Apache2 and Nginx not starting it boot about vesta HOT 25 CLOSED

That script will change just final IP address that nginx should bind.
You should not use it, since it probably need to bind NAT IP.

Anyway, I had that bug long long time ago, with official Vesta (and it was not Debian but CentOS).
What happened there is that system activate NAT IP after nginx start.
So, nginx can not bind NAT IP at that moment, since NAT IP is not initialized yet :)

What I did is first to create rc.local script (it does not exists by default since Debian9).

cat <<EOF >/etc/rc.local
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

exit 0
EOF
chmod +x /etc/rc.local
systemctl daemon-reload
systemctl start rc-local
systemctl status rc-local

Then, in /etc/rc.local, before exit 0, I put:

sleep 10
service nginx restart
service apache2 restart

and that solved startup issue :)

from vesta.

letsencrypt 429 error means you reached limit of max tries.
try again after a few hours.
https://community.letsencrypt.org/t/error-429-too-many-requests/98580/2

from vesta.

thanks i reinstalled it now that issue disappear for now , but during these recent multiple tests installations i noticed that letsencrypt return 400 code everytime , however from ssh through vesta cli i was able to generate certificates but from UI always return 400 code. i did HestiaCP installation which is fork of vesta and tested letsencrypt on it , there certificates were generated , so possibly it have something to do with nat ip because on my dedicated ip vps i have not faced any lets encrypt issue.

cd /usr/local/vesta/bin
v-add-letsencrypt-domain admin mydomain.com

one another big issue which need attention is the phpmyadmin and webmail URL if changed from settings then it return 404 not found page.

from vesta.

admin interface actually run the same cli commands that you run manually...
you can check /usr/local/vesta/log/error.log to see it...
or maybe it uses additional parameters for NAT... please check error.log to see what is executed... i think there is no difference.

currently we don't have command for changing phpmyadmin url, i'm sorry.
i will make it in future releases.

from vesta.

ok i checked vesta error.log so it have generated error 15 from UI

v-add-letsencrypt-domain 'admin' 'test.mysite.com' 'test.mysite.com,www.test.mysite.com' 'no' [Error 15]

i search forum some users had same issue and they said manually via cli certificate generation work

https://forum.vestacp.com/viewtopic.php?t=18593&start=50

from vesta.

hm, it's weird that you have twice test.mysite.com

can you check what you have in Alias field for that domain?
screenshot is better idea, just cover your domain, leave visible www. alias and .com

from vesta.

i deleted and re added domain and try to generate certificate but same error

now i checked error log again

2020-06-10 18:32:33 v-add-letsencrypt-domain 'admin' 'mysite.com' 'www.mysite.com' 'no' [Error 15]

so the problem seems to be as when UI try to generate certificates from UI it can call CLI like that
v-add-letsencrypt-domain 'user' 'domain.com' 'www.domain.com'
so there is problem somewhere i try to test different format of it but looks am reach to limit now getting 429 code from cli

from vesta.

but now you don't have twice test.mysite.com like in first example.

first time when you tried, did you created domain as somethig.com or www.somethig.com ?

from vesta.

but now you don't have twice test.mysite.com like in first example.

first time when you tried, did you created domain as somethig.com or www.somethig.com ?

ya because earlier Aliases was like this

www.something.com       # default
something.com               # i had added

so i thought it maybe due to 2nd alias which i added so i deleted that web domain and re added so by default vesta use www.something.com alias

from vesta.

well, probably that caused a bug.
you should never type www. while creating domain in Vesta.
just add naked domain.com, without www.

in that case letsencrypt will be called properly from frontend:
v-add-letsencrypt-domain 'admin' 'mysite.com' 'www.mysite.com' 'no'

in such way i never experienced a bug.

from vesta.

well i have not used any www with domain entry when adding domain its just vesta by default add www. with alias when it fill the form auto

like this

from vesta.

www. in alias is just fine (it's auto-generated)

so, try to generate letsencrypt now...
just do it from another server because from current you reached maximum numbers of tries.
make sure both domain.com and www.domain.com is pointing to server ip.

from vesta.

i tried again but same 400 error code

2020-06-11 02:41:38 v-add-letsencrypt-domain 'admin' 'sub.domain.com' 'www.sub.domain.com' 'no' [Error 15]
this could be because i can visit my site without www but cant visit with www

so i did another try during adding domain i removed www from alias as vesta add www by default

after that i start getting Error: Let's Encrypt new auth status 429

2020-06-11 02:43:32 v-add-letsencrypt-domain  'admin' 'sub.domain.com' 'sub.domain.com' 'no' [Error 15]
2020-06-11 02:45:02 v-add-letsencrypt-domain  'admin' 'sub.domain.com' 'sub.domain.com' 'yes' 'yes' [Error 15]

from vesta.

First, there is no need to repeat the same host.
So, instead of:
v-add-letsencrypt-domain 'admin' 'sub.domain.com' 'sub.domain.com' 'no'
you should call:
v-add-letsencrypt-domain 'admin' 'sub.domain.com' '' 'no'
also, make sure Alias field is empty, since you can't access www.sub.domain.com

Second, LetsEncrypt is failing because you don't have A record for www.
That's a root of your problem.

So, either create A record for www.sub.domain.com or just remove www alias.
If you decide to remove www. alias, in command line you can do:
v-add-letsencrypt-domain 'admin' 'sub.domain.com' '' 'no'

Third, you probably hit max count of LetsEncrypt tries.

from vesta.

well i have A record for sub domain is its auto generated by vesta but not sure why cant access with www.

anyway i deleted and added domain again by leaving alias section blank as you suggested , it returned 429 error

2020-06-11 04:20:04 v-add-letsencrypt-domain 'admin' 'sub.domain.com' '' 'no' [Error 15]

from vesta.

ever after 10 hours am still getting 429 not sure after how much time they allow domain again for retry .

from vesta.

make sure
/usr/local/vesta/data/queue/letsencrypt.pipe
is empty

from vesta.

ya i checked it was not empty , i made it empty and then retry and got same 429 error :(

from vesta.

sorry, can't help you about it :(

from vesta.

no do not say like that , you helped a lot :) am thankful to you .

from vesta.

if it's cloud, make snapshot and bring it on new IP.

It's easy to replace IP on whole system:

OLDIPV4=''
NEWIPV4=''

grep -rl "$OLDIPV4" /etc | xargs sed -i "s#$OLDIPV4#$NEWIPV4#g"
find /home/*/conf/ -type f -exec sed -i "s#$OLDIPV4#$NEWIPV4#g" {} \;
mv /usr/local/vesta/data/ips/$OLDIPV4 /usr/local/vesta/data/ips/$NEWIPV4
mv /etc/apache2/conf.d/$OLDIPV4.conf /etc/apache2/conf.d/$NEWIPV4.conf
mv /etc/nginx/conf.d/$OLDIPV4.conf /etc/nginx/conf.d/$NEWIPV4.conf
grep -rl "$OLDIPV4" /usr/local/vesta/data | xargs sed -i "s#$OLDIPV4#$NEWIPV4#g"

service bind9 restart
service apache2 restart
service nginx restart
service vesta restart

from vesta.

from vesta.

NAT IP will stay unchanged, just replace public IP.

from vesta.

from vesta.

thanks finally problem solved :)

from vesta.