SSL certs upgraded, Docker images upgraded, ready to go!

I had to renew my SSL certs for this site, so while doing so I upgraded and addressed a few other issues.

First, apparently when I deployed the SSL certs last time I missed out some of the root certs in the chain. The vendor I used gives you each of the root certs individually and you need to manually concatenate them together yourself. More in another post on the steps I too to do this.

Since certs are part of my nginx Docker image, I rebuilt my image upgrading everything to latest versions. Since it was a also a couple of years since I last did this, I also had to go back through my posts here to work out the steps I took to deploy last time. I’ll post another update on the steps I took for this also later.

nginx and php-fpm configuration errors

Moving an nginx install from Ubuntu 14.04 to 18.04 and upgrading to more recent versions of nginx, php, php-fpm, I ran into this error in my nginx config:

2020/02/28 04:45:47 [crit] 11784#11784: *1 connect() to unix:/var/run/php7.2-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: 192.168.x.x, server: , request: "GET /index.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php7.2-fpm.sock:", host: "10.x.x.x"

The “No such file or directory” error is talking about the nginx connection to the php7.2-fpm.sock, rather than the file the GET request is for.

On closer look at where the .sock file is located, this was a subtle error to find and fix, but the fix was simple as I was pointing to the wrong path.

In my nginx default config, I had this line (migrating from a config for an older nginx and pphp-fpm version, this is where it was before):

fastcgi_pass unix:/var/run/php7.2-fpm.sock;

… I was missing a /php/ dir in the path, so changing to the correct path was the fix:

fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;