I’m not complaining, just letting you know that I think nginx install should be included in the install instructions…Or maybe because I’m using the docker install nginx doesn’t need to be setup?

Long story short, installed nginx, did the docker install, mv’d the lemmy.conf file but when I did the certbot install, I get an error that the server_name is missing from the lemmy.conf file.

Not sure what to do? Replace {{server_name}} with my domain name? and or what about {{SSL_server}}

sudo certbot --nginx Saving debug log to /var/log/letsencrypt/letsencrypt.log Error while running nginx -c /etc/nginx/nginx.conf -t.

nginx: [emerg] BIO_new_file(“/etc/letsencrypt/live/isp.org/fullchain.pem”) failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(‘/etc/letsencrypt/live/isp.org/fullchain.pem’,‘r’) error:2006D080:BIO routines:BIO_new_file:no such file) nginx: configuration file /etc/nginx/nginx.conf test failed

The nginx plugin is not working; there may be problems with your existing configuration. The error was: MisconfigurationError(‘Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] BIO_new_file(“/etc/letsencrypt/live/isp.org/fullchain.pem”) failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(’/etc/letsencrypt/live/isp.org/fullchain.pem’,‘r’) error:2006D080:BIO routines:BIO_new_file:no such file)\nnginx: configuration file /etc/nginx/nginx.conf test failed\n’,)

@nutomic
admin
310M

Yes in the nginx conf here you need to replace four instances of {{ domain }} with your actual domain (and no {}). Then place that file at /etc/nginx/sites-enabled/lemmy.conf, and restart nginx, eg systemctl restart nginx.

The documenation is definitely lacking for this, so contributions would be welcome.

@phelix001
creator
210M

Ok, I’m starting from scratch again…I keep getting an error on certbot during ansible install, and I’m not sure why; I did a manual install of fthe certs(which i’ve never done before) and I think it might have worked but I’m going to scratch this whole thing and start over again.

@nutomic
admin
110M

Just paste the exact error.

@phelix001
creator
2
edit-2
10M

ansible-playbook lemmy.yml --become

PLAY [all] *********************************************************************

TASK [install python for Ansible] ********************************************** ok: [ubuntu@isp.org]

TASK [setup] ******************************************************************* [DEPRECATION WARNING]: Distribution Ubuntu 20.04 on host ubuntu@isp.org should use /usr/bin/python3, but is using /usr/bin/python for backward compatibility with prior Ansible releases. A future Ansible release will default to using the discovered platform python for this host. See https://docs.ansible.com/ansible/2.9/reference_appendices/inter preter_discovery.html for more information. This feature will be removed in version 2.12. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. ok: [ubuntu@isp.org]

TASK [install dependencies] **************************************************** ok: [ubuntu@isp.org]

TASK [request initial letsencrypt certificate] ********************************* fatal: [ubuntu@isp.org]: FAILED! => {“changed”: true, “cmd”: [“certbot”, “certonly”, “–nginx”, “–agree-tos”, “-d”, “internetsuperpac.org”, “-m”, “myname@gmail.com”], “delta”: “0:00:00.855336”, “end”: “2020-06-03 23:53:22.991744”, “msg”: “non-zero return code”, “rc”: 1, “start”: “2020-06-03 23:53:22.136408”, “stderr”: “Saving debug log to /var/log/letsencrypt/letsencrypt.log\nError while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] the same path name “/var/cache/lemmy_frontend” used in /etc/nginx/sites-enabled/isp:1 and in /etc/nginx/sites-enabled/isp.org:1\nnginx: configuration file /etc/nginx/nginx.conf test failed\n\nCould not choose appropriate plugin: The nginx plugin is not working; there may be problems with your existing configuration.\nThe error was: MisconfigurationError(‘Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] the same path name “/var/cache/lemmy_frontend” used in /etc/nginx/sites-enabled/isp:1 and in /etc/nginx/sites-enabled/isp.org:1\nnginx: configuration file /etc/nginx/nginx.conf test failed\n’)\nThe nginx plugin is not working; there may be problems with your existing configuration.\nThe error was: MisconfigurationError(‘Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] the same path name “/var/cache/lemmy_frontend” used in /etc/nginx/sites-enabled/isp:1 and in /etc/nginx/sites-enabled/isp.org:1\nnginx: configuration file /etc/nginx/nginx.conf test failed\n’)”, “stderr_lines”: [“Saving debug log to /var/log/letsencrypt/letsencrypt.log”, “Error while running nginx -c /etc/nginx/nginx.conf -t.”, “”, “nginx: [emerg] the same path name “/var/cache/lemmy_frontend” used in /etc/nginx/sites-enabled/isp:1 and in /etc/nginx/sites-enabled/isp.org:1”, “nginx: configuration file /etc/nginx/nginx.conf test failed”, “”, “Could not choose appropriate plugin: The nginx plugin is not working; there may be problems with your existing configuration.”, “The error was: MisconfigurationError(‘Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] the same path name “/var/cache/lemmy_frontend” used in /etc/nginx/sites-enabled/isp:1 and in /etc/nginx/sites-enabled/isp.org:1\nnginx: configuration file /etc/nginx/nginx.conf test failed\n’)”, “The nginx plugin is not working; there may be problems with your existing configuration.”, “The error was: MisconfigurationError(‘Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] the same path name “/var/cache/lemmy_frontend” used in /etc/nginx/sites-enabled/isp:1 and in /etc/nginx/sites-enabled/isp.org:1\nnginx: configuration file /etc/nginx/nginx.conf test failed\n’)”], “stdout”: “”, “stdout_lines”: []}

PLAY RECAP ********************************************************************* ubuntu@isp.org : ok=3 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0

@nutomic
admin
210M

It says you have the same cache path used in /etc/nginx/sites-enabled/internetsuperpac, so I suggest you delete that file or move it to another location if you dont need it.

@phelix001
creator
1
edit-2
10M

Completely fresh install of ubuntu18, ansible install from my local to the server, got this

'phelix@darkle20:~/lemmy/ansible$ ansible-playbook lemmy.yml --become

PLAY [all] *************************************************************************************************************************

TASK [install python for Ansible] ************************************************************************************************** changed: [ubuntu@18.237.248.156]

TASK [setup] *********************************************************************************************************************** [DEPRECATION WARNING]: Distribution Ubuntu 18.04 on host ubuntu@18.237.248.156 should use /usr/bin/python3, but is using /usr/bin/python for backward compatibility with prior Ansible releases. A future Ansible release will default to using the discovered platform python for this host. See https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information. This feature will be removed in version 2.12. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. ok: [ubuntu@18.237.248.156]

TASK [install dependencies] ******************************************************************************************************** [WARNING]: Updating cache and auto-installing missing dependency: python-apt changed: [ubuntu@18.237.248.156]

TASK [request initial letsencrypt certificate] ************************************************************************************* fatal: [ubuntu@18.237.248.156]: FAILED! => {“changed”: true, “cmd”: [“certbot”, “certonly”, “–nginx”, “–agree-tos”, “-d”, “18.237.248.156”, “-m”, “me@gmail.com”], “delta”: “0:00:00.451076”, “end”: “2020-06-04 01:13:02.495594”, “msg”: “non-zero return code”, “rc”: 1, “start”: “2020-06-04 01:13:02.044518”, “stderr”: “Requested name 18.237.248.156 is an IP address. The Let’s Encrypt certificate authority will not issue certificates for a bare IP address.”, “stderr_lines”: [“Requested name 18.237.248.156 is an IP address. The Let’s Encrypt certificate authority will not issue certificates for a bare IP address.”], “stdout”: “”, “stdout_lines”: []}

PLAY RECAP ************************************************************************************************************************* ubuntu@18.237.248.156 : ok=3 changed=2 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0

@nutomic
admin
210M

Requested name 18.237.248.156 is an IP address

Sounds like you put the IP address and not the domain into your inventory file.

@nutomic
admin
210M

Oh so many comments here already. Let me just say, if anything is missing from our documentation, please make a PR to add it :)

@phelix001
creator
310M

Once I get this thing up and going, i’ll be happy to make updates on docs.

@ajz
21Y

Installing Lemmy with the Ansible option was super easy after I configured my ~/.ssh/config and the ssh part for the Ansible book example well. Is that install option possible for you ?

@phelix001
creator
1
edit-2
10M

Not sure about the ssh part for anssible, but I got this:

#sudo ansible-playbook lemmy.yml --become

ERROR! no action detected in task. This often indicates a misspelled module name, or incorrect module path.

The error appears to have been in ‘/home/ubuntu/lemmy/ansible/lemmy.yml’: line 57, column 5, but may be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

  • name: start docker-compose ^ here
Dessalines
mod
admin
1
edit-2
10M

Wrong / old version of ansible, and you need to run ansible from your local machine, and it deploys to your VPS.

@phelix001
creator
110M

ansible --version ansible 2.9.6

Still failing on the certbot install. I also get this warning: TASK [setup] *********************************************************************************************************************** [DEPRECATION WARNING]: Distribution Ubuntu 18.04 on host u@isp.org should use /usr/bin/python3, but is using /usr/bin/python for backward compatibility with prior Ansible releases. A future Ansible release will default to using the discovered platform python for this host. See https://docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html for more information. This feature will be removed in version 2.12. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.

@phelix001
creator
1
edit-2
1Y

I’ll scratch everything and try that. I’ve never used ansible, but I’ll fig it out.

@ajz
11Y

Here is also the nginx site config file (slightly edited with example.com) from my server : https://upload.disroot.org/r/P0W9y9XF#fjGXnBXZ14Jz+tsc5gL7X7ziQkqn6pEK5W/qo46hNRc= (Expiration: Friday, July 3, 2020 8:15 PM)

@phelix001
creator
21Y

thank you so much for that; im just not used to nginx; just what I needed…I’m going to give ansible a shot real quick, and maybe reconnoiter with the docker setup later.

@ajz
21Y

Here an inventory example first. In a while I’ll share a ssh config example.

@phelix001
creator
2
edit-2
10M

This is going to sound really stupid, but am I installing ansible locally and then it’s installing it remotely on my server?

EDIT: Answered my own question: Installing Ansible This page describes how to install Ansible on different platforms. Ansible is an agentless automation tool that by default manages machines over the SSH protocol. Once installed, Ansible does not add a database, and there will be no daemons to start or keep running. You only need to install it on one machine (which could easily be a laptop) and it can manage an entire fleet of remote machines from that central point. When Ansible manages remote machines, it does not leave software installed or running on them, so there’s no real question about how to upgrade Ansible when moving to a new version.

@phelix001
creator
1
edit-2
10M

Everything worked in ansible except the certbot:
TASK [request initial letsencrypt certificate] ********************************* fatal: [u@isp.org]: FAILED! => {“changed”: true, “cmd”: [“certbot”, “certonly”, “–nginx”, “–agree-tos”, “-d”, “isp.org”, “-m”, “me@gmail.com”], “delta”: “0:00:08.736581”, “end”: “2020-06-03 21:46:23.351590”, “msg”: “non-zero return code”, “rc”: 1, “start”: “2020-06-03 21:46:14.615009”, “stderr”: “Saving debug log to /var/log/letsencrypt/letsencrypt.log\nPlugins selected: Authenticator nginx, Installer nginx\nSkipped user interaction because Certbot doesn’t appear to be running in a terminal. You should probably include --non-interactive or --force-interactive on the command line.\nObtaining a new certificate\nPerforming the following challenges:\nhttp-01 challenge for isp.org\nnginx: [error] invalid PID number “” in “/run/nginx.pid”\nWaiting for verification…\nCleaning up challenges\nlive directory exists for isp.org”, “stderr_lines”: [“Saving debug log to /var/log/letsencrypt/letsencrypt.log”, “Plugins selected: Authenticator nginx, Installer nginx”, “Skipped user interaction because Certbot doesn’t appear to be running in a terminal. You should probably include --non-interactive or --force-interactive on the command line.”, “Obtaining a new certificate”, “Performing the following challenges:”, “http-01 challenge for isp.org”, “nginx: [error] invalid PID number “” in “/run/nginx.pid””, “Waiting for verification…”, “Cleaning up challenges”, “live directory exists for isp.org”], “stdout”: “IMPORTANT NOTES:\n - Your account credentials have been saved in your Certbot\n configuration directory at /etc/letsencrypt. You should make a\n secure backup of this folder now. This configuration directory will\n also contain certificates and private keys obtained by Certbot so\n making regular backups of this folder is ideal.”, “stdout_lines”: [“IMPORTANT NOTES:”, " - Your account credentials have been saved in your Certbot", " configuration directory at /etc/letsencrypt. You should make a", " secure backup of this folder now. This configuration directory will", " also contain certificates and private keys obtained by Certbot so", " making regular backups of this folder is ideal."]}

@ajz
210M

Nice to see you made it this far. The error message complains about nginx pid number. Try to restart nginx on the host ? And then use “certbot certonly -d your-domain-name.org” ?

Dessalines
mod
admin
110M

You need to have the correct domain name in that inventory file, and that DNS needs to point to the IP address of where you’re deploying Lemmy.

@phelix001
creator
110M

brb12hrs

@ajz
1
edit-2
1Y

.ssh/config example assuming you are using ssh keys to connect to your server.

@ajz
1
edit-2
10M

Error while running nginx -c /etc/nginx /nginx.conf -t.\n\nnginx: [emerg] the same path name “/var/cache /lemmy_frontend” used in /etc/nginx /sites-enabled/internetsuperpac:1 and in /etc/nginx/sites-enabled /internetsuperpac.org:1\nnginx: configuration file /etc/nginx/nginx.conf

Looks like you had two sites configured. Check /etc/nginx/sites-enabled/ (Which are symlinks to …/sites-available).

Also, certbot wants a domain name for the -d parameter. You cannot fill in an ip address here.

And you might want to edit your earlier postings to anonymize them ? Replace ip and domain names. Good luck ! :smiling face with sunglasses:

Maya
admin
11Y

i find it’s often a lot easier to do certbot certonly and add the certs to the nginx config yourself.

@phelix001
creator
11Y

Should I make server_name {{domain}}; into server_name mydomain.com www.mydomain.com; ?

Maya
admin
11Y

I think yes, but I think you’re having other problems as well based on “configuration file /etc/nginx/nginx.conf test failed”.

@phelix001
creator
21Y

I scratched everything and started over…let’s see what haps

Support / questions about Lemmy.
!lemmy_support

    Feel free to ask me anything here.

    • 0 users online
    • 9 users / day
    • 13 users / week
    • 21 users / month
    • 94 users / 6 months
    • 405 subscribers
    • 251 Posts
    • 1394 Comments
    • Modlog