I’m not complaining, just letting you know that I think nginx install should be included in the install instructions…Or maybe because I’m using the docker install nginx doesn’t need to be setup?
Long story short, installed nginx, did the docker install, mv’d the lemmy.conf file but when I did the certbot install, I get an error that the server_name is missing from the lemmy.conf file.
Not sure what to do? Replace {{server_name}} with my domain name? and or what about {{SSL_server}}
sudo certbot --nginx Saving debug log to /var/log/letsencrypt/letsencrypt.log Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] BIO_new_file(“/etc/letsencrypt/live/isp.org/fullchain.pem”) failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(‘/etc/letsencrypt/live/isp.org/fullchain.pem’,‘r’) error:2006D080:BIO routines:BIO_new_file:no such file) nginx: configuration file /etc/nginx/nginx.conf test failed
The nginx plugin is not working; there may be problems with your existing configuration. The error was: MisconfigurationError(‘Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] BIO_new_file(“/etc/letsencrypt/live/isp.org/fullchain.pem”) failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/isp.org/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)\nnginx: configuration file /etc/nginx/nginx.conf test failed\n’,)
Yes in the nginx conf here you need to replace four instances of
{{ domain }}with your actual domain (and no{}). Then place that file at/etc/nginx/sites-enabled/lemmy.conf, and restart nginx, egsystemctl restart nginx.The documenation is definitely lacking for this, so contributions would be welcome.
Ok, I’m starting from scratch again…I keep getting an error on certbot during ansible install, and I’m not sure why; I did a manual install of fthe certs(which i’ve never done before) and I think it might have worked but I’m going to scratch this whole thing and start over again.
Just paste the exact error.
ansible-playbook lemmy.yml --become
PLAY [all] *********************************************************************
TASK [install python for Ansible] ********************************************** ok: [ubuntu@isp.org]
TASK [setup] ******************************************************************* [DEPRECATION WARNING]: Distribution Ubuntu 20.04 on host ubuntu@isp.org should use /usr/bin/python3, but is using /usr/bin/python for backward compatibility with prior Ansible releases. A future Ansible release will default to using the discovered platform python for this host. See https://docs.ansible.com/ansible/2.9/reference_appendices/inter preter_discovery.html for more information. This feature will be removed in version 2.12. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. ok: [ubuntu@isp.org]
TASK [install dependencies] **************************************************** ok: [ubuntu@isp.org]
TASK [request initial letsencrypt certificate] ********************************* fatal: [ubuntu@isp.org]: FAILED! => {“changed”: true, “cmd”: [“certbot”, “certonly”, “–nginx”, “–agree-tos”, “-d”, “internetsuperpac.org”, “-m”, “myname@gmail.com”], “delta”: “0:00:00.855336”, “end”: “2020-06-03 23:53:22.991744”, “msg”: “non-zero return code”, “rc”: 1, “start”: “2020-06-03 23:53:22.136408”, “stderr”: “Saving debug log to /var/log/letsencrypt/letsencrypt.log\nError while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] the same path name "/var/cache/lemmy_frontend" used in /etc/nginx/sites-enabled/isp:1 and in /etc/nginx/sites-enabled/isp.org:1\nnginx: configuration file /etc/nginx/nginx.conf test failed\n\nCould not choose appropriate plugin: The nginx plugin is not working; there may be problems with your existing configuration.\nThe error was: MisconfigurationError(‘Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] the same path name "/var/cache/lemmy_frontend" used in /etc/nginx/sites-enabled/isp:1 and in /etc/nginx/sites-enabled/isp.org:1\nnginx: configuration file /etc/nginx/nginx.conf test failed\n’)\nThe nginx plugin is not working; there may be problems with your existing configuration.\nThe error was: MisconfigurationError(‘Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] the same path name "/var/cache/lemmy_frontend" used in /etc/nginx/sites-enabled/isp:1 and in /etc/nginx/sites-enabled/isp.org:1\nnginx: configuration file /etc/nginx/nginx.conf test failed\n’)”, “stderr_lines”: [“Saving debug log to /var/log/letsencrypt/letsencrypt.log”, “Error while running nginx -c /etc/nginx/nginx.conf -t.”, “”, “nginx: [emerg] the same path name "/var/cache/lemmy_frontend" used in /etc/nginx/sites-enabled/isp:1 and in /etc/nginx/sites-enabled/isp.org:1”, “nginx: configuration file /etc/nginx/nginx.conf test failed”, “”, “Could not choose appropriate plugin: The nginx plugin is not working; there may be problems with your existing configuration.”, “The error was: MisconfigurationError(‘Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] the same path name "/var/cache/lemmy_frontend" used in /etc/nginx/sites-enabled/isp:1 and in /etc/nginx/sites-enabled/isp.org:1\nnginx: configuration file /etc/nginx/nginx.conf test failed\n’)”, “The nginx plugin is not working; there may be problems with your existing configuration.”, “The error was: MisconfigurationError(‘Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] the same path name "/var/cache/lemmy_frontend" used in /etc/nginx/sites-enabled/isp:1 and in /etc/nginx/sites-enabled/isp.org:1\nnginx: configuration file /etc/nginx/nginx.conf test failed\n’)”], “stdout”: “”, “stdout_lines”: []}
PLAY RECAP ********************************************************************* ubuntu@isp.org : ok=3 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
It says you have the same cache path used in
/etc/nginx/sites-enabled/internetsuperpac, so I suggest you delete that file or move it to another location if you dont need it.Completely fresh install of ubuntu18, ansible install from my local to the server, got this
'phelix@darkle20:~/lemmy/ansible$ ansible-playbook lemmy.yml --become
PLAY [all] *************************************************************************************************************************
TASK [install python for Ansible] ************************************************************************************************** changed: [ubuntu@18.237.248.156]
TASK [setup] *********************************************************************************************************************** [DEPRECATION WARNING]: Distribution Ubuntu 18.04 on host ubuntu@18.237.248.156 should use /usr/bin/python3, but is using /usr/bin/python for backward compatibility with prior Ansible releases. A future Ansible release will default to using the discovered platform python for this host. See https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information. This feature will be removed in version 2.12. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. ok: [ubuntu@18.237.248.156]
TASK [install dependencies] ******************************************************************************************************** [WARNING]: Updating cache and auto-installing missing dependency: python-apt changed: [ubuntu@18.237.248.156]
TASK [request initial letsencrypt certificate] ************************************************************************************* fatal: [ubuntu@18.237.248.156]: FAILED! => {“changed”: true, “cmd”: [“certbot”, “certonly”, “–nginx”, “–agree-tos”, “-d”, “18.237.248.156”, “-m”, “me@gmail.com”], “delta”: “0:00:00.451076”, “end”: “2020-06-04 01:13:02.495594”, “msg”: “non-zero return code”, “rc”: 1, “start”: “2020-06-04 01:13:02.044518”, “stderr”: “Requested name 18.237.248.156 is an IP address. The Let’s Encrypt certificate authority will not issue certificates for a bare IP address.”, “stderr_lines”: [“Requested name 18.237.248.156 is an IP address. The Let’s Encrypt certificate authority will not issue certificates for a bare IP address.”], “stdout”: “”, “stdout_lines”: []}
PLAY RECAP ************************************************************************************************************************* ubuntu@18.237.248.156 : ok=3 changed=2 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
’
Requested name 18.237.248.156 is an IP addressSounds like you put the IP address and not the domain into your
inventoryfile.