Synology docker 3.3.10-0053 nginx crashes with https due to nginx version

[scotto1973]

Nginx version is pre 1.95 and thus doesn't support http2, yet the /etc/nginx/sites-enabled/redmine config file in specifies http2 for the 443 port.

As a result if you enable ssl nginx won't start.

In my case I've hacked up a pre-install.sh to work around the problem and I know this version is ancient, but in if any further releases are done off this tree be nice to get next time.

[jcormier]

I'm not convinced the http2 option and the version is the source of your problems. I've been using the https option of years and its been working. Note this article from Nginx indicates the http2 option was supported as early as 1.13.9. https://www.nginx.com/blog/nginx-1-13-9-http2-server-push/

Current nginx version in the v4.1.0 docker:

root@d30627e8bad6:/home/redmine/redmine# ng
ngettext  nginx     
root@d30627e8bad6:/home/redmine/redmine# nginx -h
nginx version: nginx/1.16.1

Taking the example docker compose yml and enabling https starts fine but we don't actually switch to https mode since no ssl keys/certs are found.

redmine_1     | Installing configuration templates...
redmine_1     | SSL keys and certificates were not found.
postgresql_1  | Setting resolv.conf ACLs...
redmine_1     | Assuming that the container is running behind a HTTPS enabled load balancer.
redmine_1     | Configuring redmine...

I created some temp certs and followed this https://github.com/sameersbn/docker-redmine#installation-of-the-ssl-certificates. And this time it used the redmine-ssl config and start up successfully.

redmine_1     | Configuring nginx...
redmine_1     | Configuring nginx::redmine...
redmine_1     | Configuring nginx::redmine::ssl...
redmine_1     | Configuring nginx::redmine::hsts...
redmine_1     | Installing plugins...
...
redmine_1     | 2020-02-17 21:10:47,870 INFO spawned: 'unicorn' with pid 249
redmine_1     | 2020-02-17 21:10:47,871 INFO spawned: 'cron' with pid 250
redmine_1     | 2020-02-17 21:10:47,872 INFO spawned: 'nginx' with pid 251
redmine_1     | 2020-02-17 21:10:49,141 INFO success: unicorn entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
redmine_1     | 2020-02-17 21:10:49,141 INFO success: cron entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
redmine_1     | 2020-02-17 21:10:49,141 INFO success: nginx entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)

[jcormier]

As a result if you enable ssl nginx won't start.

Can you reproduce your error using the example docker compose files and post the steps you needed to get it to fail?

[scotto1973]

I don't doubt all is working in the 4.1.x branch.

As I said I'm using the synology redmine docker which is 3.3.10 - very old I'm sure.

Upon starting up nginx reports in /var/log/nginx/error.log:

2020/02/18 04:14:53 [emerg] 5859#0: invalid parameter "http2" in /etc/nginx/sites-enabled/redmine:21

Pulling the version of Nginx from the command line:

root@synology_redmine:/home/redmine/redmine#
root@synology_redmine:/home/redmine/redmine# nginx -v
nginx version: nginx/1.4.6 (Ubuntu)

Correct me if I'm wrong but I think this is the reason I'm getting invalid parameter from nginx when http2 is in the redmine config file.

Changing

HTTPS host

server {
listen 0.0.0.0:443 ssl http2;
listen [::]:443 ssl http2 default_server;
server_tokens off;
root /home/redmine/redmine/public;

to

HTTPS host

server {
listen 0.0.0.0:443 ssl;
listen [::]:443 ssl default_server;
server_tokens off;
root /home/redmine/redmine/public;

and running

service nginx start

results in being able to login.

[jcormier]

Ahh okay sorry, I didn't check the title for important information, doh.

[jcormier]

I still use the 3.3 version of redmine, we haven't had the chance to upgrade all our plugins, etc so I'm pretty sure it works, but I will test.

Looks like the http2 option was added in this commit: 925f471f8ab1

[jcormier]

Confirmed in 3.3.10, that nginx won't start.

 $ docker-compose -f docker-compose-ssl.yml exec redmine tail /var/log/nginx/error.log
2020/02/18 20:19:57 [emerg] 332#0: invalid parameter "http2" in /etc/nginx/sites-enabled/redmine:21
2020/02/18 20:19:58 [emerg] 336#0: invalid parameter "http2" in /etc/nginx/sites-enabled/redmine:21
2020/02/18 20:20:00 [emerg] 343#0: invalid parameter "http2" in /etc/nginx/sites-enabled/redmine:21
2020/02/18 20:20:03 [emerg] 344#0: invalid parameter "http2" in /etc/nginx/sites-enabled/redmine:21

[jcormier]

3.3.1 does work however and both have http2 in the config.

 $ docker run --rm sameersbn/redmine:3.3.1 grep http2 /etc/docker-redmine/runtime/config/nginx/redmine-ssl
  listen 0.0.0.0:443 ssl http2;
  listen [::]:443 ssl http2 default_server;

Somehow the newer tag has an older nginx version

 $ docker run --rm sameersbn/redmine:3.3.1 nginx -v
nginx version: nginx/1.10.1
 $ docker run --rm sameersbn/redmine:3.3.10 nginx -v
nginx version: nginx/1.4.6 (Ubuntu)

[jcormier]

The nginx ppa dropped the packages for ubuntu trusty. http://ppa.launchpad.net/nginx/stable/ubuntu/pool/main/n/nginx/

Going to try and update ubuntu version to match the 3.4 and 4.x containers.

[jcormier]

Alright merged all the changes from master into the 3.3-stable branch and pushed a 3.3.10-1 release. It may take a few hours for the docker to build.

This may be the last changes to version 3.3 though as I'm pretty sure redmine has moved on to the newer versions.