Réponse : Requirement already up-to-date: pip in /usr/local/lib/python2.7/dist-packages/pi p-9.0.1-py2.7.egg
Version python : 2.7.9
Version pip : 9.0.1
[Discussion] Certificat SSL signé et gratuit avec Let's Encrypt
un mois plus tard
Bonjour,
Après l'installation d'une seedbox chez kimsufi version exrat en debian 9 et php 7.
Dès que je mets en place les certificats ssl avec let's encrypt, Seedbox manager ne fonctionne plus.
Au niveau conf, je dois modifier quoi ?
Merci
Balbao.
C'est déjà fait. Et tout fonctionne sauf seedbox manager.
server {
listen 80;
server_name monsite.com;location / { rewrite ^ https://$server_name$request_uri? permanent; } location = /favicon.ico { access_log off; log_not_found off; } location = /50x.html { root /usr/share/nginx/html; } location ~ \.php$ { fastcgi_index index.php; include /etc/nginx/fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; } location ~* \.(jpg|jpeg|gif|css|png|js|map|woff|woff2|ttf|svg|eot)$ { expires 30d; access_log off; }}
server {
listen 443 ssl;
server_name monsite.com;
index index.html index.php;
charset utf-8;ssl on;
ssl_certificate /etc/letsencrypt/live/monsite.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/monsite.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "EECDH+AESGCM:AES128+EECDH:AES256+EECDH";ssl_prefer_server_ciphers on;
ssl_ecdh_curve secp384r1;ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;ssl_stapling on;
ssl_stapling_verify on;resolver 8.8.4.4 8.8.8.8 valid=300s;
resolver_timeout 10s;add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";access_log /var/log/nginx/rutorrent-access.log combined;
error_log /var/log/nginx/rutorrent-error.log error;error_page 500 502 503 504 /50x.html;
location = /50x.html { root /usr/share/nginx/html; }auth_basic "seedbox"; auth_basic_user_file "/etc/nginx/passwd/rutorrent_passwd"; location = /favicon.ico { access_log off; log_not_found off; } ## debut config accueil serveur ## location ^~ / { root /var/www/base; include /etc/nginx/conf.d/php.conf; include /etc/nginx/conf.d/cache.conf; satisfy any; allow all; } ## fin config accueil serveur ## ## début config proxy ## location ^~ /proxy { root /var/www; include /etc/nginx/conf.d/php.conf; include /etc/nginx/conf.d/cache.conf; } ## fin config proxy ## ## début config rutorrent ## location ^~ /rutorrent { root /var/www; include /etc/nginx/conf.d/php.conf; include /etc/nginx/conf.d/cache.conf; location ~ /\.svn { deny all; } location ~ /\.ht { deny all; } } location ^~ /rutorrent/conf/ { deny all; } location ^~ /rutorrent/share/ { deny all; } ## fin config rutorrent ## ## début config munin ## location ^~ /graph { root /var/www; include /etc/nginx/conf.d/php.conf; include /etc/nginx/conf.d/cache.conf; } location ^~ /graph/img { root /var/www; include /etc/nginx/conf.d/php.conf; include /etc/nginx/conf.d/cache.conf; error_log /dev/null crit; } location ^~ /monitoring { root /var/www; include /etc/nginx/conf.d/php.conf; include /etc/nginx/conf.d/cache.conf; } ## fin config munin ## ## début config seedbox-manager ## location ^~ /seedbox-manager { alias /var/www/seedbox-manager/public; include /etc/nginx/conf.d/php-manager.conf; include /etc/nginx/conf.d/cache.conf; } ## fin config seedbox-manager ## ## config utilisateurs ## location /BALBAO { include scgi_params; scgi_pass 127.0.0.1:5001; #ou socket : unix:/home/username/.session/username.socket auth_basic "seedbox"; auth_basic_user_file "/etc/nginx/passwd/rutorrent_passwd_balbao"; } location /USER1 { include scgi_params; scgi_pass 127.0.0.1:5003; #ou socket : unix:/home/username/.session/username.socket auth_basic "seedbox"; auth_basic_user_file "/etc/nginx/passwd/rutorrent_passwd_user1"; } location /USER2 { include scgi_params; scgi_pass 127.0.0.1:5004; #ou socket : unix:/home/username/.session/username.socket auth_basic "seedbox"; auth_basic_user_file "/etc/nginx/passwd/rutorrent_passwd_user2"; } location /USER3 { include scgi_params; scgi_pass 127.0.0.1:5005; #ou socket : unix:/home/username/.session/username.socket auth_basic "seedbox"; auth_basic_user_file "/etc/nginx/passwd/rutorrent_passwd_user3"; }}
balbao
si tu veux test cette version de conf.
server {
listen 80 default_server;
listen 443 default_server ssl http2;
server_name _;
index index.html index.php;
charset utf-8;
client_max_body_size 10M;
ssl_certificate /etc/letsencrypt/live/monsite.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/monsite.com/privkey.pem;
include /etc/nginx/conf.d/ciphers.conf;
access_log /var/log/nginx/rutorrent-access.log combined;
error_log /var/log/nginx/rutorrent-error.log error;
error_page 500 502 503 504 /50x.html;
auth_basic "seedbox";
auth_basic_user_file "/etc/nginx/passwd/rutorrent_passwd";
root /var/www;
location = /favicon.ico {
access_log off;
log_not_found off;
}
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
location ~* \.(jpg|jpeg|gif|css|png|js|map|woff|woff2|ttf|svg|eot)$ {
expires 30d;
access_log off;
}
location ~* \.(eot|ttf|woff|svg)$ {
add_header Acccess-Control-Allow-Origin *;
}
## Config accueil serveur ##
location ^~ / {
root /var/www/base;
include /etc/nginx/conf.d/php.conf;
include /etc/nginx/conf.d/cache.conf;
satisfy any;
allow all;
}
## Config rutorrent ##
location /rutorrent {
try_files $uri $uri/ /index.html;
}
location ~ ^/rutorrent/(conf|share)/(.+)$ {
deny all;
}
## Config seedbox-manager ##
location /seedbox-manager {
try_files /seedbox-manager/$uri /seedbox-manager/index.php$is_args$args;
}
## Config utilisateurs ##
location /BALBAO {
include scgi_params;
scgi_pass 127.0.0.1:5001; #ou socket : unix:/home/username/.session/username.socket
auth_basic "seedbox";
auth_basic_user_file "/etc/nginx/passwd/rutorrent_passwd_balbao";
}
location /USER1 {
include scgi_params;
scgi_pass 127.0.0.1:5003; #ou socket : unix:/home/username/.session/username.socket
auth_basic "seedbox";
auth_basic_user_file "/etc/nginx/passwd/rutorrent_passwd_user1";
}
location /USER2 {
include scgi_params;
scgi_pass 127.0.0.1:5004; #ou socket : unix:/home/username/.session/username.socket
auth_basic "seedbox";
auth_basic_user_file "/etc/nginx/passwd/rutorrent_passwd_user2";
}
location /USER3 {
include scgi_params;
scgi_pass 127.0.0.1:5005; #ou socket : unix:/home/username/.session/username.socket
auth_basic "seedbox";
auth_basic_user_file "/etc/nginx/passwd/rutorrent_passwd_user3";
}
}- Modifié
Au final de l'installation du script j'ai ce message d'erreur au redémarrage de nginx :
service nginx restartErreur >
Job for nginx.service failed. See 'systemctl status nginx.service' and 'journalctl -xn' for details
J'ai fait: service nginx status -l
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled)
Active: failed (Result: exit-code) since Tue 2017-10-10 17:07:50 CEST; 18min ago
Docs: man:nginx(8)
Process: 1450 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE)
Main PID: 4695 (code=exited, status=0/SUCCESS)
Oct 10 17:07:50 113500HD010180 nginx[1450]: nginx: [emerg] invalid number of arguments in "ssl_certificate" directive in /etc/nginx/sites-enabled/seedbox.conf:4
Oct 10 17:07:50 113500HD010180 nginx[1450]: nginx: configuration file /etc/nginx/nginx.conf test failed
Oct 10 17:07:50 113500HD010180 systemd[1]: nginx.service: control process exited, code=exited status=1
Oct 10 17:07:50 113500HD010180 systemd[1]: Failed to start A high performance web server and a reverse proxy server.
Oct 10 17:07:50 113500HD010180 systemd[1]: Unit nginx.service entered failed state.
Oct 10 17:26:10 113500HD010180 systemd[1]: Stopped A high performance web server and a reverse proxy server.
A priori @Peerotechnik, il doit en manquer un (de point-virgule vers la ligne ssl_certificate).
Oui c'est ce que j'ai fait. J'ai pas utilisé la config exactement comme ça. Mais tout fonctionne maintenant.
Merci. C'est effectivement 2 erreurs dans la ligne ssl_certificate + ssl_certificate_key: un espace inséré après l'adresse de mon site. Pourtant j'ai regardé et reregardé cette config......
Mon status de nginx est au vert ))))
Petite question:
Comment as-tu pu repéré ce genre d'erreur ?
En tout cas mille et un mercis encore.
De rien @Peerotechnik, dès fois c'est juste grâce au(x) message(s) et quand c'est possible je me base aussi sur mon expérience (ou mes souvenirs).
un mois plus tard
Bonjour.
Sur un installation propre de Stretch et après avoir suivi ce tuto Installer ruTorrent sur Debian 9 j'essai d'installer un certificat ssl.
Mais j'ai une erreur au redémarrage de nginx.
Le statut de nginx :
systemd[1]: Starting nginx - high performance web server...
nginx[17207]: nginx: [emerg] "location" directive is not allowed here in /etc/nginx/sites-enabled/seedbox.conf:23
nginx[17207]: nginx: configuration file /etc/nginx/nginx.conf test failed
systemd[1]: nginx.service: Control process exited, code=exited status=1
systemd[1]: Failed to start nginx - high performance web server.
systemd[1]: nginx.service: Unit entered failed state.
systemd[1]: nginx.service: Failed with result 'exit-code'.
Le début de mon sites-enabled/rutorrent.conf :
server {
listen 80 default_server;
listen 443 default_server ssl http2;
server_name mon.domain.fr;
ssl_certificate /etc/letsencrypt/live/mon.domain.fr/fullchain.p$
ssl_certificate_key /etc/letsencrypt/live/mon.domain.fr/privkey$
}
charset utf-8;
index index.html index.php;
client_max_body_size 10M;
access_log /var/log/nginx/rutorrent-access.log combined;
error_log /var/log/nginx/rutorrent-error.log error;
error_page 500 502 503 504 /50x.html;
auth_basic "seedbox";
auth_basic_user_file "/etc/nginx/passwd/rutorrent_passwd";
root /var/www;
location = /50x.html {
root /usr/share/nginx/html;
} Et un /etc/letsencrypt/live/mon.domain.fr# ls -l me renvoi
-bash: /etc/letsencrypt/live/mon.domain.fr#: No such file or directoryMerci pour votre aide.
7 jours plus tard
Bonsoir. Finalement affaire résolu.
Un problème avec le nom de domaine.
8 jours plus tard
Salut,
j'ai suivi les tutos pour installer rutorrent sous debian 9, puis le tuto pour le certificat SSL signé... mais autant j'avais pas de problème d'accès après le premier tuto, mais maintenant je ne peux plus accéder à mondomaine.ovh/rutorrent du tout. J'ai une erreur, la connexion a échoué. Par où commencer ? merci
2 mois plus tard
Bonjour 
Est-ce que quelqu'un aurait un mini tuto pour la mise en place du renouvellement automatique ?
Merci !
NicCo tu peux automatiser cela via crontab :
https://community.letsencrypt.org/t/how-to-automatically-renew-certificates/4393
4 jours plus tard
Bonjour
J'ai un problème pour renouveler le certificat SSL
service nginx stop
./certbot-auto renew
service nginx start
J'ai ce message d'erreur qui apparaît
-bash: ./certbot-auto: No such file or directoryUne petite solution ?