(Dec 29) New version 0.9.8-18 has been released

nginx restart failed + Letsencrypt

Questions regarding the Web Server
Apache + Nginx, Nginx + PHP5-FPM
Forum rules
Before creating a new topic or reply on the forum you should fill out additional fields "Os" and "Web" in your profile section.
In case of violation, the topic can be closed or response from the support will not be received.
Felix
Posts: 105
Joined: Tue Aug 04, 2015 7:15 pm

Os: Ubuntu 16x
Web: apache + nginx

nginx restart failed + Letsencrypt

Postby Felix » Thu Dec 14, 2017 6:33 am

Hello,

I have an issue with nginx not starting when a domain certificate is updated.

The cron job to renew certificates run at 06:00 each day
Image
When this happens and a certificate is updated, nginx fails to restart with the following error:

Code: Select all

 * Restarting nginx nginx
nginx: [emerg] unexpected "}" in /home/[USER]/conf/web/snginx.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed


I have checked the conf in /home/[USER]/conf/web/snginx.conf and found that it starts like this:

Code: Select all

}

server {
    listen      [IP]:443;
    server_name TLD www.[TLD];
    ssl         on;
    [other lines below]


Pay attention the the } at the start of the file. This is causing the problem. After editing the file and removing this, nginx restarts fine.

Possible bug?
I think this could be caused by a bug in v-update-letsencrypt-ssl but I can't be sure. It can also be related to the one added line I place in conf files. I need to redirect https://TLD/email to a different server so I have added the following line inside the server block, below error_log:

Code: Select all

rewrite ^/email$ https://[TLD]:2096/ permanent;


So the server block config looks like this:

Code: Select all

server {
    listen      [IP]:443;
    server_name [TLD] www.[TLD];
    ssl         on;
    ssl_certificate      /home/[USER]/conf/web/ssl.[TLD].pem;
    ssl_certificate_key  /home/[USER]/conf/web/ssl.[TLD].key;
    error_log  /var/log/apache2/domains/[TLD].error.log error;

        rewrite ^/email$ https://[TLD]:2096/ permanent;

      location / {
        proxy_pass      https://[IP]:8443;
        location ~* ^.+\.(jpg|jpeg|gif|png|ico|svg|css|zip|tgz|gz|rar|bz2|exe|pdf|doc|xls|ppt|txt|odt|ods|odp|odf|tar|bmp|rtf|js|mp3|avi|mpeg|flv|html|htm)$ {
            root           /home/[USER]/web/[TLD]/public_html;
            access_log     /var/log/apache2/domains/[TLD].log combined;
            access_log     /var/log/apache2/domains/[TLD].bytes bytes;
            expires        max;
            try_files      $uri @fallback;
        }
    }


Could it be that the addition of the rewrite ^/email$ https://[TLD]:2096/ permanent; is causing this issue?
Can this be resolved in a way compatible with this addition (or any other necessary addition to the conf)?

I understand that I can achieve the same (redirecting https://[TLD]/email) with .htaccess but I wouldn't like using it, because .htaccess files can be deleted/edited by users and thus break the redirection.

Return to “Web Server”



Who is online

Users browsing this forum: No registered users and 2 guests

cron