nginx serves wrong site while config is being reloaded
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| nginx (Ubuntu) |
Expired
|
Undecided
|
Unassigned | ||
Bug Description
We have a cronjob that regularly regenerates vhost configs from a template, renews certificates and reloads nginx.
Lately, we are frequently seeing an error where during a short window, nginx serves the wrong site & certificate are served by nginx. For instance, I see this error log entry:
2021/08/04 06:53:19 [error] 2296834#2296834: *618991 connect() failed (111: Connection refused) while connecting to upstream, client: 2604:a880:
The domain which is served in place of the one which was requested is NOT the default server, instead, it is one whose config hasn't been regenerated because it has a custom config that is exempt from being automatically regenerated.
Again, this erroneous behaviour seems to last only for a very short while, but this is enough to e.g. cause a Nextcloud client to complain about the wrong certificate and stop synchronizing.
| Paride Legovini (paride) wrote | #1 |
| Changed in nginx (Ubuntu): | |
| status: | New → Incomplete |
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in nginx (Ubuntu): | |
| status: | Incomplete → Expired |
Hello Johannes and thanks for your bug report. I tried to reproduce the issue you described in a simple setup, but I couldn't. Perhaps my dummy setup is too simple and the reload happens too fast. I assume you are using `systemctl reload` to make nginx reload its config.
Without steps to reproduce the problem there is little that can be done on this bug. My suggestion here, if you can't identify a minimal set of steps that reproduce the problem, is to file a bug against the upstream nginx project, as it is very unlikely that this is an Ubuntu-specific bug.
For the moment I'm marking this report as Incomplete.