Borked MIAB upgrade

Went thru the upgrade process after updating my Ubuntu 18.04 server. Now nginx isn’t starting and I checked thru the forums looking for similar issues but don’t see much.

python3 management/status_checks.py
says:

python3: can’t open file ‘management/status_checks.py’: [Errno 2] No such file or directory
netops@box:~$ sudo python3 /home/netops/mailinabox/management/status_checks.py
Traceback (most recent call last):
File “/home/netops/mailinabox/management/status_checks.py”, line 12, in
import psutil
ModuleNotFoundError: No module named ‘psutil’

nginx -t says:

nginx: [warn] “ssl_stapling” ignored, host not found in OCSP responder “ocsp.int-x3.letsencrypt.org” in the certificate “/home/user-data/ssl/ssl_certificate.pem”
nginx: [warn] “ssl_stapling” ignored, host not found in OCSP responder “ocsp.int-x3.letsencrypt.org” in the certificate “/home/user-data/ssl/ssl_certificate.pem”
nginx: [warn] “ssl_stapling” ignored, host not found in OCSP responder “ocsp.int-x3.letsencrypt.org” in the certificate “/home/user-data/ssl/ssl_certificate.pem”
nginx: [warn] “ssl_stapling” ignored, host not found in OCSP responder “ocsp.int-x3.letsencrypt.org” in the certificate “/home/user-data/ssl/box.atf.linfield.edu-20200929-aafab098.pem”
nginx: [warn] “ssl_stapling” ignored, host not found in OCSP responder “ocsp.int-x3.letsencrypt.org” in the certificate “/home/user-data/ssl/ssl_certificate.pem”
nginx: [warn] “ssl_stapling” ignored, host not found in OCSP responder “ocsp.int-x3.letsencrypt.org” in the certificate “/home/user-data/ssl/ssl_certificate.pem”
nginx: [warn] “ssl_stapling” ignored, host not found in OCSP responder “ocsp.int-x3.letsencrypt.org” in the certificate “/home/user-data/ssl/ssl_certificate.pem”
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

I’ve rerun the update script several times with reboots in between…I’m stuck…Can anyone point me in the right direction?

As near as I can tell, the issue has to do with the DNS resolver 127.0.0.1#53 not being able to resolve ocsp.int-x3.letsencrypt.org -
further testing with nslookup tells me using 127.0.0.1#53 as the MIAB dns resolver can’t resolve anything! what the hell? this all worked fine prior to upgrade…

Meaning specifically what? From which version of MiaB did you upgrade?

So let’s try running the status checks the proper way … @Wherewolf

sudo /home/netops/mailinabox/management/status_checks.py

and once we see what the status checks have to say we can go on to the next step.

Sorry - it was a couple of versions back (.42 .43 - sorry I wasn’t really paying attention! I know! pathetic!) anyway, I think I’ve found the issue - and it had to do with BIND9 named.conf.options - the fowarders I was using got commented out with slashes somehow during the upgrade - this box is locked down on a private network, so the box’s resolver needs to forward / talk to a secured DNS server on the same segment that is allowed to do DNS resolution. I think I have everything working now - just documenting it here in case someone else needs the info. I will need to remember to check next time I upgrade - it’s never been an issue before - but things do change…

I want to say thanks for reaching out and trying to help me @alento - I appreciate you responding so quickly!

1 Like