Text only | Text with Images

OPNsense Forum

Archive => 23.1 Legacy Series => Topic started by: seed on March 27, 2023, 07:55:41 PM

Title: BUG: NGINX doesnt start
Post by: seed on March 27, 2023, 07:55:41 PM
Hello.

My Setup:

OPNsense 23.1.4_1-amd64
FreeBSD 13.1-RELEASE-p7
OpenSSL 1.1.1t 7 Feb 2023

My setup is using some /32 ipv4s on my WAN and nginx is configured to bind to it.
After rebooting the opnsense. Nginx wont start.


Quote2023/03/27    19:50:00    error    40394#100667    invalid PID number "" in "/var/run/nginx.pid"
2023/03/27    19:50:00    notice    40394#100667    signal process started
2023/03/27    19:49:10    emerg    86356#100227    bind() to XXX.XX.XXX.XX:80 failed (49: Can't assign requested address)
2023/03/27    19:49:10    emerg    86281#100227    bind() to XXX.XX.XXX.XX:80 failed (49: Can't assign requested address)

I must remove the .sock by hand: "rm -f /var/run/nginx_status.sock" and click on start again.

This must be a bug
Title: Re: BUG: NGINX doesnt start
Post by: franco on March 27, 2023, 09:02:29 PM
Web GUI runs a redirect from port 80 by default. Not a bug and you can disable it. ;)


Cheers,
Franco
Title: Re: BUG: NGINX doesnt start
Post by: seed on March 28, 2023, 08:13:23 PM
QuoteDisable web GUI redirect rule

is enabled and the web ui port is on 4444.
Title: Re: BUG: NGINX doesnt start
Post by: Fright on March 28, 2023, 09:27:48 PM
Hi
XXX.XX.XXX.XX is not there when nginx starts?
really need to bind to exact ip and not just "80"?
Title: Re: BUG: NGINX doesnt start
Post by: seed on March 30, 2023, 07:19:41 AM
I must bind Nginx on the specific IP. On one the other ips im running other services like haproxy.

So this is very likely a bug.
Title: Re: BUG: NGINX doesnt start
Post by: franco on March 30, 2023, 08:13:29 AM
With the little information given and the error message it looks like a limitation of the system or configuration mistake, but not a bug.


Cheers,
Franco
Title: Re: BUG: NGINX doesnt start
Post by: seed on March 30, 2023, 08:35:53 AM
Ok thats fair. What other information should i provide?


I hope this helps:
I have multiple /32 v4s and multiple /128 v6 configured on my wan interface.

One v4 and one v6 are ment to be dedicated for nginx as reverse Proxy.
This runs normaly fine. But after a opnsense reboot nginx doesnt like to start.
When i check with netstat for running services on port 80 i dont see any service on port 80.

In the logfile i just see the error:   "bind() to XXX.XX.XXX.XX:80 failed (49: Can't assign requested address)" (redacted ip)

after removing the sock (/var/run/nginx_status.sock) and clicking on start service nginx runs fine.
Title: Re: BUG: NGINX doesnt start
Post by: franco on March 30, 2023, 10:16:27 AM
At the time of nginx start the IP address in question does not seem to be available on the interface if we want to rule out a conflict between services already binding on it. What WAN modes have you set for IPv4 and IPv6?


Cheers,
Franco
Title: Re: BUG: NGINX doesnt start
Post by: Fright on March 30, 2023, 10:17:55 AM
since it "Can't assign requested address" and not "48: Address already in use" i think its not a bind conflict (as i said earlier).its an address absence i think. so may be interface address is not ready when nginx tries to start at boot. but you did not provide more info.
/var/run/nginx_status.sock binding error is a consequence of the first error, because nginx leaves the sockets in this case
Title: Re: BUG: NGINX doesnt start
Post by: Fright on March 30, 2023, 02:51:11 PM
@franco
how bad is idea to exit on _setup fail at
https://github.com/opnsense/src/blob/stable/23.1/libexec/rc/rc.subr#L1110
? (this should prevent start if config broken. sounds logical?)
Title: Re: BUG: NGINX doesnt start
Post by: franco on March 30, 2023, 03:06:55 PM
Bad, because a badly written script wil wreck it. Remember that last command sets error condition on script exit. Besides, which command should actually fail in setup script?

_precmd is implemented to do config checks in rc.d files sometimes, but the result is the same: Service doesn't work and no step further.

If anything we are missing a restart to be back running, but the question still is why the virtual IP is not there (if it really isn't).
Title: Re: BUG: NGINX doesnt start
Post by: Fright on March 30, 2023, 03:20:04 PM
Quoteis why the virtual IP is not there
yep, this is the most interesting for now
Quote_precmd is implemented to do config checks in rc.d files sometimes
yes. but in nginx case it may return 1 for "reload" if config broken. but not for "start"..
Quotewhich command should actually fail in setup script?
https://github.com/opnsense/plugins/blob/c08a2ea1771b8243f8f28de27c3f2286b2beb4af/www/nginx/src/opnsense/scripts/nginx/setup.php#L339  ;)
Quotebecause a badly written script wil wreck it
hm. understood

/var/run/nginx_status.sock is not unlinked after an unsuccessful start attempt and it prevents next runs. looks like it fixed at
https://trac.nginx.org/nginx/changeset/7cbf6389194b9170514e514ca7ee495369c9c8ac/nginx but it doesn't seem to be backported
Title: Re: BUG: NGINX doesnt start
Post by: franco on March 30, 2023, 03:28:02 PM
Ah you are talking about your latest addition and not about the situation with the user. I saw it as a means to get startup errors to syslog, not to stop well-defined startup sequence.

I'd extend setup.php to remove the socket(s) when the nginx pid is not there. That's why we have it. :)

Alternatively ask Jochen via FreeBSD ports to add this patch to the port.


Cheers,
Franco
Title: Re: BUG: NGINX doesnt start
Post by: Fright on March 30, 2023, 03:37:41 PM
QuoteI'd extend setup.php to
sounds like a plan. already running on test vm )
thanks
Title: Re: BUG: NGINX doesnt start
Post by: benyamin on March 30, 2023, 07:28:29 PM
I'm not running the plugin myself, but if it is using the rc.d system to start, does the REQUIRE: keyword include the NETWORKING option.

For comparison inetd has: # REQUIRE: DAEMON LOGIN FILESYSTEMS
Text only | Text with Images