This same trellis server worked on production with letsencrypt, but now trying to do a staging server.
The staging subdomain IP has propagated now for several days and passes as green on whatsmydns.net for all but china and some of the more difficult countries.
There are no cert challenge failures.
The error in ansible is:
RUNNING HANDLER [common : reload nginx] ****************************************
fatal: [staging_host]: FAILED! => {"changed": true, "cmd": ["nginx", "-t"], "delta": "0:00:00.009640", "end": "2023-01-24 08:49:48.971955", "msg": "non-zero return code", "rc": 1, "start": "2023-01-24 08:49:48.962315", "stderr": "nginx: [emerg] open() \"/etc/nginx/fastcgi_params\" failed (2: No such file or directory) in /etc/nginx/sites-enabled/website.com.conf:122\nnginx: configuration file /etc/nginx/nginx.conf test failed", "stderr_lines": ["nginx: [emerg] open() \"/etc/nginx/fastcgi_params\" failed (2: No such file or directory) in /etc/nginx/sites-enabled/website.com.conf:122", "nginx: configuration file /etc/nginx/nginx.conf test failed"], "stdout": "", "stdout_lines": []}
So it is a configuration file test failure.
Line 122 of /etc/nginx/sites-enabled/website.com/conf is include fastcgi_params;
The keys exist inside of /etc/nginx/ssl/letsencrypt
The nginx.service is active/running.
With https, the browser says “This site can’t be reached”.
With http it gives 404 nginx error.
I have tried:
- deleting /etc/nginx on the server and provisioning again
- provisioning without SSL and back again to SSL
- setting
ssh_client_ip_lookup: falsein group_vars/all/main.yml - setting the full subdomain as the site name, and without
- changing the letsencrypt email address
