Unable to connect to the server

My domain is: ggc.world

I have a working testing-website with nginx server + letsencrypt’s certificates (issued yesterday) in a pc.
Now I would like, if it is possible, to be able to use a second webapp-server in a laptop, in order to work on the webapp more frequently.
Both pc and laptop have the same OS: Ubuntu 18.04.4 Desktop, and the same nginx server version:
nginx version: nginx/1.14.0 (Ubuntu)

As root, I copied from the pc to the laptop /etc/nginx, /etc/letsencrypt, /var/www, /var/log/letsencrypt, and also copied the testing webapp.

Environment Info in the pc:

(base) marco@pc01:~/webMatters/vueMatters/testproject$ vue info

Environment Info:

  System:
    OS: Linux 5.3 Ubuntu 18.04.4 LTS (Bionic Beaver)
    CPU: (8) x64 Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
  Binaries:
    Node: 12.15.0 - ~/.nvm/versions/node/v12.15.0/bin/node
    Yarn: Not Found
    npm: 6.13.4 - ~/.nvm/versions/node/v12.15.0/bin/npm
  Browsers:
    Chrome: 80.0.3987.100
    Firefox: 72.0.2
  npmPackages:
    @vue/babel-helper-vue-jsx-merge-props:  1.0.0 
    @vue/babel-plugin-transform-vue-jsx:  1.1.2 
    @vue/babel-preset-app:  4.1.2 
    @vue/babel-preset-jsx:  1.1.2 
    @vue/babel-sugar-functional-vue:  1.1.2 
    @vue/babel-sugar-inject-h:  1.1.2 
    @vue/babel-sugar-v-model:  1.1.2 
    @vue/babel-sugar-v-on:  1.1.2 
    @vue/cli-overlay:  4.1.2 
    @vue/cli-plugin-babel: ^4.1.2 => 4.1.2 
    @vue/cli-plugin-eslint: ^4.1.2 => 4.1.2 
    @vue/cli-plugin-router:  4.1.2 
    @vue/cli-plugin-vuex:  4.1.2 
    @vue/cli-service: ^4.1.0 => 4.1.2 
    @vue/cli-shared-utils:  4.1.2 
    @vue/component-compiler-utils:  3.1.1 
    @vue/preload-webpack-plugin:  1.1.1 
    @vue/web-component-wrapper:  1.2.0 
    eslint-plugin-vue: ^5.0.0 => 5.2.3 
    vue: ^2.6.10 => 2.6.11 
    vue-eslint-parser:  5.0.0 
    vue-hot-reload-api:  2.3.4 
    vue-loader:  15.8.3 
    vue-style-loader:  4.1.2 
    vue-template-compiler: ^2.6.10 => 2.6.11 
    vue-template-es2015-compiler:  1.9.1 
  npmGlobalPackages:
    @vue/cli: 4.1.2

Environment Info in the laptop:

(base) marco@marco-U36SG:~/vueMatters/testproject$ vue info
Environment Info:

  System:
    OS: Linux 5.3 Ubuntu 18.04.4 LTS (Bionic Beaver)
    CPU: (4) x64 Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz
  Binaries:
    Node: 12.15.0 - ~/.nvm/versions/node/v12.15.0/bin/node
    Yarn: 1.21.1 - /usr/bin/yarn
    npm: 6.13.4 - ~/.nvm/versions/node/v12.15.0/bin/npm
  Browsers:
    Chrome: 80.0.3987.100
    Firefox: 72.0.2
  npmPackages:
    @vue/babel-helper-vue-jsx-merge-props:  1.0.0 
    @vue/babel-plugin-transform-vue-jsx:  1.1.2 
    @vue/babel-preset-app:  4.1.2 
    @vue/babel-preset-jsx:  1.1.2 
    @vue/babel-sugar-functional-vue:  1.1.2 
    @vue/babel-sugar-inject-h:  1.1.2 
    @vue/babel-sugar-v-model:  1.1.2 
    @vue/babel-sugar-v-on:  1.1.2 
    @vue/cli-overlay:  4.1.2 
    @vue/cli-plugin-babel: ^4.1.2 => 4.1.2 
    @vue/cli-plugin-eslint: ^4.1.2 => 4.1.2 
    @vue/cli-plugin-router:  4.1.2 
    @vue/cli-plugin-vuex:  4.1.2 
    @vue/cli-service: ^4.1.0 => 4.1.2 
    @vue/cli-shared-utils:  4.1.2 
    @vue/component-compiler-utils:  3.1.1 
    @vue/preload-webpack-plugin:  1.1.1 
    @vue/web-component-wrapper:  1.2.0 
    eslint-plugin-vue: ^5.0.0 => 5.2.3 
    vue: ^2.6.10 => 2.6.11 
    vue-eslint-parser:  5.0.0 
    vue-hot-reload-api:  2.3.4 
    vue-loader:  15.8.3 
    vue-style-loader:  4.1.2 
    vue-template-compiler: ^2.6.10 => 2.6.11 
    vue-template-es2015-compiler:  1.9.1 
  npmGlobalPackages:
    @vue/cli: 4.2.2

Now on the laptop the nginx server seems working fine:

(base) marco@marco-U36SG:~$ sudo systemctl status nginx 
● nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
   Active: active (running) since Wed 2020-02-12 18:15:51 CET; 1h 0min ago
     Docs: man:nginx(8)
  Process: 11727 ExecStop=/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile 
/run/nginx.pid (code=exited, status=0/SUCCESS)
  Process: 11741 ExecReload=/usr/sbin/nginx -g daemon on; master_process on; -s reload  
(code=exited, status=0/SUCCESS)
  Process: 11732 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, 
status=0/SUCCESS)
  Process: 11731 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited,
 status=0/SUCCESS)
 Main PID: 11733 (nginx)
    Tasks: 5 (limit: 4548)
   CGroup: /system.slice/nginx.service
           ├─11733 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
           ├─11742 nginx: worker process
           ├─11743 nginx: worker process
          ├─11744 nginx: worker process
          └─11745 nginx: worker process

feb 12 18:15:51 marco-U36SG systemd[1]: Starting A high performance web server and a reverse 
proxy server...
feb 12 18:15:51 marco-U36SG systemd[1]: Started A high performance web server and a reverse 
proxy server.
feb 12 18:15:56 marco-U36SG systemd[1]: Reloading A high performance web server and a reverse 
proxy server.
feb 12 18:15:56 marco-U36SG systemd[1]: Reloaded A high performance web server and a reverse 
proxy server.

(base) marco@marco-U36SG:~$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok

(base) marco@marco-U36SG:~/vueMatters/testproject$ sudo ufw status
[sudo] password for marco: 
Status: inactive

I run the testing-webapp in the laptop:

(base) marco@marco-U36SG:~/vueMatters/testproject$ npm run serve

> testproject@0.1.0 serve /home/marco/vueMatters/testproject
> vue-cli-service serve

 INFO  Starting development server...
98% after emitting CopyPlugin

 DONE  Compiled successfully in 6653ms                                                                                            
7:58:45 PM

  App running at:
  - Local:   http://localhost:8080 
  - Network: http://ggc.world/

  Note that the development build is not optimized.
  To create a production build, run npm run build.

But both SSL Server Test and CheckYourWebsiteServerDaten give me errors:

1 Like

In your screenshots, we see that ggc.world resolved to the IP Address: 2.36.58.214.

When you moved the web-application environment to a different host, did you also update the DNS for ggc.world to point to the new host’s IP address?

2 Likes

Both PC and Laptop are at the moment connected to the same local network:

This is the /etc/nginx/conf.d/default.conf file, identical to the one in the pc:

(base) marco@marco-U36SG:~$ sudo nano /etc/nginx/conf.d/default.conf :

server {
    listen 443 ssl http2 default_server;
    server_name ggc.world;

    ssl_certificate /etc/letsencrypt/live/ggc.world/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/ggc.world/privkey.pem; # managed by Certbot

    ssl_trusted_certificate /etc/letsencrypt/live/ggc.world/chain.pem;

    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    ssl_session_timeout 5m;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-   
    draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:50m;
    #ssl_stapling on;
    #ssl_stapling_verify on;

    access_log /var/log/nginx/ggcworld-access.log combined;

    add_header Strict-Transport-Security "max-age=31536000";
    location = /favicon.ico { access_log off; log_not_found off; }

    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        #proxy_set_header Host $host;
    }
}

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    error_page 497 https://$host:$server_port$request_uri;
    server_name www.ggc.world;
    return 301 https://$server_name$request_uri;

    access_log /var/log/nginx/ggcworld-access.log combined;

    add_header Strict-Transport-Security "max-age=31536000";
    location = /favicon.ico { access_log off; log_not_found off; }

    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_http_version 1.1;
       proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

upstream websocket {
    ip_hash;
    server localhost:3000;
}

server {
    listen 81;
    server_name ggc.world www.ggc.world;

    location ~ ^/(websocket|websocket\/socket-io) {
        proxy_pass http://127.0.0.1:4201;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Forwared-For $remote_addr;
        proxy_set_header Host $host;

        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

This is the DNS Provider’s Control Panel:

PC and Laptop are connected to the same local network - but it is very likely that your router can only forward HTTP/HTTPS traffic to one of those. Verify that it is forwarding to the Internal IP of the device where you are actually running nginx.

So, if you want to serve from the laptop, verify that the router is forwarding HTTP/HTTPS traffic to 192.168.1.4 (according to your screenshot).

Could you please specify where exactly I should check / modify the Internal IP of the device where I’m actually running nginx?
Forgive me, but I looked around, but I didn’t find any place. May be I didn’t look in the right places.

(base) marco@marco-U36SG:~$ /etc/nginx/conf :

user www-data;
worker_processes auto;
pid /run/nginx.pid;

events {
        worker_connections 768;
}

http {

        # Basic Settings

        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        server_names_hash_bucket_size 64;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        # SSL Settings
       ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
        ssl_prefer_server_ciphers on;

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        gzip on;

        include /etc/nginx/conf.d/*.conf;

        fastcgi_buffers 8 16k;
        fastcgi_buffer_size 32k;
        fastcgi_connect_timeout 300;
        fastcgi_send_timeout 300;
        fastcgi_read_timeout 300;

}

(base) marco@marco-U36SG:~$ sudo nano /etc/nginx/conf.d/default.conf :

server {
    listen 443 ssl http2 default_server;
    server_name ggc.world;

    ssl_certificate /etc/letsencrypt/live/ggc.world/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/ggc.world/privkey.pem; # managed by 
      Certbot

    ssl_trusted_certificate /etc/letsencrypt/live/ggc.world/chain.pem;

    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    ssl_session_timeout 5m;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-
    draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:50m;
    #ssl_stapling on;
    #ssl_stapling_verify on;

    access_log /var/log/nginx/ggcworld-access.log combined;

    add_header Strict-Transport-Security "max-age=31536000";
    location = /favicon.ico { access_log off; log_not_found off; }

    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    error_page 497 https://$host:$server_port$request_uri;
    server_name www.ggc.world;
    return 301 https://$server_name$request_uri;

    access_log /var/log/nginx/ggcworld-access.log combined;

    add_header Strict-Transport-Security "max-age=31536000";
    location = /favicon.ico { access_log off; log_not_found off; }

    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

upstream websocket {
    ip_hash;
    server localhost:3000;
}

server {
    listen 81;
    server_name ggc.world www.ggc.world;

    location ~ ^/(websocket|websocket\/socket-io) {
        proxy_pass http://127.0.0.1:4201;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Forwared-For $remote_addr;
        proxy_set_header Host $host;

        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

base) marco@marco-U36SG:~/vueMatters/testproject$ nano webpack.config.js :

{
    "mode": "development",
    "output": {
        "path": __dirname+'/static',
        "filename": "[name].[chunkhash:8].js"
    },
    "module": {
        "rules": [
            {
                "test": /\.vue$/,
                "exclude": /node_modules/,
                "use": "vue-loader"
            },
            {
                "test": /\.pem$/,
                "use": "file-loader"
            }
        ]
   },
    node: {
        __dirname: false,
        __filename: false
    },
    resolve: {
        extension: ['*', '.pem']
    },
    devServer: {
        watchOptions: {
            aggregateTimeout: 300,
            poll: 1000
        },
        https: true,
        compress: true,
        public: 'ggc.world:8181'
    }
}

(base) marco@marco-U36SG:~/vueMatters/testproject$ nano vue.config.js :

module.exports = {
  // options...
  publicPath: '',
  devServer: {
    host: '0.0.0.0',
    port: 8181,
    public: 'ggc.world'
  },
}

Internet Service Provider Firewall settings:

Internet Service Provider Exposed Host - DMZ:
I modified the local IP address exposed to Internet to 192.168.1.4 but still “Unable to connect to the server” :

I also added specific ports for laptop:

ISP-PortMgmt-07

Laptop Firewall settings:

(base) marco@marco-U36SG:~/vueMatters/testproject$ sudo ufw status
Status: inactive
  1. Run ifconfig on both server.
  2. Run nginx -T on both server
  3. Run sudo netstat -tunlp on both server.

On your laptop, your Nginx is listening on port 80 and 443, while your router forwarded port 444 and 81 to the server. There no wonder why you can’t connect. You’ve forwarded ports your device didn’t listen and attempted to connect to then.

Please, correct your port settings and try again.

Thank you

Hi!
This is complete output of ifconfig, nginx -T and sudo netstat -tunlp :

As you can see the ports in the laptop’s nginx configuration are modified according to what I set in ISP’s configuration

It seems like the server is working now.

portqry -e 80 -n ggc.world
Querying target system called:
 ggc.world
Attempting to resolve name to IP address...
Name resolved to 2.36.58.214
querying...
TCP port 80 (http service): LISTENING

portqry -e 443 -n ggc.world
Querying target system called:
 ggc.world
Attempting to resolve name to IP address...
Name resolved to 2.36.58.214
querying...
TCP port 443 (https service): LISTENING

portqry -e 444 -n ggc.world
Querying target system called:
 ggc.world
Attempting to resolve name to IP address...
Name resolved to 2.36.58.214
querying...
TCP port 444 (unknown service): LISTENING

portqry -e 81 -n ggc.world
Querying target system called:
 ggc.world
Attempting to resolve name to IP address...
Name resolved to 2.36.58.214
querying...
TCP port 81 (hosts2-ns service): LISTENING

curl ggc.world
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.14.0 (Ubuntu)</center>
</body>
</html>

curl ggc.world:81
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.14.0 (Ubuntu)</center>
</body>
</html>

curl https://ggc.world
<html>
<head><title>502 Bad Gateway</title></head>
<body bgcolor="white">
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.14.0 (Ubuntu)</center>
</body>
</html>

curl https://ggc.world:444
<html>
<head><title>502 Bad Gateway</title></head>
<body bgcolor="white">
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.14.0 (Ubuntu)</center>
</body>
</html>


Thank you

But running the test-project gives the same “502 Bad Gateway”

(base) marco@marco-U36SG:~/vueMatters/testproject$ npm run serve

testproject@0.1.0 serve /home/marco/vueMatters/testproject
vue-cli-service serve

INFO Starting development server…
98% after emitting CopyPlugin

DONE Compiled successfully in 6824ms 3:59:20 PM

App running at:

Note that the development build is not optimized.
To create a production build, run npm run build.

502 Bad Gateway

nginx/1.14.0 (Ubuntu)

That’s a server configuration issue, not a Let’s Encrypt certificate issue.
P.S. Your original PC gives the same error too.

The pc-webserver was off. Now that is on:

(base) marco@pc01:~/webMatters/vueMatters/testproject$ npm run serve

> testproject@0.1.0 serve /home/marco/webMatters/vueMatters/testproject
> vue-cli-service serve

 INFO  Starting development server...
98% after emitting CopyPlugin

 DONE  Compiled successfully in 893ms                                                                                                                                                                 
4:05:59 PM

  App running at:
  - Local:   http://localhost:8080 
  - Network: http://ggc.world/

 Note that the development build is not optimized.
  To create a production build, run npm run build.

its output is correct:

While when the laptop-webserver is on (and the pc-webserver off):

webapp configuration :

pc:

(base) marco@pc01:~/webMatters/vueMatters/testproject$ nano webpack.config.js :

{
    "mode": "development",
    "output": {
        "path": __dirname+'/static',
        "filename": "[name].[chunkhash:8].js"
    },
    "module": {
        "rules": [
            {
                "test": /\.vue$/,
                "exclude": /node_modules/,
                "use": "vue-loader"
            },
            {
                "test": /\.pem$/,
                "use": "file-loader"
            }
        ]
    },
    node: {
        __dirname: false,
        __filename: false
    },
    resolve: {
        extension: ['*', '.pem']
    },
    devServer: {
        watchOptions: {
            aggregateTimeout: 300,
            poll: 1000
        },
        https: true,
        compress: true,
        public: 'ggc.world:8080'
    }
}

(base) marco@pc01:~/webMatters/vueMatters/testproject$ nano vue.config.js :

module.exports = {
  // options...
  publicPath: '',
  devServer: {
    host: '0.0.0.0',
    port: 8080,
    public: 'ggc.world'
  },
}

Laptop:

(base) marco@marco-U36SG:~/vueMatters/testproject$ nano webpack.config.js :

{
    "mode": "development",
    "output": {
        "path": __dirname+'/static',
        "filename": "[name].[chunkhash:8].js"
    },
    "module": {
        "rules": [
            {
                "test": /\.vue$/,
                "exclude": /node_modules/,
                "use": "vue-loader"
            },
            {
                "test": /\.pem$/,
                "use": "file-loader"
            }
        ]
    },
    node: {
        __dirname: false,
        __filename: false
    },
    resolve: {
       extension: ['*', '.pem']
    },
    devServer: {
        watchOptions: {
            aggregateTimeout: 300,
            poll: 1000
        },
        https: true,
        compress: true,
        public: 'ggc.world:8181'
    }
}

(base) marco@marco-U36SG:~/vueMatters/testproject$ nano vue.config.js :
module.exports = {
// options…
publicPath: ‘’,
devServer: {
host: ‘0.0.0.0’,
//host: ‘192.168.1.4’,
port: 8181,
public: ‘ggc.world’
},
}