[vpsFree.cz: community-list] nginx padá
Stepan Liska
stepan at comlinks.cz
Wed Oct 14 09:36:22 CEST 2020
Že by certbot nejdřív shodil nginx a pak si udělal vlastní server?
Shodit by ho musel, jinak by měl stejný problém. To by mělo jít zjistit
v nastavení certbotu, jakou používá metodu pro validaci.
Tak mě napadá, že pokud by to tak bylo a certbot shodil nginx, tak leda
by do toho zasáhl systemd a snažil se ho hned zase pustit, dřív než
certbot dodělá práci.
Ale zase otázka - bude to certbot dělat když nebude mít žádný certifikát
k obnově?
Š.
Dne 14. 10. 20 v 9:18 Lukáš Němec napsal(a):
> A co ten certbot? Nesnaží se restartovat nginx nebo ho spustit jinak
> než přes sysctl? A spustí duplicitní procesy?
>
> Očividně je tam problém že něco jinýho se spustí na portu 80 a 443,
> není to ten certbot samotný aby si udělal acme-challenge?
>
> Lukáš
>
>> 14. 10. 2020 v 9:16, Stepan Liska <stepan at comlinks.cz
>> <mailto:stepan at comlinks.cz>>:
>>
>> Ne že bych znal nginx nějak dobře, ale přijde mi divné, že by sám od
>> sebe bez vnějšího povelu najednou 23:40 restartoval. A jinak nechápu
>> proč by dělal znovu listen. Klidně to může být nějaký posthook na
>> certbotu (ale ten to snad dělá jenom když je nový certifikát, ne?).
>> Koukni taky na log CRONu nebo také máš systemd, tak ten má taky
>> nějaké naplánované úlohy.
>>
>> Přijde mi to, jak kdyby se pustil nějaký restart, starý proces se
>> nestihl z nějakého důvodu ukončit a už se startoval nový. Je nad
>> tímhle záznamem ještě něco dalšího velmi blízko (< 2min) před tímto
>> časem?
>>
>> Neboli - prošel bych všechny systémové logy a podíval se co se dělo
>> okolo času 23:40 a pokusil se zjistit příčinu restart nginx.
>>
>> Š.
>>
>> Dne 14. 10. 20 v 8:48 petr.bolf at taborpolana.cz napsal(a):
>>>
>>>
>>>
>>> sudo netstat -luntp | grep "80\|443"
>>>
>>>
>>> nic tam neběží na těch portech.
>>>
>>> Server jsem spustil v cca 16 hod a ve 23.40 to spadlo. To se do toho
>>> musí motat nějaký další program, možná by mohl být vinník certbot,
>>> nebo nějaké nastavení v cronu? Ale nic podezřelého nevidím.
>>>
>>> sudo tail -f /var/log/nginx/error.log.1
>>> 2020/10/13 23:40:34 [emerg] 19730#19730: bind() to [::]:443 failed
>>> (98: Address already in use)
>>> 2020/10/13 23:40:34 [emerg] 19730#19730: bind() to 0.0.0.0:443
>>> failed (98: Address already in use)
>>> 2020/10/13 23:40:34 [emerg] 19730#19730: bind() to 0.0.0.0:80 failed
>>> (98: Address already in use)
>>> 2020/10/13 23:40:34 [emerg] 19730#19730: bind() to [::]:80 failed
>>> (98: Address already in use)
>>> 2020/10/13 23:40:34 [emerg] 19730#19730: bind() to [::]:443 failed
>>> (98: Address already in use)
>>> 2020/10/13 23:40:34 [emerg] 19730#19730: bind() to 0.0.0.0:443
>>> failed (98: Address already in use)
>>> 2020/10/13 23:40:34 [emerg] 19730#19730: bind() to 0.0.0.0:80 failed
>>> (98: Address already in use)
>>> 2020/10/13 23:40:34 [emerg] 19730#19730: bind() to [::]:80 failed
>>> (98: Address already in use)
>>> 2020/10/13 23:40:34 [emerg] 19730#19730: still could not bind()
>>> 2020/10/13 23:40:37 [alert] 19672#19672: unlink() "/run/nginx.pid"
>>> failed (2: No such file or directory)
>>>
>>>
>>> sudo systemctl status nginx.service
>>> ● nginx.service - A high performance web server and a reverse proxy
>>> server
>>> Loaded: loaded (/lib/systemd/system/nginx.service; enabled;
>>> vendor preset: en
>>> Active: failed (Result: exit-code) since Tue 2020-10-13 23:40:36
>>> CEST; 8h ago
>>> Docs: man:nginx(8)
>>> Process: 19729 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on;
>>> master_process
>>> Process: 19730 ExecStart=/usr/sbin/nginx -g daemon on;
>>> master_process on; (cod
>>>
>>> Oct 13 23:40:35 domogled nginx[19730]: nginx: [emerg] bind() to
>>> 0.0.0.0:80 faile
>>> Oct 13 23:40:35 domogled nginx[19730]: nginx: [emerg] bind() to
>>> [::]:80 failed (
>>> Oct 13 23:40:36 domogled nginx[19730]: nginx: [emerg] bind() to
>>> [::]:443 failed
>>> Oct 13 23:40:36 domogled nginx[19730]: nginx: [emerg] bind() to
>>> 0.0.0.0:443 fail
>>> Oct 13 23:40:36 domogled nginx[19730]: nginx: [emerg] bind() to
>>> 0.0.0.0:80 faile
>>> Oct 13 23:40:36 domogled nginx[19730]: nginx: [emerg] bind() to
>>> [::]:80 failed (
>>> Oct 13 23:40:36 domogled nginx[19730]: nginx: [emerg] still could
>>> not bind()
>>> Oct 13 23:40:36 domogled systemd[1]: nginx.service: Control process
>>> exited, code
>>> Oct 13 23:40:36 domogled systemd[1]: nginx.service: Failed with
>>> result 'exit-cod
>>> Oct 13 23:40:37 domogled systemd[1]: Failed to start A high
>>> performance web serv
>>> lines 1-17/17 (END)
>>>
>>>
>>> Dne 13. 10. 20 v 17:15 Jan Pleva napsal(a):
>>>> no, nabehne... prave ze nenabehne... pokud tam ten web bezi v
>>>> mezicase, pak je dost mozna problem v tom, ze bud tam bezi jiny
>>>> webserver, nebo nejaka druha instance nginxu o ketere ten start
>>>> script nevi. Tak nebo onak, nginx se nemuze poslouchat na 80/443
>>>> protoze uz na tom portu neco jineho posloucha. At uz nginx, Apache
>>>> nebo neco jineho.
>>>>
>>>> Jak pise kolega, /netstat -luntp | grep "80\|443"/ by melo vnest
>>>> svetlo odkud vitr fouka.
>>>>
>>>> S pozdravem
>>>>
>>>> Jan Pleva
>>>>
>>>>
>>>> út 13. 10. 2020 v 16:03 odesílatel petr.bolf at taborpolana.cz
>>>> <mailto:petr.bolf at taborpolana.cz> <petr.bolf at taborpolana.cz
>>>> <mailto:petr.bolf at taborpolana.cz>> napsal:
>>>>
>>>> dík
>>>>
>>>>
>>>> Mate mne, že server naběhne, nginx -t je spokojený a chyba se
>>>> projeví až
>>>> po nějakém čase. Zatím se mi zdá, že jsem měl bordel v jednom
>>>> konfiguráku a jakoby to tam udělal certbot, a nebo se tam něco
>>>> omylem
>>>> zkopírovalo.
>>>>
>>>>
>>>> Když jsem měl chybu v konfiguraci serveru, většinou se to
>>>> projevilo už
>>>> při startu, nebo při nginx -t.
>>>>
>>>>
>>>>
>>>> Petr
>>>>
>>>> Dne 13. 10. 20 v 15:31 Vojtěch Oram napsal(a):
>>>> > Ahoj,
>>>> > neběží tim tam třeba ještě Apache? Vypadá to, že Nginx nemůže
>>>> > nastartovat, protože jsou porty 80 a 443 už obsazené. Zkus se
>>>> kouknout
>>>> > na výstup "netstat -nlp", co tam běží na portu 80 a 443.
>>>> >
>>>> > S přáním pěkného dne
>>>> >
>>>> > Vojtěch "Flaiming" Oram
>>>> > https://vojtechoram.cz <https://vojtechoram.cz/>
>>>> >
>>>> > Dne 13. 10. 20 v 14:57 petr.bolf at taborpolana.cz
>>>> <mailto:petr.bolf at taborpolana.cz> napsal(a):
>>>> >> zdravím,
>>>> >>
>>>> >>
>>>> >> nevěděl by někdo s čím může být problém - asi někde v
>>>> konfiguraci
>>>> >> serverů pro nginx.
>>>> >>
>>>> >> sudo nginx -t
>>>> >> nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
>>>> >> nginx: configuration file /etc/nginx/nginx.conf test is
>>>> successful
>>>> >>
>>>> >>
>>>> >> sudo systemctl start nginx.service
>>>> >>
>>>> >> sudo systemctl status nginx.service
>>>> >> ● nginx.service - A high performance web server and a
>>>> reverse proxy
>>>> >> server
>>>> >> Loaded: loaded (/lib/systemd/system/nginx.service;
>>>> enabled; vendor
>>>> >> preset: en
>>>> >> Active: active (running) since Tue 2020-10-13 14:49:08
>>>> CEST; 6min ago
>>>> >> Docs: man:nginx(8)
>>>> >> Process: 16277 ExecStartPre=/usr/sbin/nginx -t -q -g
>>>> daemon on;
>>>> >> master_process
>>>> >> Process: 16278 ExecStart=/usr/sbin/nginx -g daemon on;
>>>> >> master_process on; (cod
>>>> >> Main PID: 16279 (nginx)
>>>> >> Memory: 21.0M
>>>> >> CGroup: /system.slice/nginx.service
>>>> >> ├─16279 nginx: master process /usr/sbin/nginx -g
>>>> daemon
>>>> >> on; master_pr
>>>> >> ├─16280 nginx: worker process
>>>> >> ├─16281 nginx: worker process
>>>> >> ├─16282 nginx: worker process
>>>> >> ├─16283 nginx: worker process
>>>> >> ├─16284 nginx: worker process
>>>> >> ├─16285 nginx: worker process
>>>> >> ├─16286 nginx: worker process
>>>> >> └─16287 nginx: worker process
>>>> >>
>>>> >>
>>>> >> jenže po nějakém čase server spadne.
>>>> >>
>>>> >>
>>>> >> sudo tail -f /var/log/nginx/error.log
>>>> >> 2020/10/13 02:39:01 [emerg] 7506#7506: bind() to [::]:443
>>>> failed (98:
>>>> >> Address already in use)
>>>> >> 2020/10/13 02:39:01 [emerg] 7506#7506: bind() to 0.0.0.0:443
>>>> <http://0.0.0.0:443/> failed
>>>> >> (98: Address already in use)
>>>> >> 2020/10/13 02:39:01 [emerg] 7506#7506: bind() to 0.0.0.0:80
>>>> <http://0.0.0.0/> failed
>>>> >> (98: Address already in use)
>>>> >> 2020/10/13 02:39:01 [emerg] 7506#7506: bind() to [::]:80
>>>> failed (98:
>>>> >> Address already in use)
>>>> >> 2020/10/13 02:39:01 [emerg] 7506#7506: bind() to [::]:443
>>>> failed (98:
>>>> >> Address already in use)
>>>> >> 2020/10/13 02:39:01 [emerg] 7506#7506: bind() to 0.0.0.0:443
>>>> <http://0.0.0.0:443/> failed
>>>> >> (98: Address already in use)
>>>> >> 2020/10/13 02:39:01 [emerg] 7506#7506: bind() to 0.0.0.0:80
>>>> <http://0.0.0.0/> failed
>>>> >> (98: Address already in use)
>>>> >> 2020/10/13 02:39:01 [emerg] 7506#7506: bind() to [::]:80
>>>> failed (98:
>>>> >> Address already in use)
>>>> >> 2020/10/13 02:39:01 [emerg] 7506#7506: still could not bind()
>>>> >> 2020/10/13 02:39:04 [alert] 7357#7357: unlink()
>>>> "/run/nginx.pid"
>>>> >> failed (2: No such file or directory)
>>>> >>
>>>> >>
>>>> >> a když je spadlý tak
>>>> >>
>>>> >>
>>>> >> sudo systemctl status nginx.service
>>>> >> [sudo] password for pruga:
>>>> >> ● nginx.service - A high performance web server and a
>>>> reverse proxy
>>>> >> server
>>>> >> Loaded: loaded (/lib/systemd/system/nginx.service;
>>>> enabled; vendor
>>>> >> preset: en
>>>> >> Active: failed (Result: exit-code) since Tue 2020-10-13
>>>> 02:39:04
>>>> >> CEST; 11h ag
>>>> >> Docs: man:nginx(8)
>>>> >> Process: 7501 ExecStartPre=/usr/sbin/nginx -t -q -g daemon
>>>> on;
>>>> >> master_process
>>>> >> Process: 7506 ExecStart=/usr/sbin/nginx -g daemon on;
>>>> >> master_process on; (code
>>>> >>
>>>> >> Oct 13 02:39:03 domogled nginx[7506]: nginx: [emerg] bind() to
>>>> >> 0.0.0.0:80 <http://0.0.0.0/> failed
>>>> >> Oct 13 02:39:03 domogled nginx[7506]: nginx: [emerg] bind() to
>>>> >> [::]:80 failed (9
>>>> >> Oct 13 02:39:03 domogled nginx[7506]: nginx: [emerg] bind() to
>>>> >> [::]:443 failed (
>>>> >> Oct 13 02:39:03 domogled nginx[7506]: nginx: [emerg] bind() to
>>>> >> 0.0.0.0:443 <http://0.0.0.0:443/> faile
>>>> >> Oct 13 02:39:03 domogled nginx[7506]: nginx: [emerg] bind() to
>>>> >> 0.0.0.0:80 <http://0.0.0.0/> failed
>>>> >> Oct 13 02:39:03 domogled nginx[7506]: nginx: [emerg] bind() to
>>>> >> [::]:80 failed (9
>>>> >> Oct 13 02:39:04 domogled nginx[7506]: nginx: [emerg] still
>>>> could not
>>>> >> bind()
>>>> >> Oct 13 02:39:04 domogled systemd[1]: nginx.service: Control
>>>> process
>>>> >> exited, code
>>>> >> Oct 13 02:39:04 domogled systemd[1]: nginx.service: Failed with
>>>> >> result 'exit-cod
>>>> >> Oct 13 02:39:04 domogled systemd[1]: Failed to start A high
>>>> >> performance web serv
>>>> >>
>>>> >>
>>>> >> přičemž
>>>> >>
>>>> >> sudo systemctl start nginx.service
>>>> >>
>>>> >>
>>>> >> ho zase nastartuje a zase chvilu běží.
>>>> >>
>>>> >>
>>>> >> díky
>>>> >>
>>>> >>
>>>> >> Petr Bolf
>>>> >>
>>>> >> _______________________________________________
>>>> >> Community-list mailing list
>>>> >> Community-list at lists.vpsfree.cz
>>>> <mailto:Community-list at lists.vpsfree.cz>
>>>> >> http://lists.vpsfree.cz/listinfo/community-list
>>>> > _______________________________________________
>>>> > Community-list mailing list
>>>> > Community-list at lists.vpsfree.cz
>>>> <mailto:Community-list at lists.vpsfree.cz>
>>>> > http://lists.vpsfree.cz/listinfo/community-list
>>>> _______________________________________________
>>>> Community-list mailing list
>>>> Community-list at lists.vpsfree.cz
>>>> <mailto:Community-list at lists.vpsfree.cz>
>>>> http://lists.vpsfree.cz/listinfo/community-list
>>>>
>>>>
>>>> _______________________________________________
>>>> Community-list mailing list
>>>> Community-list at lists.vpsfree.cz
>>>> http://lists.vpsfree.cz/listinfo/community-list
>>>
>>> _______________________________________________
>>> Community-list mailing list
>>> Community-list at lists.vpsfree.cz
>>> http://lists.vpsfree.cz/listinfo/community-list
>>
>> _______________________________________________
>> Community-list mailing list
>> Community-list at lists.vpsfree.cz <mailto:Community-list at lists.vpsfree.cz>
>> http://lists.vpsfree.cz/listinfo/community-list
>
>
> _______________________________________________
> Community-list mailing list
> Community-list at lists.vpsfree.cz
> http://lists.vpsfree.cz/listinfo/community-list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vpsfree.cz/pipermail/community-list/attachments/20201014/00a14701/attachment-0001.html>
More information about the Community-list
mailing list