Solved it myself by referencing other posts.
Thanks to those posts and others.
[Causes]
Ports 80 and 443 are 'privileged' or 'well-known' ports commonly used at the system level.
End-user or end-of-life applications cannot bind directly to these ports, usually requiring administrator privileges(sudo
).
When Ignition Gateway attempted to bind to these ports, an error such as Failed to bind to 0.0.0.0/0.0.0.0:80
occurred because it did not have the required privileges.
[Trouble shooting]
On wrapper.log, there are noticeable log in it.
INFO | jvm 2 | 2023/09/13 15:35:06 | I [g.WebServerManager ] [06:35:05]: Starting setup
INFO | jvm 2 | 2023/09/13 15:35:06 | I [g.WebServerManager ] [06:35:05]: Setup complete
INFO | jvm 2 | 2023/09/13 15:35:06 | I [g.WebServerManager ] [06:35:06]: Starting up
INFO | jvm 2 | 2023/09/13 15:35:06 | I [g.SslManager ] [06:35:06]: State refreshed state=SELF_SIGNED_CERTIFICATE
INFO | jvm 2 | 2023/09/13 15:35:06 | I [C.SecureRandomProvider ] [06:35:06]: Secure random seed generated in 1ms
INFO | jvm 2 | 2023/09/13 15:35:06 | I [o.e.j.s.Server ] [06:35:06]: jetty-10.0.13; built: 2022-12-07T20:13:20.134Z; git: 1c2636ea05c0ca8de1ffd6ca7f3a98ac084c766d; jvm 11.0.18+10-LTS
INFO | jvm 2 | 2023/09/13 15:35:06 | WrapperSimpleApp:
INFO | jvm 2 | 2023/09/13 15:35:06 | WrapperSimpleApp Error: Encountered an error running main:
INFO | jvm 2 | 2023/09/13 15:35:06 | WrapperSimpleApp Error: MultiException[java.io.IOException: Failed to bind to 0.0.0.0/0.0.0.0:80, java.io.IOException: Failed to bind to 0.0.0.0/0.0.0.0:443]
Judging from these logs, it is clear that I changed the HTTP/HTTPS port caused the error.
Search for forums with these phrase:
java.io.IOException: Failed to bind to 0.0.0.0/0.0.0.0:80
java.io.IOException: Failed to bind to 0.0.0.0/0.0.0.0:443
.
I found posts above and edited service file on /etc/systemd/system/Ignition-Gateway.service
.
Add following string: AmbientCapabilities=CAP_NET_BIND_SERVICE
[Unit]
Description=Ignition-Gateway
After=syslog.target
[Service]
Type=forking
ExecStart=/usr/local/bin/ignition/ignition.sh start sysd
ExecStop=/usr/local/bin/ignition/ignition.sh stop sysd
User=fci
KillMode=process
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
As this service file is updated, following command is required:
sudo systemctl daemon-reload
Restart the Ignition Gateway again:
me@myserver:~$ /usr/local/bin/ignition/ignition.sh start
Starting Ignition-Gateway with systemd...
Waiting for Ignition-Gateway...
running: PID:11935
Now I can see the process listening on 80/443
me@myserver:~$ sudo lsof -i :80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
java 11956 me xxxx IPv6 72669 0t0 TCP *:http (LISTEN)
me@myserver:~$ sudo lsof -i :443
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
java 11956 me xxxx IPv6 72670 0t0 TCP *:https (LISTEN)