DNS problem with Nginx on reboot



  • Client has a local Nginx reverse proxy to serve up their Nextcloud and a custom IIS website.

    Everything works normally, except on a reboot, Nginx fails to start as you see here.
    Immediately after boot, I can log in and restart the service and it works.

    I assume this is some kind of DNS issue then.

    Results of journalctl -u nginx

    -- Reboot --
    May 11 12:47:25 proxy.domain.local systemd[1]: Starting The nginx HTTP and reverse proxy server...
    May 11 12:47:26 proxy.domain.local nginx[635]: nginx: [emerg] host not found in upstream "sql02.domain.local" in /etc/nginx/conf.d/reports.conf:2
    May 11 12:47:26 proxy.domain.local nginx[635]: nginx: configuration file /etc/nginx/nginx.conf test failed
    May 11 12:47:26 proxy.domain.local systemd[1]: nginx.service: Control process exited, code=exited, status=1/FAILURE
    May 11 12:47:26 proxy.domain.local systemd[1]: nginx.service: Failed with result 'exit-code'.
    May 11 12:47:26 proxy.domain.local systemd[1]: Failed to start The nginx HTTP and reverse proxy server.
    May 11 12:50:37 proxy.domain.local systemd[1]: Starting The nginx HTTP and reverse proxy server...
    May 11 12:50:37 proxy.domain.local nginx[775]: nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /etc/nginx/conf.d/reports.conf:9
    May 11 12:50:38 proxy.domain.local nginx[775]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
    May 11 12:50:38 proxy.domain.local nginx[775]: nginx: configuration file /etc/nginx/nginx.conf test is successful
    May 11 12:50:38 proxy.domain.local nginx[776]: nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /etc/nginx/conf.d/reports.conf:9
    May 11 12:50:38 proxy.domain.local systemd[1]: nginx.service: Failed to parse PID from file /run/nginx.pid: Invalid argument
    May 11 12:50:38 proxy.domain.local systemd[1]: Started The nginx HTTP and reverse proxy server.
    


  • Here is the conf file. Removed the extraneous ssl on;

    cat /etc/nginx/conf.d/reports.conf 
    
    upstream http_backend {
        server sql02.domain.local;
        keepalive 16;
    }
    
    server {
        client_max_body_size 40M;
        server_name reports.domain.com;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
        proxy_redirect off;
        proxy_http_version 1.1;
        proxy_set_header Connection "";
    
        location = / { rewrite ^ /Reports$args last; }
        location ~* ^/Reports { proxy_pass http://http_backend; }
    
        listen 443 ssl; # managed by Certbot
        ssl_certificate /etc/letsencrypt/live/reports.domain.com/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/reports.domain.com/privkey.pem; # managed by Certbot
        include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
    
    }
    server {
        client_max_body_size 40M;
        listen 80;
        server_name reports.domain.com;
        return 301 https://$host$request_uri;
    #    rewrite ^ https://$server_name$request_uri? permanent;
    }
    


  • Could it be Nginx starting before the /etc/resolv.conf file has been generated?



  • It does look like a DNS issue, can ngnix start as the last process instead on this server?



  • dhcp


Log in to reply