Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HEADS UP: lighttpd replaced by nginx on 2.3

    Scheduled Pinned Locked Moved 2.3-RC Snapshot Feedback and Issues - ARCHIVED
    10 Posts 8 Posters 6.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • jimpJ
      jimp Rebel Alliance Developer Netgate
      last edited by

      tl;dr: We have swapped in nginx for the web sever and removed lighttpd. This is, in all likelihood, the last disruptive change before moving 2.3 to BETA status. This is a new and large change so expect some turbulence, especially on NanoBSD.

      DO NOT USE GITSYNC IF YOU DO NOT HAVE THE NGINX BINARIES YET. Doing so will break your GUI.

      This is a significant binary change, so update using the GUI, option 13 from the console, or using pfSense-upgrade from the shell. Once a 2.3 system has nginx, it will be safe to use gitsync again. For safety, ensure you have WORKING ssh or console (or both) access before updating in case the GUI does not start as expected.

      The base system (Web GUI and CP) are converted. If any packages relied on lighttpd (e.g. pfBlocker), they will need to be adapted as well.

      We have had some issues with lighttpd over the years, such as the XMLRPC sync issues with 2.2.5. Nginx is a better path forward for stability, performance, and adaptability.

      EDIT: There is an issue on NanoBSD where /var/tmp/nginx is missing at boot up. If the GUI does not start, run "mkdir -p /var/tmp/nginx" from a shell prompt and then restart the GUI from the console menu. A fix has been committed, the next new snapshot should behave properly on NanoBSD.

      Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        I guess there is a build running now?

        So far I don't see any update available, currently I have on my APU:
        2.3-ALPHA (amd64)
        built on Mon Jan 04 13:29:40 CST 2016
        FreeBSD 10.2-STABLE

        and it says "You are on the latest version."

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          Hmm all of mine updated OK to a snap from this morning (including my APU) โ€“ you might give the pkg data a nudge: pkg update -f

          Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • S
            Steve_B Netgate
            last edited by

            Same here. All updated OK.

            Als ik kan

            1 Reply Last reply Reply Quote 0
            • W
              whitexp
              last edited by

              updated to 2.3.a.20160105.0524 and my pfsense broken , i dont know whats happens , bcuz i not in my home ( i updated from gui ) .

              >>> Unlocking package pfSense-kernel-pfSense... done.
>>> Downloading upgrade packages...
Checking for upgrades (5 candidates): ..... done
Processing candidates (5 candidates): ..... done
The following 5 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
	pfSense-repo-devel: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-rc: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-kernel-pfSense: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-default-config: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-base: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]

The operation will free 21 KiB.
41 MiB to be downloaded.
Fetching pfSense-repo-devel-2.3.a.20160105.0524.txz: . done
Fetching pfSense-rc-2.3.a.20160105.0524.txz: . done
Fetching pfSense-kernel-pfSense-2.3.a.20160105.0524.txz: .......... done
Fetching pfSense-default-config-2.3.a.20160105.0524.txz: . done
Fetching pfSense-base-2.3.a.20160105.0524.txz: .......... done
Checking integrity... done (0 conflicting)
>>> Upgrading pfSense kernel... 
Checking integrity... done (0 conflicting)
The following 2 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
	pfSense-kernel-pfSense: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-rc: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]

The operation will free 33 B.
[1/2] Upgrading pfSense-rc from 2.3.a.20160104.2246 to 2.3.a.20160105.0524...
[1/2] Extracting pfSense-rc-2.3.a.20160105.0524: . done
[2/2] Upgrading pfSense-kernel-pfSense from 2.3.a.20160104.2246 to 2.3.a.20160105.0524...
===> Keeping a copy of current kernel in /boot/kernel.old
[2/2] Extracting pfSense-kernel-pfSense-2.3.a.20160105.0524: .......... done
Upgrade is complete.ย  Rebooting in 10 seconds.
>>> Locking package pfSense-kernel-pfSense... done.
Success
              1 Reply Last reply Reply Quote 0
              • rbgargaR
                rbgarga Developer Netgate Administrator
                last edited by

                @whitexp:

                updated to 2.3.a.20160105.0524 and my pfsense broken , i dont know whats happens , bcuz i not in my home ( i updated from gui ) .

                >>> Unlocking package pfSense-kernel-pfSense... done.
>>> Downloading upgrade packages...
Checking for upgrades (5 candidates): ..... done
Processing candidates (5 candidates): ..... done
The following 5 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
	pfSense-repo-devel: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-rc: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-kernel-pfSense: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-default-config: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-base: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]

The operation will free 21 KiB.
41 MiB to be downloaded.
Fetching pfSense-repo-devel-2.3.a.20160105.0524.txz: . done
Fetching pfSense-rc-2.3.a.20160105.0524.txz: . done
Fetching pfSense-kernel-pfSense-2.3.a.20160105.0524.txz: .......... done
Fetching pfSense-default-config-2.3.a.20160105.0524.txz: . done
Fetching pfSense-base-2.3.a.20160105.0524.txz: .......... done
Checking integrity... done (0 conflicting)
>>> Upgrading pfSense kernel... 
Checking integrity... done (0 conflicting)
The following 2 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
	pfSense-kernel-pfSense: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-rc: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]

The operation will free 33 B.
[1/2] Upgrading pfSense-rc from 2.3.a.20160104.2246 to 2.3.a.20160105.0524...
[1/2] Extracting pfSense-rc-2.3.a.20160105.0524: . done
[2/2] Upgrading pfSense-kernel-pfSense from 2.3.a.20160104.2246 to 2.3.a.20160105.0524...
===> Keeping a copy of current kernel in /boot/kernel.old
[2/2] Extracting pfSense-kernel-pfSense-2.3.a.20160105.0524: .......... done
Upgrade is complete.ย  Rebooting in 10 seconds.
>>> Locking package pfSense-kernel-pfSense... done.
Success

                Looks like only one of 2 repos got metadata updated, can you run a new upgrade using console option 13 and see if it fixes the issues? I'll check script and add more seatbelts to prevent situations like this in the future

                Renato Botelho

                1 Reply Last reply Reply Quote 0
                • H
                  heper
                  last edited by

                  upgrade to ngix went smooth on my old p4.

                  1 Reply Last reply Reply Quote 0
                  • awebsterA
                    awebster
                    last edited by

                    Upgrade on my lab pfsense running on ESXi 5.5 went smooth.

                    โ€“A.

                    1 Reply Last reply Reply Quote 0
                    • V
                      Valex
                      last edited by

                      Great, so i hope we can use the build-in nginx as reverse proxy and don't need the squid3 package?

                      1 Reply Last reply Reply Quote 0
                      • jimpJ
                        jimp Rebel Alliance Developer Netgate
                        last edited by

                        @Valex:

                        Great, so i hope we can use the build-in nginx as reverse proxy and don't need the squid3 package?

                        Eventually that is the plan, yes. We're looking at Ledge.

                        It's a reverse proxy only though, so there is still a use case for squid as a forward proxy unless someone can whip up a client/forward proxy that works directly in nginx.

                        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                        Need help fast? Netgate Global Support!

                        Do not Chat/PM for help!

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.