Bad Gateway - Ubuntu 22.04

[CairoBlues]

Hi, folks.
Hoping someone can help me figure this one out.

One of our mail servers has an issue with RC webmail, following disaster recovery. There was never a problem with the webmail service before DR and nothing has been changed on the server since the previous DR backup was made, so there's no logical reason for things not to work, now.

The server is nginx and the configs I believe to be relevant are here:

/etc/nginx/sites-enabled/mail.domain.com.conf

Code Select Expand

server {
  server_name _;
  location ~ \.php$ {
  include snippets/fastcgi-php.conf;

  fastcgi_split_path_info ^(.+\.php)(/.+)$;
  fastcgi_pass unix:/run/php-fpm/php7.4-fpm.sock;
  include fastcgi_params;
}

default_type text/html;

include /etc/nginx/templates/iredadmin.tmpl;    # <- iRedAdmin
include /etc/nginx/templates/roundcube.tmpl;    # <- Roundcube webmail

 # certbot stuff...
}

/etc/nginx/sites-enabled/00-default-ssl.conf

Code Select Expand

server {
 listen 443 ssl http2;
 listen [::]:443 ssl http2;

 server_name _;
 index index.php;

 include /etc/nginx/templates/misc.tmpl;
 include /etc/nginx/templates/ssl.tmpl;
 include /etc/nginx/templates/iredadmin.tmpl;
 include /etc/nginx/templates/roundcube.tmpl;
 include /etc/nginx/templates/sogo.tmpl;
 include /etc/nginx/templates/netdata.tmpl;
 include /etc/nginx/templates/php-catchall.tmpl;
 include /etc/nginx/templates/stub_status.tmpl;
}

/etc/nginx/templates/roundcube.tmpl

Code Select Expand

location ~ ^/mail/(bin|config|installer|logs|SQL|temp|vendor)($|/.*) { deny all; }
location ~ ^/mail/(CHANGELOG|composer.json|INSTALL|jsdeps.json|LICENSE|README|UPGRADING)($|.*) { deny all; }
location ~ ^/mail/plugins/.*/config.inc.php.* { deny all; }
location ~ ^/mail/plugins/enigma/home($|/.*) { deny all; }

location = /mail {
 return 301 /mail/;
}

location ~ ^/mail/(.*\.php)$ {
 include /etc/nginx/templates/hsts.tmpl;
 include /etc/nginx/templates/fastcgi_php.tmpl;
 fastcgi_param SCRIPT_FILENAME /opt/www/roundcubemail/$1;
}

location ~ ^/mail/(.*) {
 alias /opt/www/roundcubemail/$1;
 index index.php;
}

Php7.4-fpm is running and the path to it is correct in the sites-enabled config files. Permissions are 660 on /var/run/php/php7.4-fpm.sock.

When I visit domain.com/iredadmin, I can sign in and everything works.
When I visit domain.com/mail, I get 502 Bad Gateway.

If there's any further information I can provide, please let me know.
Thank you!

[CairoBlues]

PS: All mailboxes are functioning normally, SSL is configured properly, etc.. There are no mail issues.

[SKaero]

Is there anymore details in the nginx or php-fpm error logs, hard to point to anything without more information on why its failing.

[CairoBlues]

Hi, SKaero.

I just tried to load the webmail again, and the php-fpm log (/var/log/php-fpm/php-fpm.log) hasn't recorded anything new (latest entry is from an hour ago).

The nginx error log (/var/log/nginx/error.log) shows a new entry:

Code Select Expand

*6886 upstream sent unsupported FastCGI protocol version: 72 while reading response header from upstream, client: xxx.xxx.xxx.xxx(IP), server: _, request: "GET /mail/ HTTP/2.0", upstream: "fastcgi://xxx.xxx.xxx.xxx:80", host: "mail.website.com"

I'm not sure if the version of FastCGI protocol can be specified somewhere, of if server should be something other than _. Is this a useful log entry?

Thanks.

[SKaero]

That error would be the problem but it's a little hard to say what the problem is specifically. The part that jumps out at me is "upstream: "fastcgi://xxx.xxx.xxx.xxx:80" that should be the port that php-fpm is running on and that shouldn't be port 80. It makes it seem like its trying to connect to nginx instead of php-fpm. What does you php-fpm config look like?