nginx -t failed after fresh install + invalid SSL
Closed this issue · 4 comments
root@stream:~/azuracast_installer# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=22.04
DISTRIB_CODENAME=jammy
DISTRIB_DESCRIPTION="Ubuntu 22.04.2 LTS"- 1/10 prepare_system
last backlog's install:
***************************************************************************
Whup! Whup! AzuraCast Installation is complete.
[...]
Because of Updates, some service restarts and maybe also Kernel ones. I prefer to reboot now.
***************************************************************************
then i reboot.
reboot is ok, but nginx is failling:
root@stream:~# systemctl status nginx.service
× nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; disabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Tue 2023-02-21 18:28:08 UTC; 15s ago
Docs: man:nginx(8)
Process: 1191 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE)
CPU: 14ms
Feb 21 18:28:08 stream systemd[1]: Starting A high performance web server and a reverse proxy server...
Feb 21 18:28:08 stream nginx[1191]: nginx: [emerg] duplicate upstream "php-fpm-internal" in /etc/nginx/sites-enabled/azuracast.conf:1
Feb 21 18:28:08 stream nginx[1191]: nginx: configuration file /etc/nginx/nginx.conf test failed
Feb 21 18:28:08 stream systemd[1]: nginx.service: Control process exited, code=exited, status=1/FAILURE
Feb 21 18:28:08 stream systemd[1]: nginx.service: Failed with result 'exit-code'.
Feb 21 18:28:08 stream systemd[1]: Failed to start A high performance web server and a reverse proxy server.
root@stream:~# nginx -t
nginx: [emerg] duplicate upstream "php-fpm-internal" in /etc/nginx/sites-enabled/azuracast.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
root@stream:~# supervisorctl status
beanstalkd RUNNING pid 752, uptime 0:05:23
centrifugo RUNNING pid 756, uptime 0:05:23
cron RUNNING pid 753, uptime 0:05:23
mariadb RUNNING pid 749, uptime 0:05:23
nginx FATAL Exited too quickly (process log may have details)
php-fpm RUNNING pid 750, uptime 0:05:23
php-nowplaying RUNNING pid 754, uptime 0:05:23
php-worker RUNNING pid 1308, uptime 0:00:15
sftpgo RUNNING pid 757, uptime 0:05:23
-> commenting lines 1 to 4
root@stream:~# nginx -t
nginx: [emerg] duplicate upstream "php-fpm-www" in /etc/nginx/sites-enabled/azuracast.conf:5
nginx: configuration file /etc/nginx/nginx.conf test failed
-> commenting lines 5 to 8
root@stream:~# nginx -t
nginx: [emerg] a duplicate default server for 0.0.0.0:443 in /etc/nginx/sites-enabled/azuracast.conf:49
nginx: configuration file /etc/nginx/nginx.conf test failed
-> commenting line 49
root@stream:~# nginx -t
nginx: [warn] conflicting server name "localhost" on 0.0.0.0:80, ignored
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
and then restarting nginx via supervisor:
root@stream:~# supervisorctl start nginx
nginx: started
but i can't connect via ffox because SSL is self-signed:
stream.krashboyz.org uses an invalid security certificate.
The certificate is not trusted because it is self-signed.
Error code: MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT
nor via chromium because HSTS is on:
NET::ERR_CERT_AUTHORITY_INVALID
[...]
You cannot visit stream.krashboyz.org right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later.
for the SSL :
a good solution could be to add acme challenge to configure the good SSL certification during the install: the domain for azuracast is requested at the beginning of the install process:
Enter your Domain/Subdomain for AzuraCast (e.g., mydomain.com or subdomain.domain.com): stream.krashboyz.org
We received your Hostname: stream.krashboyz.org
tips: i can register in simple HTTP mode with midori web browser to reister in and set the letsencrypt on.
Please do
systemctl disable nginx
Then reboot and see if Supervisor can start Nginx now.
If not, please change the content in this file /etc/supervisor/conf.d/nginx.conf with this one here: https://github.com/scysys/AzuraCast-Ubuntu/blob/main/supervisor/conf.d/nginx.conf
Are you sure you used the latest installer version and not the main branch :)? If it was the main branch. Better do a reinstall with the latest installer version.
but i can't connect via ffox because SSL is self-signed:
That's how the AzuraCast developers did it in the past. I just used the same way for now. After the installer is finished, you must actually access the panel with HTTP://
You cannot visit stream.krashboyz.org right now because the website uses HSTS
HSTS is really a problem with the way how the installer and Azura's default installation are working. I'd prefer that you access your installation after the installer is finished via your IP like this: http://ip-address/. Make sure you do the ACME part inside AzuraCast first. After you generate your certificate, you can change your IP to your subdomain.
Ill updated a few minutes ago the installer version. Just reinstall your os and do this to install
mkdir /root/azuracast_installer && cd /root/azuracast_installer && git clone https://github.com/scysys/AzuraCast-Ubuntu.git . && git checkout 90efce5de1e4a09c103f5c653ceac0f7a6e404db && chmod +x install.sh && ./install.sh -i
sorry for my silence @scysys ,
a bit busy here, and not enough time for everything i would...
after my workaround, azuracast is working in "production" with streams 24/7 on it,
so i would be sure i have a working snapshot of the vm before i do anything else (this install commes after a complete disaster and everything was lost on a regular azuracat docker)
i keep this (closed) issue in my todo and gives you a feedback asap.
thx a lot for your work !
a bit busy here, and not enough time for everything i would...
I know what you mean :(
I also changed the way in which the installer is working to prevent the error you initially had.