From: crodges <crodges@csphy.pw>
To: Julien Lepiller <julien@lepiller.eu>
Cc: help-guix@gnu.org
Subject: Re: nginx refusing connection on port 443
Date: Mon, 30 Aug 2021 08:44:57 -0700 [thread overview]
Message-ID: <4775808.03AtHJ87JN@sceadufaex> (raw)
In-Reply-To: <20210830033530.66525699@tachikoma.lepiller.eu>
On Sunday, August 29, 2021 6:35:30 P.M. PDT Julien Lepiller wrote:
> Le Wed, 25 Aug 2021 21:25:03 -0700,
>
> crodges <crodges@csphy.pw> a écrit :
> > Hello everybody,
> >
> > I'm setting up a guix vps and having some trouble, mainly because I'm
> > getting used to the guix way. After a few tries, I finally got a
> > let's encrypt certificate and nginx configured to read it. Problem
> > is, nginx accepts fine connections on port 80, but when I try 443 I
> > get
> >
> > curl: (7) Failed to connect to lambdashire.com port 443 after 5249
> > ms: Connection refused
> >
> > My first thought was to open port 443 on the firewall, but I don't
> > know how to do that and didn't find how to in a few configuration
> > examples I searched. Is this the right approach, to open the port? If
> > it is, can you please point me to some documentation so I can try to
> > figure out myself?
> >
> > First time posting. Thanks.
>
> Hi crodges,
>
> Could you share your configuration? Especially the part where you
> declare the nginx-service-type? There is a listen field that you should
> set to something like:
>
> (listen '("443 ssl http2" "[::]:443 ssl http2"))
>
> of course, you can adapt it to your needs using the Nginx syntax.
Thanks for the reply Julien,
After playing around with it a little more, a reboot, of all things, did the
trick. So problem solved. In any case, I'll leave my nginx configuration here,
maybe someone find it useful.
(service nginx-service-type
(nginx-configuration
(server-blocks
(list (nginx-server-configuration
;(listen '("80" "443 ssl"))
(server-name '("lambdashire.com"))
(root "/data/www")
(ssl-certificate "/etc/letsencrypt/live/
lambdashire.com/fullchain.pem")
(ssl-certificate-key "/etc/letsencrypt/live/
lambdashire.com/privkey.pem")
(locations
(list
(nginx-location-configuration ;certbot
(uri "/.well-known")
(body (list "root /data/www;"))))))))))
The next thing I'll do is make nginx use only port 443 with ssl. I don't think
it'll be hard, I only need to make sure certbot will like it.
prev parent reply other threads:[~2021-08-30 15:47 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-26 4:25 nginx refusing connection on port 443 crodges
2021-08-30 1:35 ` Julien Lepiller
2021-08-30 15:44 ` crodges [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4775808.03AtHJ87JN@sceadufaex \
--to=crodges@csphy.pw \
--cc=help-guix@gnu.org \
--cc=julien@lepiller.eu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).