[Solver] Nginx not listing websites and Let's Encrypt not working

6 posts / 0 new
Last post
#1 Thu, 01/31/2019 - 15:41
NadimD
NadimD's picture

[Solver] Nginx not listing websites and Let's Encrypt not working

Greetings !

Distribution : Centos 7.5.1804

Virtualmin Version : 6.05

I have two servers, both with VirtualMin. The first server has some weird issues, it was the first time I discovered VirtualMin. The second one is fine.

My first server has issues like : - Nginx was installed in /opt/ , which makes the Nginx panel useless because it wont work even when settings are routed to /opt/nginx/

  • SSL won't work properly, so I had to install certbox myself

  • Issues with permissions

  • I had problems with PHP and had to reinstall PHP-FPM and make changes manually to make it all work

On my second server I can see nginx was properly installed in /etc/nginx, not /opt

I would like to correct these issues myself so I can enjoy having a panel.

Could you point me in the right directions ? Can I edit settings to make my installation great again ?

Thank you ! Best Regards,

Sat, 02/02/2019 - 19:15
NadimD
NadimD's picture

I did not find out why the config files where in /opt/, but I was able to make work the listed vhosts of the Nginx Module by simply setting up the Module Config at the top left of Webmin > Servers > Nginx WebServer page.

The setting that I forgot is "File or directory for new virtual hosts". I set it up as /opt/nginx/conf/vhost/* and no all works !

Next step is to repair the SSL dashboard, which doesn't work. I installed manually certbot in order to make certificate generation work.

Best Regards

Mon, 02/04/2019 - 04:25 (Reply to #2)
Jfro

HI: Why do a lot of you guys didn't read the docs before doing things also forumguidelines. ( posting versions and more...) ;) https://www.virtualmin.com/node/53663

Certbot is not used by the Virtualmin own LE script sofar i know.

Then for getting support for this certbot and related problems should be harder to get here. ( i think)

CERTBOT forum??

Tue, 02/05/2019 - 19:31
NadimD
NadimD's picture

Hello,

My apologies for the guidelines.

This is in no way about LE itself, I just said that I installed it manually because the script doesn't work. In fact, it is related to the way VirtualMin works.

I found why the script was stopping :

  • I added domains to the nginx configuration without creating a virtual server
  • Some of these domains are not on a public port, like mail.mydomain.com
  • The script will try to create /.well-known-acme-challenge/ in the root directory
  • Let's Encrypt will try to access the public address to look for the temporary /.well-known/acme-challenge/ entry created
  • Let's Encrypt will not find it
  • For Laravel and other frameworks having a /public/ folder, you will have to specify that the webmin Virtual Server's root folder is /public_html/public/ and not only in the Nginx configuration. The LE script will try to get the folders from the public_html folder related to the webmin Virtual Server and not the Nginx server's root. You can public_path_html of the webmin virtual server by following these steps : https://www.virtualmin.com/comment/765941#comment-765941

This can also happen if you have an access control on the domain or an HTTP(s) rule.

Best Regards

Thu, 02/07/2019 - 06:08
Jfro

Hihi Guidelines the part about versions and wich OS? ;)

With the mail. and some others subs and LE there are a lot of problems and also some solved in this forum here don't know if your case could be... some have to change with a list alias.. Nginx dont' know sorry

If subscription then open a support sticket.?

Fri, 02/08/2019 - 17:51
NadimD
NadimD's picture

Yes I updated my original post. :)

I don't need assistance anymore as I found the issues in my answer. I have to say that using VirtualMin is seriously awesome, even though I know how to do it manually, but the scripts provided with VM are not always working.

So if someone ever has problems with Let's Encrypt and VirtualMin/WebMin, remember one thing : - Your website has to be publicly accessible, even for a few minutes, so that the SSL can be generated - Make sure your VirtualMin Domain has the right public_html_path, even if you set the right root path in the nginx conf, it will not be enough for the LE script. - Make sure your Nginx conf is calling the ssl.combined certificate if you're having multiple domains and the conf was already generated :

ssl_certificate /home/your_website/ssl.combined;
ssl_certificate_key /home/your_website/ssl.key;

Also, for a perfect grade SSL, add the following configurations to your NGINX conf :

server_tokens off;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_timeout 5m;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";

Best Regards

Topic locked