I was testing the certbot renew --dry-run command to see if I would be find to just put the command in a cron record, however it indicates it had a problem restarting NGINX
Cleaning up challenges
Attempting to renew cert from /etc/letsencrypt/renewal/tarasis.net.conf produced an unexpected error: nginx restart failed:
2016/07/19 22:14:44 [emerg] 24709#24709: a duplicate default server for 0.0.0.0:443 in /etc/nginx/sites-enabled/tarasis.net:5
. Skipping.
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/tarasis.net/fullchain.pem (failure)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)
1 renew failure(s), 0 parse failure(s)
My nginx file works okay, and I can restart it manually without issue.
nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
From the domain file
listen 80 default_server;
listen [::]:80 ipv6only=on default_server;
listen 443 ssl default_server; listen [::]:443 ipv6only=on ssl default_server;
Commenting out the two ipv6 lines makes no difference.
No other file in the sites_available or sites_enabled directory uses default_server
find . | xargs grep default
./tarasis.net: listen 80 default_server;
./tarasis.net: #listen [::]:80 ipv6only=on default_server;
./tarasis.net: listen 443 ssl default_server;
./tarasis.net: #listen [::]:443 ipv6only=on ssl default_server;
Does anyone have any thoughts?