-
Posts
27 -
Joined
-
Last visited
Posts posted by Sisir Adhikari
-
-
Thank you. I am now setting up OpenDKIM. I will keep this post updated.
-
I have enabled DKIM for domains & Mailserver but outgoing emails are not signed. Does froxlor enables signing out of the box or I need to set it up separately.
-
22 minutes ago, d00p said:
only an A record is not succifient if hostingCompany.com has a zone in the same nameserver, you will need a glue-record too so it does not loop
I will do more research. Currently asking my clients to use dns through cloudflare.
A different question (should I start a new topic?)
How do I setup DKIM for domains? I have checked settings in froxlor panel. But where do I find dkim entries to put in DNS record? I don't see it under domains.
-
Thank you! It is working. I feel stupid now.
Anyways, I used to do nameservers like
ns1.hostingCompany.com
ns2.hostingCompany.comin cpanel by creating A record. They worked out of the box in cpanel. With bind9 active, will it work with froxlor as well? Sorry, I am shooting in dark. I don't have much experience with setting up DNS.
-
I am slowly & successfully setup my hosting service thanks to Froxlor support. Thanks for that.
Now after finishing the dns setup from configuration.
$ /etc/init.d/bind9 start $ [ ok ] Starting bind9 (via systemctl): bind9.service
But when I run
$ systemctl status bind9 Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Mon 2020-04-27 11:16:33 UTC; 14s ago Docs: man:named(8) Process: 31381 ExecStart=/usr/sbin/named -f $OPTIONS (code=exited, status=1/FAILURE) Main PID: 31381 (code=exited, status=1/FAILURE) Apr 27 11:16:33 server named[31381]: /etc/bind/froxlor_bind.conf:20: zone 'xxxx.net': already exists previous definition: /etc/bind/froxlor_bind.conf:20 Apr 27 11:16:33 server named[31381]: /etc/bind/froxlor_bind.conf:27: zone 'xxxx.me': already exists previous definition: /etc/bind/froxlor_bind.conf:27 Apr 27 11:16:33 server named[31381]: /etc/bind/froxlor_bind.conf:34: zone 'xxxx.ml': already exists previous definition: /etc/bind/froxlor_bind.conf:34 Apr 27 11:16:33 server named[31381]: /etc/bind/froxlor_bind.conf:41: zone 'xxxx.com': already exists previous definition: /etc/bind/froxlor_bind.conf:41 Apr 27 11:16:33 server named[31381]: /etc/bind/froxlor_bind.conf:48: zone 'xxxx.com': already exists previous definition: /etc/bind/froxlor_bind.conf:48 Apr 27 11:16:33 server named[31381]: /etc/bind/froxlor_bind.conf:55: zone 'xxxx.com': already exists previous definition: /etc/bind/froxlor_bind.conf:55 Apr 27 11:16:33 server named[31381]: loading configuration: failure Apr 27 11:16:33 server named[31381]: exiting (due to fatal error) Apr 27 11:16:33 server systemd[1]: bind9.service: Main process exited, code=exited, status=1/FAILURE Apr 27 11:16:33 server systemd[1]: bind9.service: Failed with result 'exit-code'.
.All of the domains are active they are not deleted. One of them are not DNS forwarded to my server (if that is important).
-
Thank you for your support! I will change if necessery. Most concerning thing is the permission error right now. I will wait for next 24 hours to see if this problem persists.
-
Can not be cloudflare but this client have good traffic in his site. Is there a way I can increase php-fpm processes for a single domain?
-
My client also reported few 522 errors from cloudflare as well. So, could it be php-fpm hanging generating gateway timeout?
-
PHP FPM 7.2 Pool config
;PHP-FPM configuration for "odhikarbd.com" created on 2020.04.24 07:35:03 [odhikarbd.com] listen = /var/run/1-pronob-odhikarbd.com-php-fpm.socket listen.owner = pronob listen.group = pronob listen.mode = 0660 user = pronob group = pronob pm = dynamic pm.max_children = 5 pm.start_servers = 2 pm.min_spare_servers = 1 pm.max_spare_servers = 3 pm.max_requests = 0 ;chroot = /var/customers/webs/pronob/odhikarbd.com/ security.limit_extensions = .php env[PATH] = /usr/local/bin:/usr/bin:/bin env[TMP] = /var/customers/tmp/pronob/ env[TMPDIR] = /var/customers/tmp/pronob/ env[TEMP] = /var/customers/tmp/pronob/ php_admin_value[session.save_path] = /var/customers/tmp/pronob/ php_admin_value[upload_tmp_dir] = /var/customers/tmp/pronob/ php_admin_flag[allow_url_fopen] = On php_admin_flag[allow_url_include] = Off php_value[auto_append_file] = php_value[auto_prepend_file] = php_value[default_charset] = "UTF-8" php_flag[asp_tags] = Off php_admin_value[disable_functions] = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system php_flag[display_errors] = Off php_flag[display_startup_errors] = Off php_admin_flag[enable_dl] = Off php_value[error_reporting] = E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_NOTICE php_admin_flag[expose_php] = Off php_admin_flag[file_uploads] = On php_flag[html_errors] = On php_admin_flag[ignore_repeated_errors] = Off php_admin_flag[ignore_repeated_source] = Off php_value[include_path] = ".:/usr/share/php/:/usr/share/php5/" php_flag[log_errors] = On php_admin_flag[log_errors] = On php_value[log_errors_max_len] = 1024 php_flag[mail.add_x_header] = Off php_value[max_execution_time] = 30 php_admin_value[max_input_time] = 60 php_admin_value[memory_limit] = 128M php_admin_value[output_buffering] = 4096 php_admin_value[post_max_size] = 16M php_admin_value[precision] = 14 php_admin_flag[register_argc_argv] = Off php_admin_flag[report_memleaks] = On php_admin_value[sendmail_path] = "/usr/sbin/sendmail -t -i -f xxxx@gmail.com" php_value[session.auto_start] = 0 php_value[session.cookie_domain] = php_value[session.cookie_lifetime] = 0 php_value[session.cookie_path] = / php_admin_value[session.gc_divisor] = 1000 php_admin_value[session.gc_probability] = 0 php_value[session.name] = PHPSESSID php_value[session.serialize_handler] = php php_flag[session.use_cookies] = 1 php_flag[short_open_tag] = On php_value[upload_max_filesize] = 32M php_admin_value[variables_order] = "GPCS" php_admin_value[opcache.restrict_api] = "/var/customers/webs/pronob/odhikarbd.com/"
-
Where do I find pool config?
Below list of configs and logs as requested.
Vhost Config for site:
server { listen 173.82.54.45:443 ssl; server_name xxxx.com www.xxxx.com; ssl_protocols TLSv1 TLSv1.2 TLSv1.3; ssl_ciphers ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128; ssl_prefer_server_ciphers off; ssl_session_tickets on; ssl_session_cache shared:SSL:10m; ssl_certificate /etc/ssl/froxlor-custom/xxxx.com.crt; ssl_certificate_key /etc/ssl/froxlor-custom/xxxx.com.key; add_header Strict-Transport-Security "max-age=0"; ssl_stapling on; ssl_stapling_verify on; ssl_trusted_certificate /etc/ssl/froxlor-custom/xxxx.com.crt; include /etc/apache2/conf-enabled/acme.conf; access_log /var/customers/logs/pronob-access.log combined; error_log /var/customers/logs/pronob-error.log error; root /var/customers/webs/pronob/xxxx.com/; location / { index index.php index.html index.htm; try_files $uri $uri/ @rewrites; } location @rewrites { rewrite ^ /index.php last; } location ~ ^(.+?\.php)(/.*)?$ { try_files /0f6cdec4d4006fb06b92f065192e2d00.htm @php; } location @php { try_files $1 =404; include /etc/nginx/fastcgi_params; fastcgi_split_path_info ^(.+?\.php)(/.*)$; fastcgi_param SCRIPT_FILENAME $request_filename; fastcgi_param PATH_INFO $2; fastcgi_param HTTPS on; fastcgi_pass unix:/var/run/1-pronob-xxxx.com-php-fpm.socket; fastcgi_index index.php; } }
$ ls -l /var/customers/webs/pronob
-rw-r--r-- 1 pronob pronob 6422 Mar 8 06:44 index.html drwxr-xr-x 10 pronob pronob 4096 Apr 24 14:16 odhikarbd.com drwxr-xr-x 2 pronob pronob 4096 Apr 18 18:50 pronob.server.vimohost.com drwxr-xr-x 2 pronob pronob 4096 Apr 24 00:01 webalize
$ ls -la /var/customers/webs/pronob/odhikarbd.com
drwxr-xr-x 10 pronob pronob 4096 Apr 24 14:16 . drwxr-xr-x 5 pronob pronob 4096 Apr 18 20:30 .. -rw-r--r-- 1 pronob pronob 227 Apr 18 20:16 active.php drwxr-xr-x 2 pronob pronob 4096 Apr 18 20:16 cgi-bin -rw-r--r-- 1 pronob pronob 53 Apr 18 20:16 google86cdd11e02e76bd5.html -rw-r--r-- 1 pronob pronob 743 Apr 18 20:16 .htaccess__67c55ca-18180332 -rw-r--r-- 1 pronob pronob 405 Apr 18 20:16 index.php -rw-r--r-- 1 pronob pronob 19915 Apr 18 20:16 license.txt drwxr-xr-x 2 pronob pronob 4096 Apr 18 20:16 .quarantine -rw-r--r-- 1 pronob pronob 7278 Apr 18 20:16 readme.html drwxr-xr-x 2 pronob pronob 4096 Apr 18 20:16 .tmb drwxr-xr-x 3 pronob pronob 4096 Apr 18 20:16 .well-known -rw-r--r-- 1 pronob pronob 6912 Apr 18 20:16 wp-activate.php drwxr-xr-x 9 pronob pronob 4096 Apr 18 20:16 wp-admin -rw-r--r-- 1 pronob pronob 351 Apr 18 20:16 wp-blog-header.php -rw-r--r-- 1 pronob pronob 2275 Apr 18 20:16 wp-comments-post.php -rw------- 1 pronob pronob 2882 Apr 18 20:38 wp-config.php -rw-r--r-- 1 pronob pronob 2913 Apr 18 20:16 wp-config-sample.php drwxr-xr-x 10 pronob pronob 4096 Apr 24 14:29 wp-content -rw-r--r-- 1 pronob pronob 3940 Apr 18 20:16 wp-cron.php drwxr-xr-x 21 pronob pronob 12288 Apr 18 20:16 wp-includes -rw-r--r-- 1 pronob pronob 2496 Apr 18 20:16 wp-links-opml.php -rw-r--r-- 1 pronob pronob 3300 Apr 18 20:16 wp-load.php -rw-r--r-- 1 pronob pronob 47874 Apr 18 20:16 wp-login.php -rw-r--r-- 1 pronob pronob 8501 Apr 18 20:16 wp-mail.php -rw-r--r-- 1 pronob pronob 19396 Apr 18 20:16 wp-settings.php -rw-r--r-- 1 pronob pronob 31111 Apr 18 20:16 wp-signup.php drwxr-xr-x 4 pronob pronob 4096 Apr 21 13:55 wp-snapshots -rw-r--r-- 1 pronob pronob 4755 Apr 18 20:16 wp-trackback.php -rw-r--r-- 1 pronob pronob 3133 Apr 18 20:16 xmlrpc.php
-
Getting the problem again very randomly. No clue why this is happening.
2020/04/24 07:34:58 [crit] 1049#1049: *56685 connect() to unix:/var/run/1-pronob-xxxx.com-php-fpm.socket failed (13: Permission denied) while connecting to upstream, client: 162.158.207.135, server: xxxxx.com, request: "GET /%e0%a6%b0%e0%a6%be%e0%a6%a8%e0%a6%be%e0%a6%aa%e0%a7%8d%e0%a6%b2%e0%a6%be%e0%a6%9c%e0%a6%be-%e0%a6%86%e0%a6%b9%e0%a6%a4%e0%a6%a6%e0%a7%87%e0%a6%b0-%e0%a6%b8%e0%a7%81%e0%a6%9a%e0%a6%bf%e0%a6%95%e0%a6%bf/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/1-pronob-xxxx.com-php-fpm.socket:", host: "xxxxx.com", referrer: "http://m.facebook.com/"
-
The problem seem to be fixed itself after a cron run. Still don't have any clue what happened.
-
2 minutes ago, d00p said:
the socket should NOT belong to www-data
They do not, their ownership belongs to users. I was saying when I "change" socket file ownership to www-data sites are back up.
-
Sorry, it seems all of the site having issues now. error is the same. When I change ownership of socket files to www-data:www-data sites are working.
I am looking further into this. Will post more soon.
-
My users are having this problem. It is weird because the site was working last night.
connect() to unix:/var/run/1-pronob-xxxx.com-php-fpm.socket failed (13: Permission denied) while connecting to upstream
The result of
groups www-data www-data : www-data froxlorlocal xxxx xxxx xxxx xxxx xxxx pronob
www-data is successfully added to the group of the user. So, no issue there. Permission of socket file seems to be okay too.
cd/var/run ls -l srw-rw---- 1 pronob pronob 0 Apr 23 07:22 1-pronob-xxxx.com-php-fpm.socket
How to further troubleshot this issue?
-
5 minutes ago, d00p said:
Aside from the "Now wait about 15/20 mins" part looks fine.
Thanks, updated the post.
-
I have recently setup ssl & letsencrypt on my ubuntu 18.04 server and made a blog post about it. Just going to put it here in case it helps anybody.
https://sisir.me/froxlor-how-to-setup-letsencrypt-free-ssl-php-fpm-nginx-ubuntu-18-04/
-
Thanks, activating the nssextrausers worked.
If anyone wondering how to force run cronjob.
/usr/bin/php5 /var/www/froxlor/scripts/froxlor_master_cronjob.php --force
-
10 hours ago, d00p said:
Are there files and content in /var/lib/extrausers/?
There are three files in this directory.
- group
- passwd
- shadowThere are no contents in these files.
10 hours ago, d00p said:Did you activate libnss-extrausers froxlor?
I am not sure if I did that. I have run the config code that is given but did not know if I need to activate it in settings. Do you know the mysql field for this setting? I can try updating mysql db value directly.
-
pool config is pointing to directory `/etc/php/7.3/fpm/pool` Under this directory I see config files for other vhost domains. They all points to socket files like `/var/run/1-codeware-xxxx.com-php-fpm.socket` The file does not exists.
But now I see this error as well which I think should be resolved first:
```
Apr 11 19:04:22 server systemd[1]: Starting The PHP 7.3 FastCGI Process Manager...
Apr 11 19:04:22 server php-fpm7.3[14648]: [11-Apr-2020 19:04:22] ERROR: [pool codeware.server.xxxx.com] cannot get uid for user 'codeware'```
I assume from other forum thread this is an issue with libnss-extrausers btw I have configured it before. So, not sure where it went wrong. BTW, I would re-configure it again but the froxlor interface is inaccessible because php doesn't start.
-
Here is an example of froxlor vhost for root ip. The php-fpm socket file it states, is not created (does not exists).
```
server {
listen xxx.xxx.xxx.xxx:80 default_server;
# Froxlor default vhost
server_name server.xxx.com;
access_log /var/log/nginx/access.log combined;
root /var/www/froxlor/;
index index.php index.html index.htm;location / {
}
location ~ \.php {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PATH_INFO $fastcgi_path_info;
try_files $fastcgi_script_name =404;
fastcgi_pass unix:/var/run/1-froxlor.panel-server.xxx.com-php-fpm.socket; # <----------- The file isn't created
fastcgi_index index.php;
}
}```
I have followed all steps for setting up servers. the sock file exists as `/var/run/php/php7.2-fpm.sock`. When I edit this file and reload server the url works but after I add a domain (for any user) the config file resets. Any idea how to fix this?
-
This thread comes up as #1 on google search. Could be helpful for people coming from search result
-
For future reference. If you have installed froxlor via package manager (for me ubuntu 18.04). The default directory is /var/www/html for apache server. You have to edit default config file and change the webserver default to /var/www
```
nano /etc/apache2/sites-available/000-default.conf
```
Once you have done it restart the apache server and go to http://<IP>/froxlor you should see the installation panel.
-
Thank you. I will go through the documentation now.
Signing Emails Via DKIM
in General Discussion
Posted
In DKIM Settings I see this note
So I should use dkim-filter not opendkim?