Needing to adjust some NGINX ACLs today and ACL issue.
Upon editing ACL to add new IP I am getting "Unexpected error, check log for details"
Then tried creating new ACL and it worked. Then tried editing same ACL. Same error.
So then created brand new ACL with all needed IPs and saved ok.
Then went to HTTP server and attempted to change ACL to new ACL. Same error.
Cannot change HTTP server ACL. :-/
Also tried all same above with NGINX service stopped. Same error.
Reviewed NGINX log, Opnsense general + backend logs. Don't see anything mentioned about NGINX config / ACL.
Anyone aware of NGINX ACL issues or suggestions?
OPNsense 24.7.8
os-nginx 1.34_2
Had the same issue which will hopefully be fixed in next release(?).
This worked for me
https://forum.opnsense.org/index.php?topic=43920.msg218984#msg218984
Tried the patch - opnsense-patch -c plugins 1e23572
Unfortunately did not fix it. Tried Nginx restart. Reverted patch.
Still cannot edit existing Nginx ACL or change active ACL on HTTP server.
Edit: actually just editing HTTP server with zero changes and attempting to save results in error.
Probably best to open an issue on Github
Quote from: newsense on November 15, 2024, 07:13:19 AM
Probably best to open an issue on Github
Created github issue - https://github.com/opnsense/plugins/issues/4358
I reviewed it a bit more and attempting to edit any config results in error. Hunch is a writable permission issue since nothing of my nginx config can be changed.
Believe main config directory is /usr/local/etc/nginx , directory root / wheel , root has rwx , wheel only has r-x, other r-x.
Also - never used but looked into opnsense-revert tool. But nginx has been on 1.34 since opnsense 24.7.x
I also don't understand the _2 version of os-nginx. Per release notes its just 1.34 yet opnsense plugin is 1.34_2
https://github.com/opnsense/plugins/blob/stable/24.7/www/nginx/pkg-descr
opnsense-patch -c plugins 1e23572
Patch is the fix, however my setup did require a full opnsense reboot after installing patch.