Cannot reach Node.js application over HTTPS - node.js

I have an node.js application that is running on port 3000.
Infront of it i run an nginx reverse proxy. It works fine for port 80. I have tried to install an certificate with certbot. Now i have the certificate and set up my proxy to redirect all non HTTPS traffic to HTTPS and on the port 443 i listent to it and pass my connection to my application. Somehow my browser is pending and i dont know why.
Here i have added 2 server blocks:
server {
server_name mywebsite.at www.mywebsite.at;
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/mywebsite.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mywebsite.at/privkey.pem;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
server {
server_name mywebsite.at www.mywebsite.at;
listen 80;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
In this case i can enter http://mywebsite.at but i cant enter https://mywebsite.at. It says "cant reach the website". Any idea why this error appears?
I have runned sudo nginx -t there are no erros.

I have found the problem guys. My port 443 was not open. ufw allow 443 fixed the issue.

Related

Nginx setup for Node Media Server

I'm trying to run node-media-server on a EC2 instance, but i a'm not able to make OBS to connect to the server, here is my Nginx config:
server {
listen 8000;
listen 1935;
server_name example.com;
location / {
proxy_pass http://localhost:$server_port;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
And here is my security group set up:
Any idea what is going on?
Thanks in advance,
I found the problem, the first thing is to setup Nginx to listen on the port 80 only as node-media-server takes care of listening on the ports 8000 and 1935
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://localhost:$server_port;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Second thing is to make sure the ports 8000 and 1935 are open in the server as by default they are not.
Hope it helps to anyone with the same problem.

Nginx reverse proxy mapping does not redirect

I recently started tinkering to solve this problem I was having this problem. So I installed NGINX and set it up so that it forwards the incoming requests on port 80 to port 300 by creating a .conf file in /etc/nginx/conf.d/ location. Here is the configuration file.
server {
listen 80;
server_name xyz.xyz;
location / {
proxy_pass http://127.0.0.1:300;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
But when I hit xyz.xyz I get the default page and when I go to xyz.xyz:300 I get my NodeJS app. Any suggestion?
Seems like it was an issue with SELinux.
I just ran this command and it worked.
setsebool -P httpd_can_network_connect 1

Nginx reverse proxy to NodeJS App causing 502 bad gateway error

I am setting up nginx so that I can access my API built using express through a url like - example.com/api
Here is my nginx config
upstream appfrontend {
server localhost:9008 fail_timeout=0;
}
upstream api {
server localhost:3001;
}
server {
listen 80;
listen [::]:80;
server_name hospoline.com www.hospoline.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
listen [::]:443;
server_name example.com; # replace this with your domain
root /var/www/html/example-certbot-webroot;
# The public and private parts of the certificate are linked here
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
location /.well-known {
root /var/www/html/example;
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://appfrontend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 900s;
}
location /api {
proxy_pass http://api;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
When I visit my site example.com the front end loads perfectly.
When I visit example.com/api/fetch_doctors, I get a 502 bad gateway error.
My API is working fine in localhost. When I send a request to localhost:3001 on my local computer, I get the list of doctors.
Both my front end server and backend server are run using forever.
I am really lost and breaking my head about this for one full day. I have no idea where I'm going wrong. Any help in the right direction would be great! Thank you all!

Reverse proxy nginx port 443 to Node App with SSL

I have setup my express & node app to use my letsencrypt ssl certs as so
var options = {
key: fs.readFileSync('/etc/letsencrypt/live/example.com/privkey.pem'),
cert: fs.readFileSync('/etc/letsencrypt/live/example.com/cert.pem')
};
// Create an HTTP service.
http.createServer(app).listen(3060);
// Create an HTTPS service identical to the HTTP service.
https.createServer(options, app).listen(3061);
I can reach my API at domain.com (hitting port 80 in nginx)
But I can't reach it if I hit https://example.com (port 443)
However I can reach it if I open up port 3061 and request https://example.com:3061 and it works correctly with SSL
My question is, how do I setup nginx to correctly forward requests on port 443 to my server on port 3061 for SSL.
Do I need to include the cert information as suggested elsewhere, if my app is dealing with it?
My nginx config is like this:
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://localhost:3060;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
server {
listen 443 ssl;
server_name example.com;
location / {
proxy_pass https://localhost:3061;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Thanks

nginx settings are correct but fails to proxy: logs show zero error/activity

I have a domain that would hit my nginx proxy to be routed to their nodejs hosted site locally on a different port. About a month ago it stopped working:
DNS A records are fine and forward to correct IP
Website works if I go to ip address with correct port(3100)
Hell, it even works if I type domain.com:3100.
It's an Ec2 instance and port is open to all IP addresses
Here are the config file in the sites-enabled/site-available folder:
server {
listen 80;
server_name www.cpcarpet.com cpcarpet.com;
access_log /var/log/nginx/cpcarpetaccess.log;
error_log /var/log/nginx/cpcarpeterror.error.log debug;
location / {
proxy_pass http://localhost:3100/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
I've restarted the nginx service quite a bit and updated the package but nothing seems to work. Any ideas?
So to clarify what does work:
IP address:3100 works! Ok!
cpcarpet.com:3100 works!(So A records are set correctly) Works! Ok!
www.cpcarpet.com or cpcarpet.com? Does not work! Log files show no access/errors either.
Try this. Hope this helps you.
server {
listen 80;
server_name cpcarpet.com;
location / {
proxy_pass http://localhost:3100;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}

Resources