Typical (?) apache newbie question... Could not reliably determine the server's fully qualified domain name

Alexandre Takacs
Alexandre Takacs used Ask the Experts™
on
I'm having an issue (probably trivial) setting up apache under Ubuntu 18.04.2 (if fact I want to run NextCloud 16.0.1 on it).

Apache would not run with the following message:
-- Unit apache2.service has begun starting up.
Jun 19 23:54:35 nextcloud apachectl[10836]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive
Jun 19 23:54:36 nextcloud apachectl[10836]: Action 'start' failed.
Jun 19 23:54:36 nextcloud apachectl[10836]: The Apache error log may have more information.
Jun 19 23:54:36 nextcloud systemd[1]: apache2.service: Control process exited, code=exited status=1
Jun 19 23:54:36 nextcloud systemd[1]: apache2.service: Failed with result 'exit-code'.
Jun 19 23:54:36 nextcloud systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit apache2.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has failed.
--
-- The result is RESULT.
Jun 19 23:54:36 nextcloud sshd[10869]: Did not receive identification string from 192.168.0.64 port 54010

Open in new window

yet my config file has a ServerName directive as follows
<VirtualHost *:443>
    Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
    # Header always set Referrer-Policy "strict-origin"
    SSLEngine on

### YOUR SERVER ADDRESS ###
ServerAdmin it@domain.com
ServerName mycloud.domain.com
#    ServerAlias subdomain.example.com

### SETTINGS ###
    <FilesMatch "\.php$">
        SetHandler "proxy:unix:/run/php/php7.2-fpm.nextcloud.sock|fcgi://localhost"
    </FilesMatch>

    DocumentRoot /var/www/nextcloud

    <Directory /var/www/nextcloud>
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
    Satisfy Any
    </Directory>

    <IfModule mod_dav.c>
    Dav off
    </IfModule>

    <Directory "/mnt/ncdata">
    # just in case if .htaccess gets disabled
    Require all denied
    </Directory>
    
    # The following lines prevent .htaccess and .htpasswd files from being
    # viewed by Web clients.
    <Files ".ht*">
    Require all denied
    </Files>
    
    # Disable HTTP TRACE method.
    TraceEnable off

    # Disable HTTP TRACK method.
    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} ^TRACK
    RewriteRule .* - [R=405,L]

    SetEnv HOME /var/www/nextcloud
    SetEnv HTTP_HOME /var/www/nextcloud

### LOCATION OF CERT FILES ###
    SSLCertificateFile /etc/ssl/private/stardomain.pem
    SSLCertificateKeyFile /etc/ssl/private/stardomain.key
</VirtualHost>

Open in new window

what am I missing?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
IT Solutions Provider
Commented:
Hi There Alexandre,
This looks fine HOWEVER when using an external domain you may need to add it to /etc/hosts

So you would add the following:

127.0.0.1 mycloud.domain.com

Make sure though you do not remove any of the other lines then try to start the httpd service again.

You can also run the command
apachectl configtest
to test the config file syntax for errors.

Kenza
David FavorFractional CTO
Distinguished Expert 2018

Commented:
Looks like you're trying to start Apache using a slight modified default config.

Better to start from the beginning + setup everything correctly.

Note: This process is fairly simple + if you've never done this before... might be useful to hire someone to go through the process once with you.

1) Choose a public domain name as mycloud.domain.com will never work, as it's highly unlikely you own domain.com yourself.

2) Generate an SSL cert for domain from #1, as the SSL setup you have... won't work as you might expect... For SSL to work, the related domain + certs must actually be real + correct.

If your domain name is foo.com then you'll generate a cert like this...

certbot-auto --no-self-upgrade --non-interactive --rsa-key-size 4096 --email $your-email-here --agree-tos --webroot -w /var/www/html -d foo.com -d www.foo.com

Open in new window


3) Then use a working Apache config file. Here's a copy of the template I use for this... changing WEBSITE to foo.com (your real domain name).

<VirtualHost *:80>
   ServerName  www.WEBSITE
   ServerAdmin support@WEBSITE
   RewriteEngine on
   RewriteCond %{HTTP_HOST} ^www\.(.+) [NC]
   RewriteRule ^(.*)$ https://%1%{REQUEST_URI} [NC,L,R=302]
   Include logging.conf
</VirtualHost>

<VirtualHost *:80>
   ServerName  WEBSITE
   ServerAdmin support@WEBSITE
   RewriteEngine on
   RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [NC,L,R=302]
   Include logging.conf
</VirtualHost>

<IfModule mod_ssl.c>

   <VirtualHost *:443>

      ServerName  www.WEBSITE
      ServerAdmin support@WEBSITE

      RewriteEngine on
      RewriteCond %{HTTP_HOST} ^www\.(.+) [NC]
      RewriteRule ^(.*)$ https://%1%{REQUEST_URI} [L,R=302]

      Include logging.conf

      SSLEngine on
      SSLUseStapling on

      SSLCertificateFile    /etc/letsencrypt/live/WEBSITE/fullchain.pem
      SSLCertificateKeyFile /etc/letsencrypt/live/WEBSITE/privkey.pem

      # Enable HTTP Strict Transport Security with a 2 year duration
      Header always set Strict-Transport-Security "max-age=63072000; preload"

   </VirtualHost>

   <VirtualHost *:443>

      ServerName  WEBSITE
      ServerAdmin support@WEBSITE

      DocumentRoot /sites/OWNER/WEBSITE/TYPE

      <Directory /sites/OWNER/WEBSITE/TYPE>
          Options +Indexes +FollowSymLinks
          AllowOverride All 
          Require all granted
      </Directory>

      Include logging.conf

      SSLEngine on
      SSLUseStapling on

      SSLCertificateFile    /etc/letsencrypt/live/WEBSITE/fullchain.pem
      SSLCertificateKeyFile /etc/letsencrypt/live/WEBSITE/privkey.pem

      # Enable HTTP Strict Transport Security with a 2 year duration
      Header always set Strict-Transport-Security "max-age=63072000; preload"

   </VirtualHost>

</IfModule>

Open in new window


4) My logging.conf file.

SetEnvIf Remote_Addr "127\.0\.0\.1" dontlog
SetEnvIf Remote_Addr "::1" dontlog

# DRF: Stop ApacheBench log thrash
SetEnvIfNoCase User-Agent ApacheBench dontlog

# DRF: Stop sqlmap log thrash
SetEnvIfNoCase User-Agent sqlmap dontlog

# LogLevel warn rewrite:trace3 ssl:debug
LogLevel warn
ErrorLog  /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log vhost_combined env=!dontlog

Open in new window

David FavorFractional CTO
Distinguished Expert 2018

Commented:
Note: "Could not reliably determine the server's fully qualified domain name" has no bearing on Apache failing to start.

I normally set the following to address this.

# /etc/apache2/apache2.conf
ServerName foo

# /etc/hosts
127.0.0.1	foo

Open in new window


Where "foo" is either a machine name or a LXD/Docker container name.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

nociSoftware Engineer
Distinguished Expert 2018

Commented:
better NOT remove localhost from the 127.0.0.1 address line. This may upset some software looking for that name.
David FavorFractional CTO
Distinguished Expert 2018

Commented:
noci is correct, my /etc/hosts line above is meant to be added to /etc/hosts, not replace /etc/hosts.

Best you leave your /etc/hosts file exactly as-is, because many hosting companies add network specific cruft to /etc/hosts which if removed... will cause what noci suggested... where "upset software" might means some/all services on your machine lose connectivity.

Good mention noci!

Author

Commented:
Thanks - it was indeed all that was missing. Server up & running !

Now as I like to understand how things are working what did I do exactly by "binding" the FQDN to the local machine IP ? Care to elaborate ?
Kenza CohenIT Solutions Provider

Commented:
Basically Apache needs to make sure it knows where the host is when it starts

On windows you have a host file in C:/windows/system32/drivers/etc/hosts

And Linux is /etc/host

This file basically overrides dns so if you was working on a website migration for example but do not want to change the name servers of the domain until you are happy that the new host is fully functional you can add it to your computers host file flush the dns then you will see the new host and make the tweaks before changing the nameservers :)

Hope this helps.

Kenza
David FavorFractional CTO
Distinguished Expert 2018

Commented:
Likely reason this worked...

127.0.0.1 mycloud.domain.com

Open in new window


Is because you changed your Apache config.

Default configs on all Distros default to listen on *:80 so if this default was still in existence, the /etc/hosts entry is not required.

Best you restore default behavior via...

a2ensite 000-default
service apache2 reload

Open in new window


If you have additional questions about your setup, best open additional questions... one topic/question, for best answers.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial