You are not logged in.
Pages: 1
I follow the guide of Nginx on ArchWiki add two dir called sites-available and sites-enabled. Then I create /etc/nginx/sites-available/www.conf and link it to sites-enabled
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name malacology.net;
ssl_certificate /etc/nginx/web_ssl/www/1_www.malacology.net_bundle.crt;
ssl_certificate_key /etc/nginx/web_ssl/www/2_www.malacology.net.key;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://120.xx.xxx.xx;
proxy_read_timeout 90;
proxy_redirect http://120.xx.xxx.xx https://malacology.net;
}
}
But it fails.
[root@archlinux sites-available]# systemctl restart nginx
Job for nginx.service failed because the control process exited with error code.
See "systemctl status nginx.service" and "journalctl -xeu nginx.service" for details.
[root@archlinux sites-available]# nginx -t
2021/07/06 20:04:59 [emerg] 1023285#1023285: open() "/etc/nginx/sites-enabled/www.conf" failed (40: Too many levels of symbolic links) in /etc/nginx/nginx.conf:19
nginx: configuration file /etc/nginx/nginx.conf test failed
It works on my Ubuntu but fail on my ArchLinux VPS
Don't speak to silly man. Keep Minimalism.
Offline
post outputs of:
cat /etc/nginx/nginx.conf
ls -l /etc/nginx/sites-enabled
ls -l /etc/nginx/sites-available
Offline
[root@archlinux ~]# cat /etc/nginx/nginx.conf
user root;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
include sites-enabled/*;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
[root@archlinux ~]# ls -l /etc/nginx/sites-enabled
total 0
lrwxrwxrwx 1 root root 35 Jul 6 21:38 www.conf -> /etc/nginx/sites-available/www.conf
[root@archlinux ~]# ls -l /etc/nginx/sites-available
total 4
-rw-r--r-- 1 root root 900 Jul 6 20:11 www.conf
Don't speak to silly man. Keep Minimalism.
Offline
that all looks fine.....
what about:
ls -l /etc/nginx
there has to be an incorrect symlink somewhere.
Offline
[root@archlinux ~]# ls -l /etc/nginx
total 80
-rw-r--r-- 1 root root 1077 Jun 11 06:34 fastcgi.conf
-rw-r--r-- 1 root root 1007 Jun 11 06:34 fastcgi_params
-rw-r--r-- 1 root root 2837 Jun 11 06:34 koi-utf
-rw-r--r-- 1 root root 2223 Jun 11 06:34 koi-win
-rw-r--r-- 1 root root 36345 May 5 04:45 mime.types
-rw-r--r-- 1 root root 2721 Jul 6 20:36 nginx.conf
-rw-r--r-- 1 root root 636 Jun 11 06:34 scgi_params
drwxr-xr-x 2 root root 4096 Jul 6 20:11 sites-available
drwxr-xr-x 2 root root 4096 Jul 6 21:38 sites-enabled
-rw-r--r-- 1 root root 664 Jun 11 06:34 uwsgi_params
drwxr-xr-x 9 root root 4096 Jul 6 19:30 web_ssl
-rw-r--r-- 1 root root 3610 Jun 11 06:34 win-utf
If I shouldn't put my key folder web_ssl in /etc/nginx ?
Last edited by malacology (2021-07-06 16:16:09)
Don't speak to silly man. Keep Minimalism.
Offline
this is the problem:
open() "/etc/nginx/sites-enabled/www.conf" failed (40: Too many levels of symbolic links) in /etc/nginx/nginx.conf:19
its saying that nginx cant open "/etc/nginx/sites-enabled/www.conf" because of a problem with a symbolic link, but from what i can see there shouldnt be a problem.
Offline
I tried to copy it to the folder and found this
Last login: Wed Jul 7 00:23:07 2021 from 183.197.16.169
[root@archlinux ~]# cd /etc/nginx
[root@archlinux nginx]# ls
fastcgi.conf koi-win scgi_params uwsgi_params
fastcgi_params mime.types sites-available web_ssl
koi-utf nginx.conf sites-enabled win-utf
[root@archlinux nginx]# rm sites-enabled/www.conf
[root@archlinux nginx]# cp sites-available/www.conf sites-enabled/www.conf
[root@archlinux nginx]# systemctl restart nginx
Job for nginx.service failed because the control process exited with error code.
See "systemctl status nginx.service" and "journalctl -xeu nginx.service" for details.
[root@archlinux nginx]# nginx -t
2021/07/07 00:36:18 [warn] 1031299#1031299: the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /etc/nginx/sites-enabled/www.conf:10
2021/07/07 00:36:18 [emerg] 1031299#1031299: "location" directive is not allowed here in /etc/nginx/sites-enabled/www.conf:17
nginx: configuration file /etc/nginx/nginx.conf test failed
I fix it but the web told me ERR_TOO_MANY_REDIRECTS
[root@archlinux sites-enabled]# nginx -t
2021/07/07 00:47:20 [warn] 1031657#1031657: could not build optimal types_hash, you should increase either types_hash_max_size: 1024 or types_hash_bucket_size: 64; ignoring types_hash_bucket_size
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@archlinux sites-enabled]# cat sites-enabled/www.conf
cat: sites-enabled/www.conf: No such file or directory
[root@archlinux sites-enabled]# cat /etc/nginx/sites-enabled/www.conf
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name malacology.net;
ssl_certificate /etc/nginx/web_ssl/www/1_www.malacology.net_bundle.crt;
ssl_certificate_key /etc/nginx/web_ssl/www/2_www.malacology.net.key;
# ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://120.xx.xxx.xx;
proxy_read_timeout 90;
proxy_redirect http://120.xx.xxx.xx https://malacology.net;
}
}
I fix the warning by vim /etc/nginx/nginx.conf, but it still reports ERR_TOO_MANY_REDIRECTS
http {
----
types_hash_max_size 4096;
types_hash_bucket_size 64;
----
}
Last edited by malacology (2021-07-06 16:58:58)
Don't speak to silly man. Keep Minimalism.
Offline
i THINK this config should work for your "/etc/nginx/sites-enabled/www.conf":
server {
listen 80;
server_name malacology.net;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name malacology.net;
ssl_certificate /etc/nginx/web_ssl/www/1_www.malacology.net_bundle.crt;
ssl_certificate_key /etc/nginx/web_ssl/www/2_www.malacology.net.key;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://120.xx.xxx.xx;
proxy_read_timeout 90;
proxy_redirect http://120.xx.xxx.xx https://malacology.net;
}
}
pretty sure its cause you have 2 servers listening on http port 80 without a server name
give it a try anyway
Last edited by jonno2002 (2021-07-06 17:09:46)
Offline
Sorry, it also shows ERR_TOO_MANY_REDIRECTS
Jul 07 01:22:03 archlinux systemd[1]: nginx.service: Deactivated successfully.
Jul 07 01:22:03 archlinux systemd[1]: Stopped A high performance web server and a reverse proxy server.
Jul 07 01:22:03 archlinux systemd[1]: Starting A high performance web server and a reverse proxy server...
Jul 07 01:22:03 archlinux systemd[1]: nginx.service: Can't open PID file /run/nginx.pid (yet?) after start: Operation not pertte
Jul 07 01:22:03 archlinux systemd[1]: Started A high performance web server and a reverse proxy server.
Maybe things are caused by nginx.conf
Last edited by malacology (2021-07-06 17:24:52)
Don't speak to silly man. Keep Minimalism.
Offline
try removing this line:
proxy_redirect http://120.xx.xxx.xx https://malacology.net;
Offline
try removing this line:
proxy_redirect http://120.xx.xxx.xx https://malacology.net;
It also doesn't work, still show ERR_TOO_MANY_REDIRECTS
Don't speak to silly man. Keep Minimalism.
Offline
ok take the reverse proxy out of the equation and see if serving the nginx default page works, then go from there
server {
listen 80;
server_name malacology.net;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name malacology.net;
ssl_certificate /etc/nginx/web_ssl/www/1_www.malacology.net_bundle.crt;
ssl_certificate_key /etc/nginx/web_ssl/www/2_www.malacology.net.key;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
}
thats my last post for tonight, hope you figure it out
Offline
ok take the reverse proxy out of the equation and see if serving the nginx default page works, then go from there
server { listen 80; server_name malacology.net; return 301 https://$host$request_uri; } server { listen 443 ssl http2; server_name malacology.net; ssl_certificate /etc/nginx/web_ssl/www/1_www.malacology.net_bundle.crt; ssl_certificate_key /etc/nginx/web_ssl/www/2_www.malacology.net.key; ssl_session_cache builtin:1000 shared:SSL:10m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4; ssl_prefer_server_ciphers on; access_log /var/log/nginx/access.log; location / { root /usr/share/nginx/html; index index.html index.htm; } }
thats my last post for tonight, hope you figure it out
It works, but I found the syncthing nginx configure can't work, it must need 8483 port and the same error present. But other service can work well on the same configure for special port, such as freshrss
Don't speak to silly man. Keep Minimalism.
Offline
Pages: 1