I installed Paraya 5(.193) on CentOS 7 server and the installation is a success. Since I aim to host a JEE website on it, I changed the default http port (of Payara) from 8080 to 80 (after disabling apache web server in order to keep the port 80 free). However, when I rerun Payara (with Port 80 as a default one), I get the following error -
-- Unit payara.service has failed.
--
-- The result is failed.
Nov 20 14:39:42 server1.gdfnow.org systemd[1]: Unit payara.service entered failed state.
Nov 20 14:39:42 server1.gdfnow.org systemd[1]: payara.service failed.
Nov 20 14:39:42 server1.gdfnow.org polkitd[541]: Unregistered Authentication Agent for unix-process:16831:1426530 (system bus name :1.137, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_GB.UTF-8) (disc
Nov 20 14:39:44 server1.gdfnow.org unix_chkpwd[16992]: password check failed for user (root)
Nov 20 14:39:44 server1.gdfnow.org sshd[16990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.88.201.58 user=root
Nov 20 14:39:44 server1.gdfnow.org sshd[16990]: pam_succeed_if(sshd:auth): requirement "uid >= 1000" not met by user "root"
Nov 20 14:39:46 server1.gdfnow.org sshd[16990]: Failed password for root from 115.88.201.58 port 51698 ssh2
Nov 20 14:39:46 server1.gdfnow.org sshd[16990]: Received disconnect from 115.88.201.58 port 51698:11: Bye Bye [preauth]
Nov 20 14:39:46 server1.gdfnow.org sshd[16990]: Disconnected from 115.88.201.58 port 51698 [preauth]
lines 1101-1128/1128 (END)
Any insight into this would be greatly appreciated.
PS - In the error log, I have no clue what this IP Address of 115.88.201.58. It is certainly not a Public IP of my client computer.
Thanks
Related
I have developed application which has NuxtJS front-end and Node + Express back-end as component. The front-end running in 3000 & back-end on 5000. I installed Nginx on my EC2 instance and copied all both folder separately. I following this tutorial, im on the step to "Setup Nginx Reverse Proxy".
enter image description here
enter image description here
Here is my /etc/nginx/sites-enabled/ file. I added following part in that file when (create a symbolic link to it in sites-enabled). But its not working.
I got this error :
Sep 13 01:18:01 ip-172-**-**-** systemd[1]: Starting A high performance web ser>
Sep 13 01:18:02 ip-172-**-**-** nginx[290356]: nginx: [emerg] invalid number of>
Sep 13 01:18:02 ip-172-**-**-** nginx[290356]: nginx: configuration file /etc/n>
Sep 13 01:18:02 ip-172-**-**-** systemd[1]: nginx.service: Control process exit>
Sep 13 01:18:02 ip-172-**-**-** systemd[1]: nginx.service: Failed with result '>
Sep 13 01:18:02 ip-172-**-**-** systemd[1]: Failed to start A high performance >
so this is the problem I have installed open jdk 8 for jenkins. jenkins is insalled and running given
● jenkins.service - LSB: Start Jenkins at boot time
Loaded: loaded (/etc/init.d/jenkins; generated)
Active: active (exited) since Thu 2021-10-21 19:22:55 UTC; 20min ago
Docs: man:systemd-sysv-generator(8)
Process: 437 ExecStart=/etc/init.d/jenkins start (code=exited, status=0/SUCCESS)
Oct 21 19:22:52 ip-172-31-30-187 systemd[1]: Starting LSB: Start Jenkins at boot time...
Oct 21 19:22:53 ip-172-31-30-187 jenkins[437]: Correct java version found
Oct 21 19:22:53 ip-172-31-30-187 jenkins[437]: * Starting Jenkins Automation Server jenkins
Oct 21 19:22:54 ip-172-31-30-187 su[619]: (to jenkins) root on none
Oct 21 19:22:54 ip-172-31-30-187 su[619]: pam_unix(su-l:session): session opened for user jenkins by (u>
Oct 21 19:22:54 ip-172-31-30-187 su[619]: pam_unix(su-l:session): session closed for user jenkins
Oct 21 19:22:55 ip-172-31-30-187 jenkins[437]: ...done.
Oct 21 19:22:55 ip-172-31-30-187 systemd[1]: Started LSB: Start Jenkins at boot time.
however, using serverip:8080 brings up nothing
used this tutorial https://www.youtube.com/watch?v=B6K1IF-489M&t=36s
port 8080 is also added to security group
this problem was not solved but making a fresh ec2 instance and installing Jenkins by following that tutorial did the trick
Currently learning how to config an openVPN server on an AWS Linux server as a bit of a self-taught exercise. I've managed to set everything up to trying to connect to it via the OpenVPN client GUI, but it's not working. The error message in the log below:
Enter Management Password:
Mon May 18 14:59:57 2020 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Mon May 18 14:59:57 2020 Need hold release from management interface, waiting...
Mon May 18 14:59:57 2020 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Mon May 18 14:59:57 2020 MANAGEMENT: CMD 'state on'
Mon May 18 14:59:57 2020 MANAGEMENT: CMD 'log all on'
Mon May 18 14:59:57 2020 MANAGEMENT: CMD 'echo all on'
Mon May 18 14:59:57 2020 MANAGEMENT: CMD 'bytecount 5'
Mon May 18 14:59:57 2020 MANAGEMENT: CMD 'hold off'
Mon May 18 14:59:57 2020 MANAGEMENT: CMD 'hold release'
Mon May 18 14:59:57 2020 WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
Mon May 18 14:59:57 2020 OpenSSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
Mon May 18 14:59:57 2020 Cannot load private key file client.key
Mon May 18 14:59:57 2020 SIGUSR1[soft,private-key-password-failure] received, process restarting
Mon May 18 14:59:57 2020 MANAGEMENT: >STATE:1589810397,RECONNECTING,private-key-password-failure,,,,,
Mon May 18 14:59:57 2020 Restart pause, 5 second(s)
Here's the configs I have for server and client:
client
dev tun
proto udp
remote [MY AWS IP GOES HERE] 1194
ca ca.crt
cert client.crt
key client.key
tls-version-min 1.2
tls-cipher TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
cipher AES-256-CBC
auth SHA512
resolv-retry infinite
auth-retry none
nobind
persist-key
persist-tun
ns-cert-type server
comp-lzo
verb 3
tls-client
tls-auth pfs.key
Server
port 1194
proto udp
dev tun
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/server.crt
key /etc/openvpn/easy-rsa/pki/private/server.key
dh /etc/openvpn/easy-rsa/pki/dh.pem
cipher AES-256-CBC
auth SHA512
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
log-append openvpn.log
verb 3
tls-server
tls-auth /etc/openvpn/pfs.key
I'm trying to figure out why my HTTPS sites go down everytime my server's DHCP lease gets renewed.
It happens consistently, but HTTP sites continue to work just fine.
Restarting systemd-networkd brings the sites back, but until that happens the HTTPS sites are basically unreachable.
Any tips on where to look first?
The weird thing is these sites come back after the next DHCP lease renewal, then I lose connectivity on the next one, then it comes back, then I lose it, on and on.
This is what I see in syslog when it happens.
Apr 13 18:06:25 www-1 systemd-networkd[13973]: ens4: DHCP lease lost
Apr 13 18:06:25 www-1 systemd-networkd[13973]: ens4: DHCPv4 address 10.138.0.29/32 via 10.138.0.1
Apr 13 18:06:25 www-1 systemd-networkd[13973]: ens4: IPv6 successfully enabled
Apr 13 18:06:25 www-1 dbus-daemon[579]: [system] Activating via systemd: service name='org.freedesktop.hostname1' unit='dbus-org.freedesktop.hostname1.service' requested by ':1.231' (uid=101 pid=13973 comm="/lib/systemd/systemd-networkd " label="unconfined")
Apr 13 18:06:25 www-1 systemd-networkd[13973]: ens4: Configured
Apr 13 18:06:25 www-1 systemd[1]: Starting Hostname Service...
Apr 13 18:06:25 www-1 dbus-daemon[579]: [system] Successfully activated service 'org.freedesktop.hostname1'
Apr 13 18:06:25 www-1 systemd[1]: Started Hostname Service.
Apr 13 18:06:25 www-1 systemd-hostnamed[17589]: Changed host name to 'www-1.us-west1-b.c.camp-fire-259800.internal'
This issue seems to be related to the following:
https://moss.sh/name-resolution-issue-systemd-resolved/
and
https://github.com/systemd/systemd/issues/9243
I've disabled systemd-resolved and am using a static /etc/resolv.conf copied from /run/systemd/resolve/resolv.conf
For internal DNS I'm using a private Google DNS Zone.
Thanks.
I am trying to install nginx on a rhel 7 and it says process doesn't start. Following is the log.
Nov 13 06:36:42 ip-10-0-0-10.ec2.internal systemd[1]: Starting nginx -
high performance web server...**
Nov 13 06:36:42 ip-10-0-0-10.ec2.internal nginx[30974]: nginx: the
configuration file /etc/nginx/nginx.conf syntax is ok
Nov 13 06:36:42 ip-10-0-0-10.ec2.internal nginx[30974]: nginx: [emerg]
open() "/mnt/nginx_logs/pubstore/access.log" failed (13: Permission
denied)
Nov 13 06:36:42 ip-10-0-0-10.ec2.internal nginx[30974]: nginx:
configuration file /etc/nginx/nginx.conf test failed
Nov 13 06:36:42 ip-10-0-0-10.ec2.internal systemd[1]: nginx.service:
control process exited, code=exited status=1
Nov 13 06:36:42 ip-10-0-0-10.ec2.internal systemd[1]: Failed to start
nginx - high performance web server.
Nov 13 06:36:42 ip-10-0-0-10.ec2.internal systemd[1]: Unit
nginx.service entered failed state.**
The permission of the file access log is as follows. I have given permission but still it doesn't start.
-rwxrwxrwx. 1 nginx nginx 0 Nov 13 02:07 access.log
-rwxrwxrwx. 1 nginx nginx 0 Nov 13 02:07 error.log
The installation is done on a puppet agent on amazon ec2 instance
This line:
Nov 13 06:36:42 ip-10-0-0-10.ec2.internal nginx[30974]: nginx: [emerg] open() "/mnt/nginx_logs/pubstore/access.log" failed (13: Permission denied)
Tells you that the user you are running nginx as, does not have access to write to the log file its configured to write to.
Since the logs are being stored in a non-standard location, you will likely have to ensure that the directory you want to store logs in, is writable by the same user that nginx is running as.