Lets Encrypt and Apache2

Having issues with your DietPi installation, or, found a bug? Post it here.
Post Reply
keithellis
Posts: 41
Joined: Mon May 23, 2016 2:55 pm

Lets Encrypt and Apache2

Post by keithellis »

I've just done a clean install, and installed the following on a Raspberry Pi 3:

ProFTP
NextCloud
LAMP
CertBot
Fail2Ban

All went well and was working fine.

I ran dietpi-letsencrypt and setup http://www.mydomain.com

and everything was fine.

I ran dietpi-letsencrypt again with mydomain.com

All was good, but http://www.mydomain.com stopped working.

So I tried entering two entries into dietpi-letsencrypt, i.e. "mydomain.com http://www.mydomain.com" without the quotes.

This created an error, and now apache2 is not starting up, I get the following error

Code: Select all

root@HomePi:~# service apache2 status
● apache2.service - LSB: Apache2 web server
   Loaded: loaded (/etc/init.d/apache2)
  Drop-In: /lib/systemd/system/apache2.service.d
           └─forking.conf
   Active: failed (Result: exit-code) since Sat 2016-10-15 14:52:23 UTC; 52min ago
  Process: 2054 ExecStart=/etc/init.d/apache2 start (code=exited, status=1/FAILURE)

Oct 15 14:52:23 HomePi apache2[2054]: Starting web server: apache2 failed!
Oct 15 14:52:23 HomePi apache2[2054]: The apache2 configtest failed. ... (w...).
Oct 15 14:52:23 HomePi apache2[2054]: Output of config test was:
Oct 15 14:52:23 HomePi apache2[2054]: AH00526: Syntax error on line 3 of /e...f:
Oct 15 14:52:23 HomePi apache2[2054]: ServerName takes one argument, The ho...er
Oct 15 14:52:23 HomePi apache2[2054]: Action 'configtest' failed.
Oct 15 14:52:23 HomePi apache2[2054]: The Apache error log may have more in...n.
Oct 15 14:52:23 HomePi systemd[1]: apache2.service: control process exited,...=1
Oct 15 14:52:23 HomePi systemd[1]: Failed to start LSB: Apache2 web server.
Oct 15 14:52:23 HomePi systemd[1]: Unit apache2.service entered failed state.
Hint: Some lines were ellipsized, use -l to show in full.
root@HomePi:~# 
1) any idea how I can get apache2 working again
2) How do I set up lets encrypt properly with http://www.mydomain.com and mydomain.com?

Thanks.
Regards,
Keith Ellis
User avatar
Fourdee
Site Admin
Posts: 2788
Joined: Tue Feb 06, 2007 1:36 pm

Re: Lets Encrypt and Apache2

Post by Fourdee »

keithellis wrote:
1) any idea how I can get apache2 working again
2) How do I set up lets encrypt properly with http://www.mydomain.com and mydomain.com?

Thanks.
Regards,
Keith Ellis
I'll need to see the apache2 config files to see whats up, please paste results of:

Code: Select all

cat /etc/apache2/apache2.conf
cat /etc/apache2/sites-available/000-default.conf
If you find our project or support useful, then we’d really appreciate it if you’d consider contributing to the project however you can.
Donating is the easiest – you can use PayPal or become a DietPi patron.
keithellis
Posts: 41
Joined: Mon May 23, 2016 2:55 pm

Re: Lets Encrypt and Apache2

Post by keithellis »

Fourdee wrote:
keithellis wrote:

I'll need to see the apache2 config files to see whats up, please paste results of:

Code: Select all

cat /etc/apache2/apache2.conf
cat /etc/apache2/sites-available/000-default.conf

Code: Select all

root@HomePi:/DietPi/dietpi# cat /etc/apache2/apache2.conf
Mutex file:${APACHE_LOCK_DIR} default

PidFile ${APACHE_PID_FILE}

Timeout 60

KeepAlive On

MaxKeepAliveRequests 20

KeepAliveTimeout 5

User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}

HostnameLookups Off

ErrorLog ${APACHE_LOG_DIR}/error.log

LogLevel error

# Include module configuration:
IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf

# Include list of ports to listen on
Include ports.conf

<Directory />
	Options FollowSymLinks
	AllowOverride None
	Require all denied
</Directory>

<Directory /usr/share>
	AllowOverride None
	Require all granted
</Directory>

<Directory /var/www/>
	DirectoryIndex index.php index.html
	Options Indexes FollowSymLinks
	AllowOverride None
	Require all granted
</Directory>

AccessFileName .htaccess

<FilesMatch "^\.ht">
	Require all denied
</FilesMatch>

LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

# Include generic snippets of statements
IncludeOptional conf-enabled/*.conf

# Include the virtual host configurations:
IncludeOptional sites-enabled/*.conf
root@HomePi:/DietPi/dietpi# 

Code: Select all

root@HomePi:~# cat /etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>
ServerAdmin webmaster@localhost
#        ServerName http://www.mydomain.me.uk mydomain.me.uk
        ServerName http://www.mydomain.me.uk
DocumentRoot /var/www

ErrorLog /error.log
        #CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =keithellis.me.uk
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>
root@HomePi:~#
Having seen these files I have now fixed the issue, the commented line in /etc/apache2/sites-available/000-default.conf was the original line and the line below is my edit. Thanks many thanks for your help.

Regards,
Keith
User avatar
Fourdee
Site Admin
Posts: 2788
Joined: Tue Feb 06, 2007 1:36 pm

Re: Lets Encrypt and Apache2

Post by Fourdee »

Hi Keith,

Great to hear its all working.

I checked the source code on this, dietpi-letsencrypt should replace the default site entry if it already exists:
https://github.com/Fourdee/DietPi/blob/ ... #L100-L113

Can you remember what value you used exactly for the Domain name input box entry? eg: was it http://www.mydomain.com or mydomain.com?

Thanks Keith
If you find our project or support useful, then we’d really appreciate it if you’d consider contributing to the project however you can.
Donating is the easiest – you can use PayPal or become a DietPi patron.
User avatar
Fourdee
Site Admin
Posts: 2788
Joined: Tue Feb 06, 2007 1:36 pm

Re: Lets Encrypt and Apache2

Post by Fourdee »

Hi Keith,

I think I know what went wrong here, I've updated the code in v134 that should prevent the issue you experienced from occurring again:
DietPi-LetsEncrypt | Resolved an issue where an empty string value in Input_Box function could cause a incorrect value being set in Apache2 confs. Many thanks to Keith for reporting this issue: http://dietpi.com/phpbb/viewtopic.php?f=11&t=757&p=3342
https://github.com/Fourdee/DietPi/commi ... 98b97de119

Thanks for reporting this issue!
If you find our project or support useful, then we’d really appreciate it if you’d consider contributing to the project however you can.
Donating is the easiest – you can use PayPal or become a DietPi patron.
keithellis
Posts: 41
Joined: Mon May 23, 2016 2:55 pm

Re: Lets Encrypt and Apache2

Post by keithellis »

Fourdee wrote:Hi Keith,

Great to hear its all working.

I checked the source code on this, dietpi-letsencrypt should replace the default site entry if it already exists:
https://github.com/Fourdee/DietPi/blob/ ... #L100-L113

Can you remember what value you used exactly for the Domain name input box entry? eg: was it http://www.mydomain.com or mydomain.com?

Thanks Keith
It was probably my own fault, I put both options in separated by a space

Regards
Keith
Post Reply