You are not logged in.
- Topics: Active | Unanswered
#176 Re: Hardware & System Configuration » [SOLVED] Good nginx ssl instructions » 2023-01-01 03:04:58
OK, cool. I'm impatiently waiting ...
A record set via namecheap still hasn't propagated per dig.
#177 Re: Hardware & System Configuration » [SOLVED] Good nginx ssl instructions » 2023-01-01 02:51:56
Do I need DNSSEC toggled on at namecheap?
#178 Re: Hardware & System Configuration » [SOLVED] Good nginx ssl instructions » 2023-01-01 02:08:08
OK, I set up an A record on namecheap about an hour ago.
Dig is still responding with the same output.
So is https://unboundtest.com/
Do I need to run this
root@devuan1:~# sudo certbot certonly --manual --preferred-challenges dnsOr ... this
root@devuan1:~# sudo certbot --nginx -d realupnow.com -d realupnow.comfirst?
#179 Re: Hardware & System Configuration » [SOLVED] Good nginx ssl instructions » 2022-12-31 23:36:05
Looking here ...
https://community.letsencrypt.org/t/no-valid-a-records-found/174627root@devuan1:~# sudo certbot certonly --manual --preferred-challenges dns
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Please enter in your domain name(s) (comma and/or space separated) (Enter 'c'
to cancel): realupnow.com
Requesting a certificate for realupnow.com
Performing the following challenges:
dns-01 challenge for realupnow.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please deploy a DNS TXT record under the name
_acme-challenge.realupnow.com with the following value:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Before continuing, verify the record is deployed.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue^CCleaning up challengesWhat does this mean, please? "Before continuing, verify the record is deployed."
#180 Re: Hardware & System Configuration » [SOLVED] Good nginx ssl instructions » 2022-12-31 22:28:26
Account registered.
Requesting a certificate for realupnow.com
Performing the following challenges:
http-01 challenge for realupnow.com
Waiting for verification...
Challenge failed for domain realupnow.com
http-01 challenge for realupnow.com
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: realupnow.com
Type: dns
Detail: no valid A records found for realupnow.com; no valid AAAA
records found for realupnow.com2022-12-31 16:32:16,754:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.Any thoughts, please?
EDIT1: I ran an https://unboundtest.com/ test for AAAA and these were the last several lines of output ...
Dec 31 22:32:15 unbound[667849:0] info: query response was ANSWER
Dec 31 22:32:15 unbound[667849:0] info: validated DNSKEY com. DNSKEY IN
Dec 31 22:32:15 unbound[667849:0] info: resolving realupnow.com. DS IN
Dec 31 22:32:15 unbound[667849:0] info: response for realupnow.com. DS IN
Dec 31 22:32:15 unbound[667849:0] info: reply from <com.> 2001:503:d2d::30#53
Dec 31 22:32:15 unbound[667849:0] info: query response was nodata ANSWER
Dec 31 22:32:15 unbound[667849:0] info: NSEC3s for the referral proved no DS.
Dec 31 22:32:15 unbound[667849:0] info: Verified that unsigned response is INSECURE#181 Re: Hardware & System Configuration » [SOLVED] Good nginx ssl instructions » 2022-12-31 18:34:00
Deleted ... I had fat-fingered "certbot" as "cerbot" ... sigh ...
#182 Re: Hardware & System Configuration » [SOLVED] Good nginx ssl instructions » 2022-12-31 15:27:34
OK re. TechRepublic. I have my Ghostery Dawn browser cranked down so tight I barely noticed the debris - or maybe I just filter it in my mind?
I'm going to need some coffee before I can process https://bbs.archlinux.org/viewtopic.php?pid=1776753#p1776753 - thanks for that link!
OK re. Let's Encrypt and a python3-certbot-nginx package to facilitate certificate issue and installation ... that sounds promising.
Thanks to you both ...
#183 Hardware & System Configuration » [SOLVED] Good nginx ssl instructions » 2022-12-31 03:26:31
- dcolburn
- Replies: 165
Other than replacing a check-setup using "ufw" with one for "nftables" ...
... and replacing a "systemctl" restart with a "service" one ...
Does this step-by-step article look reliable (it's dated January 2019)?
https://www.techrepublic.com/article/how-to-enable-ssl-on-nginx/
If not, is there a newer one, that's Devuan-specific or better in some way?
Thanks
#184 Re: Hardware & System Configuration » [SOLVED] php-fpm line missing from /var/run/php/ » 2022-12-31 02:28:18
You've given me some good things to study and resolve.
I guess I first need to set up SSL.
Then proceed from there.
(BTW: http://realupnow.com does resolve from the default Devuan browser on the server. It doesn't resolve from my laptop. I have https-only turned off in the Ghostery Dawn browser - on my laptop.)
Thanks!
#185 Re: Hardware & System Configuration » [SOLVED] php-fpm line missing from /var/run/php/ » 2022-12-30 23:29:14
/etc/nginx/sites-enabled/ only now contains realupnow.com
127.0.0.1 and 192.168.50.4 both take me to nginx.
https://www.realupnow.com is not found.
How do I test for the server path to realupnow.com, please?
#186 Re: Hardware & System Configuration » [SOLVED] php-fpm line missing from /var/run/php/ » 2022-12-30 23:02:11
2022/12/30 17:25:34 [emerg] 4042#4042: open() "/etc/nginx/sites-enabled/website1.com" failed (2: No such file or directory) in /etc/nginx/nginx.conf:64I think the problem is here:
include /etc/nginx/modules-enabled/*.confI deleted the symlinks to default.com, website1.com, and website2.com from /etc/nginx/sites-enabled
Also, realupnow.com is now a folder in /var/www/ and index.html is in that folder. Both are now also set to www-data:www-data
root@devuan1:~# sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
root@devuan1:~# sudo service nginx restart
Restarting nginx: nginx.
root@devuan1:~# #187 Re: Hardware & System Configuration » [SOLVED] php-fpm line missing from /var/run/php/ » 2022-12-30 22:26:57
Should realupnow.com permissions be root?
"sudo service nginx restart" failed.
I've not seen that before ...
#188 Re: Hardware & System Configuration » [SOLVED] php-fpm line missing from /var/run/php/ » 2022-12-30 22:23:55
##
# Virtual Host configuration for realupnow.com
#
# Be sure to symlink that to sites-enabled/ to enable it.
# sudo ln -s /etc/nginx/sites-available/realupnow.com /etc/nginx/sites-enabled/realupnow.com
#
server {
listen 80;
root /var/www/realupnow.com;
index index.php index.html index.htm;
server_name realupnow.com;location / {
try_files $uri $uri/ =404;
}location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
}
#189 Re: Hardware & System Configuration » [SOLVED] php-fpm line missing from /var/run/php/ » 2022-12-30 22:09:37
root@devuan1:/etc/nginx/sites-enabled# ls -l
total 0
lrwxrwxrwx 1 root root 40 Dec 29 21:53 realupnow.com -> /etc/nginx/sites-available/realupnow.com
lrwxrwxrwx 1 root root 39 Dec 29 21:17 website1.com -> /etc/nginx/sites-available/website1.com
lrwxrwxrwx 1 root root 39 Dec 29 21:17 website2.com -> /etc/nginx/sites-available/website2.com
lrwxrwxrwx 1 root root 34 Dec 24 21:35 xdefault -> /etc/nginx/sites-available/default
root@devuan1:/etc/nginx/sites-enabled#
user www-data;
error_log logs/error.log notice;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
include conf.d/http;
include conf.d/stream;
include conf.d/exchange-enhanced;events {
worker_connections 768;
# multi_accept on;
}http {
##
# Basic Settings
##sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
# server_tokens off;# server_names_hash_bucket_size 64;
# server_name_in_redirect off;include /etc/nginx/mime.types;
default_type application/octet-stream;##
# SSL Settings
##ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;##
#190 Re: Hardware & System Configuration » [SOLVED] php-fpm line missing from /var/run/php/ » 2022-12-30 21:07:22
Do I need to install the "Unit" Control API?
#191 Re: Hardware & System Configuration » [SOLVED] php-fpm line missing from /var/run/php/ » 2022-12-30 19:31:41
Nothing stands out in any of those three logs.
I'd previously corrected code errors in nginx.conf and there were no errors in the php7.4-fpm log.
#192 Re: Hardware & System Configuration » [SOLVED] php-fpm line missing from /var/run/php/ » 2022-12-30 04:23:56
I tried ... no joy.
It's getting too late for me to stay focused. I'll have to return to this in the morning.
Thanks!
#193 Re: Hardware & System Configuration » [SOLVED] php-fpm line missing from /var/run/php/ » 2022-12-30 03:49:20
Unfortunately I'm not getting the graphic shown in Step 4.
echo "<?php phpinfo(); ?>" | sudo tee /var/www/html/info.phpIt just generates a single line of text in a file named info.php (contents are "<?php phpinfo(); ?>") - that file isn't opened but is downloaded when I visit 127.0.0.1/info.php in a web browser.
#194 Re: Hardware & System Configuration » [SOLVED] php-fpm line missing from /var/run/php/ » 2022-12-30 03:34:51
OK, cool ... got internal web pages to serve ... onward to serving them outside ...
Thanks
#195 Hardware & System Configuration » [SOLVED] php-fpm line missing from /var/run/php/ » 2022-12-30 03:00:53
- dcolburn
- Replies: 20
Following instructions here:
https://linuxiac.com/how-to-configure-n … a-php-fpm/
All is good until I get here:
ls -l /var/run/php/
total 4
-rw-r--r-- 1 root root 5 Dec 1 17:43 php7.4-fpm.pid
srw-rw---- 1 www-data www-data 0 Dec 1 17:43 php7.4-fpm.sock
lrwxrwxrwx 1 root root 30 Dec 1 17:43 php-fpm.sock -> /etc/alternatives/php-fpm.sockThe third line is missing.
Do I take it as my needing to create a symlink for that somehow?
Note: I just installed php-fpm via the Synaptic Package Manager.
Thanks
#196 Re: Hardware & System Configuration » [SOLVED] ssh not working » 2022-12-29 21:01:37
Done - have ssh in and out of the server box. Thanks.
I can see nginx on the server from my laptop but the test program to serve a sample web page from their back2basics video isn't playing nicely. Arghh!
#197 Re: Hardware & System Configuration » [SOLVED] ssh not working » 2022-12-29 20:00:52
I just noticed that ssh is one of the apps that seems to have been uninstalled - perhaps when I removed ufw or grav or whatever.
Anyhow, since this is a server install - should I prefer "ssh" or "openssh" via Synaptic or run this?
dpkg-query -l | grep -i openssh-server#198 Hardware & System Configuration » [SOLVED] ssh not working » 2022-12-29 19:54:01
- dcolburn
- Replies: 4
Does this be added to /etc/nftables.conf to allow ssh access?
chain inbound {
# Allow SSH on port TCP/22 and allow HTTP(S) TCP/80 and TCP/443
# for IPv4 and IPv6.
tcp dport { 22, 80, 443} acceptWill it also need an outbound?
#199 Re: Hardware & System Configuration » [SOLVED] nginx version » 2022-12-29 18:05:50
OK, got it.
Back to chasing conflicts between files cited in a nginx video "How to Get Started With NGINX" and the files to which they link on github.
Someone didn't proof it, it seems ... sigh.
Thanks
#200 Hardware & System Configuration » [SOLVED] nginx version » 2022-12-29 17:38:57
- dcolburn
- Replies: 3
Is there a reason why the nginx version in the repository is 1.18 rather than 1.19?
Their video tutorial recommends 1.19.
Or should it not represent a significant difference?
Thanks
Board footer
