search

servisys / ispconfig_setup

ISPConfig autoinstaller and setup
GNU General Public License v3.0
512 stars 256 forks source link

ispconfig gui not available after expert-install #136

Open derfladi opened 8 years ago

derfladi commented 8 years ago

Hi there!

Great script! Just tested it on Debian 8 with expert-mode. Issue #133 still occurs (not merged to master I guess).

The installation runs through but at the end the ispconfig webgui is not available in the browser. The "normal" apache-docs (Port 80) is working so apache is running fine. However connection to Port 8080 is not possible (tried http/https).

best regards Tim

degoya commented 8 years ago

i had the same problem with multiserver (expert mode) for me it was a phyton error. the apache at port 80 delivered a the defaul apache page.

https://github.com/servisys/ispconfig_setup/issues/121

servisys commented 8 years ago

Can you past the error pls?

2016-10-07 15:54 GMT+02:00 Alexander Herling notifications@github.com:

i had the same problem with multiserver (expert mode) for me it was a phyton error. the apache at port 80 delivered a the defaul apache page.

121 https://github.com/servisys/ispconfig_setup/issues/121

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/servisys/ispconfig_setup/issues/136#issuecomment-252258220, or mute the thread https://github.com/notifications/unsubscribe-auth/ALI8UR47mxGIfqr4NtaWsF-MeqFYSb4nks5qxk8OgaJpZM4KRAiJ .

Dott. Matteo Temporini

Linux Registered User #553977

http://www.temporini.net

[image: Facebook] https://www.facebook.com/temporini.net [image: Twitter] https://twitter.com/diablo666 [image: Linkedin] http://it.linkedin.com/in/temporini [image: Instagram] http://instagram.com/diablone [image: Skype] http://htmlsig.com/matteo.temporini

This e-mail message may contain confidential or legally privileged information and is intended only for the use of the intended recipient(s). Any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is prohibited. E-mails are not secure and cannot be guaranteed to be error free as they can be intercepted, amended, or contain viruses. Anyone who communicates with us by e-mail is deemed to have accepted these risks. Company Name is not responsible for errors or omissions in this message and denies any responsibility for any damage arising from the use of e-mail. Any opinion and other statement contained in this message and any attachment are solely those of the author and do not necessarily represent those of the company.

n0v3xx commented 8 years ago

I have the same issue with "Normal" installation on Ubuntu 16.10 and 15.10 :(

Server version: Apache/2.4.12 (Ubuntu) Server built: Jul 15 2016 15:32:10

Apache2 Error log:

[Tue Nov 15 10:33:26.410826 2016] [ssl:error] [pid 11671:tid 140268792145792] AH02604: Unable to configure certificate 127.0.1.1:8080:0 for stapling
[Tue Nov 15 10:33:26.412140 2016] [mpm_event:notice] [pid 11671:tid 140268792145792] AH00489: Apache/2.4.12 (Ubuntu) OpenSSL/1.0.2d configured -- resuming normal operations
[Tue Nov 15 10:33:26.412191 2016] [core:notice] [pid 11671:tid 140268792145792] AH00094: Command line: '/usr/sbin/apache2'
[Tue Nov 15 10:33:27.527357 2016] [mpm_event:notice] [pid 11671:tid 140268792145792] AH00491: caught SIGTERM, shutting down
[Tue Nov 15 10:33:28.817312 2016] [ssl:warn] [pid 11836:tid 140428963075968] AH01906: 127.0.1.1:8080:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Tue Nov 15 10:33:28.817431 2016] [ssl:warn] [pid 11836:tid 140428963075968] AH01909: 127.0.1.1:8080:0 server certificate does NOT include an ID which matches the server name
[Tue Nov 15 10:33:28.817669 2016] [ssl:error] [pid 11836:tid 140428963075968] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: CN=scw-c89660,OU=IT department,O=Servisys di Temporini Matteo,L=Udine,ST=Italy,C=IT / issuer: CN=scw-c89660,OU=IT department,O=Servisys di Temporini Matteo,L=Udine,ST=Italy,C=IT / serial: B5D9BA092D9E2E29 / notbefore: Nov 15 10:33:15 2016 GMT / notafter: Nov 13 10:33:15 2026 GMT]
[Tue Nov 15 10:33:28.817684 2016] [ssl:error] [pid 11836:tid 140428963075968] AH02604: Unable to configure certificate 127.0.1.1:8080:0 for stapling
[Tue Nov 15 10:33:28.841452 2016] [auth_digest:notice] [pid 11838:tid 140428963075968] AH01757: generating secret for digest authentication ...
[Tue Nov 15 10:33:28.845509 2016] [ssl:warn] [pid 11838:tid 140428963075968] AH01906: 127.0.1.1:8080:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Tue Nov 15 10:33:28.845558 2016] [ssl:warn] [pid 11838:tid 140428963075968] AH01909: 127.0.1.1:8080:0 server certificate does NOT include an ID which matches the server name
[Tue Nov 15 10:33:28.845796 2016] [ssl:error] [pid 11838:tid 140428963075968] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: CN=scw-c89660,OU=IT department,O=Servisys di Temporini Matteo,L=Udine,ST=Italy,C=IT / issuer: CN=scw-c89660,OU=IT department,O=Servisys di Temporini Matteo,L=Udine,ST=Italy,C=IT / serial: B5D9BA092D9E2E29 / notbefore: Nov 15 10:33:15 2016 GMT / notafter: Nov 13 10:33:15 2026 GMT]
[Tue Nov 15 10:33:28.845810 2016] [ssl:error] [pid 11838:tid 140428963075968] AH02604: Unable to configure certificate 127.0.1.1:8080:0 for stapling
[Tue Nov 15 10:33:28.847173 2016] [mpm_event:notice] [pid 11838:tid 140428963075968] AH00489: Apache/2.4.12 (Ubuntu) OpenSSL/1.0.2d configured -- resuming normal operations
[Tue Nov 15 10:33:28.847231 2016] [core:notice] [pid 11838:tid 140428963075968] AH00094: Command line: '/usr/sbin/apache2'

ispconfig.vhost

######################################################
# This virtual host contains the configuration
# for the ISPConfig controlpanel
######################################################

 Listen 8080
NameVirtualHost *:8080

<VirtualHost _default_:8080>
  ServerAdmin webmaster@localhost

  <Directory /var/www/ispconfig/>
    <FilesMatch "\.ph(p3?|tml)$">
      SetHandler None
    </FilesMatch>
  </Directory>
  <Directory /usr/local/ispconfig/interface/web/>
    <FilesMatch "\.ph(p3?|tml)$">
      SetHandler None
    </FilesMatch>
  </Directory>

  <IfModule mod_fcgid.c>
    DocumentRoot /var/www/ispconfig/
    SuexecUserGroup ispconfig ispconfig
    <Directory /var/www/ispconfig/>
      Options -Indexes +FollowSymLinks +MultiViews +ExecCGI
      AllowOverride AuthConfig Indexes Limit Options FileInfo
      <FilesMatch "\.php$">
        SetHandler fcgid-script
      </FilesMatch>
      FCGIWrapper /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter .php
            Require all granted
          </Directory>
    IPCCommTimeout  7200
    MaxRequestLen 15728640
  </IfModule>

  <IfModule mpm_itk_module>
    DocumentRoot /usr/local/ispconfig/interface/web/
    AssignUserId ispconfig ispconfig
    AddType application/x-httpd-php .php
    <Directory /usr/local/ispconfig/interface/web>
      # php_admin_value open_basedir "/usr/local/ispconfig/interface:/usr/share:/tmp"
      Options +FollowSymLinks
      AllowOverride None
            Require all granted
            php_value magic_quotes_gpc        0
    </Directory>
  </IfModule>

  # ErrorLog /var/log/apache2/error.log
  # CustomLog /var/log/apache2/access.log combined
  ServerSignature Off

  <IfModule mod_security2.c>
    SecRuleEngine Off
  </IfModule>

  # SSL Configuration
  SSLEngine On
    SSLProtocol All -SSLv3
    SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
  SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key
  #SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle

  SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
  SSLHonorCipherOrder On

  <IfModule mod_headers.c>
    Header always add Strict-Transport-Security "max-age=15768000"
        RequestHeader unset Proxy early
  </IfModule>

    SSLUseStapling On
  SSLStaplingResponderTimeout 5
  SSLStaplingReturnResponderErrors Off
  </VirtualHost>

<IfModule mod_ssl.c>
  SSLStaplingCache shmcb:/var/run/ocsp(128000)
</IfModule>

<Directory /var/www/php-cgi-scripts>
  AllowOverride None
    Require all denied
  </Directory>

<Directory /var/www/php-fcgi-scripts>
  AllowOverride None
    Require all denied
  </Directory>

PHP-FPM looks normal in log.

Why is only the default apache page available?

Dracozny commented 7 years ago

check your firewall rules. run ufw allow 8080 and then once you are in Ispconfig enable the firewall rules in server config. you will need to modify these rules to incorporate pure-ftpd passive mode ports.

Neustradamus commented 6 years ago

It is resolved?

gOOvER commented 5 years ago

THis is not a problem with the install script. I got this error also on Ubuntu when i not use the script. So i think this can be closed