Open adambowles opened 1 year ago
Fixed by adding Nginx access through firewall via sudo ufw allow 'Nginx HTTP'
, while we're here might as well add sudo ufw allow 'Nginx HTTPS'
I'm having the same issue:
2023-07-22 08:13:37,860:DEBUG:certbot._internal.main:certbot version: 1.21.0
2023-07-22 08:13:37,860:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2023-07-22 08:13:37,860:DEBUG:certbot._internal.main:Arguments: ['--nginx', '--agree-tos', '--cert-name', 'my.domain', '-d', 'my.domain', '-m', 'my@email.address']
2023-07-22 08:13:37,862:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2023-07-22 08:13:37,871:DEBUG:certbot._internal.log:Root logging level set at 30
2023-07-22 08:13:37,872:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx
2023-07-22 08:13:37,908:ERROR:certbot.util:Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
2023-07-22 08:13:37,908:DEBUG:certbot._internal.plugins.disco:Misconfigured PluginEntryPoint#nginx: Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 976, in config_test
util.run_script([self.conf('ctl'), "-c", self.nginx_conf, "-t"])
File "/usr/lib/python3/dist-packages/certbot/util.py", line 116, in run_script
raise errors.SubprocessError(msg)
certbot.errors.SubprocessError: Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/disco.py", line 151, in prepare
self._initialized.prepare()
File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 191, in prepare
self.config_test()
File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 978, in config_test
raise errors.MisconfigurationError(str(err))
certbot.errors.MisconfigurationError: Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
2023-07-22 08:13:37,910:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: Installer, Authenticator, Plugin
Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator
Initialized: <certbot_nginx._internal.configurator.NginxConfigurator object at 0x7f0ca80d5d80>
Prep: Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
2023-07-22 08:13:37,911:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: Installer, Authenticator, Plugin
Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator
Initialized: <certbot_nginx._internal.configurator.NginxConfigurator object at 0x7f0ca80d5d80>
Prep: Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
2023-07-22 08:13:37,911:DEBUG:certbot._internal.plugins.selection:Selected authenticator None and installer None
2023-07-22 08:13:37,911:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 33, in <module>
sys.exit(load_entry_point('certbot==1.21.0', 'console_scripts', 'certbot')())
File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main
return internal_main.main(cli_args)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1574, in main
return config.func(config, plugins)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1414, in certonly
installer, auth = plug_sel.choose_configurator_plugins(config, plugins, "certonly")
File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/selection.py", line 228, in choose_configurator_plugins
diagnose_configurator_problem("authenticator", req_auth, plugins)
File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/selection.py", line 332, in diagnose_configurator_problem
raise errors.PluginSelectionError(msg)
certbot.errors.PluginSelectionError: The nginx plugin is not working; there may be problems with your existing configuration.
The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1\nnginx: configuration file /etc/nginx/nginx.conf test failed\n')
2023-07-22 08:13:37,913:ERROR:certbot._internal.log:The nginx plugin is not working; there may be problems with your existing configuration.
The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1\nnginx: configuration file /etc/nginx/nginx.conf test failed\n')
2023-07-22 08:14:08,715:DEBUG:certbot._internal.main:certbot version: 1.21.0
2023-07-22 08:14:08,715:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2023-07-22 08:14:08,715:DEBUG:certbot._internal.main:Arguments: ['--nginx', '--agree-tos', '--cert-name', 'my.domain', '-d', 'my.domain', '-m', 'my@email.address']
2023-07-22 08:14:08,717:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2023-07-22 08:14:08,726:DEBUG:certbot._internal.log:Root logging level set at 30
2023-07-22 08:14:08,728:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx
2023-07-22 08:14:08,740:ERROR:certbot.util:Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
2023-07-22 08:14:08,740:DEBUG:certbot._internal.plugins.disco:Misconfigured PluginEntryPoint#nginx: Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 976, in config_test
util.run_script([self.conf('ctl'), "-c", self.nginx_conf, "-t"])
File "/usr/lib/python3/dist-packages/certbot/util.py", line 116, in run_script
raise errors.SubprocessError(msg)
certbot.errors.SubprocessError: Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/disco.py", line 151, in prepare
self._initialized.prepare()
File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 191, in prepare
self.config_test()
File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 978, in config_test
raise errors.MisconfigurationError(str(err))
certbot.errors.MisconfigurationError: Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
2023-07-22 08:14:08,741:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: Installer, Authenticator, Plugin
Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator
Initialized: <certbot_nginx._internal.configurator.NginxConfigurator object at 0x7f6be6ca5d80>
Prep: Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
2023-07-22 08:14:08,742:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: Installer, Authenticator, Plugin
Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator
Initialized: <certbot_nginx._internal.configurator.NginxConfigurator object at 0x7f6be6ca5d80>
Prep: Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
2023-07-22 08:14:08,742:DEBUG:certbot._internal.plugins.selection:Selected authenticator None and installer None
2023-07-22 08:14:08,742:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 33, in <module>
sys.exit(load_entry_point('certbot==1.21.0', 'console_scripts', 'certbot')())
File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main
return internal_main.main(cli_args)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1574, in main
return config.func(config, plugins)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1414, in certonly
installer, auth = plug_sel.choose_configurator_plugins(config, plugins, "certonly")
File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/selection.py", line 228, in choose_configurator_plugins
diagnose_configurator_problem("authenticator", req_auth, plugins)
File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/selection.py", line 332, in diagnose_configurator_problem
raise errors.PluginSelectionError(msg)
certbot.errors.PluginSelectionError: The nginx plugin is not working; there may be problems with your existing configuration.
The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1\nnginx: configuration file /etc/nginx/nginx.conf test failed\n')
2023-07-22 08:14:08,743:ERROR:certbot._internal.log:The nginx plugin is not working; there may be problems with your existing configuration.
The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1\nnginx: configuration file /etc/nginx/nginx.conf test failed\n')
2023-07-22 08:20:10,687:DEBUG:certbot._internal.main:certbot version: 1.21.0
2023-07-22 08:20:10,687:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2023-07-22 08:20:10,687:DEBUG:certbot._internal.main:Arguments: ['--nginx', '--agree-tos', '--cert-name', 'my.domain', '-d', 'my.domain', '-m', 'my@email.address']
2023-07-22 08:20:10,689:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2023-07-22 08:20:10,697:DEBUG:certbot._internal.log:Root logging level set at 30
2023-07-22 08:20:10,698:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx
2023-07-22 08:20:10,709:ERROR:certbot.util:Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
2023-07-22 08:20:10,709:DEBUG:certbot._internal.plugins.disco:Misconfigured PluginEntryPoint#nginx: Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 976, in config_test
util.run_script([self.conf('ctl'), "-c", self.nginx_conf, "-t"])
File "/usr/lib/python3/dist-packages/certbot/util.py", line 116, in run_script
raise errors.SubprocessError(msg)
certbot.errors.SubprocessError: Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/disco.py", line 151, in prepare
self._initialized.prepare()
File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 191, in prepare
self.config_test()
File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 978, in config_test
raise errors.MisconfigurationError(str(err))
certbot.errors.MisconfigurationError: Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
2023-07-22 08:20:10,710:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: Installer, Authenticator, Plugin
Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator
Initialized: <certbot_nginx._internal.configurator.NginxConfigurator object at 0x7f7754801d20>
Prep: Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
2023-07-22 08:20:10,710:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: Installer, Authenticator, Plugin
Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator
Initialized: <certbot_nginx._internal.configurator.NginxConfigurator object at 0x7f7754801d20>
Prep: Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
2023-07-22 08:20:10,710:DEBUG:certbot._internal.plugins.selection:Selected authenticator None and installer None
2023-07-22 08:20:10,710:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 33, in <module>
sys.exit(load_entry_point('certbot==1.21.0', 'console_scripts', 'certbot')())
File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main
return internal_main.main(cli_args)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1574, in main
return config.func(config, plugins)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1414, in certonly
installer, auth = plug_sel.choose_configurator_plugins(config, plugins, "certonly")
File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/selection.py", line 228, in choose_configurator_plugins
diagnose_configurator_problem("authenticator", req_auth, plugins)
File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/selection.py", line 332, in diagnose_configurator_problem
raise errors.PluginSelectionError(msg)
certbot.errors.PluginSelectionError: The nginx plugin is not working; there may be problems with your existing configuration.
The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1\nnginx: configuration file /etc/nginx/nginx.conf test failed\n')
2023-07-22 08:20:10,711:ERROR:certbot._internal.log:The nginx plugin is not working; there may be problems with your existing configuration.
The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] directive "limit_req_zone" is not terminated by ";" in /etc/nginx/conf.d/default.conf:1\nnginx: configuration file /etc/nginx/nginx.conf test failed\n')
Hi @adambowles
The guided installation still fails on this same issue which seems to be marked complete without any pull request or commit linked to this. Your suggestion did help, though! It indeed was about the port(s) being closed.
If some changes were made to handle the firewall port opening thing automagically, then apparently they aren't present on the version in question (git checkout $(git describe --tags)
).
Should the README have a notion of punching that ufw allow rule, or should the command just be included in the install automation? I can make a PR or something.
@MURTOMAASORTAJA I opted to punch a hole in firewalld
for the AlmaLinux/RHEL playbook if I detected it running: https://github.com/LemmyNet/lemmy-ansible/blob/main/lemmy-almalinux.yml#L118-L130. We should probably do the same for the Ubuntu/Debian playbook to keep it consistent--unless we see a problem with assuming that those ports should be opened (I can't think of any in the context of the people who would be running the playbooks to get a Lemmy instance going).
Would you like to make a PR with these changes using ufw
?
Let's Encrypt fails during an install on a clean Ubuntu 22.04 Vultr VPS
/var/log/letsencrypt/letsencrypt.log: