Failed to renew certificate humans.sudoroom.org with error: Could not bind TCP port 80 because it is already in use by another process on this system (such as a web server). Please stop the program in question and then try again.
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/humans.sudoroom.org/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
Failed to renew certificate humans.sudoroom.org with error: Could not bind TCP port 80 because it is already in use by another process on this system (such as a web server). Please stop the program in question and then try again.
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/humans.sudoroom.org/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
Failed to renew certificate humans.sudoroom.org with error: Could not bind TCP port 80 because it is already in use by another process on this system (such as a web server). Please stop the program in question and then try again.
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/humans.sudoroom.org/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
Failed to renew certificate humans.sudoroom.org with error: Could not bind TCP port 80 because it is already in use by another process on this system (such as a web server). Please stop the program in question and then try again.
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/humans.sudoroom.org/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
Failed to renew certificate humans.sudoroom.org with error: Could not bind TCP port 80 because it is already in use by another process on this system (such as a web server). Please stop the program in question and then try again.
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/humans.sudoroom.org/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
Failed to renew certificate humans.sudoroom.org with error: Could not bind TCP port 80 because it is already in use by another process on this system (such as a web server). Please stop the program in question and then try again.
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/humans.sudoroom.org/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
Failed to renew certificate humans.sudoroom.org with error: Could not bind TCP port 80 because it is already in use by another process on this system (such as a web server). Please stop the program in question and then try again.
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/humans.sudoroom.org/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
Failed to renew certificate humans.sudoroom.org with error: Could not bind TCP port 80 because it is already in use by another process on this system (such as a web server). Please stop the program in question and then try again.
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/humans.sudoroom.org/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
I’m new here, but I build this kind of tech infrastructure in my job. I agree with Yardena that it makes sense not to put a web server function directly on an internet front line of defense; if possible you want it somewhere else to avoid opening holes for attackers. You can simply forward (proxy) the needed ports as suggested. If you’re wanting to retire the older server or just avoid complexity of maintaining them both that’s also reasonable, but it isn’t as safe in case Omni or Sudo Room become targets.
As an alternative related to the earlier discussion about logging changes, it might make sense to use some infrastructure tools like cfengine to track changes as code and simultaneously make it possible to trivially rebuild a system if it fails, but maybe not yet as it isn’t familiar to everybody who might be helping.
Sven
