Jump to content
Froxlor Forum
  • 0

"Rebuilding webserver-configuration" loop


negrusti

Question

Rebuilding webserver-configuration happens every 5 minutes for hours, causing nginx and php-fpm reloads.
Confirmed by checking the timestamps of the conf files for nginx and php-fpm.
Froxlor Installed version:    0.10.10 (DB: 201912100), this installation has been upgraded multiple times.
How do I debug this?
Nothing relevant in System log.

Thanks!

Link to comment
Share on other sites

13 answers to this question

Recommended Posts

  • 0
20 minutes ago, Tealk said:

I have mentioned the same problem in German before.

And where would that be please? Don't see anything that fits the behaviour described here

 

24 minutes ago, negrusti said:

Rebuilding webserver-configuration happens every 5 minutes for hours, causing nginx and php-fpm reloads.
Confirmed by checking the timestamps of the conf files for nginx and php-fpm.

Please paste your /etc/cron.d/froxlor file

Link to comment
Share on other sites

  • 0

It might be related to this:

Could not get Let's Encrypt certificate for <redacted domain>: [Wed Jan 15 15:50:04 UTC 2020] Creating domain key [Wed Jan 15 15:50:06 UTC 2020] The domain key is here: /root/.acme.sh/<redacted domain>/<redacted domain>.key [Wed Jan 15 15:50:06 UTC 2020] Multi domain='DNS:<redacted domain>,DNS:www.<redacted domain>' [Wed Jan 15 15:50:06 UTC 2020] Getting domain auth token for each domain [Wed Jan 15 15:50:10 UTC 2020] Getting webroot for domain='<redacted domain>' [Wed Jan 15 15:50:10 UTC 2020] Getting webroot for domain='www.<redacted domain>' [Wed Jan 15 15:50:10 UTC 2020] <redacted domain> is already verified, skip http-01. [Wed Jan 15 15:50:10 UTC 2020] Verifying: www.<redacted domain>

And that happened because www. wasn't pointed to the server.
However this should not create reconfiguration loop.

Link to comment
Share on other sites

  • 0
5 minutes ago, d00p said:

And where would that be please? Don't see anything that fits the behaviour described here

 

Please paste your /etc/cron.d/froxlor file

*/5 * * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --tasks 1> /dev/null
*/5 * * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt 1> /dev/null

other task types are disabled

Link to comment
Share on other sites

  • 0

well, of course it loops then, because there is still a task to be done (getting the certificate). A correct DNS is your job as an admin, because cannot "guess" whether this is intended or by accident and "should I skip this now? Or keep trying?"

Link to comment
Share on other sites

  • 0
5 minutes ago, d00p said:

well, of course it loops then, because there is still a task to be done (getting the certificate). A correct DNS is your job as an admin, because cannot "guess" whether this is intended or by accident and "should I skip this now? Or keep trying?"

As I understand obtaining the certificate is the job of a separate task. Why should it rebuild the whole config if the certificate issuance failed?

Link to comment
Share on other sites

  • 0

Considering the default PHP configuration command
service phpX.X-fpm restart
which is executed after config rebuild,
this leads to site outages every 5 minutes on a busy server.
Changing restart to reload mitigates the risk of customers forgetting to set site alias to none, as happened in my case.

Link to comment
Share on other sites

  • 0
31 minutes ago, negrusti said:

As I understand obtaining the certificate is the job of a separate task. Why should it rebuild the whole config if the certificate issuance failed?

This has been included in the tasks job, as re-creation of vhosts is required after certificate issue/renew

28 minutes ago, negrusti said:

Changing restart to reload mitigates the risk of customers forgetting to set site alias to none, as happened in my case.

I remember a time where there was no "reload" for php-fpm...might has changed. But as this is a setting, you are free to adjust as needed.

Link to comment
Share on other sites

  • 0
23 minutes ago, d00p said:

This has been included in the tasks job, as re-creation of vhosts is required after certificate issue/renew

I remember a time where there was no "reload" for php-fpm...might has changed. But as this is a setting, you are free to adjust as needed.

kill -USR2 [php-fpm PID] is there for more than 7 years AFAIK 

Link to comment
Share on other sites

  • 0

well then, just open an issue on github or even a PullRequest so we can change the default from restart to reload - if i remember correctly, reload will fail if no such process is currently running/active - that again would mean the sysadmin needs to ensure it has been started before froxlor can take over - and having reload as default will definetly open lots of new threads with errors: phpX.Y-fpm.service is not active, cannot reload. which is not really what we want

Link to comment
Share on other sites

  • 0
2 hours ago, d00p said:

And where would that be please? Don't see anything that fits the behaviour described here

The post where you said it didn't fit in here.

I'm not sure if something is really happening or if it's just the text.

Link to comment
Share on other sites

  • 0

b

1 minute ago, Tealk said:

The post where you said it didn't fit in here.

I'm not sure if something is really happening or if it's just the text.

So why dont you just LINK the topic? The post i say it didnt fit here was THIS post here, see 

 

3 minutes ago, Tealk said:

I'm not sure if something is really happening or if it's just the text.

??? Don't even know what this is supposed to mean

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×
×
  • Create New...