Nginx as reverse proxy not working

sirio_star89 · August 12, 2024, 8:28am

Hello, my name is Marco, this is my first post and I need some advices!
I have my new VPS, I’ve installed Hestia with nginx + php-fpm (without apache) as I’m more familiar using it as reverse proxy, the problem is that I created the template under “/usr/local/hestia/data/templates/web/nginx/php-fpm/” and I’ve created the “Domain” and assigned the template I’ve created.
The point is, that when I try to browse the added domain it will show me the default Success page of hestia (and not doing the proxy rules specified in my template) so, I ask to someone of you more expert, what am I doing wrong?

This is my template:

server {
	include %home%/%user%/conf/web/%domain%/reverseproxy.conf*;
	listen      80;
	server_name %domain_idn% %alias_idn%;
	error_log   /var/log/%web_system%/domains/%domain%.error.log error;

	include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;

	location ~ /\.(?!well-known\/|file) {
		deny all;
		return 404;
	}
}

On the first line I import “reverseproxy.conf” that I create for every domain to reverse proxy and it’s content it like this (I just specify the location / rule, so I can make it customizable for every domain)

location / {
		proxy_pass http://10.8.0.2:8080;
		proxy_set_header Host $host:80;
		proxy_http_version 1.1;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "upgrade";
		proxy_read_timeout 86400;
	}

Any ideas?
This is my settings on the domain I wish to reverse-proxy

Alex_Black · August 12, 2024, 9:20am

It looks like you’ve set up a custom Nginx template for your domain in HestiaCP, but the default success page is still being shown, meaning the custom configuration is not being applied as expected. Here are some steps and tips to troubleshoot and possibly resolve the issue:

Check the Template File Permissions
Ensure that the template files you’ve created under /usr/local/hestia/data/templates/web/nginx/php-fpm/ have the correct ownership and permissions. The files should be owned by root and have permissions set to 644 to make sure they are readable by Hestia.
```
chown root:root /usr/local/hestia/data/templates/web/nginx/php-fpm/your_template_name.stpl
chmod 644 /usr/local/hestia/data/templates/web/nginx/php-fpm/your_template_name.stpl
```
Validate Nginx Configuration
After applying your template, check the Nginx configuration for any errors that might prevent it from working correctly. You can do this with the following command:
```
nginx -t
```
If there are errors, resolve them before proceeding.
Reload Hestia and Nginx Configurations
Once everything is verified to be correct, make sure to reload both Hestia and Nginx to apply the changes:
```
systemctl restart hestia
systemctl reload nginx
```
Check the Generated Configuration File
Go and check the configuration file that Hestia generates for the domain. This is usually located in:
```
/home/your_user/conf/web/your_domain/nginx.conf
```
Ensure that the directives you’ve specified in your template are actually present in this file.
Verify reverseproxy.conf File
Ensure that the reverseproxy.conf file has been correctly created for the specific domain and contains the correct rules for the reverse proxy.
Browser Cache
If everything seems correct, try clearing your browser cache or using a different browser to verify that the changes are actually visible.

Following these steps should help you identify and resolve the issue. If the problem persists, it might be helpful to check the Nginx logs for more details on the errors:

tail -f /var/log/nginx/error.log

If you need further assistance, feel free to ask!

sirio_star89 · August 12, 2024, 9:52am

Hi and thanks for your answer, but I’ve already done those steps but there’s no error in nginx, the template it’s applied succesfully to the domain (checked the nginx.conf and reverseproxy.conf too). Checking the error log it would have been a good advice but nginx it’s running succesfully, there’s no errors. I’m starting to think that it’s because of PHP-FPM, but I don’t know how to check.

sirio_star89 · August 12, 2024, 10:55am

I found the error, it was in my template, somehow nginx want to listen to both ip and port…

so I changed my template to this and it worked:

server {
	include %home%/%user%/conf/web/%domain%/reverseproxy.conf*;
	listen      %ip%:%web_port%;
	server_name %domain_idn% %alias_idn%;
	error_log   /var/log/%web_system%/domains/%domain%.error.log error;

	location ~ /\.(?!well-known\/|file) {
		deny all;
		return 404;
	}
}

Alex_Black · August 12, 2024, 12:36pm

sirio_star89:

server {
	include %home%/%user%/conf/web/%domain%/reverseproxy.conf*;
	listen      %ip%:%web_port%;
	server_name %domain_idn% %alias_idn%;
	error_log   /var/log/%web_system%/domains/%domain%.error.log error;

	location ~ /\.(?!well-known\/|file) {
		deny all;
		return 404;
	}
}

HTTP Server configuration for redirecting to HTTPS

server {
listen 80;
server_name example.com www.example.com;

# Redirect all requests to HTTPS
return 301 https://$host$request_uri;

}

HTTPS Server configuration

server {
listen 443 ssl;
server_name example.com www.example.com;

# Path to SSL certificate and key
ssl_certificate /etc/nginx/ssl/example.com.crt;
ssl_certificate_key /etc/nginx/ssl/example.com.key;

# SSL Configuration
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;

# Error log
error_log /var/log/nginx/domains/example.com.error.log error;

# Include additional configurations like reverse proxy
include /home/username/conf/web/example.com/reverseproxy.conf*;

# Block access to hidden files
location ~ /\.(?!well-known\/|file) {
    deny all;
    return 404;
}

# Additional location block
location / {
    # Here you can add specific configurations
    # like proxy_pass for a web application
}

}

system · September 11, 2024, 12:36pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.