Configuration of nginx reverse proxy

P

pakka

Dabbler
Joined
Jan 25, 2018
Messages
48
Hi there,
I have problems on setting up my nginx reverse proxy server.
To send all requests from port 80 to 443 I have set these following settings in my nginx.conf-file:

Code:
server {
        listen 80 default_server;
        listen [::]:80 default_server;

        server_name _;
        return 301 https://$host$request_uri;

        include /etc/nginx/snippets/letsencrypt.conf;
...}


But I got an error
socket() [::]:80 failed (43: Protocol not supported)
Click to expand...
on reload.

Is there anything wrong? I found that sample multiple times so I guess it should be a usual thing?!
Further on I have problems to renew my certificates with letsencrypt because port 80 is blocked...

thanks for your help!
 
Jailer

Jailer

Not strong, but bad
Joined
Sep 12, 2014
Messages
4,977
You're not listening on 443 in that configuration. Add it in and it should respond.
 
P

pakka

Dabbler
Joined
Jan 25, 2018
Messages
48
I added Port listening on 443 in an included file.
But nevertheless, it doesnt explain the error 43: Protocol not supported, does it?
 
Jailer

Jailer

Not strong, but bad
Joined
Sep 12, 2014
Messages
4,977
Do you have an IPV6 address?
 
P

pakka

Dabbler
Joined
Jan 25, 2018
Messages
48
Hi Jailer,
no I haven´t IPv6. so I commented this line out and there is no further error on starting nginx.
But instead I got an error on "certbot renew --dry-run" test command:

Attempting to renew cert (xxx.yyyyyy.zz) from /usr/local/etc/letsencrypt/renewal/xxx.yyyyyy.zz.conf produced an unexpected error: Failed authorization procedure. xxx.yyyyyy.zz (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://xxx.yyyyyy.zz/.well-known/acme-challenge/vJEwYE..... [92.222.43.2]: "<html>\r\n<head><title>403 Forbidden</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>403 Forbidden</h1></center>\r\n<hr><center>". Skipping.
Click to expand...

But the command "certbot certonly --rsa-key-size 4096 --webroot -w /var/www/letsencrypt -d xxx.yyyyyy.zz.conf" works...

Thanks for your patience!
 
P

pakka

Dabbler
Joined
Jan 25, 2018
Messages
48
I can imagine there is a problem with the ".well-known/acme-challenge" folder?

This is the included file /nginx/snippets/letsencrypt.conf:
location ^~ /.well-known/acme-challenge/ {
default_type "text/plain";
root /var/www/letsencrypt;
}
Click to expand...

The folder exists...
 
You must log in or register to reply here.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "Configuration of nginx reverse proxy"

Similar threads

N
  • Locked
Reverse Proxy help
Replies
5
Views
4K
NasKar
N
ReadyPlayGo
  • Locked
Remotely Accessing GUI - Nginx 502, Connection Refused
Replies
7
Views
7K
Cheejyg
Cheejyg
T
Nextcloud (jail) behind a reverse proxy (other jail) - configuration problems
Replies
2
Views
6K
TheNASnovice
T
S
[11.2] Web GUI doesn't work behind a reverse proxy
Replies
13
Views
23K
raoul
raoul
N
Unable to use domains on my local network
Replies
12
Views
6K
danb35
danb35
Top