kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 30 Pull Requests 3 Projects 2 Activity

uploads.kosmos.chat nginx getting stuck #345

New Issue
Closed
opened 2021-10-21 14:43:31 +00:00 by raucao · 4 comments
raucao commented 2021-10-21 14:43:31 +00:00
Owner
Copy Link

Currently expired: https://uploads.kosmos.chat/791c7ed148e453f934ef56e1a4acb79a30845f0f/8SBtwY2eToAhPIaAy0IKaWUTNVH0oBwNh38k8crs/chilis.jpeg

Currently expired: https://uploads.kosmos.chat/791c7ed148e453f934ef56e1a4acb79a30845f0f/8SBtwY2eToAhPIaAy0IKaWUTNVH0oBwNh38k8crs/chilis.jpeg
raucao added the
bug
 label 2021-10-21 14:43:31 +00:00
raucao commented 2021-10-22 09:22:09 +00:00
Author
Owner
Copy Link

I just restarted nginx on uploads-1, and the new cert was immediately available. So it was renewed, but somehow not picked up by nginx.

There's no difference between most other Chef recipes using LE and this one.

There is definitely a certbot timer for renewal, and a deploy hook that should reload nginx. But I think last time the cert renewed, it also wasn't picked up by nginx.

I just restarted nginx on `uploads-1`, and the new cert was immediately available. So it was renewed, but somehow not picked up by nginx. There's no difference between most other Chef recipes using LE and this one. There is definitely a certbot timer for renewal, and a deploy hook that should reload nginx. But I think last time the cert renewed, it also wasn't picked up by nginx.
raucao added this to the Current operational issues project 2021-10-22 09:27:32 +00:00
raucao changed title from TLS certificate not renewed automatically for uploads.kosmos.chat to New TLS certificates not served immediately for uploads.kosmos.chat 2021-10-23 09:30:27 +00:00
raucao commented 2022-05-20 09:07:07 +00:00
Author
Owner
Copy Link

I hadn't actually checked in depth last time, but nginx crashed after the renewal last night. Unfortunately without logging an error. But I suspect that this was the case before as well.

I hadn't actually checked in depth last time, but nginx crashed after the renewal last night. Unfortunately without logging an error. But I suspect that this was the case before as well.
raucao commented 2022-10-21 12:24:38 +00:00
Author
Owner
Copy Link

Closing this until it happens again.

Closing this until it happens again.
raucao changed title from New TLS certificates not served immediately for uploads.kosmos.chat to uploads.kosmos.chat nginx getting stuck 2023-01-17 06:52:22 +00:00
raucao commented 2023-01-17 06:53:20 +00:00
Author
Owner
Copy Link

I think this has nothing to do with the renewal hook and rather with a bug in the Perl script we're using there.

Added an uptime robot monitor for it, so at least we can get notified when it happens.

I think this has nothing to do with the renewal hook and rather with a bug in the Perl script we're using there. Added an uptime robot monitor for it, so at least we can get notified when it happens.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
service
accounts
Kosmos Accounts
service
discourse
Kosmos Community Forums
service
drone-ci
Kosmos Drone CI
service
email
mail.kosmos.org
service
garage
S3-compatible object storage
service
gitea
Kosmos Gitea
service
ipfs
Kosmos IPFS
service
mastodon
kosmos.social
service
postgres
Database cluster
service
remotestorage
Portable data storage for the Web
service
wiki
Kosmos Wiki
service
xmpp
Kosmos Chat
bug
Something is not working
design
Graphic/visual design
dev environment
Config, builds, CI, deployment, etc.
docs
Documentation
duplicate
This issue or pull request already exists
enhancement
Improving existing functionality
feature
New functionality
good first issue
Dive in, and start contributing
idea
Something to consider
invalid
Not a bug
kredits-1
Small contribution
kredits-2
Medium contribution
kredits-3
Large contribution
on hold
Currently not actionable
ops
Manual IT ops activities
question
Looking for an answer
release
major
release
minor
release
patch
security
All your base are belong to us
ui/ux
User interface, process design, etc.
wontfix
This won't be fixed
No Label
bug
Milestone
No items
No Milestone
Projects
Clear projects
No project Current operational issues
Assignees
Clear assignees
bkero bumi fsmanuel galfert greg hueso raucao slvrbckt
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: kosmos/chef#345
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?