I have some problem with ngnix varnish configuration.
When I connect https://example.com I got this messages:
Error 503 Backend fetch failed
Backend fetch failed
I’m using hitch for configuration and conf file looks like this
/etc/hitch/hitch.conf
## Basic hitch config for use with Varnish and Acmetool
# Listening
frontend = "[*]:443"
ciphers = "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"
# Send traffic to the Varnish backend using the PROXY protocol
backend = "[::1]:6086"
write-proxy-v2 = on
# If you run Varnish 4.0 use this instead
#backend = "[::1]:6081"
#write-proxy-v2 = off
# List of PEM files, each with key, certificates and dhparams
pem-file = "/var/lib/acme/live/example.com/haproxy"
# Set uid/gid after binding a socket
# Uncomment these on CentOS/RHEL
#user = "hitch"
#group = "hitch"
and I’m using acmetool and conf file looks like this
/etc/varnish/acmetool.vcl
# Forward challenge-requests to acmetool, which will listen to port 402
# when issuing lets encrypt requests
backend acmetool {
.host = "127.0.0.1";
.port = "402";
}
sub vcl_recv {
if (req.url ~ "^/.well-known/acme-challenge/") {
set req.backend_hint = acmetool;
return(pass);
}
}
My ports (output of “netstat -peanut” )
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 0 18694 836/hitch
tcp 0 0 0.0.0.0:6081 0.0.0.0:* LISTEN 0 51753 2816/varnishd
tcp 0 0 127.0.0.1:6082 0.0.0.0:* LISTEN 0 51790 2816/varnishd
tcp 0 0 142.93.244.9:443 212.2.212.133:62429 TIME_WAIT 0 0 -
tcp 0 0 142.93.244.9:443 212.2.212.133:62426 FIN_WAIT2 0 0 -
tcp 0 0 142.93.244.9:443 212.2.212.133:62427 FIN_WAIT2 0 0 -
tcp6 0 0 :::443 :::* LISTEN 0 18695 836/hitch
tcp6 0 0 :::6081 :::* LISTEN 0 51754 2816/varnishd
tcp6 0 0 ::1:6086 :::* LISTEN 0 51755 2816/varnishd
tcp6 0 0 ::1:6086 ::1:33656 TIME_WAIT 0 0 -
tcp6 0 0 ::1:6086 ::1:33660 TIME_WAIT 0 0 -