5. HEADS UP: lighttpd replaced by nginx on 2.3

HEADS UP: lighttpd replaced by nginx on 2.3

  • Rebel Alliance Developer Netgate

    tl;dr: We have swapped in nginx for the web sever and removed lighttpd. This is, in all likelihood, the last disruptive change before moving 2.3 to BETA status. This is a new and large change so expect some turbulence, especially on NanoBSD.

    DO NOT USE GITSYNC IF YOU DO NOT HAVE THE NGINX BINARIES YET. Doing so will break your GUI.

    This is a significant binary change, so update using the GUI, option 13 from the console, or using pfSense-upgrade from the shell. Once a 2.3 system has nginx, it will be safe to use gitsync again. For safety, ensure you have WORKING ssh or console (or both) access before updating in case the GUI does not start as expected.

    The base system (Web GUI and CP) are converted. If any packages relied on lighttpd (e.g. pfBlocker), they will need to be adapted as well.

    We have had some issues with lighttpd over the years, such as the XMLRPC sync issues with 2.2.5. Nginx is a better path forward for stability, performance, and adaptability.

    EDIT: There is an issue on NanoBSD where /var/tmp/nginx is missing at boot up. If the GUI does not start, run "mkdir -p /var/tmp/nginx" from a shell prompt and then restart the GUI from the console menu. A fix has been committed, the next new snapshot should behave properly on NanoBSD.

    0
  • P

    I guess there is a build running now?

    So far I don't see any update available, currently I have on my APU:
    2.3-ALPHA (amd64)
    built on Mon Jan 04 13:29:40 CST 2016
    FreeBSD 10.2-STABLE

    and it says "You are on the latest version."

    0
  • Rebel Alliance Developer Netgate

    Hmm all of mine updated OK to a snap from this morning (including my APU) – you might give the pkg data a nudge: pkg update -f

    0
  • S
    Developer Netgate

    Same here. All updated OK.

    0
  • W

    updated to 2.3.a.20160105.0524 and my pfsense broken , i dont know whats happens , bcuz i not in my home ( i updated from gui ) .

    >>> Unlocking package pfSense-kernel-pfSense... done.
>>> Downloading upgrade packages...
Checking for upgrades (5 candidates): ..... done
Processing candidates (5 candidates): ..... done
The following 5 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
	pfSense-repo-devel: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-rc: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-kernel-pfSense: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-default-config: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-base: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]

The operation will free 21 KiB.
41 MiB to be downloaded.
Fetching pfSense-repo-devel-2.3.a.20160105.0524.txz: . done
Fetching pfSense-rc-2.3.a.20160105.0524.txz: . done
Fetching pfSense-kernel-pfSense-2.3.a.20160105.0524.txz: .......... done
Fetching pfSense-default-config-2.3.a.20160105.0524.txz: . done
Fetching pfSense-base-2.3.a.20160105.0524.txz: .......... done
Checking integrity... done (0 conflicting)
>>> Upgrading pfSense kernel... 
Checking integrity... done (0 conflicting)
The following 2 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
	pfSense-kernel-pfSense: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-rc: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]

The operation will free 33 B.
[1/2] Upgrading pfSense-rc from 2.3.a.20160104.2246 to 2.3.a.20160105.0524...
[1/2] Extracting pfSense-rc-2.3.a.20160105.0524: . done
[2/2] Upgrading pfSense-kernel-pfSense from 2.3.a.20160104.2246 to 2.3.a.20160105.0524...
===> Keeping a copy of current kernel in /boot/kernel.old
[2/2] Extracting pfSense-kernel-pfSense-2.3.a.20160105.0524: .......... done
Upgrade is complete.  Rebooting in 10 seconds.
>>> Locking package pfSense-kernel-pfSense... done.
Success
    0
  • Developer Netgate Administrator

    @whitexp:

    updated to 2.3.a.20160105.0524 and my pfsense broken , i dont know whats happens , bcuz i not in my home ( i updated from gui ) .

    >>> Unlocking package pfSense-kernel-pfSense... done.
>>> Downloading upgrade packages...
Checking for upgrades (5 candidates): ..... done
Processing candidates (5 candidates): ..... done
The following 5 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
	pfSense-repo-devel: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-rc: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-kernel-pfSense: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-default-config: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-base: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]

The operation will free 21 KiB.
41 MiB to be downloaded.
Fetching pfSense-repo-devel-2.3.a.20160105.0524.txz: . done
Fetching pfSense-rc-2.3.a.20160105.0524.txz: . done
Fetching pfSense-kernel-pfSense-2.3.a.20160105.0524.txz: .......... done
Fetching pfSense-default-config-2.3.a.20160105.0524.txz: . done
Fetching pfSense-base-2.3.a.20160105.0524.txz: .......... done
Checking integrity... done (0 conflicting)
>>> Upgrading pfSense kernel... 
Checking integrity... done (0 conflicting)
The following 2 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
	pfSense-kernel-pfSense: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]
	pfSense-rc: 2.3.a.20160104.2246 -> 2.3.a.20160105.0524 [pfSense-core]

The operation will free 33 B.
[1/2] Upgrading pfSense-rc from 2.3.a.20160104.2246 to 2.3.a.20160105.0524...
[1/2] Extracting pfSense-rc-2.3.a.20160105.0524: . done
[2/2] Upgrading pfSense-kernel-pfSense from 2.3.a.20160104.2246 to 2.3.a.20160105.0524...
===> Keeping a copy of current kernel in /boot/kernel.old
[2/2] Extracting pfSense-kernel-pfSense-2.3.a.20160105.0524: .......... done
Upgrade is complete.  Rebooting in 10 seconds.
>>> Locking package pfSense-kernel-pfSense... done.
Success

    Looks like only one of 2 repos got metadata updated, can you run a new upgrade using console option 13 and see if it fixes the issues? I'll check script and add more seatbelts to prevent situations like this in the future

    0
  • H

    upgrade to ngix went smooth on my old p4.

    0

  • Upgrade on my lab pfsense running on ESXi 5.5 went smooth.

    0
  • V

    Great, so i hope we can use the build-in nginx as reverse proxy and don't need the squid3 package?

    0
  • Rebel Alliance Developer Netgate

    @Valex:

    Great, so i hope we can use the build-in nginx as reverse proxy and don't need the squid3 package?

    Eventually that is the plan, yes. We're looking at Ledge.

    It's a reverse proxy only though, so there is still a use case for squid as a forward proxy unless someone can whip up a client/forward proxy that works directly in nginx.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy