The issue I am facing:
Service lighttpd starting but stops shortly after.
Message in /var/log/syslog:
can't bind to socket: 0.0.0.0:80: Address already in use
or
can't bind to socket: 192.168.139.235:80: Address already in use
Details about my system:
Ubuntu 22.04.2 LTS on bare metal
Pihole v5.16.2
FTL v5.22
Web v5.19
What I have changed since installing Pi-hole:
Added the file external.conf in /etc/lighttpd.
Added one line in that file: server.port = 88
Tried also with server.port := 88 and adding server.bind = "192.168.139.235"
None of this worked - looks like the file is not read.
Edited the file /etc/lighttpd/lighttpd.conf and replaced server.port = 80 with server.port = 88. Now works as expected.
That error message is your biggest clue. Something else is running which is binding to port 80 before lighttpd can. This would often be another web server, Apache, Ngnix, etc. If you aren't using that service, you could disable it.
BTW, the external.conf file is no longer used. In the release notes of one of the recent updates, it is noted to use an alternative file structure.
Are you updating an older Pi-hole installation or did you install fresh?
The external.conf file was used on older versions. If you are updating previous versions, this should work.
If you are on a fresh install, you can create a file in /etc/lighttpd/conf-enabled/15-pihole-admin-port.conf with the same code you use in your external.conf. (you can use a different file name, if you like)
As suggested (thank you ):
I moved the external.conf to "../conf-enabled" and renamed it to 15-server-port.conf, preserving its content.
The result is the same - its just a different error message.
The error is now about having the parameter server.port mentioned in 2 config files. If I comment this parameter out in lighttpd.conf then the service is started with the port mentioned in 15-server-port.conf.
Assuming this works-as-designed:
What will happen if pihole is updated with a new version of lighttpd? Is this lighttpd.conf then overwritten? And with the same result?
Please upload a debug log and post just the token URL that is generated after the log is uploaded by running the following command from the Pi-hole host terminal:
Your debug log shows lighttpd is using port 88 and nginx is using a few ports, including port 80:
*** [ DIAGNOSING ]: Ports in use
...
tcp:0.0.0.0:88 is in use by lighttpd
...
tcp:0.0.0.0:443 is in use by nginx
tcp:0.0.0.0:99 is in use by nginx
[✗] tcp:0.0.0.0:80 is in use by nginx (https://docs.pi-hole.net/main/prerequisites/#ports)
That line should use the replacement operator (:=), i.e. server.port := 88.
Also note that by convention, your 15-server-port.conf should go to ../conf-available/, with ../conf-enabled/ just containing the respective link to ../conf-available/15-server-port.conf.
That is by no means a hard requirement, but sticking to that convention would allow you to disable a specific *.conf by removing the link from ../conf-enabled/, whithout losing its actual contents, so it can be later re-enabled by re-adding the link in ../conf-enabled/.
Thank you - this one did it (almost):
While IPv6 is disabled via sysctl, lighttpd still starts with IPv6 on port 80 - not 88.
Is there a way to disable this? Or at least reflect port 88?
This was already noticed previously but not mentioned in the initial post:
When doing "service lighttpd status" it says: Warning: mod_auth should be listed in server.modules before dynamic backends such as mod_fastcgi
What does this mean? Should I make other config changes?
Your debug log showed lighttpd to be listening on port 88 for IPv4 exclusively:
*** [ DIAGNOSING ]: Ports in use
(...)
tcp:0.0.0.0:88 is in use by lighttpd
In fact, there is not a single port tied to an IPv6 address in your debug log, and there is also no IPv6 address tied to any of your 20 different network interfaces.
The IPv6 parts are disabled in sysctl.
Any leftovers are removed by changing the respective config files.
Like for example with the ssh service and the nginx services.
The file lighttpd.conf has this line: include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
This line was commented out during the debug run...
If I leave this line active and do ss -tulpn | grep 80, it shows: tcp LISTEN 0 1024 [::]:80 [::]:* users:(("lighttpd",pid=57231,fd=4))
Among a few other lines already in the debug file.
That script is part of the lighttpd package.
The script is called with the correct parameter, but your observation would suggest that it may not honor your custom port override from another custom configuration file
I'm undecided whether that script should or could be fixed by lighttpd or avoided by Pi-hole.
Also, a Pi-hole fix seems less likely (unless it would be really easy), as we are busy working on v6, which wouldn't include lighttpd as dependency anymore.
We'll discuss that within the team.
In the meantime, is that causing real issues for you, even though IPv6 seems disabled on that host?
If so, you should probably keep that line commented out.