Skip to main content

UPS-606 - nginx: [emerg] invalid value "0" in "http2" directive, it must be "on" or "off" in /etc/nginx/conf.d/default.conf:9

Comments

24 comments

  • cPRex Jurassic Moderator
    Hey there! I created a test server to check that file, and the line just looks like this: http2 off;
    with no other characters. Is that working for you?
    0
  • Wil Hatfield
    Hey this seems to be a real issue that just started in like the last 48 hours. Something must have updated somewhere because this came on suddenly. I think cPanel is writing the http2 0; or http2 1; to the /etc/nginx/conf.d/default.conf file and regenerating the user files all with the wrong setting. Then when nginx tries to restart well that kills that apache and nginx both die of course. I can manually reset it to the on or off of course but how do I regenerated all those user files in /etc/nginx/conf.d/users/
    0
  • cPRex Jurassic Moderator
    Our team did find an issue with the CloudLinux ea-nginx package and we've created case UPS-606 to have our team communicate with CloudLinux about this problem.
    0
  • Wil Hatfield
    /usr/local/cpanel/scripts/ea-nginx in the source guys. You are turning the 1 or 0 on based on a previous bool and not changing it to "on" or "off". Previously: sub _write_global_default { my $reuseport = Cpanel::Kernel::system_is_at_least('3.9.0') ? 1 : 0; my $ipv6 = _has_ipv6(); my $http2 = _wants_http2() ? 'on' : 'off'; Currently: sub _write_global_default { my $reuseport = Cpanel::Kernel::system_is_at_least('3.9.0') ? 1 : 0; my $ipv6 = _has_ipv6(); my $http2 = _wants_http2() ;
    0
  • Wil Hatfield
    Our team did find an issue with the CloudLinux ea-nginx package and we've created case UPS-606 to have our team communicate with CloudLinux about this problem.

    So that in sub _write_global_default above came from the CloudLinux version? Wouldn't be a bad idea to include the nginx user files regeneration into rebuildhttpdconf if nginx is enabled. That way in a case like this we could just modify the default.conf and run rebuildhttpdconf and all would be fixed. Eliminates the dependency we have on the cloudlinux distro. In the meantime I'll try a sed find replace and see if I can get it going temporarily.
    0
  • cPRex Jurassic Moderator
    Ultimately this will get fixed, but you're welcome to do whatever workaround you like for the time being.
    0
  • Wil Hatfield
    Of course it has to be done after any kind of upgrade or build, but this is a good bandaid until they fix the distro. cd /etc/nginx/conf.d find ./ -type f -exec sed -i 's/http2 0/http2 off/g' {} \; find ./ -type f -exec sed -i 's/http2 1/http2 on/g' {} \; /bin/systemctl restart nginx.service And changing the my $http2 = _wants_http2(); in /usr/local/cpanel/scripts/ea-nginx to my $http2 = _wants_http2() ? 'on' : 'off;
    0
  • Wil Hatfield
    Went ahead and disabled it cause it keep coming back for some reason. I can't babysit it so disabling NGINX is required for now.
    0
  • MHFraser
    so as a FYI all my websites just went down because of this. didn't have time to debug but clients requests were getting redirected to the cpanel hostname and failing with a cert error. suspect nginx user confs weren't loaded? so is uninstall nginx our only option? Unable to ensure a valid nginx configuration: nginx: [emerg] invalid value "0" in "http2" directive, it must be "on" or "off" in /etc/nginx/conf.d/default.conf:9 nginx: configuration file /etc/nginx/nginx.conf test failed
    0
  • MHFraser
    going back through the update history - the update was listed as fully successful despite nginx having an emergency (nginx error levels: debug, info, notice, warn, error, crit, alert, emerg) has something slipped through the cracks here? # dnf history info 130 This system is receiving updates from CloudLinux Network server. Transaction ID : 130 Begin time : Wed 09 Aug 2023 23:30:23 AEST Begin rpmdb : 2346:079a175f06666c000b6074aa16aff5f97de86692 End time : Wed 09 Aug 2023 23:30:28 AEST (5 seconds) End rpmdb : 2346:538fd250288647b0f53115536b54e1875554a6fa User : root Return-Code : Success
    ... 178 Starting nginx " 179 Unable to ensure a valid nginx configuration: 180 181 nginx: [emerg] invalid value "0" in "http2" directive, it must be "on" or "off" in /etc/nginx/conf.d/default.conf:9 182 nginx: configuration file /etc/nginx/nginx.conf test failed 183 184 185 You will need to manually resolve this issue.
    0
  • cPRex Jurassic Moderator
    Update - CloudLinux has released a fix to their testing repository here:
    0
  • Luis_Costa
    The above solution wont work if you only have imunify360
    0
  • cPRex Jurassic Moderator
    @Luis_Costa - I'm not entirely sure how Imunify360 would be related to the ea-nginx tools. Can you provide a bit of context for the compatibility issues you're seeing?
    0
  • Esquio
    yum update --enablerepo=cl-ea4-testing ea-nginx This don't work because it sais that is an unknown repository. How can solve this problem? I have all websites down.
    0
  • cPRex Jurassic Moderator
    At this point there is not a fix available. The only thing we are recommending to people in this situation is to switch to Apache and wait for CloudLinux to release a fix as there isn't one available from them just yet.
    0
  • Wil Hatfield
    At this point there is not a fix available. The only thing we are recommending to people in this situation is to switch to Apache and wait for CloudLinux to release a fix as there isn't one available from them just yet.

    After going back to Apache we have then seen a lot of 403 Forbidden and http2 errors of various sorts. Is there something the Nginx Http2 setup could have left behind? I checked and the ea-nginx and the nginx-http2 and neither is supposed to be currently installed.
    0
  • cPRex Jurassic Moderator
    @Wil Hatfield - I wouldn't expect it to leave anything in place, no, since nginx is designed to be a drop-in replacement for Apache on cPanel machines, with no configuration changes required. If you're seeing that behavior, it's likely time for a ticket so we can take a look.
    0
  • yanirda
    the command yum update --enablerepo=cl-ea4-testing ea-nginx fix the websites, they up, what that command do? and why it on testing? there isnt fix yet?
    0
  • cPRex Jurassic Moderator
    @yanirda - that workaround will work *if* your system uses CloudLinux. For customer that use Imunify360, but do not have CloudLinux, that isn't a recognized repository, as @Esquio found above. CloudLinux has still not issued a global fix that isn't in the testing repository just yet.
    0
  • Luis_Costa
    cPRex I believe that's because with the imunify360 it allows to harden PHP (and get older version of Php) the fact is the NGINX isn't work as expected in all our machines that have imunify360.
    0
  • cPRex Jurassic Moderator
    I agree - I think we must have typed our replies at the same time!
    0
  • Luis_Costa
    Any Updates? AM pretty sure the problem can be fixed easy, as long the right people push the right updates to production.
    0
  • cPRex Jurassic Moderator
    They have added the package to their slow rollout update, but not everyone is getting it. I have been told it will be available to everyone early next week.
    0
  • cPRex Jurassic Moderator
    Update - CloudLinux has resolved the issue so all servers, even if you don't have CloudLinux, will be fixed as part of the automatic update. If you'd like the fix immediately, you can run: yum clean all yum update
    to update the package.
    0

Please sign in to leave a comment.