We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Vesta cron job breaks sapache2.conf.
Vesta cron job breaks sapache2.conf.
Hi,
I've looked around the forums, and I think this might be related to this post viewtopic.php?f=11&t=14708, but I don't get any curly braces ...
So, some background. I've been running a vestacp installation without issue for a year or more. I set up a new one for a client. The admin user has one domain, the secondary user has two domains. Only one domain for the secondary user was affected. All domains use the nginx proxy/apache2 config.
At 2.15 one night, apache2 failed to reload. I received emails about it from vestacp and a third party uptime monitor, but it was the middle of the night, so I didn't see it until the morning.
Investigating the problem, apache failed on the line
Include conf.d/
Eliminating files one by one that led to conf.d/vesta.conf
Eliminating the lines on that file, led to /home/username/conf/web/sapache2.conf
Issuing "v-rebuild-web-domains username" fixed the problem and allowed apache2 to start.
So that was the problem. Now what caused it? From vesta error log we get
There are two cronjobs firing off at 2:15
15 02 * * * admin sudo /usr/local/vesta/bin/v-update-sys-queue disk
15 2 * * * admin sudo /usr/local/vesta/bin/v-update-letsencrypt-ssl
... which would lead me to suspect the letsencrypt one. I have re-scheduled this to 10:15 am so I can react quicker.
Grepping the vesta system log for letsencrypt: grep letsencrypt system.log
I wasn't able to find a broken copy of the config.
Any ideas what's going on here? Can I supply more information? Should I raise a bug?
I've looked around the forums, and I think this might be related to this post viewtopic.php?f=11&t=14708, but I don't get any curly braces ...
So, some background. I've been running a vestacp installation without issue for a year or more. I set up a new one for a client. The admin user has one domain, the secondary user has two domains. Only one domain for the secondary user was affected. All domains use the nginx proxy/apache2 config.
At 2.15 one night, apache2 failed to reload. I received emails about it from vestacp and a third party uptime monitor, but it was the middle of the night, so I didn't see it until the morning.
Investigating the problem, apache failed on the line
Include conf.d/
Eliminating files one by one that led to conf.d/vesta.conf
Eliminating the lines on that file, led to /home/username/conf/web/sapache2.conf
Issuing "v-rebuild-web-domains username" fixed the problem and allowed apache2 to start.
So that was the problem. Now what caused it? From vesta error log we get
Code: Select all
2017-06-16 19:06:11 v-add-firewall-chain 'REPEAT' [Error 1]
2017-06-27 02:15:23 v-restart-web [Error 20]
2017-06-27 02:15:23 v-delete-web-domain-ssl 'username' 'domainname.com' [Error 20]
2017-06-27 02:15:24 v-restart-web [Error 20]
2017-06-27 02:15:24 v-add-web-domain-ssl 'username' 'domainname.com' '/tmp/tmp.3ie0ys0Fvm' [Error 20]
2017-06-27 02:15:24 v-restart-web [Error 20]
2017-06-27 08:59:08 v-rebuild-web-domains [Error 1]
2017-06-27 08:59:16 v-restart-web [Error 20]
2017-06-27 08:59:16 v-rebuild-web-domains 'admin' [Error 20]
15 02 * * * admin sudo /usr/local/vesta/bin/v-update-sys-queue disk
15 2 * * * admin sudo /usr/local/vesta/bin/v-update-letsencrypt-ssl
... which would lead me to suspect the letsencrypt one. I have re-scheduled this to 10:15 am so I can react quicker.
Grepping the vesta system log for letsencrypt: grep letsencrypt system.log
Code: Select all
2017-05-18 11:51:12 v-add-cron-job 'admin' '*/5' 'index.php' 'index.php' 'index.php' 'index.php' 'sudo /usr/local/vesta/bin/v-update-sys-queue letsencrypt'
2017-05-18 11:51:13 v-add-cron-letsencrypt-job
# No problems with dev subdomain
2017-05-18 11:51:13 v-schedule-letsencrypt-domain 'username' 'dev.domainname.com'
2017-05-18 11:58:13 v-check-letsencrypt-domain 'username' 'dev.domainname.com'
2017-05-18 11:58:15 v-sign-letsencrypt-csr 'username' 'dev.domainname.com' '/tmp/tmp.XJW9rtRA6O'
2017-05-18 11:58:18 v-add-letsencrypt-domain 'username' 'dev.domainname.com' '' 'no'
2017-05-18 15:13:59 v-check-letsencrypt-domain 'username' 'dev.domainname.com'
2017-05-18 15:14:05 v-sign-letsencrypt-csr 'username' 'dev.domainname.com' '/tmp/tmp.T1unbakCFE'
2017-05-18 15:14:07 v-add-letsencrypt-domain 'username' 'dev.domainname.com' '' 'no'
# No problems with domain with admin user and sub subdomain
2017-06-25 02:15:08 v-check-letsencrypt-domain 'admin' 'sub.domainname.com'
2017-06-25 02:15:17 v-sign-letsencrypt-csr 'admin' 'sub.domainname.com' '/tmp/tmp.wZPqiPhthD'
2017-06-25 02:15:22 v-add-letsencrypt-domain 'admin' 'sub.domainname.com'
# This domain affected. Seems to be the first time this combo has run since the server was set up
2017-06-27 02:15:08 v-check-letsencrypt-domain 'username' 'domainname.com'
2017-06-27 02:15:13 v-check-letsencrypt-domain 'username' 'www.domainname.com'
2017-06-27 02:15:16 v-sign-letsencrypt-csr 'username' 'domainname.com' '/tmp/tmp.3ie0ys0Fvm'
2017-06-27 02:15:24 v-add-letsencrypt-domain 'username' 'domainname.com' 'www.domainname.com'
Any ideas what's going on here? Can I supply more information? Should I raise a bug?
Last edited by plutocrat on Thu Jun 29, 2017 4:35 am, edited 1 time in total.
Re: Vesta cron job breaks sapache2.conf.
Just noticed that the domain in question now has a new SSL certificate, issued on 27th at 1.15am. I'm guessing that this is a timezone error and corresponds to 2.15am, which places it at the scene of the crime. So it might be something to do with when a certificate is actually renewed, rather than just checking.
I don't see why the config would be re-written at all though. The cert goes in the same place, overwriting the existing one. Apache and Nginx need to be restarted, but the config is the same.
I don't see why the config would be re-written at all though. The cert goes in the same place, overwriting the existing one. Apache and Nginx need to be restarted, but the config is the same.
Re: Vesta cron job breaks sapache2.conf.
No response? This seems fairly serious to me, if the webserver may or may not randomly break when updating letsencrypt certificates ...
Re: Vesta cron job breaks sapache2.conf.
This is very important, same error random in my domain.
I found a error un line one, I not understand why added in the first line
Code: Select all
/home/xxx/conf/web/sapache2.conf
Code: Select all
</Virtualhost>
<VirtualHost XXX.XXX.XX.XXX:8443>
Re: Vesta cron job breaks sapache2.conf.
I can confirm is happen on my system too. Ubuntu 16.04.03 LTS. Random </Virtualhost> added during some nightly cron.alexd2 wrote:This is very important, same error random in my domain.I found a error un line one, I not understand why added in the first lineCode: Select all
/home/xxx/conf/web/sapache2.conf
Code: Select all
</Virtualhost> <VirtualHost XXX.XXX.XX.XXX:8443>
Re: Vesta cron job breaks sapache2.conf.
Apparently, this is a bug which has been report and patched here by dpache: https://github.com/serghey-rodin/vesta/pull/1248