nginx restart failed + Letsencrypt
Posted: Thu Dec 14, 2017 6:33 am
Hello,
I have an issue with nginx not starting when a domain certificate is updated.
The cron job to renew certificates run at 06:00 each day
When this happens and a certificate is updated, nginx fails to restart with the following error:
I have checked the conf in /home/[USER]/conf/web/snginx.conf and found that it starts like this:
Pay attention the the } at the start of the file. This is causing the problem. After editing the file and removing this, nginx restarts fine.
Possible bug?
I think this could be caused by a bug in v-update-letsencrypt-ssl but I can't be sure. It can also be related to the one added line I place in conf files. I need to redirect https://TLD/email to a different server so I have added the following line inside the server block, below error_log:
So the server block config looks like this:
Could it be that the addition of the rewrite ^/email$ https://[TLD]:2096/ permanent; is causing this issue?
Can this be resolved in a way compatible with this addition (or any other necessary addition to the conf)?
I understand that I can achieve the same (redirecting https://[TLD]/email) with .htaccess but I wouldn't like using it, because .htaccess files can be deleted/edited by users and thus break the redirection.
I have an issue with nginx not starting when a domain certificate is updated.
The cron job to renew certificates run at 06:00 each day
When this happens and a certificate is updated, nginx fails to restart with the following error:
Code: Select all
* Restarting nginx nginx
nginx: [emerg] unexpected "}" in /home/[USER]/conf/web/snginx.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
Code: Select all
}
server {
listen [IP]:443;
server_name TLD www.[TLD];
ssl on;
[other lines below]
Possible bug?
I think this could be caused by a bug in v-update-letsencrypt-ssl but I can't be sure. It can also be related to the one added line I place in conf files. I need to redirect https://TLD/email to a different server so I have added the following line inside the server block, below error_log:
Code: Select all
rewrite ^/email$ https://[TLD]:2096/ permanent;
Code: Select all
server {
listen [IP]:443;
server_name [TLD] www.[TLD];
ssl on;
ssl_certificate /home/[USER]/conf/web/ssl.[TLD].pem;
ssl_certificate_key /home/[USER]/conf/web/ssl.[TLD].key;
error_log /var/log/apache2/domains/[TLD].error.log error;
rewrite ^/email$ https://[TLD]:2096/ permanent;
location / {
proxy_pass https://[IP]:8443;
location ~* ^.+\.(jpg|jpeg|gif|png|ico|svg|css|zip|tgz|gz|rar|bz2|exe|pdf|doc|xls|ppt|txt|odt|ods|odp|odf|tar|bmp|rtf|js|mp3|avi|mpeg|flv|html|htm)$ {
root /home/[USER]/web/[TLD]/public_html;
access_log /var/log/apache2/domains/[TLD].log combined;
access_log /var/log/apache2/domains/[TLD].bytes bytes;
expires max;
try_files $uri @fallback;
}
}
Can this be resolved in a way compatible with this addition (or any other necessary addition to the conf)?
I understand that I can achieve the same (redirecting https://[TLD]/email) with .htaccess but I wouldn't like using it, because .htaccess files can be deleted/edited by users and thus break the redirection.