Comments (3)
The fixed nginx conf generated files should include the code in bold for listen statement
listen [::]:80 default_server;
and
listen [::]:443 default_server;
Im just confused how this fix should be used with ${DEDI_IP} var on centminmod script
from centminmod.
nginx template .txt files are currently NOT used as the nginx vhost templates are built into the routine itself. However, historically folks have reported issues with broken IPv6 or unstable IPv6 connectivity from some web hosts configurations which lead to issues only a web host can fix. So Centmin Mod hasn't really setup IPv6 nginx vhosts by default. Instead official Centmin Mod FAQ item 34 has outlined how to setup Nginx IPv6 vhost configs after they're created at https://centminmod.com/faq.html (FYI, I've updated the FAQ item 34 recently to address differences for Nginx <=1.3.4 vs >1.3.4 versions).
It's a tricky thing as everytime a web host's IPv6 network connectivity has issues for whatever reason, unsuspecting end users will think it's a Centmin Mod issue rather than their web hosts. Not all Centmin Mod users are on official community forums or would report the issue too, so they may just think Centmin Mod is buggy and move on to another stack. So I'd be fielding support for something I would have no control to fix. That's historically why Nginx configs are left to IPv4 only and point folks to IPv6 if they want to enable it - guess I could automate that part or put the listen [::]:80
or listen [::]:443
as a commented out option at least.
from centminmod.
Thank you for your reply, after doing some tests i found the following:
When you add a host through menu, the script creates a first dummy (/usr/local/nginx/conf/conf.d/domain.com.conf) config file where the options are listen 80 or listen 443 only instead of adding this too listen [::]:80 or listen [::]:443, then when acmetool asks for LetsEncrypt certificate the LetsEncrypt server does a verify by fetching a file like https://domain.com/.well-known/acme-challenge/PwhOeYje_H2Y5GzH06qRcwLHiJ0WTCctYkop8dJrEZ4 which contains a key previously asked by the script to the LE api to authenticate the process, but since LE uses the IPv6 for http then https, and the dummy template created for domain.com doesnt allow IPv6 on nginx, the process fails.
Perhaps if you just adds the listen [::]:80 or listen [::]:443 to the dummy templates used just for the verification it will work flawless, but im not sure if this could break something.
From what i've read on nginx documentation it's sufficient to specify ipv6only=off in any one of your listen directives once, this could be used on vhost.conf, then you can only enable the IPv6 support by uncomenting the line with the listen [::]:443 to keep it safe to all the users, but using it uncommented by the dummy conf file the LE process needs.
This example directives specify both IPv4 and IPv6 explicitly:
listen [::]:443 default_server;
listen 443 default_server;
from centminmod.
Related Issues (20)
- Be docker compatible with centos HOT 2
- Support Centos 8 ? HOT 3
- 405 error for /?wc-ajax=get_refreshed_fragments ajax callbacks with Cache enabler method HOT 10
- README licence badge reads 'AGPL' HOT 1
- Feedback and suggestions HOT 3
- Update well-acme of drop.conf HOT 10
- OPcache on shared hosting HOT 1
- From acme.sh v3.0.0, acme.sh is using Zerossl as default ca, instead of LetsEncrypt and this breaks the vhost add functionality with LetsEncrypt HOT 3
- Custom SSL SELFSIGNEDSSL_O (Organization (O)) and SELFSIGNEDSSL_OU (Organizational Unit (OU)) variables ignored when requesting ssl certificate
- -bash: grepย -rnw: command not found HOT 1
- Dual-core CPU cannot open php PGO extension HOT 2
- How to strip tracking parameters via nginx? HOT 1
- installer broken it doesn't install everything HOT 12
- CSS / readability issue on "Quick Curl Installer" HOT 2
- broken INDEX.HTML PLACE HOLDER page HOT 1
- Problem with WP-CLI after fresh installation HOT 5
- phpswoole option not bundling swoole PHP extension
- phpmyadmin install error (node, npm) HOT 4
- Forum registration API problem HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from centminmod.