My site is giving a privacy warning. Saying the certificate has not been updated and has expired yesterday.
I have updated Trellis, and am trying to run the following steps:
Update trellis to include roots/trellis#630
Set ssl enabled: false for affected sites in group_vars//wordpress_sites.yml
Run ansible-playbook server.yml -e env= --tags wordpress
Reset ssl enabled: true for applicable sites in group_vars//wordpress_sites.yml
Run ansible-playbook server.yml -e env= --tags letsencrypt
Unfortunately Nginx is not reloading giving me the following warning:
RUNNING HANDLER [common : reload nginx] ****************************************
System info:
Ansible 2.5.4; Darwin
Trellis version (per changelog): "Update wp-cli to 2.0.1"
---------------------------------------------------
non-zero return code
nginx: [emerg] unknown directive "fastcgi_cache_background_update" in
/etc/nginx/sites-enabled/domain.com.conf:71
nginx: configuration file /etc/nginx/nginx.conf test failed
fatal: [178.62.208.219]: FAILED! => {"changed": true, "cmd": ["nginx", "-t"], "delta": "0:00:00.026731", "end": "2018-09-09 09:41:06.131827", "rc": 1, "start": "2018-09-09 09:41:06.105096", "stderr_lines": ["nginx: [emerg] unknown directive \"fastcgi_cache_background_update\" in /etc/nginx/sites-enabled/domain.com.conf:71", "nginx: configuration file /etc/nginx/nginx.conf test failed"], "stdout": "", "stdout_lines": []}
Running ānginx -tā is giving me: nginx: [emerg] unknown directive "fastcgi_cache_background_update" in /etc/nginx/sites-enabled/domain.com.conf:71
Any idea how to fix this? Thanks!
Edit:
Iām thinking Nginx is not the right version for āfastcgi_cache_background_updateā. Iāve updated Nginx. Unfortunately this has lead to the next error:
Unable to start service php7.2-fpm: Job for php7.2-fpm.service failed because
the control process exited with error code.
I had an issue with an SSL cert recently and ultimately it was faster to update Trellis to the latest HEAD, back up the database and uploads and destroy/reprovision the server. Whole thing took about an hour with about 10 minutes of down time.
Itās what I ended up doing. Only instead of destroying the Production server I created a new one. Just to make sure I had an extra back-up. Downside was the new IP, for some external services.
I had the same issue and it turned out to an issue with NGINX not being able to restart after regenerating the certs. I think I must have upgraded Trellis, but the nginx version was older than that defined in Trellis.
Checking the logs, I saw this:
2018/12/10 22:29:52 [emerg] 2022#2022: unknown directive "fastcgi_cache_background_update" in /etc/nginx/sites-enabled/forty7id.com.conf:82
So one way to get around this without reprovisioning your server is to disable fastcgi_cache_background_update in your nginx config and restart nginx.
This post solves the issue well, if you had an old trellis install, it installed an old version of Nginx, you will need to upgrade to a version that includes the module