Обновление certbot вызывает сбой в работе nginx, и все веб-сайты переходят в автономный режим

Question

Обновление certbot вызывает сбой в работе nginx, и все веб-сайты переходят в автономный режим

Когда выполняется команда sudo certbot Renew , сервер nginx сбой. Журнал ошибок в systemd выглядит так:

- The job identifier is 48862.
Sep 01 11:31:52 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Main process exited, code=dumped, status=11/SEGV
-- Subject: Unit process exited
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
-- 
-- An ExecStart= process belonging to unit nginx.service has exited.
-- 
-- The process' exit code is 'dumped' and its exit status is 11.
Sep 01 11:31:52 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Killing process 2046516 (PassengerAgent) with signal SIGKILL.
Sep 01 11:31:52 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Killing process 2046532 (nginx) with signal SIGKILL.
Sep 01 11:31:52 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Killing process 2046535 (nginx) with signal SIGKILL.
Sep 01 11:31:52 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Killing process 2046538 (nginx) with signal SIGKILL.
Sep 01 11:31:52 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Killing process 2046539 (nginx) with signal SIGKILL.
Sep 01 11:31:52 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Killing process 2046557 (PassengerAgent) with signal SIGKILL.
Sep 01 11:31:52 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Killing process 2046516 (PassengerAgent) with signal SIGKILL.
Sep 01 11:31:52 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Killing process 2046532 (nginx) with signal SIGKILL.
Sep 01 11:31:52 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Killing process 2046535 (nginx) with signal SIGKILL.
Sep 01 11:31:52 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Killing process 2046538 (nginx) with signal SIGKILL.
Sep 01 11:31:52 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Killing process 2046539 (nginx) with signal SIGKILL.
Sep 01 11:31:52 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Killing process 2046557 (PassengerAgent) with signal SIGKILL.
Sep 01 11:31:52 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Failed with result 'core-dump'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
-- 
-- The unit nginx.service has entered the 'failed' state with result 'core-dump'.

Результат команды обновления выглядит следующим образом:

$ sudo certbot renew --dry-run
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/atp.flexgrid-project.eu.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Attempting to parse the version 1.18.0 renewal configuration file found at /etc/letsencrypt/renewal/atp.flexgrid-project.eu.conf with version 0.40.0 of Certbot. This might not work.
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for atp.flexgrid-project.eu
Waiting for verification...
Cleaning up challenges
nginx: [error] open() "/run/nginx.pid" failed (2: No such file or directory)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
new certificate deployed with reload of nginx server; fullchain is
/etc/letsencrypt/live/atp.flexgrid-project.eu/fullchain.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/db.flexgrid-project.eu.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Attempting to parse the version 1.18.0 renewal configuration file found at /etc/letsencrypt/renewal/db.flexgrid-project.eu.conf with version 0.40.0 of Certbot. This might not work.
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for db.flexgrid-project.eu
Waiting for verification...
Cleaning up challenges
nginx: [alert] kill(2046610, 1) failed (3: No such process)
Attempting to renew cert (db.flexgrid-project.eu) from /etc/letsencrypt/renewal/db.flexgrid-project.eu.conf produced an unexpected error: nginx restart failed:
b''
b''. Skipping.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/phoenix.medialab.ntua.gr.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Attempting to parse the version 1.18.0 renewal configuration file found at /etc/letsencrypt/renewal/phoenix.medialab.ntua.gr.conf with version 0.40.0 of Certbot. This might not work.
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for phoenix.medialab.ntua.gr
nginx: [alert] kill(2046610, 1) failed (3: No such process)
Cleaning up challenges
nginx: [alert] kill(2046610, 1) failed (3: No such process)
Encountered exception during recovery: 
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 70, in handle_authorizations
    resps = self.auth.perform(achalls)
  File "/usr/lib/python3/dist-packages/certbot_nginx/configurator.py", line 1134, in perform
    self.restart()
  File "/usr/lib/python3/dist-packages/certbot_nginx/configurator.py", line 919, in restart
    nginx_restart(self.conf('ctl'), self.nginx_conf)
  File "/usr/lib/python3/dist-packages/certbot_nginx/configurator.py", line 1202, in nginx_restart
    raise errors.MisconfigurationError(
certbot.errors.MisconfigurationError: nginx restart failed:
b''
b''

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/error_handler.py", line 124, in _call_registered
    self.funcs[-1]()
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 243, in _cleanup_challenges
    self.auth.cleanup(achalls)
  File "/usr/lib/python3/dist-packages/certbot_nginx/configurator.py", line 1152, in cleanup
    self.restart()
  File "/usr/lib/python3/dist-packages/certbot_nginx/configurator.py", line 919, in restart
    nginx_restart(self.conf('ctl'), self.nginx_conf)
  File "/usr/lib/python3/dist-packages/certbot_nginx/configurator.py", line 1202, in nginx_restart
    raise errors.MisconfigurationError(
certbot.errors.MisconfigurationError: nginx restart failed:
b''
b''
Attempting to renew cert (phoenix.medialab.ntua.gr) from /etc/letsencrypt/renewal/phoenix.medialab.ntua.gr.conf produced an unexpected error: nginx restart failed:
b''
b''. Skipping.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/rabit.socialenergy-project.eu.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Attempting to parse the version 1.18.0 renewal configuration file found at /etc/letsencrypt/renewal/rabit.socialenergy-project.eu.conf with version 0.40.0 of Certbot. This might not work.
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for rabit.socialenergy-project.eu
http-01 challenge for rat.socialenergy-project.eu
nginx: [alert] kill(2046610, 1) failed (3: No such process)
Cleaning up challenges
nginx: [alert] kill(2046610, 1) failed (3: No such process)
Encountered exception during recovery: 
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 70, in handle_authorizations
    resps = self.auth.perform(achalls)
  File "/usr/lib/python3/dist-packages/certbot_nginx/configurator.py", line 1134, in perform
    self.restart()
  File "/usr/lib/python3/dist-packages/certbot_nginx/configurator.py", line 919, in restart
    nginx_restart(self.conf('ctl'), self.nginx_conf)
  File "/usr/lib/python3/dist-packages/certbot_nginx/configurator.py", line 1202, in nginx_restart
    raise errors.MisconfigurationError(
certbot.errors.MisconfigurationError: nginx restart failed:
b''
b''

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/error_handler.py", line 124, in _call_registered
    self.funcs[-1]()
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 243, in _cleanup_challenges
    self.auth.cleanup(achalls)
  File "/usr/lib/python3/dist-packages/certbot_nginx/configurator.py", line 1152, in cleanup
    self.restart()
  File "/usr/lib/python3/dist-packages/certbot_nginx/configurator.py", line 919, in restart
    nginx_restart(self.conf('ctl'), self.nginx_conf)
  File "/usr/lib/python3/dist-packages/certbot_nginx/configurator.py", line 1202, in nginx_restart
    raise errors.MisconfigurationError(
certbot.errors.MisconfigurationError: nginx restart failed:
b''
b''
Attempting to renew cert (rabit.socialenergy-project.eu) from /etc/letsencrypt/renewal/rabit.socialenergy-project.eu.conf produced an unexpected error: nginx restart failed:
b''
b''. Skipping.
The following certs could not be renewed:
  /etc/letsencrypt/live/db.flexgrid-project.eu/fullchain.pem (failure)
  /etc/letsencrypt/live/phoenix.medialab.ntua.gr/fullchain.pem (failure)
  /etc/letsencrypt/live/rabit.socialenergy-project.eu/fullchain.pem (failure)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates below have not been saved.)

The following certs were successfully renewed:
  /etc/letsencrypt/live/atp.flexgrid-project.eu/fullchain.pem (success)

The following certs could not be renewed:
  /etc/letsencrypt/live/db.flexgrid-project.eu/fullchain.pem (failure)
  /etc/letsencrypt/live/phoenix.medialab.ntua.gr/fullchain.pem (failure)
  /etc/letsencrypt/live/rabit.socialenergy-project.eu/fullchain.pem (failure)
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates above have not been saved.)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
3 renew failure(s), 0 parse failure(s)

Сценарии обновления в certbot выглядят следующим образом:

$ sudo cat /etc/letsencrypt/renewal/atp.flexgrid-project.eu.conf 
# renew_before_expiry = 30 days
version = 1.18.0
archive_dir = /etc/letsencrypt/archive/atp.flexgrid-project.eu
cert = /etc/letsencrypt/live/atp.flexgrid-project.eu/cert.pem
privkey = /etc/letsencrypt/live/atp.flexgrid-project.eu/privkey.pem
chain = /etc/letsencrypt/live/atp.flexgrid-project.eu/chain.pem
fullchain = /etc/letsencrypt/live/atp.flexgrid-project.eu/fullchain.pem

# Options used in the renewal process
[renewalparams]
account = XXXXXXXXXXXXXXXXXXXXXXXXXXxx
authenticator = nginx
installer = nginx
server = https://acme-v02.api.letsencrypt.org/directory

Версии:

certbot 0.40.0
nginx 1.18.0-0ubuntu1.2
Ubuntu 20.04.3 LTS

Эта ошибка действительно раздражает, потому что сервер выключается без предупреждения всякий раз, когда необходимо обновить сертификат.

Я видел несколько обсуждений на форумах и в проблемах, но они появились несколько лет назад и, похоже, не работают в новых версиях. Один поток предложил использовать версию snap вместо подходящей для certbot, но ошибка осталась.

Журнал ошибок nginx имеет следующее:

==> /var/log/nginx/error.log <==
[ N 2021-09-02 08:07:25.5247 2298270/T5 age/Cor/SecurityUpdateChecker.h:519 ]: Security update check: no update found (next check in 24 hours)
2021/09/02 08:07:25 [notice] 2298303#2298303: signal process started

[ N 2021-09-02 08:07:25.5352 2298270/T9 age/Cor/CoreMain.cpp:670 ]: Signal received. Gracefully shutting down... (send signal 2 more time(s) to force shutdown)
[ N 2021-09-02 08:07:25.5352 2298270/T1 age/Cor/CoreMain.cpp:1245 ]: Received command to shutdown gracefully. Waiting until all clients have disconnected...
[ N 2021-09-02 08:07:25.5353 2298270/Tb Ser/Server.h:901 ]: [ServerThr.2] Freed 0 spare client objects
[ N 2021-09-02 08:07:25.5353 2298270/Tc Ser/Server.h:901 ]: [ServerThr.3] Freed 0 spare client objects
[ N 2021-09-02 08:07:25.5353 2298270/Te Ser/Server.h:901 ]: [ServerThr.4] Freed 0 spare client objects
[ N 2021-09-02 08:07:25.5353 2298270/Tb Ser/Server.h:558 ]: [ServerThr.2] Shutdown finished
[ N 2021-09-02 08:07:25.5353 2298270/Tc Ser/Server.h:558 ]: [ServerThr.3] Shutdown finished
[ N 2021-09-02 08:07:25.5353 2298270/Te Ser/Server.h:558 ]: [ServerThr.4] Shutdown finished
[ N 2021-09-02 08:07:25.5354 2298270/T9 Ser/Server.h:901 ]: [ServerThr.1] Freed 0 spare client objects
[ N 2021-09-02 08:07:25.5354 2298270/T9 Ser/Server.h:558 ]: [ServerThr.1] Shutdown finished
[ N 2021-09-02 08:07:25.5355 2298270/Tg Ser/Server.h:901 ]: [ApiServer] Freed 0 spare client objects
[ N 2021-09-02 08:07:25.5355 2298270/Tg Ser/Server.h:558 ]: [ApiServer] Shutdown finished
2021/09/02 08:07:28 [notice] 2298312#2298312: signal process started
2021/09/02 08:07:28 [error] 2298312#2298312: open() "/run/nginx.pid" failed (2: No such file or directory)
[ N 2021-09-02 08:07:28.8243 2298314/T1 age/Wat/WatchdogMain.cpp:1373 ]: Starting Passenger watchdog...
[ N 2021-09-02 08:07:28.8529 2298317/T1 age/Cor/CoreMain.cpp:1340 ]: Starting Passenger core...
[ N 2021-09-02 08:07:28.8530 2298317/T1 age/Cor/CoreMain.cpp:256 ]: Passenger core running in multi-application mode.
[ N 2021-09-02 08:07:28.8674 2298317/T1 age/Cor/CoreMain.cpp:1015 ]: Passenger core online, PID 2298317
2021/09/02 08:07:29 [info] 2298343#2298343: Using 32768KiB of shared memory for nchan in /etc/nginx/nginx.conf:63
[ N 2021-09-02 08:07:31.1196 2298317/T5 age/Cor/SecurityUpdateChecker.h:519 ]: Security update check: no update found (next check in 24 hours)
2021/09/02 08:07:32 [notice] 2298349#2298349: signal process started

[ N 2021-09-02 08:07:32.2357 2298317/T9 age/Cor/CoreMain.cpp:670 ]: Signal received. Gracefully shutting down... (send signal 2 more time(s) to force shutdown)
[ N 2021-09-02 08:07:32.2358 2298317/T1 age/Cor/CoreMain.cpp:1245 ]: Received command to shutdown gracefully. Waiting until all clients have disconnected...
[ N 2021-09-02 08:07:32.2358 2298317/Ta Ser/Server.h:901 ]: [ServerThr.2] Freed 0 spare client objects
[ N 2021-09-02 08:07:32.2358 2298317/Tc Ser/Server.h:901 ]: [ServerThr.3] Freed 0 spare client objects
[ N 2021-09-02 08:07:32.2359 2298317/Ta Ser/Server.h:558 ]: [ServerThr.2] Shutdown finished
[ N 2021-09-02 08:07:32.2359 2298317/Tc Ser/Server.h:558 ]: [ServerThr.3] Shutdown finished
[ N 2021-09-02 08:07:32.2359 2298317/T9 Ser/Server.h:901 ]: [ServerThr.1] Freed 0 spare client objects
[ N 2021-09-02 08:07:32.2359 2298317/T9 Ser/Server.h:558 ]: [ServerThr.1] Shutdown finished
[ N 2021-09-02 08:07:32.2359 2298317/Te Ser/Server.h:901 ]: [ServerThr.4] Freed 0 spare client objects
[ N 2021-09-02 08:07:32.2359 2298317/Te Ser/Server.h:558 ]: [ServerThr.4] Shutdown finished
[ N 2021-09-02 08:07:32.2360 2298317/Tg Ser/Server.h:901 ]: [ApiServer] Freed 0 spare client objects
[ N 2021-09-02 08:07:32.2360 2298317/Tg Ser/Server.h:558 ]: [ApiServer] Shutdown finished
[ N 2021-09-02 08:07:32.2765 2298352/T1 age/Wat/WatchdogMain.cpp:1373 ]: Starting Passenger watchdog...
[ N 2021-09-02 08:07:32.3006 2298356/T1 age/Cor/CoreMain.cpp:1340 ]: Starting Passenger core...
[ N 2021-09-02 08:07:32.3008 2298356/T1 age/Cor/CoreMain.cpp:256 ]: Passenger core running in multi-application mode.
[ N 2021-09-02 08:07:32.3151 2298356/T1 age/Cor/CoreMain.cpp:1015 ]: Passenger core online, PID 2298356
[ N 2021-09-02 08:07:32.5218 2298317/T1 age/Cor/CoreMain.cpp:1325 ]: Passenger core shutdown finished

[ N 2021-09-02 08:07:34.5746 2298356/T5 age/Cor/SecurityUpdateChecker.h:519 ]: Security update check: no update found (next check in 24 hours)
2021/09/02 08:07:34 [notice] 2298386#2298386: signal process started

[ N 2021-09-02 08:07:34.8582 2298356/T9 age/Cor/CoreMain.cpp:670 ]: Signal received. Gracefully shutting down... (send signal 2 more time(s) to force shutdown)
[ N 2021-09-02 08:07:34.8583 2298356/T1 age/Cor/CoreMain.cpp:1245 ]: Received command to shutdown gracefully. Waiting until all clients have disconnected...
[ N 2021-09-02 08:07:34.8583 2298356/Tc Ser/Server.h:901 ]: [ServerThr.3] Freed 0 spare client objects
[ N 2021-09-02 08:07:34.8583 2298356/Tc Ser/Server.h:558 ]: [ServerThr.3] Shutdown finished
[ N 2021-09-02 08:07:34.8583 2298356/T9 Ser/Server.h:901 ]: [ServerThr.1] Freed 0 spare client objects
[ N 2021-09-02 08:07:34.8584 2298356/T9 Ser/Server.h:558 ]: [ServerThr.1] Shutdown finished
[ N 2021-09-02 08:07:34.8584 2298356/Tb Ser/Server.h:901 ]: [ServerThr.2] Freed 0 spare client objects
[ N 2021-09-02 08:07:34.8584 2298356/Tb Ser/Server.h:558 ]: [ServerThr.2] Shutdown finished
[ N 2021-09-02 08:07:34.8584 2298356/Te Ser/Server.h:901 ]: [ServerThr.4] Freed 0 spare client objects
[ N 2021-09-02 08:07:34.8584 2298356/Te Ser/Server.h:558 ]: [ServerThr.4] Shutdown finished
[ N 2021-09-02 08:07:34.8584 2298356/Tg Ser/Server.h:901 ]: [ApiServer] Freed 0 spare client objects
[ N 2021-09-02 08:07:34.8584 2298356/Tg Ser/Server.h:558 ]: [ApiServer] Shutdown finished
panic: memory wrap at /usr/share/perl/5.30/constant.pm line 20.
Compilation failed in require at /usr/lib/x86_64-linux-gnu/perl5/5.30/nginx.pm line 61.
BEGIN failed--compilation aborted at /usr/lib/x86_64-linux-gnu/perl5/5.30/nginx.pm line 61.
Compilation failed in require.
BEGIN failed--compilation aborted.
2021/09/02 08:07:34 [alert] 2298325#2298325: perl_parse() failed: 255
[ N 2021-09-02 08:07:35.1369 2298356/T1 age/Cor/CoreMain.cpp:1325 ]: Passenger core shutdown finished
2021/09/02 08:07:38 [notice] 2298396#2298396: signal process started
2021/09/02 08:07:39 [info] 2298398#2298398: Using 32768KiB of shared memory for nchan in /etc/nginx/nginx.conf:63
2021/09/02 08:07:40 [notice] 2298401#2298401: signal process started
2021/09/02 08:07:40 [alert] 2298401#2298401: kill(2298325, 1) failed (3: No such process)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:40 [emerg] 2298402#2298402: still could not bind()
2021/09/02 08:07:43 [notice] 2298406#2298406: signal process started
2021/09/02 08:07:43 [alert] 2298406#2298406: kill(2298325, 1) failed (3: No such process)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:43 [emerg] 2298407#2298407: still could not bind()
2021/09/02 08:07:46 [info] 2298408#2298408: Using 32768KiB of shared memory for nchan in /etc/nginx/nginx.conf:63
2021/09/02 08:07:49 [notice] 2298414#2298414: signal process started
2021/09/02 08:07:49 [alert] 2298414#2298414: kill(2298325, 1) failed (3: No such process)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:49 [emerg] 2298416#2298416: still could not bind()
2021/09/02 08:07:52 [notice] 2298420#2298420: signal process started
2021/09/02 08:07:52 [alert] 2298420#2298420: kill(2298325, 1) failed (3: No such process)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to [::]:80 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: bind() to [::]:443 failed (98: Address already in use)
2021/09/02 08:07:52 [emerg] 2298421#2298421: still could not bind()

2

certbot crash lets-encrypt nginx server-crashes

задан 1 September 2021 в 08:45

Ссылка

1 ответ

Похожие вопросы

user000001 · Answer 1 · 2 September 2021 в 06:48

Я думаю, что нашел (хакерский) обходной путь для решения проблемы. Шаги следующие:

Создайте исполняемый скрипт в папке /etc/letsencrypt/nginx_fix.sh со следующим содержимым:

 #!/bin/bash
для аргумента
делать
если [ "$arg" = "перезагрузить" ]
тогда
exec systemctl перезапустить nginx
фи
Выполнено
выполнить nginx "$@"

Добавьте строку nginx_ctl = /etc/letsencrypt/nginx_fix.sh в блок [renewalparams] каждого файла конфигурации обновления, которым управляет аутентификатор nginx, расположенный по адресу . ]etc/letsencrypt/renewal/*.conf следующим образом:

 # Параметры, используемые в процессе обновления
[параметры обновления]
account = XXXXXX # Используйте свой собственный ключ учетной записи
аутентификатор = nginx
установщик = nginx
сервер = https://acme-v02.api.letsencrypt.org/directory
nginx_ctl = /etc/letsencrypt/nginx_fix.sh

Не помечая этот ответ как принятый, потому что он неоптимален по двум причинам:

Вы должны не забывать редактировать файл конфигурации продления для каждого добавляемого домена.

Вы по-прежнему получаете следующие ошибки в журналах nginx:

 02 сентября, 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Killing process 2351182 (PassengerAgent) с сигналом SIGKILL .
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351186 (PassengerAgent) с сигналом SIGKILL.
02 сентября, 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351227 (ruby) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: процесс уничтожения 2351630 (ruby) с сигналом SIGKILL.
02 сент 09:37:24 феникс.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351655 (ruby) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351673 (ruby) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351692 (ruby) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351755 (PassengerAgent) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351191 (PassengerAgent) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351194 (PassengerAgent) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351197 (PassengerAgent) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351198 (PassengerAgent) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351200 (PassengerAgent) с сигналом SIGKILL.
02 сентября, 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351201 (PassengerAgent) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351205 (PassengerAgent) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351210 (PassengerAgent) с сигналом SIGKILL.
02 сентября, 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351618 (file_store.rb:*) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351651 (рабочий-1) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351656 (ruby) с сигналом SIGKILL.
02 сентября, 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351659 (connection_poo*) с сигналом SIGKILL.
02 сентября, 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351664 (н/д) с сигналом SIGKILL.
02 сентября, 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351665 (utils.rb:110) с сигналом SIGKILL.
02 сентября, 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351677 (н/д) с сигналом SIGKILL.
02 сентября, 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351682 (utils.rb:110) с сигналом SIGKILL.
02 сентября, 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351683 (н/д) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351696 (connection_poo*) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351701 (н/д) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351708 (рабочий-2) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351709 (рабочий-3) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.сервис: Процесс уничтожения 2351710 (worker-2) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351711 (рабочий-3) с сигналом SIGKILL.
02 сен 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351729 (io-worker-1) с сигналом SIGKILL.
02 сент., 09:37:24 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Процесс уничтожения 2351756 (PassengerAgent) с сигналом SIGKILL.

Но, по крайней мере, кажется, что он работает, по крайней мере, с опцией пробного запуска.

Обновление certbot вызывает сбой в работе nginx, и все веб-сайты переходят в автономный режим

Теги

Похожие вопросы