Solved - Brittle Nginx cannot be restarted or only starts in 1 out of every three reboots

SYSTEM INFORMATION
OS type and version Ubuntu Linux 24.04.1
Virtualmin version 7.30.4

I’m posting this in case anyone else has problems with the default nginx minimal setup on a cloud VPS.

This was driving me nuts. There was a previous incident where there was an unknown instance of Apache that was grabbing the IP. That got dealt with, but then the same issue emerged. Nginx was brittle about starting or restarting, and I could not find the cause.

If using journalctl -xeu nginx.service, I got:

░░ The job identifier is 147.
Jan 08 14:33:25 host5.johnsimmonshypertext.com nginx[1355]: nginx: [emerg] bind(
) to [2604:180:f4::30d]:443 failed (99: Cannot assign requested address)
Jan 08 14:33:25 host5.johnsimmonshypertext.com nginx[1355]: nginx: configuration
 file /etc/nginx/nginx.conf test failed
Jan 08 14:33:25 host5.johnsimmonshypertext.com systemd[1]: nginx.service: Control process exited, code=exited, status=1/FAILURE

There was no obvious (to me) cause. I would next have checked /etc/network, but then I remembered that on Ubuntu, /etc/netplan is the magic configuration, and is autogenerated on my particular cloud VPS:

# This file is generated from information provided by the datasource.  Changes
# to it will not persist across an instance reboot.  To disable cloud-init's
# network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
    version: 2
    ethernets:
        ens3:
            accept-ra: true
            dhcp4: true
            dhcp6: true
            match:
                macaddress: <macaddress>
            mtu: 1500
            set-name: ens3

Upon consulting with the cloud VPS tech support, the following netplan was suggested instead:

network:
    version: 2
    ethernets:
        ens3:
            accept-ra: true
            dhcp4: false
            dhcp6: false
            addresses:
                - 168.235.72.134/24
                - 2604:180:f4::30d/64
            routes:
                - to: default    # defaut ipv4
                  via: 168.235.72.1
                - to: "::/0"      # defaut ipv6
                  via: "2604:180:f4::1"
                  on-link: true
            nameservers:
                addresses:
                - 1.1.1.1
                - 1.0.0.1
                - 2001:4860:4860::8888
                - 2001:4860:4860::8844
            match:
                macaddress: fa:16:3e:1d:e2:f8
            mtu: 1500
            set-name: ens3

This ensured that the IP6 was available at the time Nginx booted up. The brittleness is apparently gone. I also added the file:

/etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:

network: {config: disabled}

So that the change to netplan would be persistent between boots.
This is offered in case it is of use to anyone.

Just to confirm that this is a solved issue.

Ah, interesting! This is a somewhat known issue that many people experience—not just Virtualmin users, I mean.

I addressed it earlier as follow:

Though, I think still, we need to adjust the OnActiveSec timer.

That looks like it keeps nginx from starting too early? But it doesn’t work if the IP6 has been grabbed and is not available.

Perhaps, but this isn’t an issue for Virtualmin to address.

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.