mailing list<br class="">
> <a
href="mailto:Community-list@lists.vpsfree.cz"
target="_blank" moz-do-not-send="true"
class="">Community-list@lists.vpsfree.cz</a><br
class="">
> <a
href="http://lists.vpsfree.cz/listinfo/community-list"
rel="noreferrer" target="_blank"
moz-do-not-send="true" class="">http://lists.vpsfree.cz/listinfo/community-list</a><br
class="">
_______________________________________________<br
class="">
Community-list mailing list<br class="">
<a href="mailto:Community-list@lists.vpsfree.cz"
target="_blank" moz-do-not-send="true"
class="">Community-list@lists.vpsfree.cz</a><br
class="">
<a
href="http://lists.vpsfree.cz/listinfo/community-list"
rel="noreferrer" target="_blank"
moz-do-not-send="true" class="">http://lists.vpsfree.cz/listinfo/community-list</a><br
class="">
</blockquote>
</div>
<br class="">
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Community-list mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Community-list@lists.vpsfree.cz" moz-do-not-send="true">Community-list@lists.vpsfree.cz</a>
<a class="moz-txt-link-freetext" href="http://lists.vpsfree.cz/listinfo/community-list" moz-do-not-send="true">http://lists.vpsfree.cz/listinfo/community-list</a>
</pre>
</blockquote>
<br class="">
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Community-list mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Community-list@lists.vpsfree.cz" moz-do-not-send="true">Community-list@lists.vpsfree.cz</a>
<a class="moz-txt-link-freetext" href="http://lists.vpsfree.cz/listinfo/community-list" moz-do-not-send="true">http://lists.vpsfree.cz/listinfo/community-list</a>
</pre>
</blockquote>
<br class="">
</div>
_______________________________________________<br
class="">
Community-list mailing list<br class="">
<a href="mailto:Community-list@lists.vpsfree.cz" class=""
moz-do-not-send="true">Community-list@lists.vpsfree.cz</a><br
class="">
<a class="moz-txt-link-freetext" href="http://lists.vpsfree.cz/listinfo/community-list">http://lists.vpsfree.cz/listinfo/community-list</a><br
class="">
</div>
</blockquote>
</div>
<br class="">
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Community-list mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Community-list@lists.vpsfree.cz">Community-list@lists.vpsfree.cz</a>
<a class="moz-txt-link-freetext" href="http://lists.vpsfree.cz/listinfo/community-list">http://lists.vpsfree.cz/listinfo/community-list</a>
</pre>
</blockquote>
<br>
</body>
</html>