[ale] Doing Something Dumb with Nginx

Jeremy T. Bouse jeremy.bouse at undergrid.net
Mon Jan 8 22:40:30 EST 2018


I don't recall if nginx will accept the IP as the server_name or not...
Not knowing what all is under the conf.d that could be interacting with
the config as well is limiting as well.

A single simple server block such as:

server {
    server_name www.kennesawmassage.services kennesawmassage.services
xx.xx.xx.xx;
    listen 80;

    location / {
        root /var/www/wangsmassage;
        index index.html;
    }
}

    Should be sufficient... If you don't have any other virtual hosts on
this nginx instance you could change the listen line to be "listen 80
default_server;" as well.

    You will need to have any hostname pointing to the IP address so I
would check that as well.

    My own nginx configuration is as follows:

server {
    server_name undergrid.net www.undergrid.net;
    listen 80;
    access_log off;
    server_tokens off;

    if ($scheme != "https") {
        return 301 https://$host$request_uri;
    }
}

server {
    server_name undergrid.net www.undergrid.net;
    listen 443 ssl;
    access_log off;
    server_tokens off;
    ssl_certificate /etc/letsencrypt/live/www.undergrid.net/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/www.undergrid.net/privkey.pem;
    ssl_trusted_certificate
/etc/letsencrypt/live/www.undergrid.net/chain.pem;
    ssl_session_timeout 1d;
    ssl_session_tickets off;
    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1.2;
    ssl_ciphers
'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';

    # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6
months)
    add_header Strict-Transport-Security max-age=15768000;

    # OCSP Stapling ---
    ssl_stapling on;
    ssl_stapling_verify on;

    location / {
        proxy_pass http://webservers;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Port $server_port;
        proxy_pass_header Server;
        proxy_ignore_client_abort on;
        client_max_body_size 8m;
    }
}

On 1/8/2018 7:49 PM, Jonathan Meek via Ale wrote:
> Sure no problem, Here it is (I changed out the IP address with xxx):
> server {
>     listen       80;
>     server_name  xxx.xxx.xxx.xx;
>    
>     location / {
>         root   /var/www/wangsmassage;
>         index  index.html;
>     }
> }
>
> server {
>     listen       80;
>     server_name  www.kennesawmassage.services;
>    
>     location / {
>         root   /var/www/wangsmassage;
>         index  index.html;
>     }
> }
>
> I tried to do server_name xxx.xxx.xxx.xx www.kennesawmassage.services
> but that didn't work.
>
> Jonathan
>
> On Sun, Jan 7, 2018 at 11:16 PM, Kyle Brieden <kyle at txmoose.com
> <mailto:kyle at txmoose.com>> wrote:
>
>     Hey Jonathan,
>
>     Would you be able to share the server block of the vhost?  That
>     would help us diagnose the issue.
>
>
>
>     ---
>     Very respectfully,
>     Kyle Brieden
>
>
>     On 07-01-2018 21:51, Jonathan Meek via Ale wrote:
>
>         Hello folks,
>
>         I am running into an odd issue setting up Nginx on a Ubuntu
>         16.04 box.
>         I cannot seem to get the domain names to render. If I navigate
>         to the
>         IP address, the site appears no problem but when I navigate to the
>         domain name, it just renders the nginx welcome page.
>
>         I have tried adding the domain name to the server_name
>         parameter to my
>         /etc/nginx/conf.d/virtual.conf and reloading nginx but that didn't
>         work.
>
>         As a side note, I did add the nameservers to domain early this
>         evening, not sure if makes a difference. I did create the A,
>         AAAA, &
>         NS records as well.
>
>         I feel like I am doing something dumb but can't put my finger
>         on it so
>         any pointers in the right direction would be appreciated.
>
>         Jonathan
>         _______________________________________________
>         Ale mailing list
>         Ale at ale.org <mailto:Ale at ale.org>
>         http://mail.ale.org/mailman/listinfo/ale
>         <http://mail.ale.org/mailman/listinfo/ale>
>         See JOBS, ANNOUNCE and SCHOOLS lists at
>         http://mail.ale.org/mailman/listinfo
>         <http://mail.ale.org/mailman/listinfo>
>
>
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20180108/662b3c5f/attachment.html>


More information about the Ale mailing list