Learn about Centmin Mod LEMP Stack today
Register Now

Install Installer incompleted Nginx

Discussion in 'Install & Upgrades or Pre-Install Questions' started by atomi, Dec 26, 2023.

Tags:
  1. atomi

    atomi Member

    36
    10
    8
    Jul 14, 2018
    Ratings:
    +23
    Local Time:
    10:06 PM
    1.27.x
    10
    • CentOS Version: CentOS 7.9 64bit
    • Centmin Mod Version Installed: 130.00beta01.b500
    • Nginx Version Installed: 1.25.3
    • PHP Version Installed: 7.4.33
    I've had weird issues lately with my fresh CMM installs. In the first run CMM doesnt install H2 and H3 modules but after install if I run nginx upgrade without touching anything, it will install those.
    Nginx works fine after the first install but I would like to use H2&H3 so everytime I have to recompile nginx. It would nice to have proper nginx with installer


    Nginx first install:
    Code (Text):
    nginx version: nginx/1.25.3 (251223-202007-centos7-kvm-1eae350-br-6e975bc)
    built by gcc 11.2.1 20220127 (Red Hat 11.2.1-9) (GCC)
    built with OpenSSL 1.1.1u+quic  30 May 2023
    TLS SNI support enabled
    configure arguments: --with-ld-opt='-Wl,-E -L/opt/openssl-quic/lib -lssl -lcrypto -L/usr/local/zlib-cf/lib -L/usr/local/nginx-dep/lib -ljemalloc -Wl,-z,relro,-z,now -Wl,-rpath,/opt/openssl-quic/lib:/usr/local/zlib-cf/lib:/usr/local/nginx-dep/lib -pie -flto=1 -fuse-ld=gold' --with-cc-opt='-I/opt/openssl-quic/include -I/usr/local/zlib-cf/include -I/usr/local/nginx-dep/include -m64 -march=native -fPIC -g -O2 -fstack-protector-strong -flto=1 -fuse-ld=gold --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wno-pointer-sign -Wimplicit-fallthrough=0 -Wno-missing-profile -Wno-implicit-function-declaration -Wno-int-conversion -Wno-unused-result -Wno-unused-result -Wno-vla-parameter -Wno-stringop-overflow -fcode-hoisting -Wno-cast-function-type -Wno-format-extra-args -Wno-vla-parameter -Wno-stringop-overflow -Wp,-D_FORTIFY_SOURCE=2' --sbin-path=/usr/local/sbin/nginx --conf-path=/usr/local/nginx/conf/nginx.conf --build=251223-202007-centos7-kvm-1eae350-br-6e975bc --with-compat --with-http_stub_status_module --with-http_secure_link_module --with-libatomic --with-http_gzip_static_module --add-dynamic-module=../ngx_brotli --with-http_geoip_module --with-stream_geoip_module --with-stream_realip_module --with-threads --with-stream --with-stream_ssl_module --with-http_realip_module --add-dynamic-module=../ngx-fancyindex-0.4.2 --add-module=../ngx_cache_purge-2.5.1 --add-dynamic-module=../headers-more-nginx-module-0.34 --with-pcre-jit --with-zlib=../zlib-cloudflare-1.3.3 --with-zlib-opt=-fPIC --with-http_ssl_module --with-openssl=../openssl-1.1.1w
    


    Nginx second results:
    Code (Text):
    nginx version: nginx/1.25.3 (261223-061445-centos7-kvm-1eae350-br-6e975bc)
    built by gcc 11.2.1 20220127 (Red Hat 11.2.1-9) (GCC)
    built with OpenSSL 1.1.1u+quic  30 May 2023
    TLS SNI support enabled
    configure arguments: --with-ld-opt='-Wl,-E -L/opt/openssl-quic/lib -lssl -lcrypto -L/usr/local/zlib-cf/lib -L/usr/local/nginx-dep/lib -lpcre2-8 -ljemalloc -Wl,-z,relro,-z,now -Wl,-rpath,/opt/openssl-quic/lib:/usr/local/nginx-dep/lib:/usr/local/zlib-cf/lib:/usr/local/nginx-dep/lib -pie -flto=1 -fuse-ld=gold' --with-cc-opt='-I/opt/openssl-quic/include -I/usr/local/zlib-cf/include -I/usr/local/nginx-dep/include -m64 -march=native -fPIC -g -O2 -fstack-protector-strong -flto=1 -fuse-ld=gold --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wno-pointer-sign -Wimplicit-fallthrough=0 -Wno-missing-profile -Wno-implicit-function-declaration -Wno-int-conversion -Wno-unused-result -Wno-unused-result -Wno-vla-parameter -Wno-stringop-overflow -fcode-hoisting -Wno-cast-function-type -Wno-format-extra-args -Wno-vla-parameter -Wno-stringop-overflow -Wp,-D_FORTIFY_SOURCE=2' --sbin-path=/usr/local/sbin/nginx --conf-path=/usr/local/nginx/conf/nginx.conf --build=261223-061445-centos7-kvm-1eae350-br-6e975bc --with-compat --with-http_stub_status_module --with-http_secure_link_module --with-libatomic --with-http_gzip_static_module --add-dynamic-module=../ngx_brotli --with-http_geoip_module --with-stream_geoip_module --with-stream_realip_module --with-stream_ssl_preread_module --with-threads --with-stream --with-stream_ssl_module --with-http_realip_module --add-dynamic-module=../ngx-fancyindex-0.4.2 --add-module=../ngx_cache_purge-2.5.1 --add-dynamic-module=../headers-more-nginx-module-0.34 --with-pcre-jit --with-zlib=../zlib-cloudflare-1.3.3 --with-zlib-opt=-fPIC --with-http_ssl_module --with-http_v2_module --with-http_v3_module --with-openssl-opt='enable-ec_nistp_64_gcc_128 enable-tls1_3 -fuse-ld=gold'
    

    • Persistent Config: some php stuff etc clipped:
      Code (Text):
      NGINX_PASSENGER='n'
      NGINX_WEBDAV=n
      NGINX_UPSTREAMCHECK='n'
      NGINX_OPENRESTY='n'
      LUAJIT_GITINSTALL='n'
      ORESTY_LUANGINX='n'
      NGINX_STUBSTATUS=y
      NGINX_SUB=n
      NGINX_ADDITION=n
      NGINX_IMAGEFILTER=n
      NGINX_CACHEPURGE=y
      NGINX_ACCESSKEY=n
      NGINX_HTTPCONCAT=n
      NGINX_THREADS=y
      ORESTY_HEADERSMORE=y
      LETSENCRYPT_DETECT='y'
      CLOUDFLARE_ZLIB='y'
      NGINX_HTTPREDIS='n'
      NGXDYNAMIC_IMAGEFILTER='n'
      NGXDYNAMIC_GEOIP='n'
      MARCH_TARGETNATIVE='y'
      MARCH_TARGETNATIVE_ALWAYS='y'
      NGINX_DEVTOOLSETGCC='y'
      GENERAL_DEVTOOLSETGCC='y'
      CRYPTO_DEVTOOLSETGCC='y'
      NGINX_STAPLE_CACHE_OVERRIDE='y'
      NGINX_STAPLE_CACHE_TTL='86400'
      NGINX_GEOIP=n
      NGINX_GEOIPMEM=n
      NGINX_GEOIPTWOLITE='n'
      NGXDYNAMIC_GEOIPTWOLITE='n'
      NGXDYNAMIC_BROTLI='y'
      NGINX_LIBBROTLI='y'
      NGINX_LIBBROTLISTATIC='y'
      NGINX_DYNAMICTLS='y'
      NGINX_PCRE_TWO='y'
      NGINX_HPACK_ALLOWED_VER='1024005'
      NGINX_HPACK='y'
      NGINX_HTTP3='y'
      NGINX_QUIC_SUPPORT='y'
      OPENSSL_QUIC_VERSION='OpenSSL_1_1_1u+quic'
      AUTOHARDTUNE_NGINXBACKLOG='y'
      DEVTOOLSETTEN='n'
      DEVTOOLSETELEVEN='y'
      LOWMEM_INSTALL='y'
      SELFSIGNEDSSL_ECDSA='y'
      LOWMEM_INSTALL='y'
      
     
  2. eva2000

    eva2000 Administrator Staff Member

    52,657
    12,071
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,597
    Local Time:
    5:06 AM
    Nginx 1.25.x
    MariaDB 10.x

    Troubleshooting Initial Install



    To troubleshoot initial installation, you need to check the initial install log at /root/centminlogs and instructions under Sharing logs and errors heading for using Pastebin.com or Gists to share a sanitised version of the contents of the initial install log. You can see full details at How to troubleshoot Centmin Mod initial install issues

    Example for 123.09beta01 and newer list /root/centminlogs files in date ascending order and grep for installer_*
    Code (Text):
    ls -lahrt /root/centminlogs | grep installer_*
    

    example output returns install log at /root/centminlogs both a the full log and minimal log (smaller in size with some stuff filtered out)
    Code (Text):
    ls -lahrt /root/centminlogs | grep installer_*
    -rw-r--r-- 1 root root 4.3M Jul 12 09:06 installer_120718-083445.log
    -rw-r--r-- 1 root root 826K Jul 12 10:20 installer_120718-083445_minimal.log
    


    Example for 123.08stable list /root/centminlogs files in date ascending order and grep for install.log
    Code (Text):
    ls -lahrt /root/centminlogs | grep install.log
    

    example output returns install log at /root/centminlogs/centminmod_1.2.3-eva2000.09.001_111016-112321_install.log
    Code (Text):
    ls -lahrt /root/centminlogs | grep install.log
    -rw-r--r--  1 root root 2.2M Oct 11 01:40 centminmod_1.2.3-eva2000.09.001_111016-112321_install.log
    

    in SSH use cat to ouput contents of /root/centminlogs/centminmod_1.2.3-eva2000.09.001_111016-112321_install.log. Clear your SSH client window/buffer so only output is the contents of the file

    for 123.08stable
    Code (Text):
    cat /root/centminlogs/centminmod_1.2.3-eva2000.09.001_111016-112321_install.log
    

    for 123.09beta01 and newer
    Code (Text):
    cat /root/centminlogs/installer_120718-083445_minimal.log
    


    Installer Summary Links Log



    As at December 25th, 2021, added a new /root/centminlogs/installer_summary_links.log summary log which is a text file that links to the initial install's important log files for easier referencing and troubleshooting. Example contents of /root/centminlogs/installer_summary_links.log:

    Code (Text):
    Full initial install log: /root/centminlogs/installer_071221-010436.log
    Minimal initial install log: /root/centminlogs/installer_071221-010436_minimal.log
    Initial install time stats: /root/centminlogs/install_time_stats_071221-010436.log
    Initial install nginx configure options: /root/centminlogs/nginx-configure-071221-010927.log
    Initial install sar stats:
    /root/centminlogs/sar-b-installstats.log
    /root/centminlogs/sar-d-installstats.log
    /root/centminlogs/sar-r-installstats.log
    /root/centminlogs/sar-q-installstats.log
    /root/centminlogs/sar-u-installstats.log


    Then copy and paste into Pastebin.com or Gists entry. If your SSH window scroll buffer isn't that large to get the whole contents of the install log, you can download file manually and copy and paste contents. But makes sure it's sanitised version of the contents of the initial install log as outlined at How to troubleshoot Centmin Mod initial install issues

    Sharing Logs Via Dropbox



    You can also share the relevant required log files outlined above via Dropbox send via email feature at https://community.centminmod.com/threads/using-dropbox-to-share-server-files.22327/
     
  3. atomi

    atomi Member

    36
    10
    8
    Jul 14, 2018
    Ratings:
    +23
    Local Time:
    10:06 PM
    1.27.x
    10
    Here you can find installer and nginx logs.
     
  4. eva2000

    eva2000 Administrator Staff Member

    52,657
    12,071
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,597
    Local Time:
    5:06 AM
    Nginx 1.25.x
    MariaDB 10.x
    That's a strange one that I haven't seen, how far back has this issue been happening? Can you pinpoint the Centmin Mod initial incremental build version. You can use cminfo versions command to find the 1st incremental build version for initial install
    Code (Text):
    cminfo versions
    

    So run this command on a know good initial Centmin Mod install with these exact persistent config override variables /etc/centminmod/custom_config.inc

    But it isn't just NGINX HTTP3 which is enabled via NGINX_QUIC_SUPPORT='y' but your settings for nginx geoip disabling and nginx pcre2 enabling are ignored. So I suspect is that your /etc/centminmod/custom_config.inc persistent config file is the issue. How are you creating that file in the first place? via PC file edit and upload via FTP to /etc/centminmod/custom_config.inc ?
     
  5. atomi

    atomi Member

    36
    10
    8
    Jul 14, 2018
    Ratings:
    +23
    Local Time:
    10:06 PM
    1.27.x
    10
    It has been atleast couple weeks, maybe even more. I noticed it while adding H3 parameters into one vhost and nginx gave me errors. Checked "nginx -V" and there was no H2&H3 modules but with recompile they suddenly appeared without any other changes

    here is output from "cminfo versions"
    Code:
    # cminfo versions
    
    1st:
    130.00beta01.b500 #Mon Dec 25 20:07:29 UTC 2023
    ..
    last 10:
    130.00beta01.b500 #Mon Dec 25 20:07:29 UTC 2023
    130.00beta01.b500 #Tue Dec 26 06:07:48 UTC 2023
    130.00beta01.b500 #Tue Dec 26 06:48:23 UTC 2023
    And full "cminfo" is in pastebin

    I have created custom_config.inc with nano as usual and that method has not been changed
    Here is everything it is currently containing, prolly some old settings since I havent cleaned it in few years
     
  6. eva2000

    eva2000 Administrator Staff Member

    52,657
    12,071
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,597
    Local Time:
    5:06 AM
    Nginx 1.25.x
    MariaDB 10.x
    Yeah I'd clean that up as some of those variables are already default now in centmin.sh. Also I wouldn't hardcode OPENSSL_QUIC_VERSION='OpenSSL_1_1_1u+quic' as that is owner version that latest Centmin Mod 130.00beta01's 1.1.1w QUIC fork.

    But I can definitely confirm there is a bug when NGINX_QUIC_SUPPORT='y' is enabled that incorrect disables HTTP/2 and HTTP/3 support in Nginx. I haven't found the culprit yet. But added some additional debugging code in 130.00beta01 to help and it seems for some reason on initial Centmin Mod install, HTTPTWOOPT variable is emptied
    Code (Text):
    TLSTHREEOPT=y
    OPENSSL_TLSONETHREE=y
    NGINX_OPENSSLOPT_EXTRAS=
    NGINXOPENSSL_FATLTO_OBJECTS=n
    NGINXOPENSSL_NOFATLTO_OBJECTS=n
    OPENSSL_VERION=1.1.1w
    HTTPTWOOPT=
    nginx configure options (alternate ordering):
    5
    ./configure --with-ld-opt="-Wl,-E -L/opt/openssl-quic/lib -lssl -lcrypto -L/usr/local/zlib-cf/lib -L/usr/local/nginx-dep/lib -ljemalloc -Wl,-z,relro,-z,now -Wl,-rpath,/opt/openssl-quic/lib:/usr/local/zlib-cf/lib:/usr/local/nginx-dep/lib -pie  -flto=4 -fuse-ld=gold" --with-cc-opt="-I/opt/openssl-quic/include -I/usr/local/zlib-cf/include -I/usr/local/nginx-dep/include -m64 -march=x86-64-v3  -fPIC -g -O3 -fstack-protector-strong -flto=4 -fuse-ld=gold --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wno-pointer-sign  -Wimplicit-fallthrough=0 -Wno-missing-profile -Wno-implicit-function-declaration -Wno-int-conversion -Wno-unused-result -Wno-unused-result -Wno-vla-parameter -Wno-stringop-overflow -fcode-hoisting -Wno-cast-function-type -Wno-format-extra-args -Wno-vla-parameter -Wno-stringop-overflow -Wp,-D_FORTIFY_SOURCE=2" --sbin-path=/usr/local/sbin/nginx --conf-path=/usr/local/nginx/conf/nginx.conf --build=271223-155614-centos7-kvm-f5f19f7-br-a71f931 --with-compat --with-http_stub_status_module --with-http_secure_link_module --with-libatomic --with-http_gzip_static_module --add-dynamic-module=../ngx_brotli --with-http_sub_module --with-http_addition_module --with-http_image_filter_module=dynamic --with-http_geoip_module --with-stream_geoip_module --with-stream_realip_module --with-threads --with-stream --with-stream_ssl_module --with-http_realip_module --add-dynamic-module=../ngx-fancyindex-0.4.2 --add-module=../ngx_cache_purge-2.5.1 --add-dynamic-module=../ngx_devel_kit-0.3.2 --add-dynamic-module=../set-misc-nginx-module-0.33 --add-dynamic-module=../echo-nginx-module-0.63 --add-module=../redis2-nginx-module-0.15 --add-module=../ngx_http_redis-0.4.0-cmm --add-module=../memc-nginx-module-0.19 --add-module=../srcache-nginx-module-0.33 --add-dynamic-module=../headers-more-nginx-module-0.34 --with-pcre-jit --with-zlib=../zlib-cloudflare-1.3.3 --with-zlib-opt=-fPIC --with-http_ssl_module --with-openssl=../openssl-1.1.1w --with-openssl-opt="enable-ec_nistp_64_gcc_128 enable-tls1_3"
    

    but only time that is emptied is when NGINX_HTTP2 is not set to ='y' but that is the default

    and the nginx configure template used #5 when it should be #1
    Code (Text):
    nginx configure options (alternate ordering):
    5
    

    only time template #5 is used is if NGINX_IPV not equal to y or Y
    Code (Text):
    if [[ "$asknginxipv" = [yY] || "$NGINX_IPV" = [yY] ]]; then

    and it's always set to NGINX_IPV=y when Nginx 1.11.5+ detected
    Code (Text):
    # nginx 1.11.5+ has removed --with-ipv6 option and
    # auto detects ipv6 support instead
    # http://hg.nginx.org/nginx/rev/a6d116645c51
    if [[ "$DETECT_NGXVER" -ge '1011005' ]]; then
      IPVSIXOPT=""
      NGINX_IPV='y'
    else
      if [[ "$NGINX_IPV" = [yY] ]]; then
        IPVSIXOPT=' --with-ipv6'
      else
        IPVSIXOPT=""
      fi
    fi
    

    I guess I could set in centmin.sh NGINX_IPV='y' default anyway as no one uses Nginx <= 1.11.5 these days and let Nginx automatically support IPv6 etc

    So still hunting for the bug when NGINX_QUIC_SUPPORT='y' enabled for Centmin Mod initial installs
     
  7. eva2000

    eva2000 Administrator Staff Member

    52,657
    12,071
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,597
    Local Time:
    5:06 AM
    Nginx 1.25.x
    MariaDB 10.x
  8. atomi

    atomi Member

    36
    10
    8
    Jul 14, 2018
    Ratings:
    +23
    Local Time:
    10:06 PM
    1.27.x
    10
    Seems to be working. I tested with Alma 8 LXC, my old custom_config and the latest 130.00beta01 => got http2&http3 modules with installer which were not included earlier