• If you need help or want to discuss things, you now can also join us on our Discord Server!

Permission denied

Hi, habe hier meinen Linux Sinusbot auf Linux Debian 10 x64. Alles soweit eingerichtet un dinstalliert! Nun nun nutze ich SSL, wo beim start folgendes ausgegeben wird:

error starting up: open /etc/letsencrypt/live/[meinedomain]/fullchain.pem: permission denied

Config.ini:

INI:
TS3Path = "/opt/[Mein Pfad]/teamspeak3-client/ts3client_linux_amd64"
ListenHost = "0.0.0.0"
DataDir = "/opt/[Mein Pfad]/data/"
ListenPort = 1111
LocalPlayback = false
EnableLocalFS = false
MaxBulkOperations = 300
LogLevel = 3
EnableProfiler = false
YoutubeDLPath = "/usr/local/bin/youtube-dl"
EnableDebugConsole = false
UploadLimit = 83886080
RunAsUser = 0
RunAsGroup = 0
InstanceActionLimit = 1
UseSSL = true
SSLKeyFile = "/etc/letsencrypt/live/mcp.quickplayhost.com/privkey.pem"
SSLCertFile = "/etc/letsencrypt/live/mcp.quickplayhost.com/fullchain.pem"
Hostname = ""
SampleInterval = 60
StartVNC = false
EnableWebStream = false
LogFile = ""
LicenseKey = ""
IsProxied = true
DenyStreamURLs = []
Pragma = 0

[YoutubeDL]
BufferSize = 524288
MaxDownloadSize = 419430400
MaxDownloadRate = 104857600
CacheStreamed = false

[TS3]
AvatarMaxWidth = 0
AvatarMaxHeight = 0
AllowGIF = false

[StreamRewrites]

[Scripts]
AllowReload = false
EnableTimer = false

[Themes]
Default = ""

[SpeechRecognition]
Enable = false

[FFmpeg]
UserAgent = "SinusBot (0.9.16-10f0fad)"

[DAV]
Enable = false

[XServer]
Delay = 0
Debug = false

Sowohl die SSL Verweise als auch die End Datein sind voll Zugriffbar (Recht 777)! Dazu hat der User sinusbot auch Eigentumsrechte auf den Sinusbot Pfad!
 

Lala Sabathil

Donor
is awesome!
Contributor
Insider
Verteile niemals das Recht 777

Ich würde vorschlagen du kopierst das SSL Zertifikat in den sinusbot Ordner, setzt die besitzrechte auf sinusbot:sinusbot und die Rechte auf 750
 
Jetzt funktioniert dies zwar, nun kommt das nächste Problem:1627933931354.png

Ich habe nur SinusBot Documentation - Reverse Proxy befolgt!

sinusbot.conf:
Code:
<VirtualHost *:80>
    ServerName mcp.quickplayhost.com

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    RewriteEngine on
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>

<VirtualHost *:443>
    ServerName mcp.quickplayhost.com

    SSLEngine On
    SSLCertificateFile    /opt/ssl/cert.pem
    SSLCertificateKeyFile /opt/ssl/privkey.pem
    SSLCertificateChainFile /opt/ssl/fullchain.pem

    ProxyPass / http://127.0.0.1:1111/
    ProxyPassReverse / http://127.0.0.1:1111/

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
 

Lala Sabathil

Donor
is awesome!
Contributor
Insider
Uhm Nimm die SSL config Mal aus der config.ini und lasse nur den Reverse Proxy SSL haben.
Und warum heißt dein Pfad /opt/[Mein Pfad]
 

Lala Sabathil

Donor
is awesome!
Contributor
Insider
Beispiel:
INI:
TS3Path = "/opt/[Mein Pfad]/teamspeak3-client/ts3client_linux_amd64"
ListenHost = "127.0.0.1"
DataDir = "/opt/[Mein Pfad]/data/"
ListenPort = 1111
LocalPlayback = false
EnableLocalFS = false
MaxBulkOperations = 300
LogLevel = 3
EnableProfiler = false
YoutubeDLPath = "/usr/local/bin/youtube-dl"
EnableDebugConsole = false
UploadLimit = 83886080
RunAsUser = 0
RunAsGroup = 0
InstanceActionLimit = 1
UseSSL = fallse
SSLKeyFile = ""
SSLCertFile = ""
Hostname = "mcp.quickplayhost.com"
SampleInterval = 60
StartVNC = true
EnableWebStream = true
LogFile = ""
LicenseKey = ""
IsProxied = true
DenyStreamURLs = []
Pragma = 0

[YoutubeDL]
BufferSize = 524288
MaxDownloadSize = 419430400
MaxDownloadRate = 104857600
CacheStreamed = false

[TS3]
AvatarMaxWidth = 0
AvatarMaxHeight = 0
AllowGIF = true

[StreamRewrites]

[Scripts]
AllowReload = true
EnableTimer = true

[Themes]
Default = ""

[SpeechRecognition]
Enable = false

[FFmpeg]
UserAgent = "SinusBot (0.9.16-10f0fad)"

[DAV]
Enable = false

[XServer]
Delay = 0
Debug = false

Apache config:
<VirtualHost *:80>
    ServerName mcp.quickplayhost.com

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    RewriteCond %{SERVER_NAME} =mcp.quickplayhost.com
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<VirtualHost *:443>
    ServerName mcp.quickplayhost.com

    SSLEngine On
    SSLCertificateFile    /etc/letsencrypt/live/mcp.quickplayhost.com/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/mcp.quickplayhost.com/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/mcp.quickplayhost.com/fullchain.pem

    ProxyPass / http://127.0.0.1:1111/
    ProxyPassReverse / http://127.0.0.1:1111/

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Damit sollte es gehen
 

Lala Sabathil

Donor
is awesome!
Contributor
Insider
Sicher dass du den Port ändern willst extern?

Dann einfach in VirtualHost ändern und in der Ports.config in /etc/apache2/ den zusätzlichen Port hinzufügen.
Ich würde es allerdings nicht ändern.
 
Top