[GLLUG] nginx oops!

MJ mirojrsc at yahoo.co.uk
Sun Nov 29 13:46:41 UTC 2020

as requested by Mr. Winters
here it is in public, my novice, mistakes ;(
/etc/nginx/sites-enabled# ls
 default diaspora

default serves it's index page via IP
# Default server configuration
server {
 listen 80 default_server;
 listen [::]:80 default_server;

 # SSL configuration
 # listen 443 ssl default_server;
 # listen [::]:443 ssl default_server;
 # Note: You should disable gzip for SSL traffic.
 # See: https://bugs.debian.org/773332
 # Read up on ssl_ciphers to ensure a secure configuration.
 # See: https://bugs.debian.org/765782
 # Self signed certs generated by the ssl-cert package
 # Don't use them in a production server!
 # include snippets/snakeoil.conf;

 root /var/www/html;

 # Add index.php to the list if you are using PHP
 index index.html index.htm index.nginx-debian.html;

 server_name _;

 location / {
 # First attempt to serve request as file, then
 # as directory, then fall back to displaying a 404.
 try_files $uri $uri/ =404;

 # pass PHP scripts to FastCGI server
 #location ~ \.php$ {
 # include snippets/fastcgi-php.conf;
 # # With php-fpm (or other unix sockets):
 # fastcgi_pass unix:/run/php/php7.3-fpm.sock;
 # # With php-cgi (or other tcp sockets):
 # fastcgi_pass;

 # deny access to .htaccess files, if Apache's document root
 # concurs with nginx's one
 #location ~ /\.ht {
 # deny all;

# Virtual Host configuration for example.com
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#server {
# listen 80;
# listen [::]:80;
# server_name example.com;
# root /var/www/example.com;
# index index.html;
# location / {
# try_files $uri $uri/ =404;
# }

However, diaspora via http://pod.non-mundane.org is 502 Bad Gateway

upstream diaspora_server {
 server unix:/home/diaspora/diaspora/tmp/diaspora.sock;

server {
 listen 80;
 listen [::]:80;
 server_name pod.non-mundane.org;
 return 301 https://pod.non-mundane.org$request_uri;

 access_log /dev/null;
 error_log /dev/null;

server {
 listen 443 ssl http2;
 listen [::]:443 ssl http2;
 server_name pod.non-mundane.org;

 access_log /var/log/nginx/dspr-access.log;
 error_log /var/log/nginx/dspr-error.log;

 ssl_certificate /etc/letsencrypt/live/pod.non-mundane.org/fullchain.pem;
 ssl_certificate_key /etc/letsencrypt/live/pod.non-mundane.org/privkey.pem;

 ssl_protocols TLSv1.2;
 ssl_ecdh_curve X25519:P-521:P-384:P-256;
 ssl_prefer_server_ciphers on;
 ssl_session_cache shared:SSL:10m;

 root /home/diaspora/diaspora/public;

 client_max_body_size 5M;
 client_body_buffer_size 256K;

 try_files $uri @diaspora;

 location /assets/ {
 expires max;
 add_header Cache-Control public;
 location @diaspora {
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_set_header X-Forwarded-Proto https;
 proxy_set_header Host $http_host;
 proxy_redirect off;
 proxy_pass http://diaspora_server;


Perhaps there were some small ommision in the HOWTO and Iam nu aware of things, as I can 
use hand tools and weld etc, but programming is a higher challenge.

This is first test run on an ITX system.     On Sunday, 29 November 2020, 13:19:45 GMT, John Winters via GLLUG <gllug at mailman.lug.org.uk> wrote:  
 On 29/11/2020 13:13, MJ wrote:
> Thank you John. I am humbled. I purposely did not include all info.
> domain:
> pod.non-mundane.org
> IP serving it:

Please keep the conversation on the list.

Interesting effect.  As you say, accessing the IP address gives the 
default Nginx page whilst going for the domain name gives a 502 error 
generated by Nginx.

john at knight:~$ host pod.non-mundane.org
pod.non-mundane.org has address
john at knight:~$

The two match, so there must be some host-name specific configuration in 
your Nginx setup.

Let's see the contents of any files which you have put (or put symbolic 
links to) in /etc/nginx/sites-enabled/.


Xronos Scheduler - https://xronos.uk/
All your school's schedule information in one place.
Timetable, activities, homework, public events - the lot
Live demo at https://schedulerdemo.xronos.uk/

GLLUG mailing list
GLLUG at mailman.lug.org.uk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20201129/50cbd80a/attachment-0001.html>

More information about the GLLUG mailing list