[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: nginx refusing connection on port 443
From: |
crodges |
Subject: |
Re: nginx refusing connection on port 443 |
Date: |
Mon, 30 Aug 2021 08:44:57 -0700 |
On Sunday, August 29, 2021 6:35:30 P.M. PDT Julien Lepiller wrote:
> Le Wed, 25 Aug 2021 21:25:03 -0700,
>
> crodges <crodges@csphy.pw> a écrit :
> > Hello everybody,
> >
> > I'm setting up a guix vps and having some trouble, mainly because I'm
> > getting used to the guix way. After a few tries, I finally got a
> > let's encrypt certificate and nginx configured to read it. Problem
> > is, nginx accepts fine connections on port 80, but when I try 443 I
> > get
> >
> > curl: (7) Failed to connect to lambdashire.com port 443 after 5249
> > ms: Connection refused
> >
> > My first thought was to open port 443 on the firewall, but I don't
> > know how to do that and didn't find how to in a few configuration
> > examples I searched. Is this the right approach, to open the port? If
> > it is, can you please point me to some documentation so I can try to
> > figure out myself?
> >
> > First time posting. Thanks.
>
> Hi crodges,
>
> Could you share your configuration? Especially the part where you
> declare the nginx-service-type? There is a listen field that you should
> set to something like:
>
> (listen '("443 ssl http2" "[::]:443 ssl http2"))
>
> of course, you can adapt it to your needs using the Nginx syntax.
Thanks for the reply Julien,
After playing around with it a little more, a reboot, of all things, did the
trick. So problem solved. In any case, I'll leave my nginx configuration here,
maybe someone find it useful.
(service nginx-service-type
(nginx-configuration
(server-blocks
(list (nginx-server-configuration
;(listen '("80" "443 ssl"))
(server-name '("lambdashire.com"))
(root "/data/www")
(ssl-certificate "/etc/letsencrypt/live/
lambdashire.com/fullchain.pem")
(ssl-certificate-key "/etc/letsencrypt/live/
lambdashire.com/privkey.pem")
(locations
(list
(nginx-location-configuration ;certbot
(uri "/.well-known")
(body (list "root /data/www;"))))))))))
The next thing I'll do is make nginx use only port 443 with ssl. I don't think
it'll be hard, I only need to make sure certbot will like it.