[SOLVED] NGINX does'n start after update to 22.1.9

Started by muchacha_grande, June 23, 2022, 06:12:43 PM

Previous topic - Next topic
Print
Go Down Pages 1 2 3
User actions
June 25, 2022, 08:44:43 PM #15 Last Edit: June 25, 2022, 08:48:04 PM by RamSense
Tried the patch also, but it does not work.
When i Stop Nginx and try to restart it, it fails.

Quote# opnsense-patch -c plugins a357676
Fetched a357676 via https://github.com/opnsense/plugins
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|From a357676b926ba9db66bd72c246e9e78bbfaebfaa Mon Sep 17 00:00:00 2001
|From: kulikov-a <36099472+kulikov-a@users.noreply.github.com>
|Date: Sat, 25 Jun 2022 11:42:14 +0300
|Subject: [PATCH] njs0.7.1 compat. (#3016)
|
|---
| www/nginx/src/opnsense/scripts/nginx/ngx_functions.js         | 2 ++
| .../src/opnsense/service/templates/OPNsense/Nginx/http.conf   | 4 ++--
| 2 files changed, 4 insertions(+), 2 deletions(-)
|
|diff --git a/www/nginx/src/opnsense/scripts/nginx/ngx_functions.js b/www/nginx/src/opnsense/scripts/nginx/ngx_functions.js
|index 5f17d76ee9..3acd7d9dbc 100755
|--- a/www/nginx/src/opnsense/scripts/nginx/ngx_functions.js
|+++ b/www/nginx/src/opnsense/scripts/nginx/ngx_functions.js
--------------------------
Patching file opnsense/scripts/nginx/ngx_functions.js using Plan A...
Hunk #1 succeeded at 47.
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|diff --git a/www/nginx/src/opnsense/service/templates/OPNsense/Nginx/http.conf b/www/nginx/src/opnsense/service/templates/OPNsense/Nginx/http.conf
|index 13e5659a99..735bab34d2 100644
|--- a/www/nginx/src/opnsense/service/templates/OPNsense/Nginx/http.conf
|+++ b/www/nginx/src/opnsense/service/templates/OPNsense/Nginx/http.conf
--------------------------
Patching file opnsense/service/templates/OPNsense/Nginx/http.conf using Plan A...
Hunk #1 succeeded at 21.
done
All patches have been applied successfully.  Have a nice day.
patch did run

@XeroX, did you try to stop and restart Nginx after the patch?

NB reverted back to "opnsense-revert -r 22.1.8 os-nginx -> still my nginx is broken and wont start anymore. trying to update it to the latest version again


Deciso DEC850v2
June 25, 2022, 08:47:44 PM #16
Quote from: RamSense on June 25, 2022, 08:44:43 PM
@XeroX, did you try to stop and restart Nginx after the patch?

Nginx was in stopped state while patching and started afterwards.

What does general logs say?
June 25, 2022, 08:51:49 PM #17
reverting back and upgrading and patching all keeps my nginx broken....

i have unknown directive "js_include" in /usr/local/etc/nginx/nginx.conf:176
Deciso DEC850v2
June 25, 2022, 09:00:36 PM #18
Looks like completely messed up.

Upgrade to latest and apply patch afterwards. Applying patch twice will undo the patch.
June 25, 2022, 09:19:27 PM #19
ok,
did
1. opnsense-revert -r 22.1.8 os-nginx (again now)
2. upgraded nginx to v 1.28 from the opnsense gui
3. run the patch from terminal: opnsense-patch -c plugins a357676

Quoteopnsense-patch -c plugins a357676
Found local copy of a357676, skipping fetch.
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|From a357676b926ba9db66bd72c246e9e78bbfaebfaa Mon Sep 17 00:00:00 2001
|From: kulikov-a <36099472+kulikov-a@users.noreply.github.com>
|Date: Sat, 25 Jun 2022 11:42:14 +0300
|Subject: [PATCH] njs0.7.1 compat. (#3016)
|
|---
| www/nginx/src/opnsense/scripts/nginx/ngx_functions.js         | 2 ++
| .../src/opnsense/service/templates/OPNsense/Nginx/http.conf   | 4 ++--
| 2 files changed, 4 insertions(+), 2 deletions(-)
|
|diff --git a/www/nginx/src/opnsense/scripts/nginx/ngx_functions.js b/www/nginx/src/opnsense/scripts/nginx/ngx_functions.js
|index 5f17d76ee9..3acd7d9dbc 100755
|--- a/www/nginx/src/opnsense/scripts/nginx/ngx_functions.js
|+++ b/www/nginx/src/opnsense/scripts/nginx/ngx_functions.js
--------------------------
Patching file opnsense/scripts/nginx/ngx_functions.js using Plan A...
Hunk #1 succeeded at 47.
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|diff --git a/www/nginx/src/opnsense/service/templates/OPNsense/Nginx/http.conf b/www/nginx/src/opnsense/service/templates/OPNsense/Nginx/http.conf
|index 13e5659a99..735bab34d2 100644
|--- a/www/nginx/src/opnsense/service/templates/OPNsense/Nginx/http.conf
|+++ b/www/nginx/src/opnsense/service/templates/OPNsense/Nginx/http.conf
--------------------------
Patching file opnsense/service/templates/OPNsense/Nginx/http.conf using Plan A...
Hunk #1 succeeded at 21.
done
All patches have been applied successfully.  Have a nice day.

did reboot my opnsense box after the patch (did not try to start nginx)

and that fixed it! all is working, did not try to stop and start nginx again now... to glad it is working :-)

XeroX: have you tried stop and start nginx from the opnsense gui?
Deciso DEC850v2
June 25, 2022, 09:41:41 PM #20
Quote from: RamSense on June 25, 2022, 09:19:27 PM
XeroX: have you tried stop and start nginx from the opnsense gui?

Yes, works fine for me.
June 25, 2022, 09:43:01 PM #21
Ok, thanks for testing. I will check it out later also.
Deciso DEC850v2
June 25, 2022, 11:29:43 PM #22
Same - unknown directive "js_include" in /usr/local/etc/nginx/nginx.conf:118

Tried suggestion twice now.  Still not starting.

1. opnsense-revert -r 22.1.8 os-nginx (again now)
2. upgraded nginx to v 1.28 from the opnsense gui
3. run the patch from terminal: opnsense-patch -c plugins a357676
4.  reboot

Also tried starting with nginx 1.27 - also won't start.  :( 
June 26, 2022, 08:16:34 AM #23
Was nginx stopped before those steps?
That was the difference from my earlier testing. And can confirm it is working now, just like XeroX.
hope it will work at your end also.
Deciso DEC850v2
June 26, 2022, 08:47:26 AM #24
the updated templates need to be applied, so you need to click Apply on SERVICES: NGINX: CONFIGURATION page imho
June 26, 2022, 10:04:17 AM #25
@Fright:
One thing i noticed is that when i stop and start nginx, or apply changes in niginx and go to a website behind nginx i get this error:
MOZILLA_PKIX_ERROR_REQUIRED_TLS_FEATURE_MISSING

When i go to the same webpage again, the error is gone and works.

In ACME Client Certificates - i have [OCSP Must Staple] checked
in NGINX i have [http server] - [OCSP Stapling] checked and [OCSP Verify] checked

Is this a normal error for first time website url visit after a restart or refresh of settings or some error on my end or some bug in nginx?
Deciso DEC850v2
June 26, 2022, 10:24:01 AM #26
Yes NGINX was stopped after first boot from upgrade.  And when trying revert + install + patch.
I did try to apply on NGINX service config - can't remember if it was with reverted or new/patched.
I always get manual full vmware VM backup prior to updating.  I just restored back to 22.1.8_1 for now.  Revisit in a bit.
June 26, 2022, 10:36:10 AM #27
@RamSense
its a nginx bug feature - "ocsp lazy loading". need to hit every server after nginx restart or use ssl_stapling_file and maintain responses yourself
https://trac.nginx.org/nginx/ticket/1998
June 26, 2022, 11:00:16 AM #28
Quote from: Fright on June 26, 2022, 10:36:10 AM
@RamSense
its a nginx bug feature - "ocsp lazy loading". need to hit every server after nginx restart or use ssl_stapling_file and maintain responses yourself
https://trac.nginx.org/nginx/ticket/1998

Thnx!
Deciso DEC850v2
June 27, 2022, 09:43:40 AM #29
Quote from: XeroX on June 25, 2022, 09:00:36 PM
Upgrade to latest and apply patch afterwards. Applying patch twice will undo the patch.

I confirm everything works!

Thanks for the patch info!

1. opnsense-revert -r 22.1.8 os-nginx (again now)
2. upgraded nginx to v 1.28 from the opnsense gui
3. run the patch from terminal: opnsense-patch -c plugins a357676
Print
Go Up Pages 1 2 3
User actions