Total install fail! v. 1.1.0 on Ubuntu 18.04 [solved]

I’m a little shocked. I’ve been using “the other CP” for around 6 years, and Ubuntu for 20+. I was expecting a seamless install, but have run into so many problems I’ve given up!

First of all, hestia fails to start after the install. Command used was
bash --multiphp yes --vsftpd no --clamav no --port 9000 --hostname domainname --email [email protected] --password xxxxx --force

At the end of the install I get a message that hestia can’t start. systemctl status hestia gives:
Mar 28 05:16:01 domainname hestia[29441]: nginx: [warn] “ssl_stapling” ignored, issuer certificate not found for certificate “/usr/local/hestia/ssl/certificate.crt”
Mar 28 05:16:03 domainname hestia[29441]: nginx: [emerg] bind() to failed (98: Address already in use)
Mar 28 05:16:03 domainname hestia[29441]: nginx: [emerg] still could not bind()
Mar 28 05:16:03 domainname systemd[1]: hestia.service: Control process exited, code=exited status=1
Mar 28 05:16:03 domainname systemd[1]: hestia.service: Failed with result ‘exit-code’.
Mar 28 05:16:03 domainname systemd[1]: Failed to start LSB: starts the hestia control panel.

So I edited /usr/local/hestia/nginx/conf/nginx.conf
and commented out the two ssl_stapling lines.

Hestia still not starting, due to the bind to lines, so I rebooted, and hestia started.

OK, now to log in. The password I supplied on the command line doesn’t work. No errors, the login screen disappears and reappears. I try the command line password reset. That doesn’t work either.
I tried the email password reset. That doesn’t work either!! I get an email saying NO LANGUAGE DEFINED.

At this point I’m not inclined to proceed any further. If the install doesn’t work without hacking at config files (which regular users wouldn’t have a clue about), and the fact that I can’t actually login after installing, I think I’ll just stop until things are fixed, and try Hestia another time.

Oh, and now, when I tried to post this I get told that ‘New users can only put two links in a post’. And I haven’t actually tried to put any in.

Hi Pluto

Looks like you had a bad day, but hey, there is a easy fix for your problem: Don’t use port 9000 - this port is already used for php fpm which you got informed here:

Also do not remove the nginx stappling, this is a known issue if you are using self signed ssl certificates. Just checkout v-add-letsencrypt-host after installation, it will install and configure a let’s encrypt cert for hestia backend, vsftp, exim and dovecot.

Take a deep breath, reinstall your server and give it a try without using a reserved port - the installation will work!

Hah, so I chose the one port that would screw things up! What are the chances? For the record, I chose that because I’d used that before on some of the client’s “Other CP” installs, and it worked, so I didn’t consider it would be an issue. Also weird that it would interfere in the password reset process??

WRT stapling, yes, of course, I was only disabling it to try to get the error message to go away and get Vesta started. I understand that it was caused by self signed certs, but my attempts to generate a letsencrypt cert for the setup domain, and then apply it to the hestia / mail server … also failed! Got an error 400 from Letsencrypt … which I didn’t get around to reporting above.

Well lets see how this install goes, just waiting for it to complete …

OK, that was it. Port 9000 broke everything! Its a bit of an edge case, but you might want to put in some sort of check for that on the install script. Still not quite sure how it broke the login and password reset.

Also, have now found out why the v-add-letsencrypt-domain was failing with Error 400. On installation, the initial domain was bound to the private IP address 10.x.x.x. instead of the public one. So when I fixed that in the web interface, it could then get the Letsencrypt cert … and I’m up and rolling.

Looking good so far. Case closed on this particular snafu …

Glad it worked, we’ll add such a verification step in the planed rework of our installer.

Let me know of you find anything else that doesnt work.

1 Like

Isn’t port 9000 also used by Vesta for php-fpm?

Are there multiple ip’s on the server?

  • private + public or
  • private NAT-ed behind a public one?

yes it is.

looks like, yes.

Candidates ports to be forbidden:

9000, 9956, 9970-9999

Web server and status ports:
80, 8080, 8081, 8084, 443, 8443

Email smtp, imap pop3 (clear, tls, ssl)
25, 110, 143, 465, 587, 783, 993, 995

3306, 5432

11211, 6379

Ftp, ssh, dns
21, 22, 53