Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Certbot-nginx does not work with systemctl? #5458

Closed
soggie opened this issue Jan 22, 2018 · 5 comments
Closed

Certbot-nginx does not work with systemctl? #5458

soggie opened this issue Jan 22, 2018 · 5 comments
Labels
area: nginx feature request

Comments

@soggie
Copy link

soggie commented Jan 22, 2018

My operating system is (include version):

Distributor ID:	Ubuntu
Description:	Ubuntu 16.04.3 LTS
Release:	16.04
Codename:	xenial

I installed Certbot with (certbot-auto, OS package manager, pip, etc):

certbot-auto, as per https://certbot.eff.org/#ubuntuxenial-nginx

I ran this command and it produced this output:

Basically, I control nginx using systemctl. However, a quick look at certbot-nginx's code reveals that when it restarts, it manually calls the command nginx directly, and there's no way I can disable or change that. Pre and post hooks don't even work because of that.

Certbot's behavior differed from what I expected because:

Expected behaviour is to provide an option to override the restart command, so we don't call restart multiple times.

Here is a Certbot log showing the issue (if available):

Logs are stored in /var/log/letsencrypt by default. Feel free to redact domains, e-mail and IP addresses as you see fit.

Not sure which part of the logs are relevant for this issue.

Here is the relevant nginx server block or Apache virtualhost for the domain I am configuring:

Not applicable.
@SwartzCr
Copy link
Contributor

Would you be able to link to the code you're referring to? I'm confused about which calls you're talking about.
That said, I think @ohemorange would be best equipped to answer this question.

@soggie
Copy link
Author

soggie commented Jan 25, 2018

@SwartzCr thanks. Here's the code:

https://github.com/certbot/certbot/blob/master/certbot-nginx/certbot_nginx/configurator.py#L689

    def config_test(self):  # pylint: disable=no-self-use
        """Check the configuration of Nginx for errors.
        :raises .errors.MisconfigurationError: If config_test fails
        """
        try:
            util.run_script([self.conf('ctl'), "-c", self.nginx_conf, "-t"])
        except errors.SubprocessError as err:
            raise errors.MisconfigurationError(str(err))

From my understanding, if we are to say, manage nginx using systemctl, this would make it quite impossible to stick to systemctl.

@ohemorange
Copy link
Contributor

@soggie see comment here, that should work in this situation: #5486 (comment)

if it doesn't there's always the standalone plugin, which won't start or stop nginx at all, and you can do that as you'd like in the hooks.

@stale
Copy link

stale bot commented Jun 5, 2019

To help us better see what issues are still affecting our users, this issue has been automatically marked as stale. If you still have this issue with an up-to-date version of Certbot and are interested in seeing it resolved, please add a comment letting us know. If there is no further activity, this issue will be automatically closed.

@stale stale bot added the needs-update label Jun 5, 2019
@bmw
Copy link
Member

bmw commented Jun 12, 2019

This issue has been closed due to lack of activity, but if you think it should be reopened, please open a new issue with a link to this one and we'll take a look.

@bmw bmw closed this as completed Jun 12, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area: nginx feature request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@soggie @SwartzCr @ohemorange @bmw