Join the community today
Register Now

Nginx centmin.sh vhost creation routine keeps adding "reuseport" for every new vhost, failing to reload nginx

Discussion in 'Bug Reports' started by happyhacking, Jan 24, 2023.

  1. happyhacking

    happyhacking Member

    111
    18
    18
    Apr 23, 2021
    Ratings:
    +61
    Local Time:
    12:45 AM
    1.22.0
    MariadDB 10.4.25
    After adding a vhost through menu option, the script keeps inserting the "reuseport" option to the somevhost.ssl.conf file, then the reload of nginx fails since this option is already used in another vhost, and can only be used once for all the vhost files.
    • CentOS Version: CentOS 7 64bit
    • Centmin Mod Version Installed: 124.00stable.s69
    • Nginx Version Installed: 1.23.3
    • PHP Version Installed: 8.0.26
    • MariaDB MySQL Version Installed: 10.4.27
    • Code (Text):
      autoprotect.sh run completed skipped nginx reload...
      
      Reloading nginx configuration (via systemctl):  Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.
      [FALLĂ“]
      service nginx reload
      Reloading nginx configuration (via systemctl):  Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.
      [FALLĂ“]
      
      nginx: [emerg] duplicate listen options for 0.0.0.0:443 in /usr/local/nginx/conf/conf.d/univim.edu.mx.ssl.conf:17
      nginx: configuration file /usr/local/nginx/conf/nginx.conf test failed
      


     
  2. eva2000

    eva2000 Administrator Staff Member

    54,647
    12,230
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,799
    Local Time:
    4:45 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Did at anytime did you manually re-create or move an Nginx vhost config/site to this server? You may have copied a reuseport directive based Nginx vhost site in a syntax which centmin mod nginx vhost creation routine isn't picking up reuseport so as to skip it for the next nginx vhost creation.

    might need the log recorded at time of Nginx vhost creation. It would be in /root/centminlogs with label *addvhost*. It will have sensitive private info so might want to private message me.

    You can find the file name by either using of the below commands which lists logs in date ascending order - newest files at the bottom.
    Code (Text):
    ls -lAhrt /root/centminlogs | grep -i addvhost

    or
    Code (Text):
    cminfo listlogs | grep -i addvhost
    
     
  3. eva2000

    eva2000 Administrator Staff Member

    54,647
    12,230
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,799
    Local Time:
    4:45 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    You can use sourcegraph to search Centmin Mod 124.00stable branch code for references to reuseport here

    what output do you get for command below to check reuseport instances
    Code (Text):
    grep -rn listen /usr/local/nginx/conf/conf.d/*.conf | grep -v '#' | grep 443 | grep ' ssl' | grep ' http2' | grep -o reuseport
    

    also
    Code (Text):
    grep -rn listen /usr/local/nginx/conf/conf.d/*.conf | grep -v '#' | grep 443 | grep -o reuseport
    

    see if there's a difference in output for these 2 commands

    and output to check if server supports reuseport
    Code (Text):
    grep --color -Ro SO_REUSEPORT /usr/src/kernels | head -n1 | awk -F ":" '{print $2}'
     
  4. happyhacking

    happyhacking Member

    111
    18
    18
    Apr 23, 2021
    Ratings:
    +61
    Local Time:
    12:45 AM
    1.22.0
    MariadDB 10.4.25
    what output do you get for command below to check reuseport instances
    Code (Text):
    #grep -rn listen /usr/local/nginx/conf/conf.d/*.conf | grep -v '#' | grep 443 | grep ' ssl' | grep ' http2' | grep -o reuseport
    
    Output:
    reuseport
    reuseport
    

    which is normal since i have a main domain with
    Code:
      listen 443 ssl http2 reuseport;
      listen [::]:443 ssl http2 reuseport;
    
    also
    Code (Text):
    #grep -rn listen /usr/local/nginx/conf/conf.d/*.conf | grep -v '#' | grep 443 | grep -o reuseport
    
    Output:
    reuseport
    reuseport
    

    no difference in output for these 2 commands

    and output to check if server supports reuseport
    Code (Text):
    grep --color -Ro SO_REUSEPORT /usr/src/kernels | head -n1 | awk -F ":" '{print $2}'

    Output:

    SO_REUSEPORT
     
  5. happyhacking

    happyhacking Member

    111
    18
    18
    Apr 23, 2021
    Ratings:
    +61
    Local Time:
    12:45 AM
    1.22.0
    MariadDB 10.4.25
    The bug is here:
    Code (Text):
    if [[ "$(grep -rn listen /usr/local/nginx/conf/conf.d/*.conf | grep -v '#' | grep 443 | grep ' ssl' | grep ' http2' | grep -o reuseport )" != 'reuseport' ]]; then
    

    Since 'reuseport' is diferent from
    'reuseport
    reuseport'

    My proposed fix would be to pipe the 2 lines through "head -n1"
    Code:
    grep -rn listen /usr/local/nginx/conf/conf.d/*.conf | grep -v '#' | grep 443 | grep ' ssl' | grep ' http2' | grep -o reuseport | head -n1
    
     
  6. eva2000

    eva2000 Administrator Staff Member

    54,647
    12,230
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,799
    Local Time:
    4:45 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    ah didn't account for IPv6 listen directives using reuseport too!

    Cheers