Erro ao tentar reiniciar NGINX no Terminal Service para instalação de SSL Let’s Encrypt

Estou tentando realizar este passo a passo

how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04

Com a finalidade de instalar um certificado ssl gratuito Let’s Encrypt

Meu problema:

Não consigo reiniciar o NGINX nem iniciar o serviço manualmente. para prosseguir com o passo a passo da instalação.

Step 2 — Setting up Nginx

Tentando reiniciar

sudo systemctl reload nginx nginx.service is not active, cannot reload. 

Tentando inciar manualmente

sudo service nginx start Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details. 

Verificando Estado da configuração

 nginx: the configuration file /etc/nginx/nginx.conf syntax is ok     nginx: configuration file /etc/nginx/nginx.conf test is successful 

Verificando log

  sudo nano /var/log/nginx/error.log` 

Log

2019/07/11 12:27:16 [notice] 3617#3617: signal process started 2019/07/11 12:27:16 [error] 3617#3617: open() "/run/nginx.pid" failed (2: No such file or directory) 2019/07/11 12:35:42 [emerg] 3816#3816: bind() to 0.0.0.0:80 failed (98: Address already in use) 2019/07/11 12:35:42 [emerg] 3816#3816: bind() to [::]:80 failed (98: Address already in use) 2019/07/11 12:35:42 [emerg] 3816#3816: bind() to 0.0.0.0:80 failed (98: Address already in use) 2019/07/11 12:35:42 [emerg] 3816#3816: bind() to [::]:80 failed (98: Address already in use) 2019/07/11 12:35:42 [emerg] 3816#3816: bind() to 0.0.0.0:80 failed (98: Address already in use) 2019/07/11 12:35:42 [emerg] 3816#3816: bind() to [::]:80 failed (98: Address already in use) 2019/07/11 12:35:42 [emerg] 3816#3816: bind() to 0.0.0.0:80 failed (98: Address already in use) 2019/07/11 12:35:42 [emerg] 3816#3816: bind() to [::]:80 failed (98: Address already in use) 2019/07/11 12:35:42 [emerg] 3816#3816: bind() to 0.0.0.0:80 failed (98: Address already in use) 2019/07/11 12:35:42 [emerg] 3816#3816: bind() to [::]:80 failed (98: Address already in use) 2019/07/11 12:35:42 [emerg] 3816#3816: still could not bind() 2019/07/11 12:37:28 [emerg] 4085#4085: bind() to 0.0.0.0:80 failed (98: Address already in use) 2019/07/11 12:37:28 [emerg] 4085#4085: bind() to [::]:80 failed (98: Address already in use) 2019/07/11 12:37:28 [emerg] 4085#4085: bind() to 0.0.0.0:80 failed (98: Address already in use) 2019/07/11 12:37:28 [emerg] 4085#4085: bind() to [::]:80 failed (98: Address already in use) 2019/07/11 12:37:28 [emerg] 4085#4085: bind() to 0.0.0.0:80 failed (98: Address already in use) 2019/07/11 12:37:28 [emerg] 4085#4085: bind() to [::]:80 failed (98: Address already in use) 2019/07/11 12:37:28 [emerg] 4085#4085: bind() to 0.0.0.0:80 failed (98: Address already in use) 2019/07/11 12:37:28 [emerg] 4085#4085: bind() to [::]:80 failed (98: Address already in use) 2019/07/11 12:37:28 [emerg] 4085#4085: bind() to 0.0.0.0:80 failed (98: Address already in use) 2019/07/11 12:37:28 [emerg] 4085#4085: bind() to [::]:80 failed (98: Address already in use) 2019/07/11 12:37:28 [emerg] 4085#4085: still could not bind() 

Verificando configuração

sudo nano /etc/nginx/sites-available/default 

Estado da configuração

# Default server configuration # server {         listen 80 default_server;         listen [::]:80 default_server;          root /var/www/html;          index index.html index.htm index.nginx-debian.html;          server_name www.sistemasjca.com.br;          location / {                 try_files $  uri $  uri/ =404;         } 

M2: flushing cache lets page render one time, then blank white page thereafter

I’m working through Alan Storm’s ‘No Frills Magento 2 Layout’ an internal dev server. He walks the reader through small edit, refresh, another small edit, refresh, see what changes, and so on. There are lots of examples. Then I inserted a typo which I couldn’t find, that ended up being whitespace added at the end of 'Magento\Framework\View\Element\Template ' when I copied and paste from the PDF manual.

I then sorted out getting errors enabled, however I managed to get the Magento 2.3.2 install into a bad state where there are white pages on every refresh. Clean the cache and hit F5, the site comes back, but for only one render.

This was a fresh install and I had only executed php bin/magento deploy:mode:set developer as per the install instructions for the module which is part of the book.

I then started an exploration of every command available from the internet in an attempt to be able to hit F5 and just get a page to reload. I issued these two commands:

php bin/magento deploy:mode:set developer php bin/magento cache:disable 

And now the site will refresh with F5 but instead of quickly refreshing, the server grinds for 7 to 10 seconds and then renders Hello World

What mechanism in Magento 2 causes this?
and
What can a person do to get back to how the site was working as expected before all this?

Right now, I believe the solution is to move this M2 and start over by installing a new fresh instance. But that simply is not acceptable; what happens if a live site starts acting like this? Having to clean cache to render one page is not acceptable nor is disabling cache…

Let’s compare our coding skills.

Hi

I just took the new Developer Economics survey. It helped me discover where my coding skills are the strongest.

Want to take the survey yourself? It will take about ±30 min.

Both of us can win – I’m racing for the top cash prize of $ 1,000 and if you take the survey you may win any of the $ 12,000+ worth of gifts including: Microsoft Surface Pro 6, JetBrains IDE, Oculus Rift S, AWS Deep Racer, Samsung HMD Odyssey, Apple AirPods, courses and more….

Let’s compare our coding skills.

Any other app that lets me send notifications to my mobile through API? [on hold]

I am looking for an app like this one: Wire Pusher

It basically gives me an API key and URL that I can make an Http request upon and that request will trigger a notification on my android. In some crons that I run, I make conditional tasks using the API to let me know if my crons are running perfectly.

This app works as intended, I just want to know if there is any better alternative of this one.

CentOS 7 LAMP Server Tutorial Part 3: Let’s Encrypt SSL

Welcome to the third installment of the CentOS 7 LAMP Server Tutorial: Modernized and Explained series. This tutorial builds on the work done in Part 1 and Part 2, so if you haven’t checked them out, now’s a good time.

In this installment we’re going to secure our new Virtual Host (lowend-tutorial.tld) with a Let’s Encrypt SSL certificate. We’ll be installing WordPress in Part 4. It’ll be good to get a SSL certificate installed prior to installing WordPress.

Let’s Encrypt, Shall We?

We’re going to look at how the Let’s Encrypt SSL certificate gets installed and how we can make use of the certificate. Let’s get started!

If you’re not familiar with Let’s Encrypt, take a moment to browse on over to their website at https://letsencrypt.org/. They are a Certificate Authority who offers free SSL certificates to anyone who can prove that they own the domain they are attempting to get a SSL certificate for.

The way they do this is via the ACME protocol. You can read more about it on their site, but it works like so: A program on the server (we’ll talk about Certbot in a moment) puts a code inside a file at http://lowend-tutorial.tld/somefilename. Then it tells Let’s Encrypt’s servers where that file is, and they go looking for it. If the URL exists and loads the coded message, then they know that the request came from the real lowend-tutorial.tld server, and they issue a certificate.

That means that http://lowend-tutorial.tld needs to be a working website before Let’s Encrypt will issue a certificate. In the last installment we had a working site even though it had no content. That will work fine for this purpose. As mentioned, the program that controls all of this is called Certbot. It’s an amazing bit of software that makes this entire process look incredibly simple. Let’s install Certbot!

Installing Certbot on CentOS 7

For CentOS 7 we need to install both Certbot and the python module that Certbot uses for integrating with Apache. Use the following command:

yum -y install certbot python2-certbot-apache

Before we can run Certbot and get a Let’s Encrypt SSL certificate, we need to do a little bit more configuration. HTTPS (SSL) connections happen on port 443 (vs port 80 for unsecured HTTP connections) and so we need to allow port 443 through the firewall. Firewalld knows about the association between port 443 and https, so we can just enable “https” in Firewalld. Paste in the following commands:

firewall-cmd --zone=public --add-service=https --permanent firewall-cmd --reload

Certbot is smart and knows that we’re running the Apache web server, and what’s more it’s smart enough to know how we’re running Apache. It actually reads the configuration files and reacts accordingly. You’ll recall that we created a new Apache VirtualHost in /etc/httpd/sites-enabled/lowend-tutorial.tld.conf. This configuration file is responsible for mapping http://lowend-tutorial.tld to /home/lowend/public_html and making PHP work.

The first line of /etc/httpd/sites-enabled/lowend-tutorial.tld.conf looks like this:

<VirtualHost *:80>

This VirtualHost is specific to port 80. But SSL happens on port 443, so there will need to be a new VirtualHost for port 443. What do we need to do to configure it all? Let Certbot work its magic! At the command line, run certbot with the following command:

certbot

You’re going to need to answer some questions. If you want your website to automatically redirect to https:// you can configure that here or you can manually do it later in the websites own configuration. Here’s how it looked on our VPS:

What just Happened?

If you look in /etc/httpd/sites-enabled, you’ll see a new file, lowend-tutorial.tld-le-ssl.conf. An examination will show that the VirtualHost directive defines a VirtualHost on port 443 and that the entire VirtualHost file is wrapped in <IfModule mod_ssl.c> tags. At the bottom are some new lines pertaining to the SSL certificates. Here are the additions and changes:

<IfModule mod_ssl.c> <VirtualHost *:443> ...  ... skipping original VirtualHost content for brevity ... Include /etc/letsencrypt/options-ssl-apache.conf SSLCertificateFile /etc/letsencrypt/live/lowend-tutorial.cf/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/lowend-tutorial.cf/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/lowend-tutorial.cf/chain.pem </IfModule mod_ssl.c>

You can see how the configuration is SSL specific. The SSL configuration is loaded and the paths to the SSL certificate files are now included. Certbot did all of this for us, and it even restarted Apache to enact the changes. Thanks, Certbot!

Let’s see if it all worked. Load your site in a browser, then change the URL to https://. It should still load. If it doesn’t, then check carefully for ACME errors, and make sure the site loaded with http:// originally. Also be sure that DNS is pointing at the server correctly. These things account for most errors.

Nothing Lasts Forever

Like most good things, Let’s Encrypt SSL certificates don’t last forever. They last 90 days and need to be renewed. If we tell Certbot to run regularly, it’ll automagically renew any SSL certificate that is less than 29 days away from expiration. For that, let’s use a cron job.

Cron jobs are automated tasks that run on a schedule that we define. These schedules happen in a tabulated file called a “crontab”. Linux has a built in feature for modifying crontabs, but it relies on using your own text editor. We prefer nano for its ease of use vs vim (feel free to disagree, we don’t mind!) and so we’re going to set that as our editor before we start editing things:

echo "export VISUAL=nano"

Since we want this to be the case every time we log in, lets go ahead and add it to /root/.bash_profile. the .bash_profile file is a script that gets ran every time its user logs in:

echo "export VISUAL=nano" >> ~/.bash_profile

Now let’s edit the crontab and add a job that will run every 12 hours:

crontab -e

With nano open, paste in the following

1 */12 * * * certbot renew

That entry tells cron to run the “certbot renew” command on the first minute of every 12th hour of every day. If there are any certificates that need renewing, it’ll renew them for us as long as ACME is able to verify the domain again.

Next up: WordPress

And with that, we’re done. You’ve just installed Certbot, which installed a Let’s Encrypt SSL certificate on your CentOS 7 LAMP server. For more information, go check out all of the official documentation for Let’s Encrypt and Certbot. They are a treasure trove of information, especially if you need to troubleshoot things:

https://letsencrypt.org/
https://certbot.eff.org/docs/

In the next installment we’re going to install WordPress on our new LAMP server and learn how to administer it without even leaving the command line. Stay tuned!

The post CentOS 7 LAMP Server Tutorial Part 3: Let’s Encrypt SSL appeared first on Low End Box.

How to Secure Apache with Let’s Encrypt Ubuntu 16.04

 

In this tutorial we will examine how to secure Apache with Let’s Encrypt for the Ubuntu 16.04 operating system.   We will first examine and overview of Let’s Encrypt, certificate authorities and then dive into a step by step guide to install & configure Let’s Encrypt on your Ubuntu 16.04 VPS servers and the review how to automatically renew SSL certificates.

What is Let’s Encrypt?

Let’s Encrypt is a free, automated, and open Certificate Authority (CA), that provides the ability to secure a website. Let’s Encrypt also provides automation and tools to reduce setup and maintenance challenges needed to secure web servers using HTTPS (SSL/TLS).

 


Why use Let’s Encrypt as your Certificate Authority?

Let’s Encrypt is free, easy to create, configure, and renew certificates on web servers (like Apache).

Most administrators who host web servers have a goal of attracting new visitors along with retaining end-user attention – as this often translates into profits or a growing website community. People hosting web servers also want to reduce maintenance and cost.

End users, on the other hand, are motivated to visit websites that are safe and do not compromise their security.

To satisfy both administrators and end users, a Certificate Authority is used to validate the authenticity of the web server’s domain name.

Traditional CA (Certificate Authorities) solutions like Verisign required domain owners to pay a fee to use the CA services, this is no longer required when using Let’s Encrypt. The Let’s encrypt service is funded by sponsors and donors.

 


How Certificate Authority works

  1. The web server admin creates a private and public key pair. Using the public key the website admin will create a CSR (certificate signing request) and then send the CSR to a Certificate Authority.
  2. The Certificate Authority signs the CSR and returns a final certificate that the web server admin will install on their web server.
  3. The final certificate is signed by the Certificate Authorities private key and holds metadata about the admin’s web server.
  4. When a website visitor goes to the web page, the visitor’s browser will download the final certificate from the web server. The visitor’s browser will contact the Certificate Authority to make sure that the certificate downloaded from the website is valid.
  5. If the Certificate authority confirms that the certificate is authentic/valid, the website visitor will receive a green padlock in their browser in the URL address box. This will notify the end user that the website is safe to visit.

 


Prerequisites to installing Let’s Encrypt on Ubuntu

  1. You must be an administrator of the domain name you want to secure; for this tutorial, we will be using the DNS hostname “LetsEncryptTutorial.ddns.net.
  2. You need to have your public IP address.
  3. You must install Apache web server if it’s not already installed.

 


 Install Apache

  1. Update the Ubuntu apt repository package definitions. Open a command line terminal and type “apt-update” or if you are logged in as a non-root user, type “sudo apt update”.

 

  1. To Install Apache: “apt install apache2 -y” or “sudo apt install apache2 -y”

 

  1. Change into the directory called /var/www/html and ensure an index.html file exists in the directory.

 

  1. Optional but recommended: Edit the default index.html title to be unique (example: Let’s Encrypt tutorial website) by adding “Let’s Encrypt tutorial” to the body. NOTE: This is simply to help you confirm the server is resolving and you are not accessing cached pages.

 

  1. If using systemd for startup restart Apache “systemctl restart apache2” or “sudo systemctl restart apache2” if using non-root user. If using init run “service apache2 restart”

 

 

  1. Confirm Apache is running properly on your system. If using systemd use “systemctl status apache2” and if using init use “service apache2 status”

 

  1. Confirm that the modified default Apache website is now available via a web browser

First, confirm that port 80 is open and working by going to the following URL,
http://< apache_server_ip>:80 (you should see your edited webpage)

Next, confirm that the web server SSL port 443 is also open and working by going to the following,
https://<apache_server_ip>:443

NOTE: When the server resolves in a browser using port 443 you will get a “Not Encrypted” or “Not Secure” error in the address bar. That’s ok.

Caution: Do not proceed to the following steps if you are not able to successfully reach your Apache server on both ports 80 and 443. If the server does not resolve to either port contact your network admins to ensure that both ports are configured to allow web traffic.

 

 

Once we know Apache is resolving correctly, we can move on to the next section of this tutorial.

 


How to set up Let’s Encrypt on Apache

 

  1. Install common tools “apt-get install software-properties-common -y” if logged in as root user

 

  1. Add the apt component for installing new repositories, by running: “add-apt-repository universe”

 

  1. Add certbot to the list of apt repositories “add-apt-repository ppa:certbot/certbot”

 

  1. Update apt to detect the newly added repositories: “apt update”

 

  1. Install certbot to create and renew certificates using let’s encrypt: “apt-get install certbot python-certbot-apache -y”

 

  1. Run the certbot command to create SSL for your domain.

 

 

  1. Now visit https://<domain_name> to verify that your new certificate works properly and your website has a valid certificate. You will notice a green lock icon confirming a secured connection is established with your Apache server. Click the green lock to get details about the SSL certificate.

 


How to automate the renewal of Let’s Encrypt

It is highly recommended to automate the renewal of your certificate to avoid http traffic interruption due to an expired SSL certificate. For Example; on the Apache server you can create a cron job to renew the certificate every month on the 10th at 6:04 am using cron by typing “sudo crontab -e” and at the bottom add the following line (below) and save/exit.

4 6 10 * * certbot –apache –force-renewal renew –quiet

 


 

EOF

The post How to Secure Apache with Let’s Encrypt Ubuntu 16.04 appeared first on Low End Box.

Is there an alternative to console.log() which lets you print out and update a single line instead of spamming the console?

I am looking for a way to print out a given variable f.ex. the i of a for-loop for each iteration, without it resulting in the entire console being filled with new lines of new values. Is there a console. method for just printing one line, and updating that as we go?

I realise that you could do this by implementing a text-field in your program which you change the with each iteration, but if there is a way of doing this in the console it would be a bit easier (and perhaps quicker? although I am really not sure about that). Thanks in advance.

If there is still confusion about what im asking, what i want is my console to print out: “i = ” i once, and then update the i in that one line, instead of:

i=1 i=2 i=3 1=4 . . . 

which gets really messy as you go. For the exact example of the i in a for loop, you could get this value from just console.log()’ing the same thing for each iteration, and a number will pop up beside it (in firefox anyway), but i would like to be able to do this with some more useful information.

Provide a field that lets editor select content types?

I have a Paragraph that when rendered, injects a View. This view is being built and constructed in a preprocess hook in the theme, with arguments injected from a field. The field just lists all the Content Types that are defined.

It is all working, but if I wanted to limit this list to specific content types (like not list Webform, Listing Page) – how can I do that? I tried to make a View to give to the field, but I did not see a straightforward way to do that.