Mail-in-a-Box Version: v0.26b
Updating system packages...
Installing system packages...
Initializing system random number generator...
Firewall is active and enabled on system startup
Installing nsd (DNS server)...
Installing Postfix (SMTP server)...
Installing Dovecot (IMAP server)...
Installing OpenDKIM/OpenDMARC...
Installing SpamAssassin...
Installing Nginx (web server)...
Installing Roundcube (webmail)...
Installing Nextcloud (contacts/calendar)...
Nextcloud or one of the apps require upgrade - only a limited number of commands are available
You may use your browser or the occ upgrade command to do the upgrade
Set log level to debug
Exception: Updates between multiple major versions and downgrades are unsupported.
Update failed
Maintenance mode is kept active
Reset log level
$ service nginx status
* nginx is not running
Hi sinanto,
Can you post the output of your Nginx error log after doing Nginx restart?
sudo service nginx restart
sudo tail -n20 /var/log/nginx/error.log
I’ve tested a restore on all my backups from my live server on a VMware Instance at home last night and I had similar issue Nginx was not starting up, altho not an upgrade like you, the issue was the SSL Certificate mismatch.
The upgrade does not restore the symlinked ssl_certificate.pem correctly but restores the private key: ssl_private_key.pem.
ls -l /home/user-data/ssl/
total 28
-rw-r--r-- 1 root dovecot 3441 Jan 20 17:30 box.example.net-20180420-9c5.pem
-rw-r--r-- 1 root root 989 Jan 20 17:24 box.example.net--selfsigned-20180120.pem
-rw-r--r-- 1 root root 424 Jan 20 17:25 dh2048.pem
drwxr-xr-x 3 root root 4096 Jan 20 17:29 lets_encrypt
-rw------- 1 root root 3494 Jan 20 22:27 example.net-20180420-734.pem
lrwxrwxrwx 1 root root 56 Jan 20 17:30 ssl_certificate.pem -> /home/user-data/ssl/box.example.net--20180420-9c5.pem
-rw------- 1 root dovecot 1675 Jan 20 17:24 ssl_private_key.pem
-rw------- 1 root root 3494 Jan 22 03:02 otherdomains.co.uk-20180422-9af0.pem
And Nginx does not start because of certificate mismatch. Before the restore Box had a self-signed certificate, ssl_certificate.pem -> was still pointing to the self-signed while the private key was updated from my backup. Fixing symlink solved the issue. But checking the logs is the best place to start.
I assume you run MIAB v.26b on Ubuntu 14.04.5 LTS, you run Nginx version: nginx/1.4.6 (Ubuntu), and you have not made any modifications manually to Nginx local.conf
This is a section of my local.conf
44 # The secure HTTPS server.
45 server {
46 listen 443 ssl;
47 listen [::]:443 ssl;
48
49 server_name box.example.com;
50
51 # Improve privacy: Hide version an OS information on
52 # error pages and in the "Server" HTTP-Header.
53 server_tokens off;
54
55 ssl_certificate /home/user-data/ssl/ssl_certificate.pem;
56 ssl_certificate_key /home/user-data/ssl/ssl_private_key.pem;
57
58 # Expose this directory as static files.
59 root /home/user-data/www/default;
60 index index.html index.htm;
61
62 location = /robots.txt {
63 log_not_found off;
64 access_log off;
65 }
66
67 location = /favicon.ico {
68 log_not_found off;
69 access_log off;
70 }
71
72 location = /mailinabox.mobileconfig {
73 alias /var/lib/mailinabox/mobileconfig.xml;
74 }
75 location = /.well-known/autoconfig/mail/config-v1.1.xml {
76 alias /var/lib/mailinabox/mozilla-autoconfig.xml;
77 }
78
79 # Roundcube Webmail configuration.
80 rewrite ^/mail$ /mail/ redirect;
81 rewrite ^/mail/$ /mail/index.php;
82 location /mail/ {
83 index index.php;
84 alias /usr/local/lib/roundcubemail/;
85 }
86 location ~ /mail/config/.* {
87 # A ~-style location is needed to give this precedence over the next block.
88 return 403;
89 }
90 location ~ /mail/.*\.php {
91 # note: ~ has precendence over a regular location block
92 include fastcgi_params;
93 fastcgi_split_path_info ^/mail(/.*)()$;
94 fastcgi_index index.php;
95 fastcgi_param SCRIPT_FILENAME /usr/local/lib/roundcubemail/$fastcgi_script_name;
96 fastcgi_pass php-fpm;
97
98 # Outgoing mail also goes through this endpoint, so increase the maximum
99 # file upload limit to match the corresponding Postfix limit.
100 client_max_body_size 128M;
101 }
Can you compare with yours and see if you see any differences or typos before/in/after line#62?