Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - PeteB

Pages: [1] 2
1
PHP Selector / Re: PHP-FPM Not Working (503 Service Unavailable)
« on: September 20, 2020, 08:12:57 PM »
I fixed it, but I don't know for how long.  To check if you have the same problem

(xx is your php version number, like 74)

1. some sites load fine, some do not, using php-fpm
2. check /opt/alt/php-fpmxx/usr/var/sockets
3. sitename.sock is missing for the site(s) that are giving you the 503 error
4. go to /opt/alt/php-fpmxx/usr/etc/php-fpm.d/users
5. copy the config of a working site for one that isn't. use your internal id for the site
6. go into problemsitename.conf and change all references of the copiedsitename to problemsitename
7. service php-fpmxx stop    then  service php-fpmxx start
8. test the website.  A this stage it worked for me and I considered it fixed

So here's the odd thing
- no idea why problemsitename.conf disappeared and other sites had their .sock files remain
- on restarting php-fpmxx, the .sock file for the problemsite does not get recreated
- changing problem site to php-cgi (it works) and then back to php-fpm does NOT fix the config in as much that it still doesn't create the problemsite.sock file when php-fpmxx is (re)started.  THIS IS THE REAL PROBLEM


Somewhere in the config for problemsite there is a difference that isn't there for workingsite and as such php-fpmxx does not create a .sock file, and as a result you get a 503 error.  If someone can figure out what that problem is, then we may be able to stop this from happening "suddenly" to other sites.

2
PHP Selector / Re: PHP-FPM Not Working (503 Service Unavailable)
« on: September 20, 2020, 09:58:09 AM »
I have the same problem.  Currently all sites are configured with the same php-fpm config, but one isn't working and throws a 503 error.

/opt/alt/php-fpm74/usr/var/sockets does not have a sitename.sock created when php-fpm is started.

I've updated to the latest PHP version, I've rebuilt the config for the affected domain, I've restarted php-fpm, but none of it has caused sitename.sock to be created when php-fpm is stopped and then started.

The site serves a normal html document just fine. 

I'll keep digging, but if someone knows where to look next I'd appreciate the help.

(for those who need to know: yes, I'm running Pro)

UPDATE

This, from /var/log/cwp/webservers.log:

ERROR failed at quota or security limits

None of the site settings or file/directory ownership/permissions were changed for any of the sites for weeks if not months.  I suspect a recent update has bumped into a pre-existing difference for this specific problem site that aren't really there for the others?

Yes, I'll keep digging.  But if anyone knows what to tweak next, please share.

3


https://imgur.com/3MiNx69



https://imgur.com/YgiKazY

Note that the path to the image has a directory cwp_theme which does not exist.


4
It's been doing that for me, consistently, for several years, over a number of different servers.  You're not alone.

As to what the answer is?  .... ;)

5
Suggestions / 2FA with Google Authenticator
« on: August 12, 2020, 11:20:02 PM »
Hi everyone.

Thanks for the active development and supportive community.

The topic of Two Factor Authentication comes up every now and then.

I just wanted to bring it up again to see if it could be pushed towards to top of the to-do list. 

I hardly have to repeat that the environment is more hostile than a year (or two) ago, and that 2FA is quickly becoming a minimum standard when it comes to protecting Internet-facing assets.

Thanks for giving it some thought.  I hope it isn't too complicated to implement and it may be slipped into the roadmap for delivery sometime this year.

6
SSL / Need LetsEncrypt SSL for mail. only
« on: June 29, 2020, 03:05:49 AM »
The website is hosted on another server and the DNS CNAMEs to it.

However, I still want secure connections for mail.

The auto-generator won't work unless the A record for the website is pointing to the server.

How do I get an SSL cert for mail.domain.com when domain.com is pointing to another server?


7
CentOS-WebPanel GUI / Re: How to Customise CSS in Web Panel
« on: June 17, 2020, 09:52:16 PM »
Love to know if we've gotten anywhere with this.  Switching between servers and seeing the same control panel "theme" is just a recipe for mistakes late in the day.  Would be nice if there was a permanent "include custom.css" that survives upgrades.

8
This becomes visible when the cert is flagged to also work for mail.[domain].  postfix starts to throw warnings about a malformed BASE64 value on the domain's private cert. 

It's happened enough times now for me to know what to do - which is to delete the cert in CWP Admin, re-create it, and restart httpd and postfix.

I suspect the cron-driven update of SSL certs needs a look to see why that causes problems while the manual creation does not.

Postfix warnings look like this:

Code: [Select]
May 17 13:33:34 x.x.x.x postfix/smtpd[11979]: warning: table hash:/etc/postfix/vmail_ssl.map.db: key mail.domain.com: malformed BASE64 value: /etc/pki/tls/private/domain.com.key

9
E-Mail / Re: mail_ssl.map.db: key malformed BASE64 value
« on: April 14, 2020, 08:02:42 PM »
Thank you.  That fixed it.

I suspect creating SSL certs using the client control panel is the problem then.

10
E-Mail / mail_ssl.map.db: key malformed BASE64 value
« on: April 14, 2020, 10:18:57 AM »
Code: [Select]
Apr 14 22:02:38 125-236-223-30 postfix/smtpd[11474]: connect from mail-qk1-f172.google.com[209.85.222.172]
Apr 14 22:02:39 125-236-223-30 postfix/smtpd[11474]: warning: table hash:/etc/postfix/vmail_ssl.map.db: key mail.domain.com: malformed BASE64 value: /etc/pki/tls/private/domain.c
Apr 14 22:02:39 125-236-223-30 postfix/smtpd[11474]: warning: tls_server_sni_maps: mail.domain.com map lookup problem
Apr 14 22:02:39 postfix/smtpd[11474]: SSL_accept error from mail-qk1-f172.google.com[209.85.222.172]: -1
Apr 14 22:02:39 postfix/smtpd[11474]: warning: TLS library problem: error:1412E0E2:SSL routines:ssl_parse_clienthello_tlsext:clienthello tlsext:t1_lib.c:2604:
Apr 14 22:02:39 postfix/smtpd[11474]: warning: TLS library problem: error:1408A0E3:SSL routines:ssl3_get_client_hello:parse tlsext:s3_srvr.c:1257:
Apr 14 22:02:39 postfix/smtpd[11474]: lost connection after STARTTLS from mail-qk1-f172.google.com[209.85.222.172]
Apr 14 22:02:39 postfix/smtpd[11474]: disconnect from mail-qk1-f172.google.com[209.85.222.172] ehlo=1 starttls=0/1 commands=1/2

domain.com replaced the actual domain, for privacy purposes. 

I've set up two accounts, and they are accessible using a mail client via IMAP.  I created an SSL cert for mail.domain.com.

I'm a bit at a loss to understand why this is happening.  Any ideas?


11
Backup / Re: Backup to G.Drive
« on: January 21, 2020, 08:35:13 AM »
I prefer rclone

https://rclone.org/
https://rclone.org/install/
https://www.techrepublic.com/article/how-to-sync-from-linux-to-google-drive-with-rclone/

Pro Tip:  send one, compressed file.  gdrive slows down uploads to unpractical speeds if you need to copy a lot of files.

12
Hi all.  All the best for the new year.

Just adding my voice to this request - yes please.  No longer a luxury, I think.

13
Suggestions / Enable/Disable goaccess web statistics per account
« on: January 16, 2020, 12:02:41 AM »
I'm running a server where site owners never need to see any site performance stats.  The intro of goaccess to provide stats via the user control panel is a very nice move.  But it is eating disk space that has nobody interested in looking at the pretty information.

At the rate of 0.3MB per day/per user, it has been increasing the size of the backups.

I can run a cron-job to erase all the files it creates in /home/<account>/cwp_stats/, but it seems to me an ON/OFF somewhere in the CPW ecosystem will be appreciated.

Many thanks.

14
CentOS-WebPanel Bugs / Can't delete Addon Domain using red Delete button
« on: September 12, 2019, 03:55:11 AM »
On the User control panel

Domains > Domains (List Addon Domains)

The Delete button isn't clickable







15
Other / Re: Not login in control panel!
« on: August 18, 2019, 08:16:44 AM »
Interesting.

Exactly what happened to me as well.

The real question is:  how did it "magically" lose its package?

Anyway - learned something new :)   Know what to do if it happens again.

Pages: [1] 2