Nginx가 중지되고 다시 시작하지 못했습니다. - open() "/run/nginx.pid"가 실패했습니다.

저는 Ubuntu 18, Nginx에 배포되고 Supervisor를 통해 실행 중인 django api를 실행하고 있습니다.

저는 SSL 인증서에 Certbot을 사용하고 있으며 이것이 이 웹서버에서 실행되는 유일한 웹 서비스입니다. 여기에는 다른 웹사이트가 배포되지 않습니다.

오늘 API가 다운되었고 nginx 작동이 중단되었습니다. 왜 이런 일이 발생했는지 재현할 수 없습니다. 수동으로 다시 시작해야 했습니다.

나는 이전에 이 문제에 직면한 적이 있으며 로그에 비슷한 오류 메시지가 있었습니다.

다음은 nginx 오류 로그입니다.

2021/01/09 15:55:39 [crit] 9453#9453: *1331764 SSL_do_handshake() failed (SSL: error:1420918C:SSL routines:tls_early_post_process_client_hello:version too low) while SSL handshaking, client: <CLIENT IP ADDRESS>, server: 0.0.0.0:443
2021/01/09 20:39:55 [error] 9453#9453: *1337050 upstream prematurely closed connection while reading upstream, client: <CLIENT IP ADDRESS>, server: , request: "PUT /api/v1/APIURL/ HTTP/1.1", upstream: "http://127.0.0.1:8081/api/v1/APIURL", host: "<URL>", referrer: "<URL>"
2021/01/09 20:40:12 [error] 9453#9453: *1337057 upstream prematurely closed connection while reading upstream, client: <CLIENT IP ADDRESS>, server: , request: "PUT /api/v1/APIURL/ HTTP/1.1", upstream: "http://127.0.0.1:8081/api/v1/APIURL", host: "<URL>", referrer: "<URL>"
2021/01/09 20:41:02 [error] 9453#9453: *1337064 upstream prematurely closed connection while reading upstream, client:<CLIENT IP ADDRESS>, server: , request: "PUT /api/v1/URL/ HTTP/1.1", upstream: "http://127.0.0.1:8081/api/v1/URL/", host: "URL", referrer: "URL"
2021/01/10 03:51:29 [notice] 32527#32527: signal process started
2021/01/10 03:51:29 [error] 32527#32527: open() "/run/nginx.pid" failed (2: No such file or directory)
2021/01/10 03:51:34 [notice] 32533#32533: signal process started
2021/01/10 03:51:36 [notice] 32536#32536: signal process started
2021/01/10 03:51:38 [emerg] 32583#32583: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/01/10 03:51:38 [emerg] 32583#32583: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/01/10 03:51:38 [emerg] 32583#32583: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/01/10 03:51:38 [emerg] 32583#32583: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/01/10 03:51:38 [emerg] 32583#32583: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/01/10 03:51:38 [emerg] 32583#32583: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/01/10 03:51:38 [emerg] 32583#32583: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/01/10 03:51:38 [emerg] 32583#32583: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/01/10 03:51:38 [emerg] 32583#32583: bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/01/10 03:51:38 [emerg] 32583#32583: bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/01/10 03:51:38 [emerg] 32583#32583: still could not bind()
2021/01/10 03:51:40 [alert] 32534#32534: *6 open socket #10 left in connection 4
2021/01/10 03:51:40 [alert] 32534#32534: aborting
2021/01/10 03:51:40 [alert] 32529#32529: unlink() "/run/nginx.pid" failed (2: No such file or directory)

다음은 내 nginx, 시작 스크립트 및 감독자 파일입니다.

감독자:

   [program:<PROGRAM NAME>]
    command = /home/ubuntu/start_scripts/script.sh
    directory = /home/ubuntu/LOCATION
    user = ubuntu
    stdout_logfile = /var/log/supervisor/api.log
    stderr_logfile = /var/log/supervisor/api_error.log
    redirect_stderr = true
    stopasgroup=true
    killasgroup=true

시작 스크립트:

#!/bin/bash

NAME="API"                                  # Name of the application
DJANGODIR=""           # Django project directory
SOCKFILE="<DJANGO APP>/run/gunicorn.sock"  # we will communicte using this unix socket
USER="ubuntu"                                      # the user to run as
GROUP="ubuntu"                                  # the group to run as
NUM_WORKERS="2"                                    # how many worker processes should Gunicorn spawn
TIMEOUT=180
DJANGO_SETTINGS_MODULE="config.settings.production"             # which settings file should Django use
DJANGO_WSGI_MODULE="config.wsgi"                   # WSGI module name
VIRTUAL_ENV_NAME="project-env"

echo "Starting $NAME as `whoami`"
export HOME="/home/ubuntu"
export WORKON_HOME=$HOME/.virtualenvs

# Activate the virtual environment
cd $DJANGODIR
source /usr/local/bin/virtualenvwrapper.sh
workon $VIRTUAL_ENV_NAME
export DJANGO_SETTINGS_MODULE=$DJANGO_SETTINGS_MODULE
#echo $PYTHONPATH
export PYTHONPATH=$DJANGODIR:$PYTHONPATH
#echo $PYTHONPATH
#export VIRTUALENVWRAPPER_PYTHON=/usr/bin/python3.4
export VIRTUALENVWRAPPER_PYTHON="/home/ubuntu/.virtualenvs/$VIRTUAL_ENV_NAME/bin/python"

# Create the run directory if it doesn't exist
RUNDIR=$(dirname $SOCKFILE)
test -d $RUNDIR || mkdir -p $RUNDIR

exec "/home/ubuntu/.virtualenvs/$VIRTUAL_ENV_NAME/bin/gunicorn" ${DJANGO_WSGI_MODULE}:application \
  --workers $NUM_WORKERS \
  --user=$USER --group=$GROUP \
  --bind="localhost":"8081" \
  --log-level="debug" \
  --timeout=$TIMEOUT

사용 가능한 Ngnix 사이트:

server {
    root <DJANGO PROJECT URL>;
    client_max_body_size 500M;
   
    
    location /healthcheck {
      return 200;
    }

    location /static/ {
      alias /home/ubuntu/apps/<DJANGO>/static/;
    }


    location / {
        proxy_pass http://localhost:8081;
        #proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Scheme $scheme;
        proxy_read_timeout 180s;
        proxy_connect_timeout 180s;
        proxy_set_header Connection '';
        proxy_http_version 1.1;
        chunked_transfer_encoding off;
        proxy_buffering off;
        proxy_cache off;
        proxy_redirect off;
        proxy_set_header Host $http_host;
    }


    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/<URL>/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/<URL>/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = <URL>) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80 default_server;
    server_name <URL-without-http>;
    return 404; # managed by Certbot

}

다음에 대한 출력sudo netstat -nltup | grep -e 80 -e 443

tcp        0   0 127.0.0.1:8081   0.0.0.0:*       LISTEN      1079/python
tcp        0   0 0.0.0.0:443      0.0.0.0:*       LISTEN      -
tcp        0   0 0.0.0.0:80       0.0.0.0:*       LISTEN      -

도와주세요!

편집: 로그를 자세히 조사한 결과, 다운되기 전에 마지막으로 처리된 요청이 아래 요청인 것을 확인할 수 있었습니다.

"GET /.well-known/acme-challenge/G8e_pHx5B6fm9xuLzrjJmCvOnPbz8NhJFoWgt4dHGsg HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"

이 요청을 게시한 후 certbot의 무언가가 트리거된 것으로 보이며 이때 서버가 시작되지 않습니다.