1 (edited by kiil 2021-03-16 02:58:35)

Topic: Solved: After Roundcube Update "502 Bad Gateway" error.

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.3.2
- Deployed with iRedMail Easy or the downloadable installer?  Installer
- Linux/BSD distribution name and version: Debian 10.8
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx):  Nginx
- Manage mail accounts with iRedAdmin-Pro?  With iRedAdmin-Pro 4.8
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

After updating Roundcube from 1.4.10 to 1.4.11 when trying to access https://mydomainname.com/mail as well as https://mydomainname.com/adminer or even just https://mydomainname.com I get an "502 Bad Gateway" error.

I am able to access https://mydomainname.com/iredadmin, https://mydomainname.com/SOGo and even https://mydomainname.com/netdata.

Here are the relevant error log entry for Nginx for Roundcube as well as adminer.

Roundcube:

2021/02/21 07:49:57 [error] 17607#17607: *9226 connect() failed (111: Connection refused) while connecting to upstream, client: xx.xx.xx.xx, server: _, request: "GET /mail/ HTTP/2.0", upstream: "fastcgi://127.0.0.1:9999", host: "mydomainname.com"

Adminer:

2021/02/21 07:51:39 [error] 17607#17607: *9226 connect() failed (111: Connection refused) while connecting to upstream, client: xx.xx.xx.xx, server: _, request: "GET /adminer?server=localhost HTTP/2.0", upstream: "fastcgi://127.0.0.1:9999", host: "mydomainname.com"

Nginx access log entries:

xx.xx.xx.xx - - [21/Feb/2021:07:49:57 +0100] "GET /mail/ HTTP/2.0" 502 166 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11.2; rv:78.0) Gecko/20100101 Firefox/78.0 Waterfox/78.6.0"

xx.xx.xx.xx - - [21/Feb/2021:07:51:39 +0100] "GET /adminer?server=localhost HTTP/2.0" 502 166 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11.2; rv:78.0) Gecko/20100101 Firefox/78.0 Waterfox/78.6.0"

Any help would be greatly appreciated.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Solved: After Roundcube Update "502 Bad Gateway" error.

Is php-fpm service running?

3

Re: Solved: After Roundcube Update "502 Bad Gateway" error.

ZhangHuangbin wrote:

Is php-fpm service running?

Yes:

root@kiil-xx:~# service php7.3-fpm status
● php7.3-fpm.service - The PHP 7.3 FastCGI Process Manager
   Loaded: loaded (/lib/systemd/system/php7.3-fpm.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2021-02-21 16:37:33 CET; 15h ago
     Docs: man:php-fpm7.3(8)
 Main PID: 7265 (php-fpm7.3)
   Status: "Processes active: 0, idle: 2, Requests: 0, slow: 0, Traffic: 0req/sec"
    Tasks: 3 (limit: 4915)
   Memory: 16.0M
   CGroup: /system.slice/php7.3-fpm.service
           ├─7265 php-fpm: master process (/etc/php/7.3/fpm/php-fpm.conf)
           ├─7266 php-fpm: pool www
           └─7267 php-fpm: pool www

Feb 21 16:37:33 kiil-xx systemd[1]: Starting The PHP 7.3 FastCGI Process Manager...
Feb 21 16:37:33 kiil-xx php-fpm[7265]: [NOTICE] fpm is running, pid 7265
Feb 21 16:37:33 kiil-xx php-fpm[7265]: [NOTICE] ready to handle connections
Feb 21 16:37:33 kiil-xx systemd[1]: Started The PHP 7.3 FastCGI Process Manager.
Feb 21 16:37:33 kiil-xx php-fpm[7265]: [NOTICE] systemd monitor interval set to 10000ms

When I try with curl on https://mydomainname.com I get a code 200

root@kiil-xx:~# curl -i https://mydomainname.com/
HTTP/2 200
server: nginx
date: Mon, 22 Feb 2021 06:58:56 GMT
content-type: text/html
content-length: 78
last-modified: Sun, 08 Nov 2020 11:17:51 GMT
etag: "5fa7d3df-4e"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
accept-ranges: bytes

<html><head><meta HTTP-EQUIV="REFRESH" content="0; url=/mail/"></head></html>

But with https://mydomainname.com/mail  I get an 301 code

root@kiil-xx:~# curl -i https://mydomainname.com/mail
HTTP/2 301
server: nginx
date: Sun, 21 Feb 2021 18:26:52 GMT
content-type: text/html
content-length: 178
location: https://mydomainname.com/mail/
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

While https://mydomainname.com/adminer results in an error 502.

root@kiil-xx:~# curl -i https://mydomainname.com/adminer
HTTP/2 502
server: nginx
date: Mon, 22 Feb 2021 07:05:23 GMT
content-type: text/html
content-length: 166

<html>
<head><title>502 Bad Gateway</title></head>
<body bgcolor="white">
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx</center>
</body>
</html>

4

Re: Solved: After Roundcube Update "502 Bad Gateway" error.

Any related error in Nginx log file (/var/log/nginx/error.log)? and php-fpm log files?

5 (edited by kiil 2021-02-25 15:02:30)

Re: Solved: After Roundcube Update "502 Bad Gateway" error.

ZhangHuangbin wrote:

Any related error in Nginx log file (/var/log/nginx/error.log)? and php-fpm log files?

I had listed  nginx error and access logs above. Here there are again in addition to php-fpm.log:

/var/log/nginx/error.log:

2021/02/25 07:16:23 [error] 7262#7262: *2119 connect() failed (111: Connection refused) while connecting to upstream, client: xx.xx.xx.xx, server: _, request: "GET /mail/ HTTP/2.0", upstream: "fastcgi://127.0.0.1:9999", host: "xx.xx.xx"

/var/log/nginx/access.log:

xx.xx.xx.xx- - [25/Feb/2021:07:16:23 +0100] "GET /mail/ HTTP/2.0" 502 166 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11.2; rv:78.0) Gecko/20100101 Firefox/78.0 Waterfox/78.8.0"

/var/log/php-fpm/php-fpm.log:

Feb 25 07:16:13 kiil-xx php-fpm[7265]: [NOTICE] Terminating ...
Feb 25 07:16:13 kiil-xx php-fpm[7265]: [NOTICE] exiting, bye-bye!

6

Re: Solved: After Roundcube Update "502 Bad Gateway" error.

kiil wrote:

2021/02/25 07:16:23 [error] 7262#7262: *2119 connect() failed (111: Connection refused) while connecting to upstream, client: xx.xx.xx.xx, server: _, request: "GET /mail/ HTTP/2.0", upstream: "fastcgi://127.0.0.1:9999", host: "xx.xx.xx"

it says "connection refused" which means php-fpm service is not running.

7

Re: Solved: After Roundcube Update "502 Bad Gateway" error.

ZhangHuangbin wrote:
kiil wrote:

2021/02/25 07:16:23 [error] 7262#7262: *2119 connect() failed (111: Connection refused) while connecting to upstream, client: xx.xx.xx.xx, server: _, request: "GET /mail/ HTTP/2.0", upstream: "fastcgi://127.0.0.1:9999", host: "xx.xx.xx"

it says "connection refused" which means php-fpm service is not running.

As above:

root@kiil-xx:~# service php7.3-fpm status
● php7.3-fpm.service - The PHP 7.3 FastCGI Process Manager
   Loaded: loaded (/lib/systemd/system/php7.3-fpm.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2021-02-21 16:37:33 CET; 15h ago
     Docs: man:php-fpm7.3(8)
 Main PID: 7265 (php-fpm7.3)
   Status: "Processes active: 0, idle: 2, Requests: 0, slow: 0, Traffic: 0req/sec"
    Tasks: 3 (limit: 4915)
   Memory: 16.0M
   CGroup: /system.slice/php7.3-fpm.service
           ├─7265 php-fpm: master process (/etc/php/7.3/fpm/php-fpm.conf)
           ├─7266 php-fpm: pool www
           └─7267 php-fpm: pool www

Feb 21 16:37:33 kiil-xx systemd[1]: Starting The PHP 7.3 FastCGI Process Manager...
Feb 21 16:37:33 kiil-xx php-fpm[7265]: [NOTICE] fpm is running, pid 7265
Feb 21 16:37:33 kiil-xx php-fpm[7265]: [NOTICE] ready to handle connections
Feb 21 16:37:33 kiil-xx systemd[1]: Started The PHP 7.3 FastCGI Process Manager.
Feb 21 16:37:33 kiil-xx php-fpm[7265]: [NOTICE] systemd monitor interval set to 10000ms

8

Re: Solved: After Roundcube Update "502 Bad Gateway" error.

Check file /etc/php/7.3/fpm/pool.d/www.conf, is it listening on port 9999 or a different one?

9

Re: Solved: After Roundcube Update "502 Bad Gateway" error.

ZhangHuangbin wrote:

Check file /etc/php/7.3/fpm/pool.d/www.conf, is it listening on port 9999 or a different one?

It is not assigned to a specific port. Here is the entire Listen portion:

; The address on which to accept FastCGI requests.
; Valid syntaxes are:
;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
;                            a specific port;
;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
;                            a specific port;
;   'port'                 - to listen on a TCP socket to all addresses
;                            (IPv6 and IPv4-mapped) on a specific port;
;   '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /run/php/php7.3-fpm.sock
;listen = 9000
; Set listen(2) backlog.
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 511

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions. The owner
; and group can be specified either by name or by their numeric IDs.
; Default Values: user and group are set as the running user
;                 mode is set to 0660
listen.owner = www-data
listen.group = www-data
;listen.mode = 0660
; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names.
; When set, listen.owner and listen.group are ignored
;listen.acl_users =
;listen.acl_groups =

; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
;listen.allowed_clients = 127.0.0.1

10

Re: Solved: After Roundcube Update "502 Bad Gateway" error.

This is not caused by upgrading Roundcube, i guess you upgraded Debian OS from 9 to 10?

Do you have file /etc/php/7.1/fpm/pool.d/www.conf which was generated by iRedMail installer? If yes, simply copy it to /etc/php7.3/fpm/pool.d/www.conf and restart php7.3-fpm service will fix your issue.

11

Re: Solved: After Roundcube Update "502 Bad Gateway" error.

Hey there,

I can confirm that the latest php-update within Buster overwrites the /etc/php/7.3/fpm/pool.d/www.conf

To get Roundcube running again, just rename the dpk-backup of the file to www.conf, restart fpm and nginx and everything is working again.

Here the specific entries of /etc/php/7.3/fpm/pool.d/www.conf:

[inet]
user = www-data
group = www-data

listen = 127.0.0.1:9999
listen.owner = www-data
listen.group = www-data
listen.mode = 0660

; IP addresses must be separated by comma, and no space between comma and ip.
listen.allowed_clients = 127.0.0.1

pm = dynamic
pm.max_children = 100
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 10
pm.max_requests = 100

pm.status_path = /status
ping.path = /ping

request_terminate_timeout = 60s
request_slowlog_timeout = 10s

;
; Log files
;
access.log = /var/log/php-fpm/php-fpm.log
slowlog = /var/log/php-fpm/slow.log

Greets mike

12

Re: Solved: After Roundcube Update "502 Bad Gateway" error.

mike175de wrote:

Hey there,

I can confirm that the latest php-update within Buster overwrites the /etc/php/7.3/fpm/pool.d/www.conf

To get Roundcube running again, just rename the dpk-backup of the file to www.conf, restart fpm and nginx and everything is working again.

Greets mike

Thanks, Mike and Zhang! That did the trick! Save me from setting up a new virtual machine.