Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Lost API endpoint in nginx after a while #1277

Closed
thelittlefireman opened this issue Jun 14, 2024 · 4 comments
Closed

[BUG] Lost API endpoint in nginx after a while #1277

thelittlefireman opened this issue Jun 14, 2024 · 4 comments
Labels
bug Something isn't working

Comments

@thelittlefireman
Copy link
Contributor

What happened?

Afters some times i lost the api endpoint in nginx. Everything is working but the api endpoint is missing.

i check by netstat and the port related to the api is not listed.

i'v notice some lua errors but i don't know if there are related.

2024/06/13 13:39:44 [error] 1558#1558: *2183462 failed to run set_by_lua*: /usr/share/bunkerweb/deps/lib/lua/resty/lock.lua:154: API disabled in the context of set_by_lua*
stack traceback:
	[C]: in function 'sleep'
	/usr/share/bunkerweb/deps/lib/lua/resty/lock.lua:154: in function 'lock'
	/usr/share/bunkerweb/deps/lib/lua/resty/mlcache.lua:730: in function 'get'
	/usr/share/bunkerweb/lua/bunkerweb/cachestore.lua:107: in function 'get'
	set_by_lua(default-server-http/whitelist.conf:3):62: in main chunk, client: X.X.X.X, server: _, request: "GET / HTTP/1.1", host: "X.X.X.X"

How to reproduce?

Juste run the containers and after a while bw-schduler can't reach the api endpoint and api port is not listen anymore by nginx

Configuration file(s) (yaml or .env)

`
  bw-scheduler:
    image: bunkerity/bunkerweb-scheduler:1.5.7
    container_name: bw-scheduler
    depends_on:
      - bw-docker-proxy
      - bw-db
      - bw-syslog-ng
    logging:
      driver: syslog
      options:
        syslog-address: "udp://localhost:514"
    volumes:
      - ./nginx/config:/data
    environment:
      - DOCKER_HOST=tcp://bw-docker-proxy:2375
      - LOG_LEVEL=notice
      - DATABASE_URI=mysql+pymysql://bunkerweb:XXXXX@bw-db:3306/db
    networks:
      - bw-universe
      - bw-docker
# Fix nginx running in host network
    extra_hosts:
      - "nginx:192.168.1.150"

  bw-db:
    image: mysql:latest
    container_name: bw-db
    user: "1024:101"
    environment:
      - MYSQL_ROOT_PASSWORD=XXXXXXXXXX
      - MYSQL_DATABASE=db
      - MYSQL_USER=bunkerweb
      - MYSQL_PASSWORD=XXXXXXXX
    command: --mysql-native-password=ON
    expose:
      - 3306
    volumes:
      - "./nginx/db:/var/lib/mysql"
    networks:
      - bw-universe

  nginx:
    image: bunkerity/bunkerweb:1.5.7
    container_name: nginx
    restart: always
    network_mode: "host"
    labels:
      - "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
    volumes:
      # Set timezone
      - "/etc/TZ:/etc/timezone:ro"
      - "/etc/localtime:/etc/localtime:ro"
    # dropping all capabilities
    cap_drop:
      - ALL
    security_opt:
      - no-new-privileges
    depends_on:
      - authelia
      - bw-scheduler
      - bw-docker-proxy
      - bw-db
      - bw-syslog-ng
    logging:
      driver: syslog
      options:
        syslog-address: "udp://localhost:514"
    environment:
      - EXTERNAL_PLUGIN_URLS=https://github.com/bunkerity/bunkerweb-plugins/archive/refs/tags/v1.5.zip
      - DATABASE_URI=mysql+pymysql://bunkerweb:XXXXXXX@bw-db:3306/db
      - MULTISITE=yes
      - LOG_LEVEL=notice
      - API_WHITELIST_IP=127.0.0.0/8 172.16.3.0/24 172.16.4.0/24
      - API_HTTP_PORT=5100
      - API_SERVER_NAME=nginx
      # Usefull for testing avoir letsencrypt blocked due to limits
      - USE_LETS_ENCRYPT_STAGING=no
      - AUTO_LETS_ENCRYPT=yes
      - EMAIL_LETS_ENCRYPT=admin@XXXXX
      - SERVER_NAME=XXXX
      - SERVE_FILES=no
      - REDIRECT_HTTP_TO_HTTPS=yes
      - DISABLE_DEFAULT_SERVER=yes
      - DNS_RESOLVERS=1.1.1.1 1.0.0.1
      - HTTP_PORT=10080
      - HTTPS_PORT=10443
      - HTTP2=yes
      - SSL_PROTOCOLS=TLSv1.2 TLSv1.3
      - USE_GZIP=yes
      - GZIP_COMP_LEVEL=5
      - GZIP_MIN_LENGTH=500
      - USE_BROTLI=yes
      - BROTLI_COMP_LEVEL=5
      - BROTLI_MIN_LENGTH=500

      - STRICT_TRANSPORT_SECURITY=max-age=31536000; includeSubDomains; preload

      # FIXME Too many FP
      - USE_BAD_BEHAVIOR=no
      - BAD_BEHAVIOR_STATUS_CODES=400 401 403 405 444 429


      - USE_DNSBL=yes

      # FIXME Tor exits nodes blocked by default !
      - USE_BLACKLIST=yes

      - USE_WHITELIST=yes
      - WHITELIST_IP=XXXX
      - GREYLIST_USER_AGENT=okhttp* WebDAV DAVx5* axios* sindresorhus* *ggpht.com GoogleImageProxy Python* aiohttp* Bitwarden_Mobile*

      - USE_REVERSE_PROXY=yes
      - USE_MODSECURITY=yes
      - USE_MODSECURITY_CRS=yes

      - USE_BUNKERNET=no
      - USE_API=no
      
      - USE_LIMIT_REQ=yes
      - LIMIT_REQ_RATE=200r/s

      - USE_LIMIT_CONN=yes
      - LIMIT_CONN_MAX_HTTP1=20
      - LIMIT_CONN_MAX_HTTP2=200
      
      - BLACKLIST_COUNTRY=CN RU
      
      - USE_OPEN_FILE_CACHE=yes
      - OPEN_FILE_CACHE=max=1000 inactive=60s
      - OPEN_FILE_CACHE_ERRORS=yes
      - OPEN_FILE_CACHE_MIN_USES=2
      - OPEN_FILE_CACHE_VALID=30s
      
        ### PLUGINS ###
        # FIXME TMP DISABLE
      - USE_CROWDSEC=no
      - CROWDSEC_API=http://127.0.0.1:48080
        # you need to generate it (see bouncer_key.sh)
      - CROWDSEC_API_KEY=XXXXXXXX
      - USE_VIRUSTOTAL=no
      - USE_DISCORD=no
      - USE_SLACK=no
      - USE_CLAMAV=no
      - USE_CORAZA=no


### Relevant log output

```shell
2024/06/13 13:39:44 [error] 1558#1558: *2183462 failed to run set_by_lua*: /usr/share/bunkerweb/deps/lib/lua/resty/lock.lua:154: API disabled in the context of set_by_lua*
stack traceback:
	[C]: in function 'sleep'
	/usr/share/bunkerweb/deps/lib/lua/resty/lock.lua:154: in function 'lock'
	/usr/share/bunkerweb/deps/lib/lua/resty/mlcache.lua:730: in function 'get'
	/usr/share/bunkerweb/lua/bunkerweb/cachestore.lua:107: in function 'get'
	set_by_lua(default-server-http/whitelist.conf:3):62: in main chunk, client: X.X.X.X, server: _, request: "GET / HTTP/1.1", host: "X.X.X.X"

[2024-06-14 20:34:21] - API - ❌ - Can't send API request to http://nginx:5100/cache : Request failed: HTTPConnectionPool(host='nginx', port=5100): Max retries exceeded with url: /cache (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7ff5a4132210>: Failed to establish a new connection: [Errno 111] Connection refused'))
[2024-06-14 20:34:21] - SCHEDULER - ❌ - Error while sending /var/cache/bunkerweb folder
[2024-06-14 20:34:21] - SCHEDULER - ℹ️  - Reloading nginx ...
[2024-06-14 20:34:21] - API - ❌ - Can't send API request to http://nginx:5100/reload : Request failed: HTTPConnectionPool(host='nginx', port=5100): Max retries exceeded with url: /reload (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7ff5a4133980>: Failed to establish a new connection: [Errno 111] Connection refused'))
[2024-06-14 20:34:21] - SCHEDULER - ❌ - Error while reloading nginx




### BunkerWeb version

1.5.7

### What integration are you using?

Docker

### Linux distribution (if applicable)

_No response_

### Removed private data

- [X] I have removed all private data from the configuration file and the logs

### Code of Conduct

- [X] I agree to follow this project's Code of Conduct
@thelittlefireman thelittlefireman added the bug Something isn't working label Jun 14, 2024
@thelittlefireman
Copy link
Contributor Author

On v1.5.9, port 5100 disappear after an nginx reload and setup of bunkerweb-ui

[2024-07-31 21:47:51 +0000] [SCHEDULER] [21] [ℹ️ ] - Plugins config changed, generating ...
[2024-07-31 21:48:40 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job backup-data from plugin backup ...
[2024-07-31 21:48:40 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job blacklist-download from plugin blacklist ...
[2024-07-31 21:48:40 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job bunkernet-register from plugin bunkernet ...
[2024-07-31 21:48:40 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job custom-cert from plugin customcert ...
[2024-07-31 21:48:40 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job greylist-download from plugin greylist ...
[2024-07-31 21:48:40 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job mmdb-country from plugin jobs ...
[2024-07-31 21:48:40 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job certbot-new from plugin letsencrypt ...
[2024-07-31 21:48:40 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job default-server-cert from plugin misc ...
[2024-07-31 21:48:41 +0000] [BUNKERNET] [528] [ℹ️ ] - BunkerNet is not activated, skipping registration...
[2024-07-31 21:48:41 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job bunkernet-data from plugin bunkernet ...
[2024-07-31 21:48:41 +0000] [GREYLIST] [541] [ℹ️ ] - Greylist is not activated, skipping downloads...
[2024-07-31 21:48:41 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job coreruleset-nightly from plugin modsecurity ...
[2024-07-31 21:48:41 +0000] [SCHEDULER] [21] [ℹ️ ] - Successfully updated database for the job bunkernet-register from plugin bunkernet
[2024-07-31 21:48:42 +0000] [SCHEDULER] [21] [ℹ️ ] - Successfully updated database for the job greylist-download from plugin greylist
[2024-07-31 21:48:42 +0000] [MODSECURITY.CORERULESET-NIGHTLY] [577] [ℹ️ ] - Core Rule Set (CRS) nightly is not being used, skipping download...
[2024-07-31 21:48:42 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job download-pro-plugins from plugin pro ...
[2024-07-31 21:48:43 +0000] [BUNKERNET] [575] [ℹ️ ] - BunkerNet is not activated, skipping download...
[2024-07-31 21:48:43 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job realip-download from plugin realip ...
[2024-07-31 21:48:43 +0000] [SCHEDULER] [21] [ℹ️ ] - Successfully updated database for the job coreruleset-nightly from plugin modsecurity
[2024-07-31 21:48:43 +0000] [SCHEDULER] [21] [ℹ️ ] - Successfully updated database for the job bunkernet-data from plugin bunkernet
[2024-07-31 21:48:43 +0000] [REALIP] [581] [ℹ️ ] - RealIP is not activated, skipping download...
[2024-07-31 21:48:43 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job self-signed from plugin selfsigned ...
[2024-07-31 21:48:44 +0000] [SCHEDULER] [21] [ℹ️ ] - Successfully updated database for the job realip-download from plugin realip
[2024-07-31 21:49:01 +0000] [CUSTOM-CERT] [533] [ℹ️ ] - ✅ Database connection established
[2024-07-31 21:49:01 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job whitelist-download from plugin whitelist ...
[2024-07-31 21:49:02 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - ✅ Database connection established
[2024-07-31 21:49:02 +0000] [SCHEDULER] [21] [ℹ️ ] - Successfully updated database for the job custom-cert from plugin customcert
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) auth.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) bazarr.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) bitwarden.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) bookstack.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) dashboard.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) gitea.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) gitlab.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) home.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) jackett.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) jellyfin.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) kopia.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) ltf.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) mail.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) matrix.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) nextcloud.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) onlyoffice.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) phpmyadmin.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) plex.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) portainer.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) prowlarr.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) radarr.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) rdtclient.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) readarr.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) sonarr.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Certificates already exists for domain(s) syno.XXXXX.XX
[2024-07-31 21:49:05 +0000] [LETS-ENCRYPT.NEW] [546] [ℹ️ ] - Asking certificates for domain(s) : www.XXXXX.XX (email = admin@XXXXX.XX) to Let's Encrypt ...
[2024-07-31 21:49:05 +0000] [DEFAULT-SERVER-CERT] [550] [ℹ️ ] - ✅ Database connection established
[2024-07-31 21:49:05 +0000] [DEFAULT-SERVER-CERT] [550] [ℹ️ ] - Skipping generation of self-signed certificate for default server (already present)
[2024-07-31 21:49:06 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job anonymous-report from plugin misc ...
[2024-07-31 21:49:06 +0000] [BLACKLIST] [526] [ℹ️ ] - ✅ Database connection established
[2024-07-31 21:49:06 +0000] [SCHEDULER] [21] [ℹ️ ] - Successfully updated database for the job default-server-cert from plugin misc
[2024-07-31 21:49:06 +0000] [BLACKLIST] [526] [ℹ️ ] - Blacklist for IP is not cached, processing downloads..
[2024-07-31 21:49:06 +0000] [BLACKLIST] [526] [ℹ️ ] - Blacklist for USER_AGENT is not cached, processing downloads..
[2024-07-31 21:49:06 +0000] [BLACKLIST] [526] [ℹ️ ] - Downloading blacklist data from https://www.dan.me.uk/torlist/?exit ...
[2024-07-31 21:49:06 +0000] [BLACKLIST] [526] [ℹ️ ] - Downloaded 1921 bad IP
[2024-07-31 21:49:06 +0000] [BLACKLIST] [526] [ℹ️ ] - New file IP.list is different than cache file, reload is needed
[2024-07-31 21:49:06 +0000] [BACKUP] [524] [ℹ️ ] - ✅ Database connection established
[2024-07-31 21:49:07 +0000] [LETS-ENCRYPT.NEW.CERTBOT] [546] [ℹ️ ] - Saving debug log to /var/log/bunkerweb/letsencrypt.log
[2024-07-31 21:49:07 +0000] [BACKUP] [524] [ℹ️ ] - Creating a backup for the MariaDB/MySQL database ...
[2024-07-31 21:49:07 +0000] [BLACKLIST] [526] [ℹ️ ] - Downloading blacklist data from https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/_generator_lists/bad-user-agents.list ...
[2024-07-31 21:49:07 +0000] [BLACKLIST] [526] [ℹ️ ] - Downloaded 665 bad USER_AGENT
[2024-07-31 21:49:07 +0000] [BLACKLIST] [526] [ℹ️ ] - New file USER_AGENT.list is identical to cache file, reload is not needed
[2024-07-31 21:49:07 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job crowdsec-conf from plugin crowdsec ...
[2024-07-31 21:49:07 +0000] [JOBS.MMDB-COUNTRY] [548] [ℹ️ ] - ✅ Database connection established
Requesting a certificate for www.XXXXX.XX
[2024-07-31 21:49:07 +0000] [SCHEDULER] [21] [ℹ️ ] - Successfully updated database for the job blacklist-download from plugin blacklist
[2024-07-31 21:49:07 +0000] [CROWDSEC] [603] [ℹ️ ] - CrowdSec is not activated, skipping job...
[2024-07-31 21:49:07 +0000] [JOBS.MMDB-COUNTRY] [548] [ℹ️ ] - country.mmdb is already the latest version and is cached, skipping...
[2024-07-31 21:49:07 +0000] [SCHEDULER] [21] [ℹ️ ] - Successfully updated database for the job crowdsec-conf from plugin crowdsec
[2024-07-31 21:49:08 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job mmdb-asn from plugin jobs ...
[2024-07-31 21:49:08 +0000] [SELF-SIGNED] [588] [ℹ️ ] - ✅ Database connection established
[2024-07-31 21:49:08 +0000] [BACKUP] [524] [ℹ️ ] - Creating a backup for the MariaDB/MySQL database ...
[2024-07-31 21:49:08 +0000] [SCHEDULER] [21] [ℹ️ ] - Successfully updated database for the job mmdb-country from plugin jobs
[2024-07-31 21:49:08 +0000] [SELF-SIGNED] [588] [ℹ️ ] - Service www.XXXXX.XX is using self-signed SSL certificates, checking ...
[2024-07-31 21:49:08 +0000] [SELF-SIGNED] [588] [ℹ️ ] - Generating self-signed certificate for www.XXXXX.XX
[2024-07-31 21:49:08 +0000] [JOBS.DOWNLOAD-PRO-PLUGINS] [579] [ℹ️ ] - ✅ Database connection established
[2024-07-31 21:49:08 +0000] [JOBS.DOWNLOAD-PRO-PLUGINS] [579] [ℹ️ ] - Checking BunkerWeb Pro status...
[2024-07-31 21:49:08 +0000] [JOBS.DOWNLOAD-PRO-PLUGINS] [579] [ℹ️ ] - Skipping the check for BunkerWeb Pro license (already checked today)
[2024-07-31 21:49:08 +0000] [SELF-SIGNED] [588] [ℹ️ ] - Successfully generated self-signed certificate for www.XXXXX.XX
[2024-07-31 21:49:08 +0000] [WHITELIST] [596] [ℹ️ ] - ✅ Database connection established
[2024-07-31 21:49:08 +0000] [BACKUP] [524] [ℹ️ ] - Creating a backup for the MariaDB/MySQL database ...
[2024-07-31 21:49:08 +0000] [SCHEDULER] [21] [ℹ️ ] - Successfully updated database for the job download-pro-plugins from plugin pro
[2024-07-31 21:49:08 +0000] [WHITELIST] [596] [ℹ️ ] - No whitelist URL is configured, nothing to do...
[2024-07-31 21:49:09 +0000] [SCHEDULER] [21] [ℹ️ ] - Successfully updated database for the job self-signed from plugin selfsigned
[2024-07-31 21:49:09 +0000] [SCHEDULER] [21] [ℹ️ ] - Successfully updated database for the job whitelist-download from plugin whitelist
[2024-07-31 21:49:09 +0000] [ANONYMOUS-REPORT] [600] [ℹ️ ] - ✅ Database connection established
[2024-07-31 21:49:09 +0000] [BACKUP] [524] [ℹ️ ] - Creating a backup for the MariaDB/MySQL database ...
[2024-07-31 21:49:09 +0000] [ANONYMOUS-REPORT] [600] [ℹ️ ] - Skipping the sending of anonymous report (already sent today)
[2024-07-31 21:49:09 +0000] [SCHEDULER] [21] [ℹ️ ] - Executing job download-plugins from plugin misc ...
[2024-07-31 21:49:12 +0000] [LETS-ENCRYPT.NEW.CERTBOT] [546] [ℹ️ ] - Hook '--manual-auth-hook' for www.XXXXX.XX reported error code 1
[2024-07-31 21:49:12 +0000] [LETS-ENCRYPT.NEW.CERTBOT] [546] [ℹ️ ] - Hook '--manual-auth-hook' for www.XXXXX.XX ran with error output:
[2024-07-31 21:49:12 +0000] [LETS-ENCRYPT.NEW.CERTBOT] [546] [ℹ️ ] - [2024-07-31 21:49:09 +0000] [LETS-ENCRYPT.AUTH] [607] [ℹ️ ] - Detected Docker integration
[2024-07-31 21:49:12 +0000] [LETS-ENCRYPT.NEW.CERTBOT] [546] [ℹ️ ] - [2024-07-31 21:49:12 +0000] [LETS-ENCRYPT.AUTH] [607] [ℹ️ ] - ✅ Database connection established
[2024-07-31 21:49:12 +0000] [LETS-ENCRYPT.NEW.CERTBOT] [546] [ℹ️ ] - [2024-07-31 21:49:12 +0000] [LETS-ENCRYPT.AUTH] [607] [ℹ️ ] - Sending challenge to 1 instances
[2024-07-31 21:49:12 +0000] [LETS-ENCRYPT.NEW.CERTBOT] [546] [ℹ️ ] - [2024-07-31 21:49:12 +0000] [LETS-ENCRYPT.AUTH] [607] [❌] - Can't send API request to http://nginx:5100//lets-encrypt/challenge : Request failed: HTTPConnectionPool(host='nginx', port=5100): Max retries exceeded with url: /lets-encrypt/challenge (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f72677e6180>: Failed to establish a new connection: [Errno 111] Connection refused'))

@thelittlefireman
Copy link
Contributor Author

quick temporary workaround 'docker stop nginx bw-scheduler' 'docker start nginx bw-scheduler'

@thelittlefireman
Copy link
Contributor Author

If I monitor watch -n 1 netstat -lt | grep 443 I confirm that just after an [2024-07-31 22:02:03 +0000] [API] [22] [ℹ️ ] - Successfully sent API request to http://nginx:5100/reload the port 5100 disappear. I think something break the api port after sending new configuration to nginx. Could it be possible to fix this please ?

@thelittlefireman
Copy link
Contributor Author

thelittlefireman commented Jul 31, 2024
edited

I found the issue, it's my mistake a miss-configuration

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@thelittlefireman