Vesta cesspit: Difference between revisions

From eddynetweb's cesspit
Jump to navigation Jump to search
(Addressing specific issue!)
 
(Added ACME info for Let's Encrypt.)
 
(4 intermediate revisions by the same user not shown)
Line 1: Line 1:
== Issue ==  
Documenting Vesta Control Panel errors since forever.
 
== 502 gateway error on sub.domain.tld ==
 
Information when proxying away from port, causes above error.
 
=== Issue ===
 
----
 
I was recently configuring VestaCP to bind to a specific sub-domain without requiring a port when I came across the following issue:  
I was recently configuring VestaCP to bind to a specific sub-domain without requiring a port when I came across the following issue:  


Line 6: Line 15:
Looking around, I found a solution.  
Looking around, I found a solution.  


== Solution ==
=== Solution ===
 
----


Simply visit the below directory with your choice of text editor:  
Simply visit the below directory with your choice of text editor:  
Line 14: Line 25:
Then simply look for the following block:  
Then simply look for the following block:  


<source lang="conf">
<source lang="text">
; Set permissions for unix socket, if one is used. In Linux, read/write
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; permissions must be set in order to allow connections from a web server. Many
Line 28: Line 39:


'''Why?''' The web server by default will attempt to read the directory, and since www-data had not been given authorization, it will return a 502 Gateway error. Changing it to www-data will allow apache2 to read the VestaCP directory.
'''Why?''' The web server by default will attempt to read the directory, and since www-data had not been given authorization, it will return a 502 Gateway error. Changing it to www-data will allow apache2 to read the VestaCP directory.
== Let's Encrypt ACME validation on custom templates ==
Information regarding an error that which states that the ACME validation for Let's Encrypt could not validate ownership of a site.
=== Issue ===
----
I have a custom template setup with Vesta Control Panel, but it appears to not be complicit with Let's Encrypt and the nginx/apache2 setup.
=== Solution ===
----
In whichever template you choose in '''/usr/local/vesta/data/templates/web/nginx''', you'll need to add the following line to two different files:
*[name].tpl
*[name].stpl
<source lang="nginx">
  # Necessary for Let's Encrypt Domain Name ownership validation
  location /.well-known/acme-challenge/ {
    try_files $uri /dev/null =404;
  }
</source>
Make sure to reset nginx!

Latest revision as of 21:21, 11 March 2017

Documenting Vesta Control Panel errors since forever.

502 gateway error on sub.domain.tld

Information when proxying away from port, causes above error.

Issue


I was recently configuring VestaCP to bind to a specific sub-domain without requiring a port when I came across the following issue:

502 Bad Gateway

Looking around, I found a solution.

Solution


Simply visit the below directory with your choice of text editor:

/usr/local/vesta/php/etc/php-fpm.conf

Then simply look for the following block:

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0666
listen.owner = admin
listen.group = admin
listen.mode = 0660

...and change listen.group = admin to listen.group = www-data

Why? The web server by default will attempt to read the directory, and since www-data had not been given authorization, it will return a 502 Gateway error. Changing it to www-data will allow apache2 to read the VestaCP directory.

Let's Encrypt ACME validation on custom templates

Information regarding an error that which states that the ACME validation for Let's Encrypt could not validate ownership of a site.

Issue


I have a custom template setup with Vesta Control Panel, but it appears to not be complicit with Let's Encrypt and the nginx/apache2 setup.

Solution


In whichever template you choose in /usr/local/vesta/data/templates/web/nginx, you'll need to add the following line to two different files:

  • [name].tpl
  • [name].stpl
  # Necessary for Let's Encrypt Domain Name ownership validation
  location /.well-known/acme-challenge/ {
    try_files $uri /dev/null =404;
  }

Make sure to reset nginx!