Where you can do "sudo nano zoomworks.co.uk.conf", do:
pwd
and for giggles, do also:
find / -name zoomworks.co.uk.conf
7 Likes
found it:
/home/pi/
Lord knows how it ended up in there. (feel pretty daft now).
2 Likes
One less problem in the world!
Also, just because you are on a Pi doesn't mean it isn't doing cPanel.
Some of the initial info was a bit blurry.
7 Likes
If you want to replace the other file with that one:
mv /home/pi/zoomworks.co.uk.conf /etc/nginx/sites-available/zoomworks.co.uk.conf
7 Likes
Now.... I've edited /etc/nginx/sites-available/zoomworks.co.uk.conf
And changed it to:
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name zoomworks.co.uk www.zoomworks.co.uk;
root /usr/share/nginx/html;
location /.well-known/acme-challenge {
root /usr/share/nginx/html;
}
location / {
return 301 https://$host$request_uri;
}
}
When I do this:
sudo nginx -t
I get:
nginx: [emerg] a duplicate default server for 0.0.0.0:80 in /etc/nginx/sites-enabled/zoomworks.co.uk.conf:2
I also can't do this:
sudo systemctl reload nginx
I get:
nginx.service is not active, cannot reload.
If I do this:
sudo systemctl start nginx
I get:
Job for nginx.service failed because the control process exited with error code.
See "systemctl status nginx.service" and "journalctl -xe" for details.
Yeah, sorry, you already have a "dummy" server block setup in this default conf file. It specifies "default_server" and you can only have one of those.
So, either remove it from that, or, probably better is to remove the default_server clauses from both new server blocks you just made (port 80 and 443)
Edit: glad for the tag team with Rudy 
7 Likes
Okay.... back to basics. The default entry is gone, but every time I edit the conf to your suggested values, it breaks nginx. The only config I can get it to work is this one (and it's not secure):
server {
listen 80;
server_name zoomworks.co.uk www.zoomworks.co.uk;
location / {
proxy_pass http://192.168.50.140:5000;
}
}
That resolves to the location I want it to go to, just not using SSL.
I'm reaching that inevitable point where my hair has turned white and my eyes are like pinholes in the snow. 
@copydeskcat Well, I recommend not trying your proxy_pass until you have a working http and https server. No reason to add complexity (you know, walk then run).
And, just 2 minutes ago I saw your HTTP server working well. It redirected to HTTPS.
But, your HTTPS server also redirected to itself so looped.
And, right now your DNS entries are gone so I can't see anything. You probably can on your local network but access from the public internet is broken.
Please show the nginx server conf file that had the "new" server blocks you don't think were working well.
Here is what I saw just a couple minutes ago - which was getting very close
curl -i www.zoomworks.co.uk
(http to https just right)
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Sat, 02 Jul 2022 20:29:50 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://www.zoomworks.co.uk/
curl -Ik https://www.zoomworks.co.uk/
(but, https also redirected to itself so something in server block wrong)
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Sat, 02 Jul 2022 20:30:15 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://www.zoomworks.co.uk/
8 Likes
OOPS. Sorry, my bad. Typo on my part.
What is the contents of the conf file that is not working based on our suggestions
8 Likes
This one works:
server {
listen 80;
server_name zoomworks.co.uk;
location / {
proxy_pass http://192.168.50.140:5000;
}
}
This one doesn't:
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name zoomworks.co.uk www.zoomworks.co.uk;
root /usr/share/nginx/html;
location /.well-known/acme-challenge {
root /usr/share/nginx/html;
}
location / {
return 301 https://$host$request_uri;
}
}
Neither does this one:
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 ssl;
root /usr/share/nginx/html;
index index.html index.htm;
server_name zoomworks.co.uk;
ssl_certificate /etc/letsencrypt/live/zoomworks.co.uk/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/zoomworks.co.uk/privkey.pem;
location / {
try_files $uri $uri/ =404;
}
}
The first one you say "doesnt work" looks fine to me. What about it "doesnt work"? It's only purpose is to redirect to HTTPS and respond to ACME challenge requests. I saw it working fine.
For the second one that doesn't work, that's identical to your first post. You should have adjusted it as I noted in post #2. Now adjusted instructions:
Now, it won't yet do your proxy because we should ensure that HTTP and HTTPS requests work right before adding a complicating element.
But, once http and https are working just replace the try_files with the proxy_pass
7 Likes
Okay.... I've adjusted the conf to this (default_server entries cause Nginx syntax to fail), so they're now removed and the conf looks like this:
server {
listen 80;
listen [::]:80;
server_name zoomworks.co.uk www.zoomworks.co.uk;
root /usr/share/nginx/html;
location /.well-known/acme-challenge {
root /usr/share/nginx/html;
}
location / {
return 301 https://$host$request_uri;
}
}
Which gets me this:
sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
I have to admit to not knowing what you mean by:
* Add IPv6 listen for 443
* Remove listen's for port 80
* Add [www.mydomain.co.uk](http://www.mydomain.co.uk) to the server_name
Your original adjusted like that:
server {
listen 443 ssl;
listen [::]:443 ssl;
root /usr/share/nginx/html;
index index.html index.htm;
server_name zoomworks.co.uk www.zoomworks.co.uk;
ssl_certificate /etc/letsencrypt/live/zoomworks.co.uk/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/zoomworks.co.uk/privkey.pem;
location / {
try_files $uri $uri/ =404;
}
}
7 Likes
Oh, you should also add these to the server with listen 443:
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
7 Likes
Can you see the smile on my face? 
I'm getting the Nginx default html page now, secured. Thank you.
Where should I add these in the conf?
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
1 Like
Right after these:
7 Likes
Those are causing the syntax to fail:
sudo nginx -t
nginx: [emerg] open() "/etc/letsencrypt/options-ssl-nginx.conf" failed (2: No such file or directory) in /etc/nginx/sites-enabled/zoomworks.co.uk.conf:13
nginx: configuration file /etc/nginx/nginx.conf test failed
Hmm. I guess remove those 2 lines then for now.
I need to sign-off for a while. And, I now regret not directing you to use the certbot nginx plug-in instead of standalone and webroot. The plug-in would have handled much of this configuration for you. I didn't expect to have so many challenges getting the config sorted. Sorry.
7 Likes
Hey - no worries at all. I'm the one who should be apologising for being a rank amateur at this!
I'm going to call it a night too - I'll check back in tomorrow. I appreciate your time.
1 Like
OK. Please post your sudo nginx -T results again. Something is not right with your http server (port 80). It is not redirecting to https. I'll look at it later so you can see in morning.
7 Likes