Yeh, I have no idea what is going on here. There is not mention of covisp.net anywhere in the entire nginx configuration, nor of port 5000 in any of the reverse proxy settings or the sites-enabled files, thought it is the default port the synology users for its DSM web face, nor any idea why 65.121.55.45 is showing up for you anywhere as that is an entirely different IP (one of the name servers for my domain).
I copied the location block from another post here (minus the wwww tyop). About Letsencrypt behind a reverse proxy
Fixing the wwww issue results in a different error.
{"error":102,"file":"client.cpp","msg":"Invalid response from https://sab.kreme.com/login/ [65.121.55.46]: \"<html lang=\\\"en\\\">\\n<head>\\n <title>SABnzbd - Log in</title>\\n\\n <meta http-equiv=\\\"Content-Type\\\" content=\\\"text/html; charset=utf\""}
So the location block isn’t doing what I expected it to do, as that is the login page for sabnzbd (its sites-enabled file is essentially identical to the sonarr one, other than the server name).
The sub domains now load properly, so all of that configuration failure seems to have been caused entirely by the typo in the proxy line. One other thing that is not obvious here is that the main domain is setup for HSTS, so it is https: only.
changing the proxy to http:// and disabling HSTS has not made a difference.