Nginx welcome page instead of app page

marcoippolito · January 27, 2020, 3:10pm

Hi,
Today I’m getting, instead of the web app page, the Nginx Welcome page.

domain name: ggc.world

    (base) marco@pc:~$ sudo nginx -t
    nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
    nginx: configuration file /etc/nginx/nginx.conf test is successful

This is my etc/nginx/conf,d/default.conf file:

    server {
        listen 443 ssl http2 default_server;
        server_name ggc.world www.ggc.world;

        ssl_certificate /etc/ssl/certs/chained.pem;
        ssl_certificate_key /etc/ssl/private/domain.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
        ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-  
draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:50m;
        ssl_dhparam /etc/ssl/certs/dhparam.pem;
        ssl_stapling on;
        ssl_stapling_verify on;

        access_log /var/log/nginx/ggcworld-access.log combined;

        add_header Strict-Transport-Security "max-age=31536000";
        location = /favicon.ico { access_log off; log_not_found off; }
        location / {
            proxy_pass http://192.168.1.7:8080;
            #proxy_pass http://127.0.0.1:443;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
        }
    }

    server {
        #listen 80 default_server;
        listen [::]:80 default_server;
        server_name ggc.world www.ggc.world;
        return 301 https://$host$request_uri;

        access_log /var/log/nginx/ggcworld-access.log combined;

        add_header Strict-Transport-Security "max-age=31536000";
        location = /favicon.ico { access_log off; log_not_found off; }
        location / {
            proxy_pass http://192.168.1.7:8080;
            #proxy_pass http://127.0.0.1:8080;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
        }
    }

How to solve the problem?

Phil · January 27, 2020, 3:34pm

Hi @marcoippolito,

I was able to see the nginx welcome page just as you described. On my second attempt, it appears that your webserver has died.

$ curl -L ggc.world
curl: (7) Failed to connect to ggc.world port 80: Connection timed out

marcoippolito · January 27, 2020, 3:35pm

@Phil Actually I shutted down in order to make more trials.
Now it’s on and should show only the Nginx welcome

JuergenAuer · January 27, 2020, 4:11pm

Hi @marcoippolito

your defined redirect http -> https doesn't work. There are older checks https://check-your-website.server-daten.de/?q=ggc.world with that redirect.

What says

nginx -T

You have to check that server to see, why there is no content. That's an internal problem of your proxy configuration.

marcoippolito · January 27, 2020, 4:15pm

Yes. I think it’s a bad proxy configuration. I’m trying to figure out how to improve it

marcoippolito · January 27, 2020, 4:46pm

@JuergenAuer I need your help. I tried different proxy_pass configuration, but I got stuck:

server {
     listen 443 ssl http2 default_server;
    server_name ggc.world www.ggc.world;

    ssl_certificate /etc/ssl/certs/chained.pem;
    ssl_certificate_key /etc/ssl/private/domain.key;
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-    draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:50m;
    ssl_dhparam /etc/ssl/certs/dhparam.pem;
    #ssl_stapling on;
    #ssl_stapling_verify on;

    access_log /var/log/nginx/ggcworld-access.log combined;

    add_header Strict-Transport-Security "max-age=31536000";
    location = /favicon.ico { access_log off; log_not_found off; }
    location / {
        #proxy_pass http://192.168.1.7:8080;
        #proxy_pass http://127.0.0.1:443;
        #proxy_pass http://192.168.1.7:443;
        proxy_pass http://127.0.0.1:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name ggc.world www.ggc.world;
    return 301 https://$server_name$request_uri;

    access_log /var/log/nginx/ggcworld-access.log combined;

    add_header Strict-Transport-Security "max-age=31536000";
    location = /favicon.ico { access_log off; log_not_found off; }
    location / {
        proxy_pass http://192.168.1.7:8080;
        #proxy_pass http://127.0.0.1:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

Phil · January 29, 2020, 6:51pm

@marcoippolito,

It looks like you need to fix your vhost to allow proxying the websockets in addition to regular app traffic.

Check out these links. Your implementation will most likely be different, but they should put you on a good path.

marcoippolito · January 30, 2020, 1:20pm

Thanks a lot . I’m going to dive into them.

marcoippolito · January 30, 2020, 3:10pm

It doesn’t accept these lines:

upstream webpack_dev_server {
    server sockjs-node;
}

(base) marco@pc:/ sudo systemctl start nginx Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details. (base) marco@pc:/ systemctl status nginx.service
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Thu 2020-01-30 16:09:39 CET; 2s ago
Docs: man:nginx(8)
Process: 21256 ExecStop=/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid (code=exited, status=0/SUCCESS)
Process: 21199 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 23868 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE)
Main PID: 21206 (code=exited, status=0/SUCCESS)

Jan 30 16:09:39 pc systemd[1]: Starting A high performance web server and a reverse proxy server…
Jan 30 16:09:39 pc nginx[23868]: nginx: [emerg] host not found in upstream “sockjs-node” in /etc/nginx/conf.d/default.conf:73
Jan 30 16:09:39 pc nginx[23868]: nginx: configuration file /etc/nginx/nginx.conf test failed
Jan 30 16:09:39 pc systemd[1]: nginx.service: Control process exited, code=exited status=1
Jan 30 16:09:39 pc systemd[1]: nginx.service: Failed with result ‘exit-code’.
Jan 30 16:09:39 pc systemd[1]: Failed to start A high performance web server and a reverse proxy server.

marcoippolito · January 30, 2020, 4:04pm

@Phil

With this /etc/nginx/conf.d/default.conf :

server {
    listen 443 ssl http2 default_server;
    server_name ggc.world;

    ssl_certificate /etc/ssl/certs/chained.pem;
    ssl_certificate_key /etc/ssl/private/domain.key;
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:50m;
    ssl_dhparam /etc/ssl/certs/dhparam.pem;
    #ssl_stapling on;
    #ssl_stapling_verify on;

    access_log /var/log/nginx/ggcworld-access.log combined;

    add_header Strict-Transport-Security "max-age=31536000";
    location = /favicon.ico { access_log off; log_not_found off; }
    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    error_page 497 https://$host:$server_port$request_uri;
    server_name www.ggc.world;
    return 301 https://$server_name$request_uri;

    access_log /var/log/nginx/ggcworld-access.log combined;

    add_header Strict-Transport-Security "max-age=31536000";
    location = /favicon.ico { access_log off; log_not_found off; }
    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

# https://www.nginx.com/blog/nginx-nodejs-websockets-socketio/
# https://gist.github.com/uorat/10b15a32f3ffa3f240662b9b0fefe706
# http://nginx.org/en/docs/stream/ngx_stream_core_module.html

upstream websocket {
    ip_hash;
    server localhost:3000;
}

server {
    listen       81;
    server_name  ggc.world www.ggc.world;

    #location / {
    location ~ ^/(websocket|websocket\/socket-io) {
        proxy_pass http://127.0.0.1:4201;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Forwared-For $remote_addr;
        proxy_set_header Host $host;

        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
     }

}
# https://stackoverflow.com/questions/40516288/webpack-dev-server-with-nginx-proxy-pass

with vue.config.js :

module.exports = {
  // options...
  publicPath: '',
  devServer: {
    host: 'localhost',
  }
}

and with this webpack.config.js :

{
    "mode": "development",
    "entry": [
        "src/index.js",
        "webpack-dev-server/client?http://" + require("os").hostname() + ":3000/" 
    ],
    "output": {
        "path": __dirname+'/static',
        "filename": "[name].[chunkhash:8].js"
    },
    "module": {
        "rules": [
            {
                "test": /\.vue$/,
                "exclude": /node_modules/,
                "use": "vue-loader"
            },
            {
                "test": /\.pem$/,
                "use": "file-loader"
            }
        ]
    },
    plugins: [
        new BrowserSyncPlugin(
            {
                host: 'localhost',
                port: 3000,
                proxy: 'http://localhost:8080'
            },
            {
                reload: false
            }
        ),
    ],
    node: {
        __dirname: false,
        __filename: false
    },
    resolve: {
        extension: ['*', '.pem']
    },
    devServer: {
        watchOptions: {
            aggregateTimeout: 300,
            poll: 1000
        }
    }
}

And still get this error message:

GET https://localhost/sockjs-node/info?t=1580397983088 net::ERR_CONNECTION_REFUSED

Phil · January 30, 2020, 4:14pm

@marcoippolito,

At this point I’m not sure what to suggest because I’m not a webdev. This doesn’t appear to be a problem with your Let’s Encrypt certificate anymore.

marcoippolito · January 30, 2020, 4:27pm

I’m trying to figure out what kind of problem might be.
As far as I understood it’s at the interface between nginx configuration and vue.js configuration.
I’m asking help in different forums and communities (nginx, let’s encrypt, vue.js) because I’m not sure what problem it is, and may be gathering expert clues can help

system · February 29, 2020, 4:27pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.