nginx: [emerg] open() "/config/nginx/nginx.conf" failed (2: No such file or directory)
Help me please!
Looks like your container failed at some point during startup. Please share the logs for the web container.
same here
I am setting up everything as in the README
I am running it as root (not with sudo) in case that makes a difference
web log:
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-set-timezone: executing...
[cont-init.d] 01-set-timezone: exited 0.
[cont-init.d] 10-config: executing...
generating self-signed keys in /config/keys, you can replace these with your own keys if required
[cont-init.d] 10-config: exited 2.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
BUT when executing that logs command I get a huge amount (100+) of lines that say
nginx: [emerg] open() "/config/nginx/nginx.conf" failed (2: No such file or directory)
The other images also have permission problems:
jitsi/jvb log:
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-set-timezone: executing...
[cont-init.d] 01-set-timezone: exited 0.
[cont-init.d] 10-config: executing...
/var/run/s6/etc/cont-init.d/10-config: line 4: /config/sip-communicator.properties: Permission denied
[cont-init.d] 10-config: exited 1.
[cont-init.d] done.
[services.d] starting services
cp: cannot create regular file '/config/logging.properties': Permission denied
chown: cannot read directory '/config': Permission denied
[services.d] done.
jitsi/jicofo logs:
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-set-timezone: executing...
[cont-init.d] 01-set-timezone: exited 0.
[cont-init.d] 10-config: executing...
/var/run/s6/etc/cont-init.d/10-config: line 4: /config/sip-communicator.properties: Permission denied
cp: cannot create regular file '/config/logging.properties': Permission denied
chown: cannot read directory '/config': Permission denied
[cont-init.d] 10-config: exited 1.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
and so on...
My setup:
CentOS Linux release 7.7.1908 (Core)
Linux 3.10.0-1062.1.2.el7.x86_64
Docker version 1.13.1, build cccb291/1.13.1
docker-compose version 1.18.0, build 8dd22a9
Ok, now I removed everything and started doing it as a user, not root, not sudo.
After the first time running I can find the following in the logs:
jitsi/web:
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-set-timezone: executing...
[cont-init.d] 01-set-timezone: exited 0.
[cont-init.d] 10-config: executing...
generating self-signed keys in /config/keys, you can replace these with your own keys if required
mkdir: cannot create directory '/config/nginx': Permission denied
mkdir: cannot create directory '/config/keys': Permission denied
Generating a RSA private key
.......+++++
.....................................................+++++
writing new private key to '/config/keys/cert.key'
req: Can't open "/config/keys/cert.key" for writing, No such file or directory
Can't open /config/nginx/dhparams.pem for writing, No such file or directory
140551051849792:error:02001002:system library:fopen:No such file or directory:../crypto/bio/bss_file.c:74:fopen('/config/nginx/dhparams.pem','w')
140551051849792:error:2006D080:BIO routines:BIO_new_file:no such file:../crypto/bio/bss_file.c:81:
cp: cannot create regular file '/config/nginx/nginx.conf': No such file or directory
/var/run/s6/etc/cont-init.d/10-config: line 61: /config/nginx/meet.conf: No such file or directory
/var/run/s6/etc/cont-init.d/10-config: line 65: /config/nginx/ssl.conf: No such file or directory
/var/run/s6/etc/cont-init.d/10-config: line 69: /config/nginx/site-confs/default: No such file or directory
cp: cannot create regular file '/config/config.js': Permission denied
sed: can't read /config/config.js: No such file or directory
cp: cannot create regular file '/config/interface_config.js': Permission denied
sed: can't read /config/interface_config.js: No such file or directory
[cont-init.d] 10-config: exited 2.
[cont-init.d] done.
[services.d] starting services
nginx: [emerg] open() "/config/nginx/nginx.conf" failed (2: No such file or directory)
[services.d] done.
Followed by a lot a lot of lines of this:
nginx: [emerg] open() "/config/nginx/nginx.conf" failed (2: No such file or directory)
The other images have the same Permission denied as above.
Can you try removing the /config volumes from the docker-compose file and tell me if it works?
so I removed all /config volumes from the docker-compose.yml and it works fine
Do I not need them or what does it mean?
I think it's related to SElinux:
https://github.com/jitsi/docker-jitsi-meet/issues/201
https://github.com/jitsi/docker-jitsi-meet/pull/204
https://github.com/moby/moby/issues/24508#issuecomment-287321853
Not SElinux related for me, as it's disabled on the host I am testing on. Still seeing nginx issues.
Also looks like it's trying to do letsencrypt before it tries to even start nginx as LE fails, then a few seconds later there are messages in the web log for:
nginx: [emerg] open() "/config/nginx/nginx.conf" failed (2: No such file or directory)
So something doesn't seem right somewhere.
Removing all the /config volumes from docker-compose.yml doesn't make it work either.
That's following the guide here: https://github.com/jitsi/docker-jitsi-meet#jitsi-meet-on-docker
OS: CentOS 7.7.1908 - Had the same issue on CentOS 8 as well.
Where is your config volume located and what permissions does it have?
755 inside my home dir, owned by my user.
Had the same issue. I switched back to jitsi/web:4101 and it's working now, so it must be one of the recent commits that broke it.
@KarlAustin are you running docker-compose as root?
Also, can you share the logs of your web container start?
I'm thinking about if it's possible that the docker deamon may run without root.
Ah, so the Problem was ENABLE_LETSENCRYPT=1 (default in a popular ansible script) with a non-public hostname in LETSENCRYPT_DOMAIN, and commit cd4a071ed4fbf7d7351964acbfa8011e6ebb40e6. Previously, letsencrypt issues were ignored, but it now cancels the nginx setup (but does not stop the container). The intention is good, but the letsencrypt error goes unnoticed in the nginx error logs.
This does not occur with (the default) ENABLE_LETSENCRYPT=0.
I think @jomo's on the money.
I have a container that was previously working, but now is not. I've made the dumb decision to create/destroy a droplet instead of just keeping it running. You do this enough times and you'll exceed the LetsEncrypt Rate Limit for renewing a subdomain more than 5 times a week :P - this is what I get for being cheap with Digital Ocean.
I was also able to replicate the issue with https:// in front of my letsencrypt domain setting.
The key is to just look at the web logs. docker container logs jits_web_1 (usually), and it's laid out in plain English.
root@jitsi:~/jitsi# docker container logs jitsi_web_1
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-set-timezone: executing...
WARNING: Vancouver/America is not a valid time zone.
[cont-init.d] 01-set-timezone: exited 1.
[cont-init.d] 10-config: executing...
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many certificates already issued for exact set of domains: meet.trevdev.ca: see https://letsencrypt.org/docs/rate-limits/
Please see the logfiles in /var/log/letsencrypt for more details.
IMPORTANT NOTES:
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
Failed to obtain a certificate from the Let's Encrypt CA.
Exiting.
[cont-init.d] 10-config: exited 1.
Good catch! We need to make the container fail when cont-init fails. I wonder if there is a specific exit code we need to give. I鈥檒l look into it.
I pushed https://github.com/jitsi/docker-jitsi-meet/commit/3524a526be4edb8832a4811f6c1de97f48fd5dc4 which makes the container fail entirely if the cont-init script ddoesn't exit succesfully.
Hi, @saghul so long without contacting you.
I have the same problem, I did the last pull from the repository, but the error continues.
This is the error:

greetings my friend
@pkecastillo Is the domain entered correctly into your config, without the http(s):// part, and if it is, does that domain point at the server you're trying to claim a certificate for?
@trev-dev hi, thanks for your response.
Exactly, I have checked that it is without http(s)://
The sub-domain example (testdomain.simpless.com) is only example for this post, because my true subdomain is fine.
Any idea or other detail for check?
thanks!
@trev-dev Which ports are you provisioning on in your config? I'm curious as it may be port 80 is blocked before LetsEncrypt can use it.
@trev-dev Free ports 80 and 443, without firewall. 100% available for use by letsencrypt. I made sure it was so.
My doubt is just this happens to me 2 days ago. And analyzing what he said, @saghul here 3524a52 it seems strange to me, because I have the latest update.
You might have forgotten to docker-compose pull?