Nginx can't start after migrate to Bullseye (ffdhe2048.pem)

addictif80 · September 18, 2022, 10:48pm

My YunoHost server

Hardware: Dedicated computer with Bullseye, i3-4130 CPU @ 3.40GHz & 8GB of memory RAM
YunoHost version: 11.0.9.14
I have access to my server : Through SSH | direct access via keyboard / screen | …
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Description of my issue

After migrating to Bullseye, nginx can’t start, and it result of installed apps are not reachables.
There are a few Hastebin links :

service nginx start and service nginx status : hastebin
journalctl -xe : hastebin

I think this issue is due to the error at line 8.
This file is not found : /usr/share/yunohost/other/ffdhe2048.pem
But it exist in /usr/share/yunohost directory.
I’ve tried to fix that by copying /usr/share/yunohost/ffdhe2048.pem in /usr/share/yunohost/other/ffdhe2048.pem

After service nginx start, it work great.
Do you know why nginx try to access the ffdhe2048.pem in an other directory of the real directory ?
Do you know if this “fix” can be used in long time in production server ?

Aleks · September 19, 2022, 7:53pm

This probably happens because you edited /etc/nginx/conf.d/security.conf in the past

You can check the diff with

sudo yunohost tools regen-conf nginx --dry-run --with-diff

and review the diff / tweak stuff manually yourself, or force the update with

sudo yunohost tools regen-conf nginx --force

addictif80 · September 21, 2022, 11:08am

Thanks a lot i’ve forgotten i’ve modified this file in the past time for allow iframe.

system · October 21, 2022, 11:09am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.