Hey, i change my vps to another provider to be more for my money. So want reinstall ispconfig. First problem i must start the installer with --no-quota (otherwise is dont install it). Now I can not connect to the :8080 overlay. I get a connection timeout. Its the second installation.. Which logs do you need? Greetings.
This just means that your provider is using container virtualization instead of a real VM and the container virtualization he uses is not capable of providing Linux quota. So your provider most likely blocks port 8080 then. If your provider has any kind of control panel with firewall settings, check there that port 8080 is not blocked. Besides that, run the test script and post the result: https://forum.howtoforge.com/threads/please-read-before-posting.58408/
I cant change the firewall in normal weboverlay of the provider. Here the log: Code: ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] OS version is Debian GNU/Linux 11 (bullseye) [INFO] uptime: 16:34:31 up 2:21, 1 user, load average: 0,00, 0,02, 0,05 [INFO] memory: gesamt benutzt frei gemns. Puffer/Cache verfügbar Speicher: 8,0Gi 1,6Gi 5,8Gi 46Mi 613Mi 6,3Gi Swap: 0B 0B 0B [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.2.9p1 ##### VERSION CHECK ##### [INFO] php (cli) version is 7.4.33 [INFO] php-cgi (used for cgi php in default vhost!) is version 7.4.33 --More--
I dont see any error... Code: ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] OS version is Debian GNU/Linux 11 (bullseye) [INFO] uptime: 16:36:28 up 2:23, 1 user, load average: 0,08, 0,03, 0,05 [INFO] memory: gesamt benutzt frei gemns. Puffer/Cache verfügbar Speicher: 8,0Gi 1,6Gi 5,8Gi 46Mi 617Mi 6,3Gi Swap: 0B 0B 0B [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.2.9p1 ##### VERSION CHECK ##### [INFO] php (cli) version is 7.4.33 [INFO] php-cgi (used for cgi php in default vhost!) is version 7.4.33 ##### PORT CHECK ##### ##### MAIL SERVER CHECK ##### ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Apache 2 (PID 433) [INFO] I found the following mail server(s): Postfix (PID 1286) [INFO] I found the following pop3 server(s): Dovecot (PID 361) [INFO] I found the following imap server(s): Dovecot (PID 361) [INFO] I found the following ftp server(s): PureFTP (PID 980) ##### LISTENING PORTS ##### Server) () Local (Address) [anywhere]:25 (1286/master) [localhost]:953 (370/named) [anywhere]:443 (433/apache2) [anywhere]:4190 (361/dovecot) [anywhere]:993 (361/dovecot) [anywhere]:995 (361/dovecot) [localhost]:11332 (548/rspamd:) [localhost]:11333 (548/rspamd:) [localhost]:11334 (548/rspamd:) [localhost]:10023 (359/postgrey) [anywhere]:587 (1286/master) [localhost]:6379 (547/redis-server) [localhost]:11211 (369/memcached) [anywhere]:5355 (190/systemd-resolve) [anywhere]:110 (361/dovecot) [anywhere]:143 (361/dovecot) [anywhere]:8080 (433/apache2) [anywhere]:80 (433/apache2) [anywhere]:465 (1286/master) [anywhere]:8081 (433/apache2) [anywhere]:21 (980/pure-ftpd) ***.***.***.***:53 (370/named) ***.***.***.***:53 (370/named) ***.***.***.***:53 (370/named) ***.***.***.***:53 (370/named) [localhost]:53 (370/named) [localhost]:53 (370/named) [localhost]:53 (370/named) [localhost]:53 (370/named) ***.***.***.***:53 (190/systemd-resolve) [anywhere]:22 (580/sshd:) *:*:*:*::*:25 (1286/master) *:*:*:*::*:953 (370/named) *:*:*:*::*:4190 (361/dovecot) *:*:*:*::*:993 (361/dovecot) *:*:*:*::*:995 (361/dovecot) *:*:*:*::*:11332 (548/rspamd:) *:*:*:*::*:11333 (548/rspamd:) *:*:*:*::*:11334 (548/rspamd:) *:*:*:*::*:10023 (359/postgrey) *:*:*:*::*:3306 (646/mariadbd) *:*:*:*::*:587 (1286/master) *:*:*:*::*:6379 (547/redis-server) *:*:*:*::*:5355 (190/systemd-resolve) [localhost]10 (361/dovecot) [localhost]43 (361/dovecot) *:*:*:*::*:465 (1286/master) *:*:*:*::*:21 (980/pure-ftpd) *:*:*:*::*:53 (370/named) *:*:*:*::*:53 (370/named) *:*:*:*::*:53 (370/named) *:*:*:*::*:53 (370/named) *:*:*:*::*:22 (580/sshd:) ##### IPTABLES ##### Chain INPUT (policy ACCEPT) target prot opt source destination f2b-sshd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 22 ufw-before-logging-input all -- [anywhere]/0 [anywhere]/0 ufw-before-input all -- [anywhere]/0 [anywhere]/0 ufw-after-input all -- [anywhere]/0 [anywhere]/0 ufw-after-logging-input all -- [anywhere]/0 [anywhere]/0 ufw-reject-input all -- [anywhere]/0 [anywhere]/0 ufw-track-input all -- [anywhere]/0 [anywhere]/0 Chain FORWARD (policy ACCEPT) target prot opt source destination ufw-before-logging-forward all -- [anywhere]/0 [anywhere]/0 ufw-before-forward all -- [anywhere]/0 [anywhere]/0 ufw-after-forward all -- [anywhere]/0 [anywhere]/0 ufw-after-logging-forward all -- [anywhere]/0 [anywhere]/0 ufw-reject-forward all -- [anywhere]/0 [anywhere]/0 ufw-track-forward all -- [anywhere]/0 [anywhere]/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination ufw-before-logging-output all -- [anywhere]/0 [anywhere]/0 ufw-before-output all -- [anywhere]/0 [anywhere]/0 ufw-after-output all -- [anywhere]/0 [anywhere]/0 ufw-after-logging-output all -- [anywhere]/0 [anywhere]/0 ufw-reject-output all -- [anywhere]/0 [anywhere]/0 ufw-track-output all -- [anywhere]/0 [anywhere]/0 Chain f2b-sshd (1 references) target prot opt source destination REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable RETURN all -- [anywhere]/0 [anywhere]/0 Chain ufw-after-forward (1 references) target prot opt source destination Chain ufw-after-input (1 references) target prot opt source destination Chain ufw-after-logging-forward (1 references) target prot opt source destination Chain ufw-after-logging-input (1 references) target prot opt source destination Chain ufw-after-logging-output (1 references) target prot opt source destination Chain ufw-after-output (1 references) target prot opt source destination Chain ufw-before-forward (1 references) target prot opt source destination Chain ufw-before-input (1 references) target prot opt source destination Chain ufw-before-logging-forward (1 references) target prot opt source destination Chain ufw-before-logging-input (1 references) target prot opt source destination Chain ufw-before-logging-output (1 references) target prot opt source destination Chain ufw-before-output (1 references) target prot opt source destination Chain ufw-reject-forward (1 references) target prot opt source destination Chain ufw-reject-input (1 references) target prot opt source destination Chain ufw-reject-output (1 references) target prot opt source destination Chain ufw-track-forward (1 references) target prot opt source destination Chain ufw-track-input (1 references) target prot opt source destination Chain ufw-track-output (1 references) target prot opt source destination ##### LET'S ENCRYPT ##### acme.sh is installed in /root/.acme.sh/acme.sh
I try ufw open ports, dont work also @till :/ ah damn why i changed the provider.... Well, maybe strato is the problem? https://forum.howtoforge.com/threads/installation-failes-on-debian-11-ispconfig-ai.87702/ The sourcelist: deb http://ftp.stratoserver.net/pub/linux/debian bullseye main contrib non-free deb http://ftp.stratoserver.net/pub/linux/debian-security bullseye-security main contrib non-free deb http://ftp.stratoserver.net/pub/linux/debian bullseye-updates main contrib non-free Could be that a problem?
The system is installed correctly according to the test script output and apache is listening on port 8080: Code: [anywhere]:8080 (433/apache2) So there is no problem on the server itself as far as I can see. The ports are not closed in UFW when you install ispconfig, opening them makes no difference as they were not closed. But as a test, stop ufw, if it still does not work, the UFW is not the problem. No, the system installation is fine. Your problem is that something in front of your server blocks access on port 8080. Contact Strato support and ask them how to unblock port 8080 TCP.
Try to access the ispconfig gui from the server itself: wget https://localhost:8080 What does the file contain that wget downloads?
Code: wget https://localhost:8080 --2023-04-18 19:10:21-- https://localhost:8080/ Auflösen des Hostnamens localhost (localhost)… ::1, 127.0.0.1 Verbindungsaufbau zu localhost (localhost)|::1|:8080 … fehlgeschlagen: Verbindungsaufbau abgelehnt. Verbindungsaufbau zu localhost (localhost)|127.0.0.1|:8080 … verbunden. Denied :/
Code: [Tue Apr 18 19:30:54.535393 2023] [ssl:warn] [pid 23950:tid 140590672276800] AH01906:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Tue Apr 18 19:30:54.536841 2023] [ssl:error] [pid 23950:tid 140590672276800] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: CN=..net,OU=IT,O=None,L=None,ST=None,C=DE / issuer: CN=..net,OU=IT,O=None,L=None,ST=None,C=DE / serial: 3985F1E287F95CA80F5801B35162AB447F401A99 / notbefore: Apr 18 12:06:39 2023 GMT / notafter: Apr 15 12:06:39 2033 GMT] [Tue Apr 18 19:30:54.536857 2023] [ssl:error] [pid 23950:tid 140590672276800] AH02604: Unable to configure certificate :0 for stapling [Tue Apr 18 19:30:54.537250 2023] [ssl:warn] [pid 23950:tid 140590672276800] AH01906: :0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Tue Apr 18 19:30:54.537359 2023] [ssl:error] [pid 23950:tid 140590672276800] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: CN=..net,OU=IT,O=None,L=None,ST=None,C=DE / issuer: CN=..net,OU=IT,O=None,L=None,ST=None,C=DE / serial: / notbefore: Apr 18 12:06:39 2023 GMT / notafter: Apr 15 12:06:39 2033 GMT] [Tue Apr 18 19:30:54.537381 2023] [ssl:error] [pid 23950:tid 140590672276800] AH02604: Unable to configure certificate ..net:8081:0 for stapling [ 2023-04-18 19:30:54.5611 23952/7fca17dc0980 age/Wat/WatchdogMain.cpp:1291 ]: Starting Passenger watchdog... [ 2023-04-18 19:30:54.5788 23955/7f9854ade980 age/Cor/CoreMain.cpp:982 ]: Starting Passenger core... [ 2023-04-18 19:30:54.5790 23955/7f9854ade980 age/Cor/CoreMain.cpp:235 ]: Passenger core running in multi-application mode. [ 2023-04-18 19:30:54.5890 23955/7f9854ade980 age/Cor/CoreMain.cpp:732 ]: Passenger core online, PID 23955 [ 2023-04-18 19:30:54.6075 23962/7f79ca62d980 age/Ust/UstRouterMain.cpp:529 ]: Starting Passenger UstRouter... [ 2023-04-18 19:30:54.6091 23962/7f79ca62d980 age/Ust/UstRouterMain.cpp:342 ]: Passenger UstRouter online, PID 23962 [Tue Apr 18 19:30:54.609973 2023] [suexec:notice] [pid 23950:tid 140590672276800] AH01232: suEXEC mechanism enabled (wrapper: /usr/lib/apache2/suexec) [ 2023-04-18 19:30:54.6222 23955/7f984ffff700 age/Cor/CoreMain.cpp:531 ]: Signal received. Gracefully shutting down... (send signal 2 more time(s) to force shutdown) [ 2023-04-18 19:30:54.6223 23955/7f9854ade980 age/Cor/CoreMain.cpp:900 ]: Received command to shutdown gracefully. Waiting until all clients have disconnected... [ 2023-04-18 19:30:54.6224 23955/7f984effd700 Ser/Server.h:816 ]: [ServerThr.3] Freed 128 spare client objects [ 2023-04-18 19:30:54.6225 23955/7f984e77b700 Ser/Server.h:816 ]: [ServerThr.4] Freed 128 spare client objects [ 2023-04-18 19:30:54.6226 23955/7f984e77b700 Ser/Server.h:464 ]: [ServerThr.4] Shutdown finished [ 2023-04-18 19:30:54.6224 23955/7f984effd700 Ser/Server.h:464 ]: [ServerThr.3] Shutdown finished [ 2023-04-18 19:30:54.6228 23955/7f984ffff700 Ser/Server.h:816 ]: [ServerThr.1] Freed 128 spare client objects [ 2023-04-18 19:30:54.6228 23955/7f984ffff700 Ser/Server.h:464 ]: [ServerThr.1] Shutdown finished [ 2023-04-18 19:30:54.6229 23955/7f984f7fe700 Ser/Server.h:816 ]: [ServerThr.2] Freed 128 spare client objects [ 2023-04-18 19:30:54.6229 23955/7f984f7fe700 Ser/Server.h:464 ]: [ServerThr.2] Shutdown finished [ 2023-04-18 19:30:54.6230 23962/7f79ca576700 age/Ust/UstRouterMain.cpp:421 ]: Signal received. Gracefully shutting down... (send signal 2 more time(s) to force shutdown) [ 2023-04-18 19:30:54.6231 23962/7f79ca62d980 age/Ust/UstRouterMain.cpp:491 ]: Received command to shutdown gracefully. Waiting until all clients have disconnected... [ 2023-04-18 19:30:54.6231 23962/7f79ca576700 Ser/Server.h:464 ]: [UstRouter] Shutdown finished [ 2023-04-18 19:30:54.6232 23962/7f79c9cf4700 Ser/Server.h:816 ]: [UstRouterApiServer] Freed 0 spare client objects [ 2023-04-18 19:30:54.6232 23962/7f79c9cf4700 Ser/Server.h:464 ]: [UstRouterApiServer] Shutdown finished [ 2023-04-18 19:30:54.6278 23955/7f984def9700 Ser/Server.h:816 ]: [ApiServer] Freed 0 spare client objects [ 2023-04-18 19:30:54.6278 23955/7f984def9700 Ser/Server.h:464 ]: [ApiServer] Shutdown finished [ 2023-04-18 19:30:54.6282 23962/7f79ca62d980 age/Ust/UstRouterMain.cpp:523 ]: Passenger UstRouter shutdown finished [Tue Apr 18 19:30:54.652386 2023] [ssl:warn] [pid 23983:tid 140590672276800] AH01906: ..net:8080:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Tue Apr 18 19:30:54.652561 2023] [ssl:error] [pid 23983:tid 140590672276800] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: CN=..net,OU=IT,O=None,L=None,ST=None,C=DE / issuer: CN=..net,OU=IT,O=None,L=None,ST=None,C=DE / serial: 3985F1E287F95CA80F5801B35162AB447F401A99 / notbefore: Apr 18 12:06:39 2023 GMT / notafter: Apr 15 12:06:39 2033 GMT] [Tue Apr 18 19:30:54.652574 2023] [ssl:error] [pid 23983:tid 140590672276800] AH02604: Unable to configure certificate h3007815..net:8080:0 for stapling [Tue Apr 18 19:30:54.652925 2023] [ssl:warn] [pid 23983:tid 140590672276800] AH01906: ..net:8081:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Tue Apr 18 19:30:54.653066 2023] [ssl:error] [pid 23983:tid 140590672276800] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: CN=h3007815..net,OU=IT,O=None,L=None,ST=None,C=DE / issuer: CN=..net,OU=IT,O=None,L=None,ST=None,C=DE / serial: 3985F1E287F95CA80F5801B35162AB447F401A99 / notbefore: Apr 18 12:06:39 2023 GMT / notafter: Apr 15 12:06:39 2033 GMT] [Tue Apr 18 19:30:54.653081 2023] [ssl:error] [pid 23983:tid 140590672276800] AH02604: Unable to configure certificate ..net:8081:0 for stapling [ 2023-04-18 19:30:54.6727 23987/7f1595841980 age/Wat/WatchdogMain.cpp:1291 ]: Starting Passenger watchdog... [ 2023-04-18 19:30:54.6859 23990/7f3f92437980 age/Cor/CoreMain.cpp:982 ]: Starting Passenger core... [ 2023-04-18 19:30:54.6860 23990/7f3f92437980 age/Cor/CoreMain.cpp:235 ]: Passenger core running in multi-application mode. [ 2023-04-18 19:30:54.6886 23990/7f3f92437980 age/Cor/CoreMain.cpp:732 ]: Passenger core online, PID 23990 [ 2023-04-18 19:30:54.6911 23955/7f9854ade980 age/Cor/CoreMain.cpp:967 ]: Passenger core shutdown finished [ 2023-04-18 19:30:54.7048 24003/7f2150cab980 age/Ust/UstRouterMain.cpp:529 ]: Starting Passenger UstRouter... [ 2023-04-18 19:30:54.7061 24003/7f2150cab980 age/Ust/UstRouterMain.cpp:342 ]: Passenger UstRouter online, PID 24003 [Tue Apr 18 19:30:54.713363 2023] [:error] [pid 23983:tid 140590672276800] python_init: Python version mismatch, expected '3.9.0+', found '3.9.2'. [Tue Apr 18 19:30:54.719932 2023] [:error] [pid 23983:tid 140590672276800] python_init: Python executable found '/'. [Tue Apr 18 19:30:54.719968 2023] [:error] [pid 23983:tid 140590672276800] python_init: Python path being used '/'. [Tue Apr 18 19:30:54.720005 2023] [:notice] [pid 23983:tid 140590672276800] mod_python: Creating 8 session mutexes based on 0 max processes and 25 max threads. [Tue Apr 18 19:30:54.720013 2023] [:notice] [pid 23983:tid 140590672276800] mod_python: using mutex_directory /tmp [Tue Apr 18 19:30:54.791753 2023] [core:warn] [pid 23983:tid 140590672276800] AH00098: pid file /var/run/apache2/apache2.pid overwritten -- Unclean shutdown of previous Apache run? [Tue Apr 18 19:30:54.794034 2023] [mpm_event:notice] [pid 23983:tid 140590672276800] AH00489: Apache/2.4.56 (Debian) mod_fcgid/2.3.9 OpenSSL/1.1.1n Phusion_Passenger/5.0.30 mod_python/3.5.0- Python/3.9.2 configured -- resuming normal operations [Tue Apr 18 19:30:54.794078 2023] [core:notice] [pid 23983:tid 140590672276800] AH00094: Command line: '/usr/sbin/apache2' [Tue Apr 18 19:30:54.797860 2023] [mpm_event:alert] [pid 24021:tid 140590672276800] (11)Resource temporarily unavailable: AH00480: ap_thread_create: unable to create worker thread [Tue Apr 18 19:30:54.798146 2023] [mpm_event:alert] [pid 24022:tid 140590672276800] (11)Resource temporarily unavailable: AH00480: ap_thread_create: unable to create worker thread [Tue Apr 18 19:30:56.795677 2023] [mpm_event:alert] [pid 23983:tid 140590672276800] AH02324: A resource shortage or other unrecoverable failure was encountered before any child process initialized successfully... httpd is exiting!
According to the log, your system seems to run out of resources, but it has plenty of RAM. So maybe some other resource that has been limited by Strato. Please run: cat /proc/user_beancounters Maybe they use virtuozzo, then this command should give us the limits.
Code: root:~# cat /proc/user_beancounters Version: 2.5 uid resource held maxheld barrier limit failcnt 3007815: kmemsize 136781824 174395392 922337203685 4775807 9223372036854775807 0 lockedpages 0 16 922337203685 4775807 9223372036854775807 0 privvmpages 1188486 1277415 922337203685 4775807 9223372036854775807 0 shmpages 232342 265094 922337203685 4775807 9223372036854775807 0 dummy 0 0 922337203685 4775807 9223372036854775807 0 numproc 219 219 400 400 0 physpages 564399 666728 2097152 2097152 0 vmguarpages 0 0 922337203685 4775807 9223372036854775807 0 oomguarpages 598725 671275 0 0 0 numtcpsock 0 0 922337203685 4775807 9223372036854775807 0 numflock 0 0 922337203685 4775807 9223372036854775807 0 numpty 2 4 922337203685 4775807 9223372036854775807 0 numsiginfo 0 93 922337203685 4775807 9223372036854775807 0 tcpsndbuf 0 0 922337203685 4775807 9223372036854775807 0 tcprcvbuf 0 0 922337203685 4775807 9223372036854775807 0 othersockbuf 0 0 922337203685 4775807 9223372036854775807 0 dgramrcvbuf 0 0 922337203685 4775807 9223372036854775807 0 numothersock 0 0 922337203685 4775807 9223372036854775807 0 dcachesize 37642240 38846464 922337203685 4775807 9223372036854775807 0 numfile 4622 5170 922337203685 4775807 9223372036854775807 0 dummy 0 0 922337203685 4775807 9223372036854775807 0 dummy 0 0 922337203685 4775807 9223372036854775807 0 dummy 0 0 922337203685 4775807 9223372036854775807 0 numiptent 204 445 2000 2000 0 Dont know what this says tbh
This seems to be ok so far, you see it in the last column, the fail count. If that's all 0, then no limit has been reached. I still wonder why it failed to create worker threads. Or maybe it was just temporary. it's not easy to say remotely what's wrong with that VM, all services seem to be installed successfully and are listening on their ports, but at least apache denies connection attempts. are you able to reach the server on port 80 0r 443, you should get an apache default page.
Either something wrong with apache or something is blocking access to it. Netstat reports that apache is listening, which means it should be reachable. Stop the UFW firewall and also fail2ban, and test again. If the issue is still there, restart apache2, test, and look into apache error.log again if the same error I highlighted above still occurs. If this all does not help, try restarting the whole vm. If you need help by remote-login, contact @Th0m here for business support: https://www.ispconfig.org/get-support/?type=ispconfig
