But every time I attempt to properly set it up, I keep getting the default nginx message:
# Welcome to nginx!
If you see this page, the nginx web server is successfully installed and working. Further configuration is required.
For online documentation and support please refer to [nginx.org](http://nginx.org/).
Commercial support is available at [nginx.com](http://nginx.com/).
*Thank you for using nginx.*
nginx uses the server_name field to differentiate which server block to use.
I think you are showing us some placeholder hostnames for your privacy (which is fine), like website, and websitehere.
Check in sites-enabled/ if there are any other server blocks, like the default server block.
Because, if you do not match properly the server_name, then nginx will show you whichever is the default website (likely, /etc/nginx/sites-enabled/default).
Forgot to mention that for good measure, I erased the default block files on both the proxy and web container yesterday before I made this thread. Including the removal of the default html directories.
The server_name matches on both proxy and web container, and the fpm socket is also in order. Proxy ports (80/443) has been forwarded as well. Yet, can’t seem to figure out why it keeps showing the default nginx page.
Now, the website does appear to work. But only because I set the main website to use http://
If I change that to https://, I’m getting ERR_TOO_MANY_REDIRECTS.
Yet, no redirection is into place in neither nginx server files. Even IF I disable this part:
server {
if ($host = website) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 proxy_protocol;
listen [::]:80 proxy_protocol;
server_name website;
return 404; # managed by Certbot
}
Ever since I started using containers, SSL is screwed up on multiple websites. While technically the websites works, a lot of back-end are still using http and messing up a lot of stuff.
So… what gives? What should be on the proxy nginx file and what should be on the web nginx file?
Ill build an example tomorrow (today) at some point (probably the afternoon / evening BST) - are you trying to-do SSL termination at the proxy or do you want the webservers to have SSL aswell ?
What do you mean with SSL termination at the proxy?
Currently all SSL certs of all domains are installed on the nginx proxy container. But if you think it’s better / recommended to have them on the web containers instead, I can move them over.
(Its late here so forgive I miss understood - or I have forgot something)
You are trying to proxy requests on port 80 is that required ?
This is a working proxy config file for the proxy instance put this in /etc/nginx/sites-enabled/default - it redirects all HTTP requests to HTTPS then “proxies them” to HTTP servers we then have 2 server blocks for each domain - I dont include all the lets encrypt params because I dont have time to get letsencrypt setup here
On the nginx containers - I just left the default installed nginx config file as it was and this proxied the requests to them no problem, did I miss something?
Put listen [::]:80 in your website containers nginx config file to make sure its also listening on ipv6 (which lxd will use by default)
This could be anyhting - unless you really want to debug it, just stick with the IP address (although I appreciate thats not perfect).
What I know, is that the domain name works in my proxy file and network enviroment (the default LXD network enviroment) so its something wrong with “your” setup (not being confrentational just saying - I cant replicate that behavior here (im more “practical” than “theoretical” + I hate networking with a passion so I cant just say “do XYZ” on this issue)
one “practical test” i can think of is put the IPV6 address instead of the domain name of the container and see if that works (that way you know if its a resolve issue or ipv6)
A just to be a 100% when I say the “domain name” i mean the domain name of the webserver I.E nginx_server.lxd not my_cool_website.com
Ah, that makes a lot of more sense to use the hostname ^_^. While I’d love to do so, the hostname will refer to the containers ipv6 address rather than ipv4.
And thus far, unable to solve that as of yet. Not even sure why the hostname defaults to ipv6 over ipv4.
But, thus far… Really appreciate it! I’m so glad this works properly now.