I have two subdomains on my website all serving web apps and a website running on the domain (and www.
) itself; these are:
gitea.mywebsite.co.uk
– running on :3000
and
mail.mywebsite.co.uk
– not yet running
Both of these are configured with DNS CName
entries pointing them to mywebsite.co.uk
and I've checked that these have in-fact propegated.
I want to serve HTTPS
exclusively and consequently have acquired and installed SSL Certificates
for both subdomains and the domain as a whole (I can't afford any of these fancy wildcard certificates).
In order to achieve this, I've set up nginx
to listen on :80
and redirect ALL incoming HTTP
traffic to HTTPS
as such (I'll implement HSTS
once I have everything up and running):
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
This seems to work okay, regardless of what subdomain I enter, I see the browser redirect it to the HTTPS
equivalent.
So the issue appears to occur somewhere during the reverse proxy
stage of the configuration. I want all requests made to gitea.mywbsite.co.uk
to be passed to :3000
to handle. I am achieving this like such:
server {
listen 443 ssl;
server_name gitea.mywebsite.co.uk;
ssl_certificate /etc/ssl/certs/gitea.mywebsite.crt;
ssl_certificate_key /etc/ssl/private/gitea.mywebsite.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
proxy_pass https://localhost:3000/;
}
}
However, whenever I attempt to access this I am greeted by a standard browser "Can't connect" error (note, this isn't the SSL error page).
I can connect to the webapp just fine by loading mywebsite.co.uk:3000
directly so that is definitely running. I've also double-checked the symlink
to sites-enabled
, restarted nginx
and still no luck.
Any ideas?
Best Answer
It would appear that the problem was one borne of my own laziness.
When I symlinked the server blocks I did so like this:
ln -s ./gitea ../sites-enabled/gitea
From within the
sites-available
directory.It would appear that this sort of shorthand doesn't work whilst creating symlinks. So whilst it appeared that the link had been created successfully, the links were actually broken. As soon as I recreated the full paths using the below command it worked just fine.
ln -s /etc/nginx/sites-available/gitea /etc/nginx/sites-enabled/gitea
Thanks Richard Smith for your help!