Hi guys,
I have successfully installed the second site on v13, everything is running smooth except: when I install the SSL certificate on the second site, the first site stops working
It seems for some reason either there is a misconfiguration in nginx or certbot doesn’t install a new certificate for each site as I am telling it to do.
Your assistance will be greatly appreciated … the entire config of nginx is standard as per enabled by dns_multitenant and bench setup nginx
Thank you in advance. Here is the nginx.conf file
upstream frappe-bench-frappe {
server 127.0.0.1:8000 fail_timeout=0;
}
upstream frappe-bench-socketio-server {
server 127.0.0.1:9000 fail_timeout=0;
}
# setup maps
map $host $site_name_hqaxcjx {
management.neptunescubadiving.com management.neptunescubadiving.com;
management.neptuneliveaboards.com management.neptuneliveaboards.com;
default $host;
}
# server blocks
server {
server_name
management.neptunescubadiving.com
management.neptunescubadiving.com
management.neptuneliveaboards.com
management.neptuneliveaboards.com
;
root /home/erpnext/frappe-bench/sites;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
add_header X-Frame-Options "SAMEORIGIN";
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Referrer-Policy "same-origin, strict-origin-when-cross-origin";
location /assets {
try_files $uri =404;
}
location ~ ^/protected/(.*) {
internal;
try_files /$site_name_hqaxcjx/$1 =404;
}
location /socket.io {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Frappe-Site-Name $site_name_hqaxcjx;
proxy_set_header Origin $scheme://$http_host;
proxy_set_header Host $host;
proxy_pass http://frappe-bench-socketio-server;
}
location / {
rewrite ^(.+)/$ $1 permanent;
rewrite ^(.+)/index\.html$ $1 permanent;
rewrite ^(.+)\.html$ $1 permanent;
location ~ ^/files/.*.(htm|html|svg|xml) {
add_header Content-disposition "attachment";
try_files /$site_name_hqaxcjx/public/$uri @webserver;
}
try_files /$site_name_hqaxcjx/public/$uri @webserver;
}
location @webserver {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frappe-Site-Name $site_name_hqaxcjx;
proxy_set_header Host $host;
proxy_set_header X-Use-X-Accel-Redirect True;
proxy_read_timeout 120;
proxy_redirect off;
proxy_pass http://frappe-bench-frappe;
}
# error pages
error_page 502 /502.html;
location /502.html {
root /usr/local/lib/python3.8/dist-packages/bench/config/templates;
internal;
}
# optimizations
sendfile on;
keepalive_timeout 15;
client_max_body_size 50m;
client_body_buffer_size 16K;
client_header_buffer_size 1k;
# enable gzip compresion
# based on https://mattstauffer.co/blog/enabling-gzip-on-nginx-servers-including-laravel-forge
gzip on;
gzip_http_version 1.1;
gzip_comp_level 5;
gzip_min_length 256;
gzip_proxied any;
gzip_vary on;
gzip_types
application/atom+xml
application/javascript
application/json
application/rss+xml
application/vnd.ms-fontobject
application/x-font-ttf
application/font-woff
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/svg+xml
image/x-icon
text/css
text/plain
text/x-component
;
# text/html is always compressed by HttpGzipModule
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/management.neptunescubadiving.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/management.neptunescubadiving.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
I also tried setting: bench set-nginx-port management.neptuneliveaboards.com 82
However that doesn’t update the nginx.conf file