I had to renew my SSL certs for this site, so while doing so I upgraded and addressed a few other issues.
First, apparently when I deployed the SSL certs last time I missed out some of the root certs in the chain. The vendor I used gives you each of the root certs individually and you need to manually concatenate them together yourself. More in another post on the steps I too to do this.
Since certs are part of my nginx Docker image, I rebuilt my image upgrading everything to latest versions. Since it was a also a couple of years since I last did this, I also had to go back through my posts here to work out the steps I took to deploy last time. I’ll post another update on the steps I took for this also later.
Moving an nginx install from Ubuntu 14.04 to 18.04 and upgrading to more recent versions of nginx, php, php-fpm, I ran into this error in my nginx config:
2020/02/28 04:45:47 [crit] 11784#11784: *1 connect() to unix:/var/run/php7.2-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: 192.168.x.x, server: , request: "GET /index.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php7.2-fpm.sock:", host: "10.x.x.x"
The “No such file or directory” error is talking about the nginx connection to the php7.2-fpm.sock, rather than the file the GET request is for.
On closer look at where the .sock file is located, this was a subtle error to find and fix, but the fix was simple as I was pointing to the wrong path.
In my nginx default config, I had this line (migrating from a config for an older nginx and pphp-fpm version, this is where it was before):
… I was missing a /php/ dir in the path, so changing to the correct path was the fix:
When you concatenated your SSL .crt intermediate and root certs together, it’s likely you ended up with lines line this:
—–END CERTIFICATE———-BEGIN CERTIFICATE—–
To fix this, manually edit to insert a newline between the end and begin like this, and you should be all set:
Attempting to upload some new photos between around 3 to 5MB, the majority of the uploads failed, and this error was occurring repeatedly in my nginx error.log:
2018/08/06 07:18:37 [error] 43#0: *5 client intended to send too large body: 3125530 bytes
Based on this tip from here, the solution was to increase the default POST body size config with this setting in my nginx.conf: