Can't access pihole admin ui after changing IP addresses

threefoursixeight · 28 December 2019 17:19

Hi everyone,

I had to change my internal IP address away from the default 192.168.254.xx due to conflicts when I would connect to my Wireguard vpn on a different network that used this same IP range.

After I did that, I had to of course change the static IP I had given my pi. After I did that, I encountered some issues where in the pihole admin console it was still showing the pihole’s IP as my old 192.168.254.xx address.

Reading online, I saw that running pihole -r would allow you to reconfigure your pihole installation and change that IP address. Unfortunately, after I reconfigured, I could no longer access the pihole admin page at all!

After some thinking, I realized that pihole uses lighttpd to display the admin ui, so I tried executing “service lighttpd start” but I get an error that the lighttpd daemon failed to start:

● lighttpd.service - Lighttpd Daemon
   Loaded: loaded (/lib/systemd/system/lighttpd.service; disabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Sat 2019-12-28 11:10:04 CST; 5s ago
  Process: 1786 ExecStartPre=/usr/sbin/lighttpd -tt -f /etc/lighttpd/lighttpd.conf (code=exited, status=255/EXCEPTION)

Dec 28 11:10:04 roci systemd[1]: lighttpd.service: Service RestartSec=100ms expired, scheduling restart.
Dec 28 11:10:04 roci systemd[1]: lighttpd.service: Scheduled restart job, restart counter is at 5.
Dec 28 11:10:04 roci systemd[1]: Stopped Lighttpd Daemon.
Dec 28 11:10:04 roci systemd[1]: lighttpd.service: Start request repeated too quickly.
Dec 28 11:10:04 roci systemd[1]: lighttpd.service: Failed with result 'exit-code'.
Dec 28 11:10:04 roci systemd[1]: Failed to start Lighttpd Daemon.

After some more reading, I saw someone suggested looking at the output of sudo journalctl -u lighttpd, which outputs this for me:

-- Logs begin at Sat 2019-12-28 10:55:38 CST, end at Sat 2019-12-28 11:11:39 CST. --
Dec 28 10:56:03 roci systemd[1]: /lib/systemd/system/lighttpd.service:6: PIDFile= references path below legacy directory /var/run/, upda
ting /var/run/lighttpd.pid → /run/lighttpd.pid; please update the unit file accordingly.
Dec 28 10:56:03 roci systemd[1]: Starting Lighttpd Daemon...
Dec 28 10:56:03 roci lighttpd[813]: Duplicate config variable in conditional 0 global: server.error-handler-404
Dec 28 10:56:03 roci lighttpd[813]: 2019-12-28 10:56:03: (configfile.c.1289) source: /etc/lighttpd/conf-enabled/99-dietpi-pihole.conf line: 33 pos: 1 parser fai
led somehow near here: (EOL)
Dec 28 10:56:03 roci lighttpd[813]: 2019-12-28 10:56:03: (configfile.c.1289) source: find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf
' -printf 'include "%p"\n' 2>/dev/null line: 6 pos: 1 parser failed somehow near here: (EOL)
Dec 28 10:56:03 roci lighttpd[813]: 2019-12-28 10:56:03: (configfile.c.1289) source: /etc/lighttpd/lighttpd.conf line: 65 pos: 1 parser failed somehow near here
: (EOL)
Dec 28 10:56:03 roci systemd[1]: lighttpd.service: Control process exited, code=exited, status=255/EXCEPTION
Dec 28 10:56:03 roci systemd[1]: lighttpd.service: Failed with result 'exit-code'.
Dec 28 10:56:03 roci systemd[1]: Failed to start Lighttpd Daemon.
Dec 28 10:56:03 roci systemd[1]: lighttpd.service: Service RestartSec=100ms expired, scheduling restart.
Dec 28 10:56:03 roci systemd[1]: lighttpd.service: Scheduled restart job, restart counter is at 1.
Dec 28 10:56:03 roci systemd[1]: Stopped Lighttpd Daemon.
Dec 28 10:56:03 roci systemd[1]: Starting Lighttpd Daemon...
Dec 28 10:56:03 roci lighttpd[838]: Duplicate config variable in conditional 0 global: server.error-handler-404
Dec 28 10:56:03 roci lighttpd[838]: 2019-12-28 10:56:03: (configfile.c.1289) source: /etc/lighttpd/conf-enabled/99-dietpi-pihole.conf line: 33 pos: 1 parser fai
led somehow near here: (EOL)
Dec 28 10:56:03 roci lighttpd[838]: 2019-12-28 10:56:03: (configfile.c.1289) source: find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf
' -printf 'include "%p"\n' 2>/dev/null line: 6 pos: 1 parser failed somehow near here: (EOL)
Dec 28 10:56:03 roci lighttpd[838]: 2019-12-28 10:56:03: (configfile.c.1289) source: /etc/lighttpd/lighttpd.conf line: 65 pos: 1 parser failed somehow near here
: (EOL)

It continues on for a while but it seems to just be repeats of the above output.

What stands out to me is that it appears to be an issue related to lighttpd.conf and /etc/lighttpd/conf-enabled/99-dietpi-pihole.conf. Is it possible that when I reconfigured pihole with pihole-r, I messed something up? If so, what is the easiest way to repair this? Can I simply reinstall lighttpd using diet-software?

Here are the contents of lighttpd.conf:

# Pi-hole: A black hole for Internet advertisements
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
# Lighttpd config for Pi-hole
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.

###############################################################################
#     FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE.     #
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
#                                                                             #
#              CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE:              #
#                         /etc/lighttpd/external.conf                         #
###############################################################################

server.modules = (
	"mod_access",
	"mod_accesslog",
	"mod_auth",
	"mod_expire",
	"mod_compress",
	"mod_redirect",
	"mod_setenv",
	"mod_rewrite"
)

server.document-root        = "/var/www/html"
server.error-handler-404    = "/pihole/index.php"
server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
server.errorlog             = "/var/log/lighttpd/error.log"
server.pid-file             = "/var/run/lighttpd.pid"
server.username             = "www-data"
server.groupname            = "www-data"
server.port                 = 80
accesslog.filename          = "/var/log/lighttpd/access.log"
accesslog.format            = "%{%s}t|%V|%r|%s|%b"

index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

compress.cache-dir          = "/var/cache/lighttpd/compress/"
compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )

mimetype.assign   = ( ".png"  => "image/png",
                      ".jpg"  => "image/jpeg",
                      ".jpeg" => "image/jpeg",
                      ".html" => "text/html",
                      ".css" => "text/css; charset=utf-8",
                      ".js" => "application/javascript",
                      ".json" => "application/json",
                      ".txt"  => "text/plain",
                      ".svg"  => "image/svg+xml" )

# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port

# Prevent Lighttpd from enabling Let's Encrypt SSL for every blocked domain
#include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf' -printf 'include \"%p\"\n' 2>/dev/null"

# If the URL starts with /admin, it is the Web interface
$HTTP["url"] =~ "^/admin/" {
    # Create a response header for debugging using curl -I
    setenv.add-response-header = (
        "X-Pi-hole" => "The Pi-hole Web interface is working!",
        "X-Frame-Options" => "DENY"
    )

    $HTTP["url"] =~ ".ttf$" {
        # Allow Block Page access to local fonts
        setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
    }
}

# Block . files from being served, such as .git, .github, .gitignore
$HTTP["url"] =~ "^/admin/\.(.*)" {
     url.access-deny = ("")
}

# Add user chosen options held in external file
# This uses include_shell instead of an include wildcard for compatibility
include_shell "cat external.conf 2>/dev/null"

And then the contents of /etc/lighttpd/conf-enabled/99-dietpi-pihole.conf:

# Based on: https://github.com/pi-hole/pi-hole/blob/master/advanced/lighttpd.conf.debian

# If the URL starts with /admin, it is the Web interface
$HTTP["url"] =~ "^(/html)?/admin/" {
	# Create a response header for debugging using curl -I
	setenv.add-response-header = (
		"X-Pi-hole" => "The Pi-hole Web interface is working!",
		"X-Frame-Options" => "DENY"
	)

	$HTTP["url"] =~ "\.ttf$" {
		# Allow Block Page access to local fonts
		setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
	}
}

# Block . files from being served, such as .git, .github, .gitignore
$HTTP["url"] =~ "^(/html)?/admin/\." {
	url.access-deny = ("")
}

# If it's a request to Pi-hole blocking page...
$HTTP["url"] =~ "^(/html)?/pihole/" {
	# ... and the request isn't local
	$HTTP["remoteip"] !~ "^1(27|92\.168|0|72\.(1[6-9]|2[0-9]|3[0-1]))\." {
		# block!
		url.access-deny = ("")
	}
}

# Enable blocking page via 404 handler
server.error-handler-404 = "/html/pihole/index.php"

Any help would be very appreciated!!

threefoursixeight · 28 December 2019 19:48

What I’m thinking now is just completely reinstalling pihole again, but this time reinstall lighttpd too.

I’m thinking uninstall pihole and lighttpd, then delete the /etc/lighttpd directory to remove the broken configurations.

Then reinstall pihole, which should go ahead and reinstall lighttpd.

As far as I know, lighttpd isn’t used by anything else so I don’t think this will break anything else.

Can anyone confirm if this is a good course of action?

Joulinar · 29 December 2019 11:59

Hi,

first you can try to repair PiHole running following command on the OS level

pihole -r

-r, reconfigure = Reconfigure or Repair Pi-hole subsystems

This should guide you to the setup process of PiHole and adapt the new IP Config.

threefoursixeight · 29 December 2019 13:38

Thanks, I’ll give that a shot. Will that fix lighttpd? Pihole is running fine, I just can’t access the admin console because lighttpd fails to start.

Edit: sorry, I just reread your post. I thought you were suggesting repair instead of reconfigure. I actually ran reconfigure already and that’s what broke lighttpd

Joulinar · 29 December 2019 13:50

Ahh you have a duplicate in the config file for 404 error handling

Dec 28 10:56:03 roci lighttpd[813]: Duplicate config variable in conditional 0 global: server.error-handler-404

I had a similar issue in the past
https://github.com/MichaIng/DietPi/issues/3175

Please run:

grep -r 'server.error-handler-404' /etc/lighttpd/

Usually it should return just 1 entry. But I guess you will have 2

For me, Lighttpd was fixed as follow, run:

sed -i '/^[[:blank:]]*server.error-handler-404/d' /etc/lighttpd/lighttpd.conf

Hope that’s it

threefoursixeight · 29 December 2019 14:03

Beautiful!! That very nearly fixed it!

After you helped me fix that big issue, lighttpd still failed to start, unfortunately.

But this time it said:

Dec 29 07:55:18 roci systemd[1]: lighttpd.service: Control process exited, code=exited, status=255/EXCEPTION
Dec 29 07:55:18 roci systemd[1]: lighttpd.service: Failed with result 'exit-code'.
Dec 29 07:55:18 roci systemd[1]: Failed to start Lighttpd Daemon.
Dec 29 07:55:18 roci systemd[1]: lighttpd.service: Service RestartSec=100ms expired, scheduling restart.
Dec 29 07:55:18 roci systemd[1]: lighttpd.service: Scheduled restart job, restart counter is at 4.
Dec 29 07:55:18 roci systemd[1]: Stopped Lighttpd Daemon.
Dec 29 07:55:18 roci systemd[1]: Starting Lighttpd Daemon...
Dec 29 07:55:18 roci lighttpd[21239]: 2019-12-29 07:55:18: (configfile.c.1461) command "cat external.conf 2>/dev/null" exited non-zero: 1
Dec 29 07:55:18 roci lighttpd[21239]: 2019-12-29 07:55:18: (configfile.c.1289) source: /etc/lighttpd/lighttpd.conf line: 85 pos: 1 parser failed somehow near he
re: (EOL)

I looked at my lighttpd.conf and simply commented out the “cat external.conf 2>/dev/null” line and then lighttpd was able to start with no issue.

However, I’m not really sure if this is a good fix. Do you happen to know what that line is for?

Here’s my lighttpd.conf again. Note that the very last line is now commented out:

# Pi-hole: A black hole for Internet advertisements
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
# Lighttpd config for Pi-hole
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.

###############################################################################
#     FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE.     #
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
#                                                                             #
#              CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE:              #
#                         /etc/lighttpd/external.conf                         #
###############################################################################

server.modules = (
	"mod_access",
	"mod_accesslog",
	"mod_auth",
	"mod_expire",
	"mod_compress",
	"mod_redirect",
	"mod_setenv",
	"mod_rewrite"
)

server.document-root        = "/var/www/html"
server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
server.errorlog             = "/var/log/lighttpd/error.log"
server.pid-file             = "/var/run/lighttpd.pid"
server.username             = "www-data"
server.groupname            = "www-data"
server.port                 = 80
accesslog.filename          = "/var/log/lighttpd/access.log"
accesslog.format            = "%{%s}t|%V|%r|%s|%b"

index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

compress.cache-dir          = "/var/cache/lighttpd/compress/"
compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )

mimetype.assign   = ( ".png"  => "image/png",
                      ".jpg"  => "image/jpeg",
                      ".jpeg" => "image/jpeg",
                      ".html" => "text/html",
                      ".css" => "text/css; charset=utf-8",
                      ".js" => "application/javascript",
                      ".json" => "application/json",
                      ".txt"  => "text/plain",
                      ".svg"  => "image/svg+xml" )

# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port

# Prevent Lighttpd from enabling Let's Encrypt SSL for every blocked domain
#include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf' -printf 'include \"%p\"\n' 2>/dev/null"

# If the URL starts with /admin, it is the Web interface
$HTTP["url"] =~ "^/admin/" {
    # Create a response header for debugging using curl -I
    setenv.add-response-header = (
        "X-Pi-hole" => "The Pi-hole Web interface is working!",
        "X-Frame-Options" => "DENY"
    )

    $HTTP["url"] =~ ".ttf$" {
        # Allow Block Page access to local fonts
        setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
    }
}

# Block . files from being served, such as .git, .github, .gitignore
$HTTP["url"] =~ "^/admin/\.(.*)" {
     url.access-deny = ("")
}

# Add user chosen options held in external file
# This uses include_shell instead of an include wildcard for compatibility
#include_shell "cat external.conf 2>/dev/null"

Thanks!

Joulinar · 29 December 2019 21:12

Hi,

I guess it’s not an issue as my lighttpd.conf look completely different than yours. And Yes I’m using Pihole as well.

server.modules = (
        "mod_access",
        "mod_accesslog",
        "mod_alias",
        "mod_compress",
        "mod_redirect",
)

server.document-root        = "/var/www"
server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
server.errorlog             = "/var/log/lighttpd/error.log"
server.pid-file             = "/var/run/lighttpd.pid"
server.username             = "www-data"
server.groupname            = "www-data"
server.port                 = 80
accesslog.filename          = "/var/log/lighttpd/access.log"
accesslog.format            = "%{%s}t|%V|%r|%s|%b"

index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny             = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

compress.cache-dir          = "/var/cache/lighttpd/compress/"
compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )

# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"

threefoursixeight · 30 December 2019 04:21

Well then as long as mine continues to work, I’ll take it!

Thanks for all the help!

MichaIng · 30 December 2019 14:44

threefoursixeight
Did you install Pi-hole initially and only via dietpi-software? Because your lighttpd.conf is the one that the Pi-hole installer places when not being called with --disable-install-webserver to skip obsolete Lighttpd install and single-purpose configuration. DietPi uses this option and places the separate 99-dietpi-pihole.conf config file instead, while leaving the main lighttpd.conf untouched to stay compatible with any other web applications and allow easy removal.

Of course having Pi-hole lighttpd.conf + DietPi drop-in config doubles related directives, hence breaks Lighttpd start . Using the (default) lighttpd.conf from Joulinar hence is best to avoid any unintended/doubled/obsolete directives.