Jump to content
Froxlor Forum
  • 0
Michael Groß

Kundendomäne verweist auf Root

Question

Hallo,

nachdem ich meinen Froxlor-Server neu aufgesetzt habe, habe ich nun ein anderes komisches Problem.

Ich habe die Konfigurationsschritte vollständig durchgeführt - sicherheitshalber auch zuerst "automatisch" durchführen lassen und danach noch einmal verifiziert.

Lege ich nun einen Kunden an (http://test.computer-stube.com), verweist dies auf den Root des Servers.
Schaue ich in die vHost-Datei, steht dort folgendes:

# 29_froxlor_normal_vhost_test.computer-stube.com.conf
# Created 07.02.2020 16:55
# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.

# Domain ID: 3 - CustomerID: 2 - CustomerLogin: test
<VirtualHost 178.63.105.174:80>
  ServerName test.computer-stube.com
  ServerAlias *.test.computer-stube.com
  ServerAdmin Michael.Gross@mgw94.de
  DocumentRoot "/var/customers/webs/test/"
  FcgidIdleTimeout 30
  SuexecUserGroup "test" "test"
  <Directory "/var/customers/webs/test/">
    <FilesMatch "\.(php)$">
      SetHandler fcgid-script
      FcgidWrapper /var/www/php-fcgi-scripts/test/test.computer-stube.com/php-fcgi-starter .php
      Options +ExecCGI
    </FilesMatch>
    Require all granted
    AllowOverride All
  </Directory>
  LogLevel warn
  ErrorLog "/var/customers/logs/test-error.log"
  CustomLog "/var/customers/logs/test-access.log" combined
</VirtualHost>
# 29_froxlor_ssl_vhost_test.computer-stube.com.conf
# Created 07.02.2020 17:26
# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.

# Domain ID: 3 (SSL) - CustomerID: 2 - CustomerLogin: test
<VirtualHost 178.63.105.174:443>
  ServerName test.computer-stube.com
  ServerAlias *.test.computer-stube.com
  ServerAdmin Michael.Gross@mgw94.de
  SSLEngine On
  SSLProtocol -ALL +TLSv1 +TLSv1.2
  SSLCompression Off
  SSLHonorCipherOrder off
  SSLCipherSuite ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128
  SSLVerifyDepth 10
  SSLCertificateFile /etc/ssl/certs/apache.crt
  SSLCertificateKeyFile /etc/ssl/private/apache.key
  <IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=0"
  </IfModule>
  DocumentRoot "/var/customers/webs/test/"
  FcgidIdleTimeout 30
  SuexecUserGroup "test" "test"
  <Directory "/var/customers/webs/test/">
    <FilesMatch "\.(php)$">
      SetHandler fcgid-script
      FcgidWrapper /var/www/php-fcgi-scripts/test/test.computer-stube.com/php-fcgi-starter .php
      Options +ExecCGI
    </FilesMatch>
    Require all granted
    AllowOverride All
  </Directory>
  LogLevel warn
  ErrorLog "/var/customers/logs/test-error.log"
  CustomLog "/var/customers/logs/test-access.log" combined
</VirtualHost>

Also an sich ist die richtige Konfiguration hinterlegt.

Im Cron ist folgendes konfiguriert:

image.thumb.png.23011181a2c8dee61d4f137dbb876c7f.png

# automatically generated cron-configuration by froxlor
# do not manually edit this file as it will be re-generated periodically.
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
#
*/5 * * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --tasks 1> /dev/null
0 0 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --traffic 1> /dev/null
5 0 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --usage_report 1> /dev/null
0 */6 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --mailboxsize 1> /dev/null
*/5 * * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt 1> /dev/null
10 0 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --backup 1> /dev/null

Auch das manuelle Ausführen mittels "

php /var/www/froxlor/scripts/froxlor_master_cronjob.php --force

bringt bei mir leider keinen Erfolg.

Die Ausgabe vom debug ist wie folgt:

root@lx001:/etc/apache2/sites-enabled# php /var/www/froxlor/scripts/froxlor_master_cronjob.php --force --debug
[information] TasksCron: Searching for tasks to do
[information] Running Let's Encrypt cronjob prior to regenerating webserver config files
[information] Requesting/renewing Let's Encrypt certificates
[information] No new certificates or certificates due for renewal found
[information] apache::createIpPort: creating ip/port settings for  178.63.105.174:80
[notice] 178.63.105.174:80 :: namevirtualhost-statement no longer needed for apache-2.4
[debug] 178.63.105.174:80 :: inserted vhostcontainer
[information] apache::createIpPort: creating ip/port settings for  178.63.105.174:443
[debug] 178.63.105.174:443 :: inserted vhostcontainer
[information] apache::createVirtualHosts: creating vhost container for domain 3, customer test
[information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
[information] apache::writeConfigs: rebuilding /etc/apache2/htpasswd/
[information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
[information] Froxlor\Cron\Http\ApacheFcgi::reload: reloading Froxlor\Cron\Http\ApacheFcgi
[notice] Creating passwd file
[notice] Writing 1 entries to passwd file
[notice] Succesfully wrote passwd file
[notice] Creating group file
[notice] Writing 1 entries to group file
[notice] Succesfully wrote group file
[notice] Creating shadow file
[notice] Writing 1 entries to shadow file
[notice] Succesfully wrote shadow file
[notice] Checking system's last guid

 

Ich fühle mich gerade echt dämlich, kann ja eigentlich nicht so schwer sein, da es eigentlich ja alles nur "Copy+Paste" ist

Das Endverzeichnis wurde jedoch korrekt angelegt:

root@lx001:/var/customers/webs# ls
test
root@lx001:/var/customers/webs# cd test
root@lx001:/var/customers/webs/test# ls
index.html  webalizer

Ich habe zusätzlich zur "Standardkonfiguration" noch libnss-extrausers und FCGID  eingerichtet, da ich ältere PHP Versionen benötige.

Grüße

Michael

Share this post


Link to post
Share on other sites

10 answers to this question

Recommended Posts

  • 0

Das Problem ist gelöst.

Es ist immer gut mit Profis zu schreiben, meißtens denkt man dann noch mal richtig nach und merkt auch, wie dämlich man doch sein kann 😁

Problem war eine falsche Übersetzung auf meiner Firewall - ich habe nun über MySQL die IP-Adressen von Froxlor auf meine privaten Adressen angepasst und auf der Firewall eine Port-Redirection eingerichtet - somit hört der "Froxlor-Server" nun auf die privaten Adressen und die Firewall übersetzt die Kommunikation von "außen" auf die privaten Adressen.

Ich wünsche euch zusammen noch einen schönen Abend 🐨

Share this post


Link to post
Share on other sites
  • 0

Ich habe einmal eine neue Domäne angelegt und den Debug-Befehl ausgeführt - vielleicht hilft das bei der Fehleranalyse mehr:

root@lx001:~# php /var/www/froxlor/scripts/froxlor_master_cronjob.php --force --debug
[information] TasksCron: Searching for tasks to do
[information] Running Let's Encrypt cronjob prior to regenerating webserver config files
[information] Requesting/renewing Let's Encrypt certificates
[information] No new certificates or certificates due for renewal found
[information] apache::createIpPort: creating ip/port settings for  178.63.105.174:80
[notice] 178.63.105.174:80 :: namevirtualhost-statement no longer needed for apache-2.4
[debug] 178.63.105.174:80 :: inserted vhostcontainer
[information] apache::createIpPort: creating ip/port settings for  178.63.105.174:443
[debug] 178.63.105.174:443 :: inserted vhostcontainer
[information] apache::createVirtualHosts: creating vhost container for domain 3, customer test
[information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
[information] apache::writeConfigs: rebuilding /etc/apache2/htpasswd/
[information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
[information] Froxlor\Cron\Http\ApacheFcgi::reload: reloading Froxlor\Cron\Http\ApacheFcgi
[notice] Creating passwd file
[notice] Writing 1 entries to passwd file
[notice] Succesfully wrote passwd file
[notice] Creating group file
[notice] Writing 1 entries to group file
[notice] Succesfully wrote group file
[notice] Creating shadow file
[notice] Writing 1 entries to shadow file
[notice] Succesfully wrote shadow file
[notice] Checking system's last guid
root@lx001:~# cd /var/www
root@lx001:/var/www# ls
froxlor  html  php-fcgi-scripts  webalizer
root@lx001:/var/www# nano index.html
root@lx001:/var/www# php /var/www/froxlor/scripts/froxlor_master_cronjob.php --force --debug
[information] TasksCron: Searching for tasks to do
[information] Running Let's Encrypt cronjob prior to regenerating webserver config files
[information] Requesting/renewing Let's Encrypt certificates
[information] Creating certificate for computer-stube.de
[information] Adding SAN entry: computer-stube.de
[information] Adding SAN entry: www.computer-stube.de
[information] Checking for LetsEncrypt client upgrades before renewing certificates:
[Fri Feb  7 17:18:05 CET 2020] Already uptodate!
[Fri Feb  7 17:18:05 CET 2020] Upgrade success!
[Fri Feb  7 17:18:05 CET 2020] Removing cron job
[Fri Feb  7 17:18:05 CET 2020] Lets find script dir.
[Fri Feb  7 17:18:05 CET 2020] _SCRIPT_='/root/.acme.sh/acme.sh'
[Fri Feb  7 17:18:05 CET 2020] _script='/root/.acme.sh/acme.sh'
[Fri Feb  7 17:18:05 CET 2020] _script_home='/root/.acme.sh'
[Fri Feb  7 17:18:05 CET 2020] Using default home:/root/.acme.sh
[Fri Feb  7 17:18:05 CET 2020] Using config home:/root/.acme.sh
[Fri Feb  7 17:18:05 CET 2020] Using server: https://acme-v02.api.letsencrypt.org/directory
[Fri Feb  7 17:18:05 CET 2020] Running cmd: issue
[Fri Feb  7 17:18:05 CET 2020] _main_domain='computer-stube.de'
[Fri Feb  7 17:18:05 CET 2020] _alt_domains='www.computer-stube.de'
[Fri Feb  7 17:18:05 CET 2020] Using config home:/root/.acme.sh
[Fri Feb  7 17:18:05 CET 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Fri Feb  7 17:18:05 CET 2020] DOMAIN_PATH='/root/.acme.sh/computer-stube.de'
[Fri Feb  7 17:18:05 CET 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Fri Feb  7 17:18:05 CET 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Fri Feb  7 17:18:05 CET 2020] GET
[Fri Feb  7 17:18:05 CET 2020] url='https://acme-v02.api.letsencrypt.org/directory'
[Fri Feb  7 17:18:05 CET 2020] timeout=
[Fri Feb  7 17:18:05 CET 2020] _WGET='wget -q --content-on-error '
[Fri Feb  7 17:18:06 CET 2020] ret='0'
[Fri Feb  7 17:18:06 CET 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Fri Feb  7 17:18:06 CET 2020] ACME_NEW_AUTHZ
[Fri Feb  7 17:18:06 CET 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Fri Feb  7 17:18:06 CET 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Fri Feb  7 17:18:06 CET 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Fri Feb  7 17:18:06 CET 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Fri Feb  7 17:18:06 CET 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Fri Feb  7 17:18:06 CET 2020] ACME_VERSION='2'
[Fri Feb  7 17:18:06 CET 2020] _on_before_issue
[Fri Feb  7 17:18:06 CET 2020] _chk_main_domain='computer-stube.de'
[Fri Feb  7 17:18:06 CET 2020] _chk_alt_domains='www.computer-stube.de'
[Fri Feb  7 17:18:06 CET 2020] Le_LocalAddress
[Fri Feb  7 17:18:06 CET 2020] d='computer-stube.de'
[Fri Feb  7 17:18:06 CET 2020] Check for domain='computer-stube.de'
[Fri Feb  7 17:18:06 CET 2020] _currentRoot='/var/www/froxlor'
[Fri Feb  7 17:18:06 CET 2020] d='www.computer-stube.de'
[Fri Feb  7 17:18:06 CET 2020] Check for domain='www.computer-stube.de'
[Fri Feb  7 17:18:06 CET 2020] _currentRoot='/var/www/froxlor'
[Fri Feb  7 17:18:06 CET 2020] d
[Fri Feb  7 17:18:06 CET 2020] _saved_account_key_hash is not changed, skip register account.
[Fri Feb  7 17:18:06 CET 2020] Read key length:
[Fri Feb  7 17:18:06 CET 2020] Using config home:/root/.acme.sh
[Fri Feb  7 17:18:06 CET 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Fri Feb  7 17:18:06 CET 2020] Use length 4096
[Fri Feb  7 17:18:06 CET 2020] Using RSA: 4096
[Fri Feb  7 17:18:07 CET 2020] _createcsr
[Fri Feb  7 17:18:07 CET 2020] d='www.computer-stube.de'
[Fri Feb  7 17:18:07 CET 2020] d
[Fri Feb  7 17:18:07 CET 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Fri Feb  7 17:18:07 CET 2020] payload='{"identifiers": [{"type":"dns","value":"computer-stube.de"},{"type":"dns","value":"www.computer-stube.de"}]}'
[Fri Feb  7 17:18:07 CET 2020] RSA key
[Fri Feb  7 17:18:07 CET 2020] HEAD
[Fri Feb  7 17:18:07 CET 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Fri Feb  7 17:18:07 CET 2020] _WGET='wget -q --content-on-error  --read-timeout=3.0  --tries=2  '
[Fri Feb  7 17:18:08 CET 2020] Using sed  -i
[Fri Feb  7 17:18:08 CET 2020] _ret='0'
[Fri Feb  7 17:18:08 CET 2020] POST
[Fri Feb  7 17:18:08 CET 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Fri Feb  7 17:18:08 CET 2020] _WGET='wget -q --content-on-error '
[Fri Feb  7 17:18:09 CET 2020] Using sed  -i
[Fri Feb  7 17:18:09 CET 2020] _ret='0'
[Fri Feb  7 17:18:09 CET 2020] code='201'
[Fri Feb  7 17:18:09 CET 2020] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/77610573/2261819785'
[Fri Feb  7 17:18:09 CET 2020] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/77610573/2261819785'
[Fri Feb  7 17:18:09 CET 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2692764387'
[Fri Feb  7 17:18:09 CET 2020] payload
[Fri Feb  7 17:18:09 CET 2020] POST
[Fri Feb  7 17:18:09 CET 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2692764387'
[Fri Feb  7 17:18:09 CET 2020] _WGET='wget -q --content-on-error '
[Fri Feb  7 17:18:09 CET 2020] Using sed  -i
[Fri Feb  7 17:18:09 CET 2020] _ret='0'
[Fri Feb  7 17:18:09 CET 2020] code='200'
[Fri Feb  7 17:18:09 CET 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2692764389'
[Fri Feb  7 17:18:09 CET 2020] payload
[Fri Feb  7 17:18:09 CET 2020] POST
[Fri Feb  7 17:18:09 CET 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2692764389'
[Fri Feb  7 17:18:09 CET 2020] _WGET='wget -q --content-on-error '
[Fri Feb  7 17:18:10 CET 2020] Using sed  -i
[Fri Feb  7 17:18:10 CET 2020] _ret='0'
[Fri Feb  7 17:18:10 CET 2020] code='200'
[Fri Feb  7 17:18:10 CET 2020] d='computer-stube.de'
[Fri Feb  7 17:18:10 CET 2020] _w='/var/www/froxlor'
[Fri Feb  7 17:18:10 CET 2020] _currentRoot='/var/www/froxlor'
[Fri Feb  7 17:18:10 CET 2020] entry='"type":"http-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2692764387/Zr4vJg","token":"3W2LUJnIybfVIpQeWDua70Lto5ak2p80jPYAMgza4ko","validationRecord":[{"url":"http://computer-stube.de/.well-known/acme-challenge/3W2LUJnIybfVIpQeWDua70Lto5ak2p80jPYAMgza4ko","hostname":"computer-stube.de","port":"80","addressesResolved":["104.18.36.68","104.18.37.68","2606:4700:3035::6812:2544","2606:4700:3034::6812:2444"],"addressUsed":"2606:4700:3035::6812:2544"'
[Fri Feb  7 17:18:10 CET 2020] token='3W2LUJnIybfVIpQeWDua70Lto5ak2p80jPYAMgza4ko'
[Fri Feb  7 17:18:10 CET 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2692764387/Zr4vJg'
[Fri Feb  7 17:18:10 CET 2020] keyauthorization='3W2LUJnIybfVIpQeWDua70Lto5ak2p80jPYAMgza4ko.OKvTGZCiYXFMR5VOs2lUQQWSWWjs4FdZcenBpZW-fns'
[Fri Feb  7 17:18:10 CET 2020] computer-stube.de is already verified.
[Fri Feb  7 17:18:10 CET 2020] keyauthorization='verified_ok'
[Fri Feb  7 17:18:10 CET 2020] dvlist='computer-stube.de#verified_ok#https://acme-v02.api.letsencrypt.org/acme/chall-v3/2692764387/Zr4vJg#http-01#/var/www/froxlor'
[Fri Feb  7 17:18:10 CET 2020] d='www.computer-stube.de'
[Fri Feb  7 17:18:10 CET 2020] _w='/var/www/froxlor'
[Fri Feb  7 17:18:10 CET 2020] _currentRoot='/var/www/froxlor'
[Fri Feb  7 17:18:10 CET 2020] entry='"type":"http-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2692764389/zXYeOQ","token":"1vnWiDkopHNzbyQRFHRCNpOoU82g9CO6_apEMZY92Bs","validationRecord":[{"url":"http://www.computer-stube.de/.well-known/acme-challenge/1vnWiDkopHNzbyQRFHRCNpOoU82g9CO6_apEMZY92Bs","hostname":"www.computer-stube.de","port":"80","addressesResolved":["104.18.36.68","104.18.37.68","2606:4700:3034::6812:2444","2606:4700:3035::6812:2544"],"addressUsed":"2606:4700:3034::6812:2444"'
[Fri Feb  7 17:18:10 CET 2020] token='1vnWiDkopHNzbyQRFHRCNpOoU82g9CO6_apEMZY92Bs'
[Fri Feb  7 17:18:10 CET 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2692764389/zXYeOQ'
[Fri Feb  7 17:18:10 CET 2020] keyauthorization='1vnWiDkopHNzbyQRFHRCNpOoU82g9CO6_apEMZY92Bs.OKvTGZCiYXFMR5VOs2lUQQWSWWjs4FdZcenBpZW-fns'
[Fri Feb  7 17:18:10 CET 2020] www.computer-stube.de is already verified.
[Fri Feb  7 17:18:10 CET 2020] keyauthorization='verified_ok'
[Fri Feb  7 17:18:10 CET 2020] dvlist='www.computer-stube.de#verified_ok#https://acme-v02.api.letsencrypt.org/acme/chall-v3/2692764389/zXYeOQ#http-01#/var/www/froxlor'
[Fri Feb  7 17:18:10 CET 2020] d
[Fri Feb  7 17:18:10 CET 2020] vlist='computer-stube.de#verified_ok#https://acme-v02.api.letsencrypt.org/acme/chall-v3/2692764387/Zr4vJg#http-01#/var/www/froxlor,www.computer-stube.de#verified_ok#https://acme-v02.api.letsencrypt.org/acme/chall-v3/2692764389/zXYeOQ#http-01#/var/www/froxlor,'
[Fri Feb  7 17:18:10 CET 2020] d='computer-stube.de'
[Fri Feb  7 17:18:10 CET 2020] computer-stube.de is already verified, skip http-01.
[Fri Feb  7 17:18:10 CET 2020] d='www.computer-stube.de'
[Fri Feb  7 17:18:10 CET 2020] www.computer-stube.de is already verified, skip http-01.
[Fri Feb  7 17:18:10 CET 2020] ok, let's start to verify
[Fri Feb  7 17:18:10 CET 2020] pid
[Fri Feb  7 17:18:10 CET 2020] No need to restore nginx, skip.
[Fri Feb  7 17:18:10 CET 2020] _clearupdns
[Fri Feb  7 17:18:10 CET 2020] dns_entries
[Fri Feb  7 17:18:10 CET 2020] skip dns.
[Fri Feb  7 17:18:10 CET 2020] i='2'
[Fri Feb  7 17:18:10 CET 2020] j='27'
[Fri Feb  7 17:18:10 CET 2020] url='https://acme-v02.api.letsencrypt.org/acme/finalize/77610573/2261819785'
[Fri Feb  7 17:18:10 CET 2020] payload='{"csr": "MIIEtDCCApwCAQAwHDEaMBgGA1UEAwwRY29tcHV0ZXItc3R1YmUuZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCnGgR1w64yp0FCkPf70WHyC1QZfUO07abg-lMLOTNda-zHiq78W4sICc5tBOyvMMwZXIGStwP-AGTxXmJz0uszafZ1EDVR554fiCE2DTFG4L9sfJ4vUPmn1xesxQ66VJJKQxqxXsZqWJ4WK9T21yCP6CfkKqSTAf-EeAEbmD7UQ8wp-VnZXDJ-xmfgx5MviKUKSzjl6f-GB3hQJHHCGM66tTO4pkuKtvBig9Rz-20DQQRyB3DTnrA5h2mT6tyn-igvehbB0-k7lXAUmMIqf5AiDLAy_ebDJgGQtxlY5ammQlJfs4KWR2HF8HxCCSiYojtUrBGfS3R6T1n0IlYHkyiGEZGFeuYiqjoF5tRtHebN-bFr4E2kTF1_-IG9tc9XlzO97g8eF6VLkQlKj3fpWXjYoHP1ZsIM8fsYHb4KbuzbCjMVd4-AAdZAXa9nSTVK_wizHBWZStLwdX4SgAM6ewlvD3D2tdzkCFggKewivipOeJ6h9zLqK6h13sGqQ8QMBE3LMiw_EFANdf6x6I2PUhU4plnYmBxQDz19nJy5fMYj2IOF6HaAC2rf42GPRYRnN6I57mocs0Hll2yndJ5sUMyYWPHtSNBd0FGFBVb3mpQtDuwvOibzosJu0WBfRmcDrxFEQ7W8jm1MQeARKl7MUSc-uM2GURsjZdLE6s5SXfxBywIDAQABoFMwUQYJKoZIhvcNAQkOMUQwQjALBgNVHQ8EBAMCBeAwMwYDVR0RBCwwKoIRY29tcHV0ZXItc3R1YmUuZGWCFXd3dy5jb21wdXRlci1zdHViZS5kZTANBgkqhkiG9w0BAQsFAAOCAgEALVZTJhn12fQ-Vw1sHcaVnPju4oZ3iIi2EhQBJC60EMXTF2e6V7rsv6_BpXnxj9w8A2tlXwVeiOUCBUGx2QxZnZ2YcPJfHY0aLlIeogLPRnhz6CnBvqR4rjtItSjn9YyJCbR8Q_hLuS9KeqY9lp8JwcaK29cN7pd1cd_snpTGjZ-7hJOyUfYJBUAwFa-zU1rwsZBQV8G4DIwwkQktBvIVRBe86UmreEwo7_TH09AJaZhoQ4I0QWJ4pTUGwWkBqZGq3ROSVK60VelcU2nkZCNM138GP_NZTPS0dEE4Kw9Refjn-tt5qoHWLQpIkV8XDmsF6heNHM1kc1b1Rh_N1kAF2j_A4qTNh3V8O4PFMuX3r9tPCtKOs5TrmzDvFoyHP46r5k_hchl-YwMXBI_N5b6jdXkTfLzDgyXYMYvD2pXxwwpQhVBojPWkmEdq6IORfLAGvu8sLykU1ZyyDfiE5UFrP6jfo4nLK9Pa0Oo_RnQt-tzavUh2Ye5X0xck6-KPIZsVZIR5FdgdZ6772oHi4_3XeBVdBsJ_vBc6hhMbyYSqBIXhtlX_UvFAPwtrWnbv-XevUM2859OQeIKwYPUOrnfo_KqPX-B1wm17sGACXL1QV0BiwYOl0-BF5FYFi3MgxV3BFUpJ0vav_rXcNZX8MfXNORtvuyajiiBz0xqxLeYurVA"}'
[Fri Feb  7 17:18:10 CET 2020] POST
[Fri Feb  7 17:18:10 CET 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/finalize/77610573/2261819785'
[Fri Feb  7 17:18:10 CET 2020] _WGET='wget -q --content-on-error '
[Fri Feb  7 17:18:11 CET 2020] Using sed  -i
[Fri Feb  7 17:18:11 CET 2020] _ret='0'
[Fri Feb  7 17:18:11 CET 2020] code='200'
[Fri Feb  7 17:18:11 CET 2020] Order status is valid.
[Fri Feb  7 17:18:11 CET 2020] Le_LinkCert='https://acme-v02.api.letsencrypt.org/acme/cert/0307705f632b0d380143bd0930557dd5769e'
[Fri Feb  7 17:18:11 CET 2020] url='https://acme-v02.api.letsencrypt.org/acme/cert/0307705f632b0d380143bd0930557dd5769e'
[Fri Feb  7 17:18:11 CET 2020] payload
[Fri Feb  7 17:18:11 CET 2020] POST
[Fri Feb  7 17:18:11 CET 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/cert/0307705f632b0d380143bd0930557dd5769e'
[Fri Feb  7 17:18:11 CET 2020] _WGET='wget -q --content-on-error '
[Fri Feb  7 17:18:12 CET 2020] Using sed  -i
[Fri Feb  7 17:18:12 CET 2020] _ret='0'
[Fri Feb  7 17:18:12 CET 2020] code='200'
[Fri Feb  7 17:18:12 CET 2020] Found cert chain
[Fri Feb  7 17:18:12 CET 2020] _end_n='37'
[Fri Feb  7 17:18:12 CET 2020] Le_LinkCert='https://acme-v02.api.letsencrypt.org/acme/cert/0307705f632b0d380143bd0930557dd5769e'
[Fri Feb  7 17:18:12 CET 2020] v2 chain.
[Fri Feb  7 17:18:12 CET 2020] _on_issue_success
[debug] https://github.com/acmesh-official/acme.sh
v2.8.6
[Fri Feb  7 17:18:06 CET 2020] Creating domain key
[Fri Feb  7 17:18:07 CET 2020] The domain key is here: /root/.acme.sh/computer-stube.de/computer-stube.de.key
[Fri Feb  7 17:18:07 CET 2020] Multi domain='DNS:computer-stube.de,DNS:www.computer-stube.de'
[Fri Feb  7 17:18:07 CET 2020] Getting domain auth token for each domain
[Fri Feb  7 17:18:10 CET 2020] Getting webroot for domain='computer-stube.de'
[Fri Feb  7 17:18:10 CET 2020] Getting webroot for domain='www.computer-stube.de'
[Fri Feb  7 17:18:10 CET 2020] computer-stube.de is already verified, skip http-01.
[Fri Feb  7 17:18:10 CET 2020] www.computer-stube.de is already verified, skip http-01.
[Fri Feb  7 17:18:10 CET 2020] Verify finished, start to sign.
[Fri Feb  7 17:18:10 CET 2020] Lets finalize the order, Le_OrderFinalize: https://acme-v02.api.letsencrypt.org/acme/finalize/77610573/2261819785
[Fri Feb  7 17:18:11 CET 2020] Download cert, Le_LinkCert: https://acme-v02.api.letsencrypt.org/acme/cert/0307705f632b0d380143bd0930557dd5769e
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:07:70:5f:63:2b:0d:38:01:43:bd:09:30:55:7d:d5:76:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
        Validity
            Not Before: Feb  7 15:18:11 2020 GMT
            Not After : May  7 15:18:11 2020 GMT
        Subject: CN = computer-stube.de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (4096 bit)
                Modulus:
                    00:a7:1a:04:75:c3:ae:32:a7:41:42:90:f7:fb:d1:
                    61:f2:0b:54:19:7d:43:b4:ed:a6:e0:fa:53:0b:39:
                    33:5d:6b:ec:c7:8a:ae:fc:5b:8b:08:09:ce:6d:04:
                    ec:af:30:cc:19:5c:81:92:b7:03:fe:00:64:f1:5e:
                    62:73:d2:eb:33:69:f6:75:10:35:51:e7:9e:1f:88:
                    21:36:0d:31:46:e0:bf:6c:7c:9e:2f:50:f9:a7:d7:
                    17:ac:c5:0e:ba:54:92:4a:43:1a:b1:5e:c6:6a:58:
                    9e:16:2b:d4:f6:d7:20:8f:e8:27:e4:2a:a4:93:01:
                    ff:84:78:01:1b:98:3e:d4:43:cc:29:f9:59:d9:5c:
                    32:7e:c6:67:e0:c7:93:2f:88:a5:0a:4b:38:e5:e9:
                    ff:86:07:78:50:24:71:c2:18:ce:ba:b5:33:b8:a6:
                    4b:8a:b6:f0:62:83:d4:73:fb:6d:03:41:04:72:07:
                    70:d3:9e:b0:39:87:69:93:ea:dc:a7:fa:28:2f:7a:
                    16:c1:d3:e9:3b:95:70:14:98:c2:2a:7f:90:22:0c:
                    b0:32:fd:e6:c3:26:01:90:b7:19:58:e5:a9:a6:42:
                    52:5f:b3:82:96:47:61:c5:f0:7c:42:09:28:98:a2:
                    3b:54:ac:11:9f:4b:74:7a:4f:59:f4:22:56:07:93:
                    28:86:11:91:85:7a:e6:22:aa:3a:05:e6:d4:6d:1d:
                    e6:cd:f9:b1:6b:e0:4d:a4:4c:5d:7f:f8:81:bd:b5:
                    cf:57:97:33:bd:ee:0f:1e:17:a5:4b:91:09:4a:8f:
                    77:e9:59:78:d8:a0:73:f5:66:c2:0c:f1:fb:18:1d:
                    be:0a:6e:ec:db:0a:33:15:77:8f:80:01:d6:40:5d:
                    af:67:49:35:4a:ff:08:b3:1c:15:99:4a:d2:f0:75:
                    7e:12:80:03:3a:7b:09:6f:0f:70:f6:b5:dc:e4:08:
                    58:20:29:ec:22:be:2a:4e:78:9e:a1:f7:32:ea:2b:
                    a8:75:de:c1:aa:43:c4:0c:04:4d:cb:32:2c:3f:10:
                    50:0d:75:fe:b1:e8:8d:8f:52:15:38:a6:59:d8:98:
                    1c:50:0f:3d:7d:9c:9c:b9:7c:c6:23:d8:83:85:e8:
                    76:80:0b:6a:df:e3:61:8f:45:84:67:37:a2:39:ee:
                    6a:1c:b3:41:e5:97:6c:a7:74:9e:6c:50:cc:98:58:
                    f1:ed:48:d0:5d:d0:51:85:05:56:f7:9a:94:2d:0e:
                    ec:2f:3a:26:f3:a2:c2:6e:d1:60:5f:46:67:03:af:
                    11:44:43:b5:bc:8e:6d:4c:41:e0:11:2a:5e:cc:51:
                    27:3e:b8:cd:86:51:1b:23:65:d2:c4:ea:ce:52:5d:
                    fc:41:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage:
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier:
                FC:3D:0E:91:21:0E:56:A4:92:B2:C9:8A:1A:8C:60:A0:72:D6:76:1B
            X509v3 Authority Key Identifier:
                keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1

            Authority Information Access:
                OCSP - URI:http://ocsp.int-x3.letsencrypt.org
                CA Issuers - URI:http://cert.int-x3.letsencrypt.org/

            X509v3 Subject Alternative Name:
                DNS:computer-stube.de, DNS:www.computer-stube.de
            X509v3 Certificate Policies:
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.44947.1.1.1
                  CPS: http://cps.letsencrypt.org

            CT Precertificate SCTs:
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 5E:A7:73:F9:DF:56:C0:E7:B5:36:48:7D:D0:49:E0:32:
                                7A:91:9A:0C:84:A1:12:12:84:18:75:96:81:71:45:58
                    Timestamp : Feb  7 16:18:11.609 2020 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:9B:62:8C:0B:A1:94:D0:B0:0B:1F:AF:
                                C5:7D:ED:01:7B:27:29:42:FD:02:5A:83:F4:E5:F7:9E:
                                0A:21:E4:F9:D2:02:20:3D:27:82:76:65:35:27:67:84:
                                44:A1:8F:BA:FC:C8:F4:A4:B8:C5:58:2F:7C:AA:3A:52:
                                EC:53:3B:C9:2C:86:F6
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : B2:1E:05:CC:8B:A2:CD:8A:20:4E:87:66:F9:2B:B9:8A:
                                25:20:67:6B:DA:FA:70:E7:B2:49:53:2D:EF:8B:90:5E
                    Timestamp : Feb  7 16:18:11.579 2020 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:C9:AC:90:37:78:78:07:EA:57:44:70:
                                B2:56:A5:51:4F:B5:FE:0B:3D:3E:D6:39:83:70:EB:3F:
                                D7:B8:FF:F0:BF:02:20:3F:BB:27:BD:1D:3C:AA:5F:58:
                                D2:39:4F:49:EE:94:90:34:88:47:A5:8F:7D:DB:07:CB:
                                D6:D8:52:5D:20:17:D5
    Signature Algorithm: sha256WithRSAEncryption
         32:12:b1:ef:43:c1:b2:1f:f1:36:9b:96:7d:34:24:1b:f9:cf:
         df:a7:6d:8c:22:17:67:1b:a2:3c:f9:79:1a:a8:cc:a7:a8:cf:
         01:e0:72:9c:1c:16:2b:b0:fc:bd:45:86:0f:fe:57:47:e8:2d:
         a1:c9:d6:78:a6:b6:fe:fb:00:31:e7:3f:21:f5:79:6f:e3:88:
         17:6a:04:eb:1a:38:8c:65:9f:4a:6d:ab:e0:17:04:c5:92:97:
         bd:82:cb:31:71:35:e4:c4:69:78:e1:65:f8:35:cb:20:91:c4:
         e5:e6:ce:64:ba:5e:17:b7:60:9a:89:0d:41:c2:03:3f:d0:40:
         2a:d4:33:51:85:f4:d9:bc:25:bc:39:63:fb:5d:f9:c7:86:20:
         ec:8c:9e:2a:57:aa:8e:81:1a:71:99:44:c7:0d:2e:5c:12:b6:
         c8:ec:48:ef:20:68:91:0e:0c:ad:8e:a1:45:db:d5:54:98:1b:
         84:da:25:cf:9c:9e:e4:38:a6:f3:b9:09:61:21:5c:83:84:dc:
         94:b7:59:67:62:e3:f3:37:49:63:f4:24:2f:a9:0c:71:e5:1f:
         ec:97:1d:c9:0c:ad:6c:7b:59:54:7f:45:fa:cb:38:81:28:ba:
         05:e5:7d:32:fd:42:4b:ed:5e:fc:f4:5c:c3:41:36:a3:c0:9f:
         69:3a:00:59
[Fri Feb  7 17:18:12 CET 2020] Cert success.
-----BEGIN CERTIFICATE-----
MIIGcTCCBVmgAwIBAgISAwdwX2MrDTgBQ70JMFV91XaeMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMDcxNTE4MTFaFw0y
MDA1MDcxNTE4MTFaMBwxGjAYBgNVBAMTEWNvbXB1dGVyLXN0dWJlLmRlMIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApxoEdcOuMqdBQpD3+9Fh8gtUGX1D
tO2m4PpTCzkzXWvsx4qu/FuLCAnObQTsrzDMGVyBkrcD/gBk8V5ic9LrM2n2dRA1
UeeeH4ghNg0xRuC/bHyeL1D5p9cXrMUOulSSSkMasV7GalieFivU9tcgj+gn5Cqk
kwH/hHgBG5g+1EPMKflZ2VwyfsZn4MeTL4ilCks45en/hgd4UCRxwhjOurUzuKZL
irbwYoPUc/ttA0EEcgdw056wOYdpk+rcp/ooL3oWwdPpO5VwFJjCKn+QIgywMv3m
wyYBkLcZWOWppkJSX7OClkdhxfB8QgkomKI7VKwRn0t0ek9Z9CJWB5MohhGRhXrm
Iqo6BebUbR3mzfmxa+BNpExdf/iBvbXPV5czve4PHhelS5EJSo936Vl42KBz9WbC
DPH7GB2+Cm7s2wozFXePgAHWQF2vZ0k1Sv8IsxwVmUrS8HV+EoADOnsJbw9w9rXc
5AhYICnsIr4qTnieofcy6iuodd7BqkPEDARNyzIsPxBQDXX+seiNj1IVOKZZ2Jgc
UA89fZycuXzGI9iDheh2gAtq3+Nhj0WEZzeiOe5qHLNB5Zdsp3SebFDMmFjx7UjQ
XdBRhQVW95qULQ7sLzom86LCbtFgX0ZnA68RREO1vI5tTEHgESpezFEnPrjNhlEb
I2XSxOrOUl38QcsCAwEAAaOCAn0wggJ5MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
/D0OkSEOVqSSssmKGoxgoHLWdhswHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl
7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5p
bnQteDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5p
bnQteDMubGV0c2VuY3J5cHQub3JnLzAzBgNVHREELDAqghFjb21wdXRlci1zdHVi
ZS5kZYIVd3d3LmNvbXB1dGVyLXN0dWJlLmRlMEwGA1UdIARFMEMwCAYGZ4EMAQIB
MDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2Vu
Y3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAXqdz+d9WwOe1Nkh9
0EngMnqRmgyEoRIShBh1loFxRVgAAAFwIHHEGQAABAMARzBFAiEAm2KMC6GU0LAL
H6/Ffe0BeycpQv0CWoP05feeCiHk+dICID0ngnZlNSdnhEShj7r8yPSkuMVYL3yq
OlLsUzvJLIb2AHYAsh4FzIuizYogTodm+Su5iiUgZ2va+nDnsklTLe+LkF4AAAFw
IHHD+wAABAMARzBFAiEAyayQN3h4B+pXRHCyVqVRT7X+Cz0+1jmDcOs/17j/8L8C
ID+7J70dPKpfWNI5T0nulJA0iEelj33bB8vW2FJdIBfVMA0GCSqGSIb3DQEBCwUA
A4IBAQAyErHvQ8GyH/E2m5Z9NCQb+c/fp22MIhdnG6I8+XkaqMynqM8B4HKcHBYr
sPy9RYYP/ldH6C2hydZ4prb++wAx5z8h9Xlv44gXagTrGjiMZZ9KbavgFwTFkpe9
gssxcTXkxGl44WX4NcsgkcTl5s5kul4Xt2CaiQ1BwgM/0EAq1DNRhfTZvCW8OWP7
XfnHhiDsjJ4qV6qOgRpxmUTHDS5cErbI7EjvIGiRDgytjqFF29VUmBuE2iXPnJ7k
OKbzuQlhIVyDhNyUt1lnYuPzN0lj9CQvqQxx5R/slx3JDK1se1lUf0X6yziBKLoF
5X0y/UJL7V789FzDQTajwJ9pOgBZ
-----END CERTIFICATE-----
[Fri Feb  7 17:18:12 CET 2020] Your cert is in  /root/.acme.sh/computer-stube.de/computer-stube.de.cer
[Fri Feb  7 17:18:12 CET 2020] Your cert key is in  /root/.acme.sh/computer-stube.de/computer-stube.de.key
[Fri Feb  7 17:18:12 CET 2020] The intermediate CA cert is in  /root/.acme.sh/computer-stube.de/ca.cer
[Fri Feb  7 17:18:12 CET 2020] And the full chain certs is there:  /root/.acme.sh/computer-stube.de/fullchain.cer
[information] Updated Let's Encrypt certificate for computer-stube.de
[information] Let's Encrypt certificates have been updated
[information] apache::createIpPort: creating ip/port settings for  178.63.105.174:80
[notice] 178.63.105.174:80 :: namevirtualhost-statement no longer needed for apache-2.4
[debug] 178.63.105.174:80 :: inserted vhostcontainer
[information] apache::createIpPort: creating ip/port settings for  178.63.105.174:443
[debug] 178.63.105.174:443 :: inserted vhostcontainer
[information] apache::createVirtualHosts: creating vhost container for domain 4, customer test
[information] apache::createVirtualHosts: creating vhost container for domain 3, customer test
[information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
[information] apache::writeConfigs: rebuilding /etc/apache2/htpasswd/
[information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
[information] Froxlor\Cron\Http\ApacheFcgi::reload: reloading Froxlor\Cron\Http\ApacheFcgi
[notice] Creating passwd file
[notice] Writing 1 entries to passwd file
[notice] Succesfully wrote passwd file
[notice] Creating group file
[notice] Writing 1 entries to group file
[notice] Succesfully wrote group file
[notice] Creating shadow file
[notice] Writing 1 entries to shadow file
[notice] Succesfully wrote shadow file
[notice] Checking system's last guid

 

Was mir nun noch aufgefallen ist:

image.thumb.png.37090bc4326214746469764b349e36df.png

Diese beiden Verzeichnisse gibt es bei mir nicht.

Share this post


Link to post
Share on other sites
  • 0

Was bedeutet für dich denn "zeigt auf root"? Also die vhosts sehen korrekt aus. Wenn du jetzt die domain aufrufst landest du also nicht in dem Kundenordner sondern auf /var/www/? 

Was ich dir jetzt schon sagen kann, computer-stube.de zeigt laut nameserver auf 104.18.37.68 und 104.18.36.68, so wie 2606:4700:3034::6812:2444 und 2606:4700:3035::6812:2544 aber offenbar in keinem fall auf 178.63.105.174 - da wird auch schon dein problem liegen. Die domain test.computer-stube.de allerdings zeigt tatsächlich auf die 178.63.105.174; wie du da jetzt für "computer-stube.de" von Let's Encrypt ein Zertifikat bekommen konntest ist mir ein Rätsel. Hört dein Server ggfls auf all diese IPs???

Share this post


Link to post
Share on other sites
  • 0

Hi d00p,

ich nutze Cloudflare als DNS Server - diesbezüglich versteckt dieser auch meine tatsächliche IP Adresse unter Anderem hinter der 104.18. ....

Der Seitenaufruf verweist immer auf das Admin-Login-Fenster (/var/www/froxlor/) - das wollte ich mit "root" aussagen 😄

Grüße

Michael

Share this post


Link to post
Share on other sites
  • 0

joa, und warum ist dann die 104.18. usw. nicht in froxlor eingetragen? Webserver bekommt gesagt: gib ma vhost für domain xyz auf 104.18.x.x und der webserver sacht: kenn ich nicht und zeigt den erstbesten vhost an den er kennt - ergo "root" :)

Share this post


Link to post
Share on other sites
  • 0

Kann ich dir ausm stehgreif nicht sagen, es gibt 1000 fehler die man machen kann :)

Share this post


Link to post
Share on other sites
  • 0

Hi,

wo hat es denn gehackt?
Ich versuche auch einem ähnlichen Problem auf die Schliche zu kommen.

Die 35_...conf werden angelegt aber der Apache ignoriert den Inhalt irgendwie...

Zum Vergleich: diese Domain leitet mich direkt zur Froxlor Oberfläche (Php-fpm, froxlor VHost direkt erreichbar, ...)

# 35_froxlor_ssl_vhost_www2.domain.at.conf
# Created 20.02.2020 15:47
# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.

# Domain ID: 6 (SSL) - CustomerID: 2 - CustomerLogin: domain
<VirtualHost 178.Z.X.Y:443>
  ServerName www2.domain.at
  ServerAdmin info@domain.at
  SSLEngine On
  SSLProtocol -ALL +TLSv1.2
  Protocols h2 http/1.1
  SSLCompression Off
  SSLSessionTickets on
  SSLHonorCipherOrder off
  SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
  SSLVerifyDepth 10
  SSLCertificateFile /etc/ssl/froxlor-custom/www2.domain.at.crt
  SSLCertificateKeyFile /etc/ssl/froxlor-custom/www2.domain.at.key
  SSLCACertificateFile /etc/ssl/froxlor-custom/www2.domain.at_CA.pem
  SSLCertificateChainFile /etc/ssl/froxlor-custom/www2.domain.at_chain.pem
  <IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=0"
  </IfModule>
  DocumentRoot "/var/customers/webs/domain/www2.domain.at/"
  <FilesMatch \.(php)$>
  SetHandler proxy:unix:/var/lib/apache2/fastcgi/1-domain-www2.domain.at-php-fpm.socket|fcgi://localhost
  </FilesMatch>
  <Directory "/var/customers/webs/domain/www2.domain.at/">
    Require all granted
    AllowOverride All
  </Directory>
  Alias /webalizer "/var/customers/webs/domain/webalizer/www2.domain.at"
  LogLevel debug
  ErrorLog "/var/customers/logs/domain-www2.domain.at-error.log"
  CustomLog "/var/customers/logs/domain-www2.domain.at-access.log" combined
</VirtualHost>

Diese bringt mich zum Ziel:

# 35_froxlor_ssl_vhost_1.domain2.com.conf
# Created 20.02.2020 15:47
# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.

# Domain ID: 2 (SSL) - CustomerID: 1 - CustomerLogin: domain2
<VirtualHost 178.Z.X.Y:443>
  ServerName 1.domain2.com
  ServerAdmin domain2.name@icloud.com
  SSLEngine On
  SSLProtocol -ALL +TLSv1.2
  Protocols h2 http/1.1
  SSLCompression Off
  SSLSessionTickets on
  SSLHonorCipherOrder off
  SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
  SSLVerifyDepth 10
  SSLCertificateFile /etc/ssl/froxlor-custom/1.domain2.com.crt
  SSLCertificateKeyFile /etc/ssl/froxlor-custom/1.domain2.com.key
  SSLCACertificateFile /etc/ssl/froxlor-custom/1.domain2.com_CA.pem
  SSLCertificateChainFile /etc/ssl/froxlor-custom/1.domain2.com_chain.pem
  <IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=0"
  </IfModule>
  DocumentRoot "/var/customers/webs/domain2/1.domain2.com/"
  <FilesMatch \.(php)$>
  SetHandler proxy:unix:/var/lib/apache2/fastcgi/1-domain2-1.domain2.com-php-fpm.socket|fcgi://localhost
  </FilesMatch>
  <Directory "/var/customers/webs/domain2/1.domain2.com/">
    Require all granted
    AllowOverride All
  </Directory>
  Alias /webalizer "/var/customers/webs/domain2/webalizer/1.domain2.com"
  LogLevel debug
  ErrorLog "/var/customers/logs/domain2-1.domain2.com-error.log"
  CustomLog "/var/customers/logs/domain2-1.domain2.com-access.log" combined
</VirtualHost>

Und noch die ipandport config:

# 10_froxlor_ipandport_178.Z.X.Y.443.conf
# Created 20.02.2020 15:47
# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.

<VirtualHost 178.Z.X.Y:443>
DocumentRoot "/var/www/froxlor/"
 ServerName panel.domain.eu
  <FilesMatch \.(php)$>
  SetHandler proxy:unix:/var/lib/apache2/fastcgi/3-froxlor.panel-panel.domain.eu-php-fpm.socket|fcgi://localhost
  </FilesMatch>
 SSLEngine On
 SSLProtocol -ALL +TLSv1.2
 Protocols h2 http/1.1
 SSLCompression Off
 SSLSessionTickets on
 SSLHonorCipherOrder off
 SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
 SSLVerifyDepth 10
 SSLCertificateFile /etc/ssl/froxlor-custom/panel.domain.eu.crt
 SSLCertificateKeyFile /etc/ssl/froxlor-custom/panel.domain.eu.key
 SSLCACertificateFile /etc/ssl/froxlor-custom/panel.domain.eu_CA.pem
 SSLCertificateChainFile /etc/ssl/froxlor-custom/panel.domain.eu_chain.pem
</VirtualHost>

Welche Logfiles wären interessant? Die Customer Logs zeigen nichts. (Also kein Inhalt)

Danke!

LG

Share this post


Link to post
Share on other sites
  • 0

😜 Jetzt geht es. Habe ca. 100x den cronjob gestartet und apache neu gestartet und php und und und. Aber keine Änderung.

Nachdem ich hier gepostet habe geht es plötzlich.

Also: Mark as solved

Thx

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • By Marcel -//- AdSoleWare
      Hello.
      I manually installed Froxlor on Debian 8 and tried setting up. i installed php 7.3 in as it was the only missing point. i restarted apache2 and now it wont start. I need help
       
      Error Log:
       
    • By Schutzgeist
      Hallo, 
      vielleicht kann mir jemand hier ja einen kleinen Tipp geben.
      Es ist mehr eine nginx-Konfiguration. 
      PHP-404-Rückmeldungen sollen "sauber" an Joomla übergeben werden.
       
      Mein 'Froxlor-Standardvhost sieht wie folgt aus

      Allerdings kann ich über das Joomla eigene REDIRECT Modul keine .php - Erweiterungen intern umleiten. 
      Anstatt  die joomla-eigene 404 Seite zu erhalten, bekomme ich die von nginx, da  die Abfrage hier als erstes ausgeführt wird. 
      Also habe ich meine vhost stümperhaft umgeschrieben, s.d. ein Teil seinen Soll erfüllt. 

      Teilweise kann ich nun die Redirects über Joomla verwalten lassen, aber oft erhalte ich LOOPs, da ich ja immer auf die index.php verweise. 
      So, warum nutze ich nicht die nginx-Weiterleitungen ? 

      Ich nutze ein Multi-Sitemodul  sowie ein Modul, um eine php-Endung  zu simulieren. 
      Beide haben mit meiner und der Standardvhost-Konfiguration leichte Schwierigkeiten. 

       
      Welche Vhost-Anpassungen nutzt ihr bei Eurer Joomla-Webseite ? 
      Der Fehler sitzt vermutlich 30 cm vor meinem Bildschirm. 
      Innerhalb meiner letzten 30 Versuche habe ich wohl  oft alte Cache-Webseiten geladen und ggf. die richtige Konfig übersehen.
       

       
       
       
       
       
    • By irisdina
      Warning, this is not an official guide!!!
      1.
      sudo mv /etc/apt/source.list /etc/apt/source.list.bak 1a. Create new Source.list
      sudo nano /etc/apt/source.list 1b.  insert (for Debian Stretch)
      1.2B (for Ubuntu Cosmic)
       
      1c. 
      sudo apt update && sudo apt dist-upgrade && sudo apt autoclean && sudo apt autoremove 1d. 
      sudo apt install curl wget apt-transport-https dirmngr git software-properties-common Now you can start setting up your server
      2. MariaDB install
      Warning use sudo command für this install!
      sudo apt install mariadb-server mariadb-client 2a. MariaDB 10.3 Workround (Optional)
      3. nginx install
      sudo apt install nginx 3a. 
      mkdir /etc/nginx/sites-available mkdir /etc/nginx/sites-enabled 3b. nano /etc/nginx/nginx.conf
      4. PHP install
      sudo apt-get -y install php7.3-fpm php7.3-mysql php7.3-curl php7.3-gd php7.3-intl php-pear php-imagick php7.3-imap php-memcache php7.3-pspell php7.3-recode php7.3-sqlite3 php7.3-tidy php7.3-xmlrpc php7.3-xsl php7.3-mbstring php-gettext php7.3-mysql php7.3-curl php7.3-gd php7.3-intl php-pear php-imagick php7.3-imap php-memcache php7.3-memcached php7.3-pspell php7.3-recode php7.3-sqlite3 php7.3-tidy php7.3-xmlrpc php7.3-xsl php7.3-mbstring php-gettext php7.3-fpm php7.3-cli php7.3-cgi php-bcmath php-zip php7.3-fpm php7.3-curl php7.3-gd php7.3-mysql php7.3-mbstring php7.3-zip php7.3-bcmath zip unzip 4a. 
      sudo service nginx restart sudo service php7.3-fpm restart Froxlor install
      There are two ways to get Froxlor. Stable (wget) and Beta Build (git / Master)
      Stable Version
      1. 
      cd /var/www/html/ 1a. 
      sudo https://files.froxlor.org/releases/froxlor-latest.tar.gz && sudo tar xzfv froxlor-latest.tar.gz or
      Git Version (Beta Version)
      sudo git clone https://github.com/Froxlor/Froxlor.git && sudo chown -HR www-data:www-data Froxlor/ sudo apt install composer  su - www-data -s /bin/bash cd /var/www/html/Froxlor/ 1a(2). Composer install in your Froxlor directory
      composer install --no-dev 1b. 
      sudo chown -R www-data:www-data Froxlor/ Set up Froxlor
      2. Open Your Browser
      2a.
      http://your IP or Hostname/Froxlor
       

      Install Froxlor finish
       3d. Move userdata (Optional) 
      sudo mv /tmp/userdata.inc.php /var/www/html/Froxlor/lib/ 2c. 
      sudo rm /etc/nginx/site-enable/default don't restart nginx!
      Froxlor Settings
      1. Cronjob
      sudo nano /etc/cron.d/froxlor insert 
      # # Set PATH, otherwise restart-scripts won't find start-stop-daemon # PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin # # Regular cron jobs for the froxlor package # # Please check that all following paths are correct # */5 * * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/html/Froxlor/scripts/froxlor_master_cronjob.php sudo chmod 0640 "/etc/cron.d/froxlor" sudo chown root:0 "/etc/cron.d/froxlor" sudo service cron restart 2. Nginx PHP Backend
      Settings > Webserver settings > Nginx PHP backend
      from 127.0.0.1:8888 to unix:/run/php/php7.3-fpm.sock
      3. 
      sudo mkdir -p /var/customers/webs/ sudo mkdir -p /var/customers/logs/ sudo mkdir -p /var/customers/tmp sudo chmod 1777 /var/customers/tmp sudo service nginx restart 4. IPs and Ports > Add IP/Port

      2a(1), SSL Port



      Wait 5min for Autimatic Start Froxlor's cronjob or start the cronjob manually
      sudo php /var/www/html/Froxlor/scripts/froxlor_master_cronjob.php --force --debug Optional
      PHP-FPM activate
      1. User/Group add
      sudo adduser froxlorlocal --disabled-password --no-create-home && sudo usermod -a -G www-data froxlorlocal 2. libnss-extrausers install 
      sudo apt install nscd libnss-extrausers sudo mkdir -p /var/lib/extrausers sudo touch /var/lib/extrausers/{passwd,group,shadow} sudo mv "/etc/nsswitch.conf" "/etc/nsswitch.conf.frx.bak" sudo nano /etc/nsswitch.conf # Make sure that `passwd`, `group` and `shadow` have mysql in their lines # You should place mysql at the end, so that it is queried after the other mechanisams # passwd: compat extrausers group: compat extrausers shadow: compat extrausers hosts: files dns networks: files dns services: db files protocols: db files rpc: db files ethers: db files netmasks: files netgroup: files bootparams: files automount: files aliases: files sudo service nscd restart sudo nscd --invalidate=group 2a. Settings > System settings > Activate > Use libnss-extrausers instead of libnss-mysql

      3. Settings > PHP-FPM > Activated:
      Change from NO to YES
      3a. PHP-FPM versions
      Change > php-fpm restart command:
      service php7.3-fpm restart and
      Configuration directory of php-fpm: > to 
      /etc/php/7.3/fpm/pool.d/ 3b. Settings > Froxlor VirtualHost settings > Activate > Enable PHP-FPM for the Froxlor vHost

      3c. 
      sudo chown -HR froxlorlocal:froxlorlocal /var/www/html/Froxlor SSL / Let's Encrypt activate
      1.
      sudo apt install certbot 1a. 
      sudo mkdir /etc/nginx/ssl && cd /etc/nginx/ssl 1b. Create SSL File
      sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt 1c. 
      sudo nano /etc/nginx/acme.conf insert
      location /.well-known/acme-challenge { alias /var/www/html/Froxlor/.well-known/acme-challenge; location ~ /.well-known/acme-challenge/(.*) { default_type text/plain; } }  
      2. Open your  Froxlor Panel
      Settings> SSL > Activated:
      Change from NO to YES
      2a. Settings > SSL > Settings
      Change your path from your certificate / Keyfile
      Path to the SSL certificate
      insert
      /etc/nginx/ssl/nginx.crt Path to the SSL Keyfile
      insert
      /etc/nginx/ssl/nginx.key 2b. Settings > SSL > Settings
      Activate > Enable Let's Encrypt

      Change Path to the acme.conf snippet to > 
      /etc/nginx/acme.conf 2c. Activate on Settings > Froxlor VirtualHost settings
      - Enable Let's Encrypt for the froxlor vhost
      - Enable SSL-redirect for the froxlor vhost
      - HTTP Strict Transport Security (HSTS)
      - Include HSTS for any subdomain






      2d. Activated HTTP2 Support on > Settings > Nginx
       
    • By tmuecksch
      Guten Tag,
      ich habe einen Debian 9 Server mit Froxlor und Apache2 am laufen. Wenn ich mit dem Kunden FTP Zugang Dateien hochlade haben diese Ordnungsgemäß das ownership 10000:10000.
      Wenn jedoch in der PHP-Weboberfläche eine Datei hochgeladen wird, wird diese mit dem ownership www-data:www-data hochgeladen. Liegt hier ein Konfigurationsfehler vor oder ist das Verhalten sogar so gewünscht? Ich kann den Fehler leider nicht entdecken. Das Problem ist nur, dass das PHP-Script dann eine Permission Denied Fehlermeldung wirft, wenn versucht wird die Datei zu lesen.
       
      Liebe Grüße
      tmuecksch
    • By LostNIL
      Greetings,
      I have Froxlor installed with PHP7.2 and need to install/enable PHP7.2-fpm. I've reviewed the wiki, The Froxlor YouTube video on the subject, and reviewed/completed the instructions within the Panel > Configuration > DB Jessie > Other > FPM and am having difficulties getting the panel to work with FPM. 
      All available instructions are written for PHP5 and when I complete the instructions and substitute PHP7.2, when the panel generates configurations there are syntax errors and the websites go down. 
       
      Does anyone have any pointers or updated instructions on enabling FPM/PHP7+ with Froxlor. 
×
×
  • Create New...