Nginx

Nginx 不斷拋出 nginx:emerg____和米和rGemergbind() 到 0.0.0.0:80 失敗(98:地址已在使用中)

  • September 14, 2021

我一直在檢查很多網站,並且在 ServerFault 中有很多關於這個問題的問題/答案。但是,我似乎沒有進入配置錯誤的根源。

我的 nginx 伺服器中有 4 個域:

  • example.com
  • www.example.com
  • api.example.com
  • blog.example.com

它們都在埠 80 和 443 中都啟動並執行。這是nginx.conf我用於所有它們的模板,僅更改、server_name和指令。還有一些其他的變化,但原則上不應該影響。喜歡不一樣。root``error_log``access_log``fastcgi_param

這是example.comand的模板www.example.com

server {
listen 80;

server_name example.com www.example.com;
root /var/www/example.com/public_html/web;

if ($http_host = example.com) {
   return 301 https://www.example.com$request_uri;
}

location / {
   # try to serve file directly, fallback to front controller
   try_files $uri /index.php$is_args$args;
}

location ~ ^/index\.php(/|$) {
   fastcgi_pass   unix:/var/run/php/php7.0-fpm.sock;

   fastcgi_split_path_info ^(.+\.php)(/.*)$;
   include fastcgi_params;
   fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
   fastcgi_param HTTPS off;
   fastcgi_param   DATABASE_NAME           some_database;
   fastcgi_param   DATABASE_USER           some_user;
   fastcgi_param   DATABASE_PASSWORD       some_pwd;
}

#return 404 for all php files as we do have a front controller
location ~ \.php$ {
   return 404;
}

error_log /var/log/nginx/www.example.com_error.log;
access_log /var/log/nginx/www.example.com_access.log;

# Redirect non-https traffic to https
if ($scheme != "https") {
   return 301 https://$host$request_uri;
} # managed by Certbot


listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

這是我重新啟動伺服器時得到的確切錯誤:

root@vps_server:/etc/nginx# journalctl -xe
Mar 09 09:17:16 vps_server systemd[1]: Starting A high performance web server and a reverse proxy server...
-- Subject: Unit nginx.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
-- 
-- Unit nginx.service has begun starting up.
Mar 09 09:17:16 vps_server nginx[30764]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Mar 09 09:17:16 vps_server nginx[30764]: nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
Mar 09 09:17:16 vps_server nginx[30764]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Mar 09 09:17:16 vps_server nginx[30764]: nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
Mar 09 09:17:17 vps_server nginx[30764]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Mar 09 09:17:17 vps_server nginx[30764]: nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
Mar 09 09:17:17 vps_server nginx[30764]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Mar 09 09:17:17 vps_server nginx[30764]: nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
Mar 09 09:17:18 vps_server nginx[30764]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Mar 09 09:17:18 vps_server nginx[30764]: nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
Mar 09 09:17:18 vps_server nginx[30764]: nginx: [emerg] still could not bind()
Mar 09 09:17:18 vps_server systemd[1]: nginx.service: Control process exited, code=exited status=1
Mar 09 09:17:18 vps_server systemd[1]: Failed to start A high performance web server and a reverse proxy server.
-- Subject: Unit nginx.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
-- 
-- Unit nginx.service has failed.
-- 
-- The result is failed.
Mar 09 09:17:18 vps_server systemd[1]: nginx.service: Unit entered failed state.
Mar 09 09:17:18 vps_server systemd[1]: nginx.service: Failed with result 'exit-code'.

當我嘗試使用更新證書時,sudo certbot renew --dry-run我得到了一個類似的錯誤,儘管不完全相同。

如果我殺死 nginx 執行緒,那麼我可以重新啟動伺服器。但是下次我嘗試重新啟動它時,它會引發同樣的錯誤。最糟糕的是,我無法更新我的 SSL 證書(儘管這可能是由於不同的原因,我不想在這裡輸入,因為這可能是原因)。

編輯

我已經使用 Vagrant 設置了一台具有完全相同配置的本地電腦,除了我註釋了 SSL 證書數據。我可以毫無問題地重新啟動伺服器。所以也許它確實與 Certbot/SSL 配置有關。

為了幫助調試這個問題,這裡是netstat -tulpn(只有 nginx 使用埠 80 和 443,這是我理解的預期輸出)的輸出:

/var/log/nginx# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      16700/mysqld        
tcp        0      0 0.0.0.0:5355            0.0.0.0:*               LISTEN      1578/systemd-resolv 
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      30608/nginx: master 
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1675/sshd           
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      10001/master        
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      30608/nginx: master 
tcp6       0      0 :::5355                 :::*                    LISTEN      1578/systemd-resolv 
tcp6       0      0 :::22                   :::*                    LISTEN      1675/sshd           
tcp6       0      0 :::25                   :::*                    LISTEN      10001/master        
udp        0      0 127.0.0.53:53           0.0.0.0:*                           1578/systemd-resolv 
udp        0      0 0.0.0.0:68              0.0.0.0:*                           1343/dhclient       
udp        0      0 0.0.0.0:5355            0.0.0.0:*                           1578/systemd-resolv 
udp6       0      0 :::5355                 :::*                                1578/systemd-resolv

nginx.conf長什麼樣子?我假設您沒有更改配置,可能只是添加了 gzip 和一個新的包含文件夾,以便為網站提供單獨的位置。對於您的每個域/子域都有一個單獨的配置文件。像:

  • example.com&www.example.com
  • api.example.com
  • blog.example.com

這是因為我假設這些是同一域下的不同網站。如果它們在同一個網站上並且它們只是一個所謂的子頁面,那麼您最好只創建帶有位置選項的子頁面。

要重新組織您的nginx配置,我將創建一個com.example.conf包含 3 個獨立伺服器部分的文件。首先是將非www使用者重定向到www網站:

server {
   listen       80;
   server_name  example.com;
   return       301 https://www.example.com$request_uri;
}

server {
   listen       443 ssl;
   server_name  example.com;
   return       301 https://www.example.com$request_uri;
}

第三部分將包含主站點:

server {
   listen 443 ssl;

   server_name example.com www.example.com;

   root /var/www/example.com/public_html/web;

   index    index.php;

   error_log /var/log/nginx/www.example.com_error.log;
   access_log /var/log/nginx/www.example.com_access.log;

   location / {
       # try to serve file directly, fallback to front controller
       try_files $uri /index.php$is_args$args;
   }

   location ~ ^/index\.php(/|$) {
       fastcgi_pass   unix:/var/run/php/php7.0-fpm.sock;

       fastcgi_split_path_info ^(.+\.php)(/.*)$;
       include fastcgi_params;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       fastcgi_param HTTPS off;
       fastcgi_param   DATABASE_NAME           some;
       fastcgi_param   DATABASE_USER           some_user;
       fastcgi_param   DATABASE_PASSWORD       some_pwd;
   }

   location ~ \.php$ {
       return 404;
   }
}

(我不得不說,你的 index.php 位置中的 fastcgi 部分對我來說看起來很奇怪,但我會把它留給你)

然後創建單獨的配置文件com.example.api.confcom.example.blog.conf. 像以前一樣從以前的配置中添加前兩個部分,然後您可以為每個子域添加不同的位置配置。

例如,我的 laravel 網站有這個:

rewrite ^/index\.php?(.*)$ /$1 permanent;

location / {
       try_files $uri @rewrite;
}

location        @rewrite {
       rewrite ^(.*)$ /index.php/$1 last;
}
location ~ ^/index.php(/|$) {
       fastcgi_pass 127.0.0.1:9000;
       fastcgi_split_path_info ^(.+\.php)(/.*)$;
       include fastcgi_params;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       fastcgi_param HTTPS on;
       fastcgi_buffers 16 16k;
       fastcgi_buffer_size 32k;
       fastcgi_read_timeout 299;
}

希望這可以幫助您,如果沒有,請評論您的問題。

引用自:https://serverfault.com/questions/900819