Vesta cesspit: Difference between revisions
Eddynetweb (talk | contribs) m (Eddynetweb moved page VestaCP 502 gateway on sub.domain.tld to Vesta cesspit without leaving a redirect: Restructure wiki.) |
Eddynetweb (talk | contribs) (Added ACME info for Let's Encrypt.) |
||
Line 39: | Line 39: | ||
'''Why?''' The web server by default will attempt to read the directory, and since www-data had not been given authorization, it will return a 502 Gateway error. Changing it to www-data will allow apache2 to read the VestaCP directory. | '''Why?''' The web server by default will attempt to read the directory, and since www-data had not been given authorization, it will return a 502 Gateway error. Changing it to www-data will allow apache2 to read the VestaCP directory. | ||
== Let's Encrypt ACME validation on custom templates == | |||
Information regarding an error that which states that the ACME validation for Let's Encrypt could not validate ownership of a site. | |||
=== Issue === | |||
---- | |||
I have a custom template setup with Vesta Control Panel, but it appears to not be complicit with Let's Encrypt and the nginx/apache2 setup. | |||
=== Solution === | |||
---- | |||
In whichever template you choose in '''/usr/local/vesta/data/templates/web/nginx''', you'll need to add the following line to two different files: | |||
*[name].tpl | |||
*[name].stpl | |||
<source lang="nginx"> | |||
# Necessary for Let's Encrypt Domain Name ownership validation | |||
location /.well-known/acme-challenge/ { | |||
try_files $uri /dev/null =404; | |||
} | |||
</source> | |||
Make sure to reset nginx! |
Latest revision as of 21:21, 11 March 2017
Documenting Vesta Control Panel errors since forever.
502 gateway error on sub.domain.tld
Information when proxying away from port, causes above error.
Issue
I was recently configuring VestaCP to bind to a specific sub-domain without requiring a port when I came across the following issue:
502 Bad Gateway
Looking around, I found a solution.
Solution
Simply visit the below directory with your choice of text editor:
/usr/local/vesta/php/etc/php-fpm.conf
Then simply look for the following block:
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0666
listen.owner = admin
listen.group = admin
listen.mode = 0660
...and change listen.group = admin to listen.group = www-data
Why? The web server by default will attempt to read the directory, and since www-data had not been given authorization, it will return a 502 Gateway error. Changing it to www-data will allow apache2 to read the VestaCP directory.
Let's Encrypt ACME validation on custom templates
Information regarding an error that which states that the ACME validation for Let's Encrypt could not validate ownership of a site.
Issue
I have a custom template setup with Vesta Control Panel, but it appears to not be complicit with Let's Encrypt and the nginx/apache2 setup.
Solution
In whichever template you choose in /usr/local/vesta/data/templates/web/nginx, you'll need to add the following line to two different files:
- [name].tpl
- [name].stpl
# Necessary for Let's Encrypt Domain Name ownership validation
location /.well-known/acme-challenge/ {
try_files $uri /dev/null =404;
}
Make sure to reset nginx!