What's the problem with this nginx configuration?

Thomas Ward teward at thomas-ward.net
Sat May 22 16:35:41 UTC 2021


The error is self explanatory.  You have two default_server entries that end up listening on port 80 on all IPs.

listen 80 default_server;
listen [::]:80 default_server;

As configured this ends up listening on every port 80 on all IPs.  Remove one of these to resolve the error.

⁣Get BlueMail for Android ​


-------- Original Message --------
From: raphy <nginx-forum at forum.nginx.org>
Sent: Sat May 22 10:10:01 EDT 2021
To: nginx at nginx.org
Subject: What's the problem with this nginx configuration?

Hi!!

Due to some issues in packages installed which caused the freezing of the
system, I had to re-install Ubuntu from scratch.

Now  the previous nginx configuration, which previously worked fine, gives
this error:

    ginx: [emerg] a duplicate default server for 0.0.0.0:80 in
/etc/nginx/conf.d/default.conf:54
    nginx: configuration file /etc/nginx/nginx.conf test failed


This is /etc/nginx/conf.g/default.conf : 

server {
    listen 443 ssl http2 default_server;
    server_name grasp.deals;
    ssl_certificate /etc/letsencrypt/live/grasp.deals/fullchain.pem; #
managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/grasp.deals/privkey.pem; #
managed by Certbot

    ssl_trusted_certificate /etc/letsencrypt/live/grasp.deals/chain.pem;

    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    ssl_session_timeout 5m;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers
EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:50m;
    #ssl_stapling on;
    #ssl_stapling_verify on;

    access_log /var/log/nginx/graspdeals-access.log combined;

    add_header Strict-Transport-Security "max-age=31536000";
    location = /favicon.ico { access_log off; log_not_found off; }

    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        #proxy_set_header Host $host;
    }

    # http://nginx.org/en/docs/http/ngx_http_core_module.html#try_files
    #
https://unix.stackexchange.com/questions/585963/nginx-configuration-how-to-load-static-files-other-than-index-html/586567#586567
    location /weights {
      root /home/raphy/www;
      try_files $uri $uri/ =404;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header Host $host;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      # Following is necessary for Websocket support
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
    }

}

server {
    if ($host = grasp.deals) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80 default_server;
    listen [::]:80 default_server;
    error_page 497 https://$host:$server_port$request_uri;
    server_name ggc.world;
    return 301 https://$server_name$request_uri;

    access_log /var/log/nginx/grapdeals-access.log combined;

    add_header Strict-Transport-Security "max-age=31536000";
    location = /favicon.ico { access_log off; log_not_found off; }

    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        #proxy_set_header Host $host;
    }
}

# https://www.nginx.com/blog/nginx-nodejs-websockets-socketio/
# https://gist.github.com/uorat/10b15a32f3ffa3f240662b9b0fefe706
# http://nginx.org/en/docs/stream/ngx_stream_core_module.html

upstream websocket {
    ip_hash;
    server localhost:3000;
}

server {
    listen 81;
    server_name grasp.deals;

    #location / {
    location ~ ^/(websocket|websocket\/socket-io) {
        proxy_pass http://127.0.0.1:4201;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Forwared-For $remote_addr;
        proxy_set_header Host $host;

        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
    }
}
#
https://stackoverflow.com/questions/40516288/webpack-dev-server-with-nginx-proxy-pass


upstream golang-webserver {
    ip_hash;
    server 127.0.0.1:2000;
}

server {

    root /puser/add;

    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers
EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:50m;

    location / {
        proxy_pass http://golang-webserver;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        #proxy_set_header Host $host;
    }
}


What's the problem with this nginx configuration?

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,291599,291599#msg-291599

_______________________________________________
nginx mailing list
nginx at nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20210522/de9989b1/attachment.htm>


More information about the nginx mailing list