Vesta Control Panel - Forum

Posted: **Wed Jun 28, 2017 4:29 am**

Hi,
I've looked around the forums, and I think this might be related to this post viewtopic.php?f=11&t=14708, but I don't get any curly braces ...

So, some background. I've been running a vestacp installation without issue for a year or more. I set up a new one for a client. The admin user has one domain, the secondary user has two domains. Only one domain for the secondary user was affected. All domains use the nginx proxy/apache2 config.

At 2.15 one night, apache2 failed to reload. I received emails about it from vestacp and a third party uptime monitor, but it was the middle of the night, so I didn't see it until the morning.

Investigating the problem, apache failed on the line
Include conf.d/
Eliminating files one by one that led to conf.d/vesta.conf
Eliminating the lines on that file, led to /home/username/conf/web/sapache2.conf

Issuing "v-rebuild-web-domains username" fixed the problem and allowed apache2 to start.

So that was the problem. Now what caused it? From vesta error log we get

Code: Select all

2017-06-16 19:06:11 v-add-firewall-chain  'REPEAT' [Error 1]
2017-06-27 02:15:23 v-restart-web  [Error 20]
2017-06-27 02:15:23 v-delete-web-domain-ssl  'username' 'domainname.com' [Error 20]
2017-06-27 02:15:24 v-restart-web  [Error 20]
2017-06-27 02:15:24 v-add-web-domain-ssl  'username' 'domainname.com' '/tmp/tmp.3ie0ys0Fvm' [Error 20]
2017-06-27 02:15:24 v-restart-web  [Error 20]
2017-06-27 08:59:08 v-rebuild-web-domains  [Error 1]
2017-06-27 08:59:16 v-restart-web  [Error 20]
2017-06-27 08:59:16 v-rebuild-web-domains  'admin' [Error 20]

There are two cronjobs firing off at 2:15
15 02 * * * admin sudo /usr/local/vesta/bin/v-update-sys-queue disk
15 2 * * * admin sudo /usr/local/vesta/bin/v-update-letsencrypt-ssl
... which would lead me to suspect the letsencrypt one. I have re-scheduled this to 10:15 am so I can react quicker.

Grepping the vesta system log for letsencrypt: grep letsencrypt system.log

Code: Select all

2017-05-18 11:51:12 v-add-cron-job  'admin' '*/5' 'index.php' 'index.php' 'index.php' 'index.php' 'sudo /usr/local/vesta/bin/v-update-sys-queue letsencrypt'
2017-05-18 11:51:13 v-add-cron-letsencrypt-job 
# No problems with dev subdomain
2017-05-18 11:51:13 v-schedule-letsencrypt-domain  'username' 'dev.domainname.com'
2017-05-18 11:58:13 v-check-letsencrypt-domain  'username' 'dev.domainname.com'
2017-05-18 11:58:15 v-sign-letsencrypt-csr  'username' 'dev.domainname.com' '/tmp/tmp.XJW9rtRA6O'
2017-05-18 11:58:18 v-add-letsencrypt-domain  'username' 'dev.domainname.com' '' 'no'
2017-05-18 15:13:59 v-check-letsencrypt-domain  'username' 'dev.domainname.com'
2017-05-18 15:14:05 v-sign-letsencrypt-csr  'username' 'dev.domainname.com' '/tmp/tmp.T1unbakCFE'
2017-05-18 15:14:07 v-add-letsencrypt-domain  'username' 'dev.domainname.com' '' 'no'
# No problems with domain with admin user and sub subdomain
2017-06-25 02:15:08 v-check-letsencrypt-domain  'admin' 'sub.domainname.com'
2017-06-25 02:15:17 v-sign-letsencrypt-csr  'admin' 'sub.domainname.com' '/tmp/tmp.wZPqiPhthD'
2017-06-25 02:15:22 v-add-letsencrypt-domain  'admin' 'sub.domainname.com'
# This domain affected. Seems to be the first time this combo has run since the server was set up
2017-06-27 02:15:08 v-check-letsencrypt-domain  'username' 'domainname.com'
2017-06-27 02:15:13 v-check-letsencrypt-domain  'username' 'www.domainname.com'
2017-06-27 02:15:16 v-sign-letsencrypt-csr  'username' 'domainname.com' '/tmp/tmp.3ie0ys0Fvm'
2017-06-27 02:15:24 v-add-letsencrypt-domain  'username' 'domainname.com' 'www.domainname.com'

I wasn't able to find a broken copy of the config.

Any ideas what's going on here? Can I supply more information? Should I raise a bug?

Posted: **Wed Jun 28, 2017 5:13 am**

Just noticed that the domain in question now has a new SSL certificate, issued on 27th at 1.15am. I'm guessing that this is a timezone error and corresponds to 2.15am, which places it at the scene of the crime. So it might be something to do with when a certificate is actually renewed, rather than just checking.
I don't see why the config would be re-written at all though. The cert goes in the same place, overwriting the existing one. Apache and Nginx need to be restarted, but the config is the same.

Posted: **Thu Jul 06, 2017 4:11 am**

No response? This seems fairly serious to me, if the webserver may or may not randomly break when updating letsencrypt certificates ...

Posted: **Sun Nov 05, 2017 9:52 am**

This is very important, same error random in my domain.

Code: Select all

/home/xxx/conf/web/sapache2.conf

I found a error un line one, I not understand why added in the first line

Code: Select all

</Virtualhost>
<VirtualHost XXX.XXX.XX.XXX:8443>

Posted: **Tue Nov 07, 2017 2:26 am**

alexd2 wrote:This is very important, same error random in my domain.
Code: Select all
/home/xxx/conf/web/sapache2.conf
I found a error un line one, I not understand why added in the first line
Code: Select all
</Virtualhost>
<VirtualHost XXX.XXX.XX.XXX:8443>

I can confirm is happen on my system too. Ubuntu 16.04.03 LTS. Random </Virtualhost> added during some nightly cron.

Posted: **Sat Nov 11, 2017 3:50 pm**

Apparently, this is a bug which has been report and patched here by dpache: https://github.com/serghey-rodin/vesta/pull/1248

Vesta Control Panel - Forum

Vesta cron job breaks sapache2.conf.

Vesta cron job breaks sapache2.conf.

Re: Vesta cron job breaks sapache2.conf.

Re: Vesta cron job breaks sapache2.conf.

Re: Vesta cron job breaks sapache2.conf.

Re: Vesta cron job breaks sapache2.conf.

Re: Vesta cron job breaks sapache2.conf.