Score:-1

Server

Nginx works with IP address but not server name

Jeremy Beale

1/22/23, 3:53 PM

I have Nginx running as a reverse proxy in front of Apache Guacamole. Everything works fine when accessing via IP address with XX.XX.XX.XX:8443. However I can't access via the server_name with "www.trainingserver1.com:8443". Here is the mysite.template file:

server {
    listen      80 default_server;
    server_name _;
    return 444  "No server is currently configured for the requested host." ;
}

server {
    listen       443 ssl;
    server_name  *.trainingserver1.com;

    ssl_certificate /etc/nginx/ssl/self.cert;
    ssl_certificate_key /etc/nginx/ssl/self-ssl.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
    ssl_ecdh_curve secp384r1;
    ssl_session_cache shared:SSL:10m;
    ssl_session_tickets off;
    ssl_stapling off;
    ssl_stapling_verify off;
#        resolver 8.8.8.8 8.8.4.4 valid=300s;
#        resolver_timeout 5s;

    #charset koi8-r;
    #access_log  /var/log/nginx/host.access.log  main;

    location / {
    proxy_pass http://guacamole:8080;
    proxy_buffering off;
    proxy_http_version 1.1;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $http_connection;
    proxy_cookie_path /guacamole/ /;
    access_log off;
    # allow large uploads (default=1m)
    # 4096m = 4GByte
    client_max_body_size 4096m;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}

Here is the nginx.conf file:

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

And lastly here is the docker-compose.yml that starts everything:

version: '3'

networks:
  guacnetwork:
    driver: bridge

services:
  guacamole:
    image: oznu/guacamole
    container_name: guacamole
    volumes:
      - postgres:/config
    restart: always
    networks:
      guacnetwork:
    expose:
      - 8080
    restart: always

  nginx:
   restart: always
   image: nginx
   volumes:
   - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
   - ./nginx/mysite.template:/etc/nginx/conf.d/mysite.template
   - ./nginx/ssl:/etc/nginx/ssl
   ports:
   - 8443:443
   ##   environment:
   ##   - NGINX_HOST=nginx
   ##   - NGINX_PORT=443
   links:
   - guacamole
   networks:
     guacnetwork:
   # install openssl, create self-signed certificate and run nginx
   command: /bin/bash -c "apt-get -y update && apt-get -y install openssl && openssl req -nodes -newkey rsa:2048 -new -x509 -keyout /etc/nginx/ssl/self-ssl.key -out /etc/nginx/ssl/self.cert -subj '/C=DE/ST=BY/L=Hintertupfing/O=Dorfwirt/OU=Theke/CN=www.createyourown.domain/[email protected]' && cp -f -s /etc/nginx/conf.d/mysite.template /etc/nginx/conf.d/default.conf && nginx -g 'daemon off;'"

volumes:
  postgres:
    driver: local

Edit:

Everything in the Nginx config turned out to be Ok. This was a simple DNS record issue. Once the DNS record was fixed then the Nginx server was accessible at www.trainingserver1.com:8443.

170

0 + 0

ssl

nginx

docker-compose

Michael Hampton

1/22/23, 3:56 PM

You posted all your configs, but you forgot to tell us what the problem is that you're having. Give specifics including log entries.

djdomi

1/22/23, 5:03 PM

i think, you are running an issue like `server_name *.trainingserver1.com;` but not `server_name *.trainingserver1.com trainingsserver1.com;` which would let you use the domain itself instead only a subdomain of the domain and also remind, you want to use a reverseproxy for 8443...

Jeremy Beale

1/22/23, 6:20 PM

@djdomi It seems to be the same problem in either case. I tried both ways and still I can only access the server by IP address like XX.XX.XX.XX:8443 but not by name "www.trainingserver1.com:8443"

Jeremy Beale

1/22/23, 6:25 PM

@MichaelHampton Can you reproduce the issue just with these files? All 3 would be in the same directory. Then run `docker-compose up -d` to start nginx + guacamole. Lastly try to access the server by either IP address or server_name. That's where I run into the problem.

Gerald Schneider

1/22/23, 6:35 PM

What is the actual error message you receive? Is your name resolution working?

djdomi

1/22/23, 6:36 PM

@JeremyBeale how should NGINX know about, when you DONT set a reverse-proxy for this case? and furthermore, to use *.trainingserver1.com the dns must be set to wildcard or www.trainingserver1.com has to be set to a valid DNS entry. - since you dont tell the true domain name it isnt easy to help you - we are running here in an [X-And-Y-Problem](https://faq-database.de/doku.php?id=en:x-and-y-problem)

Jeremy Beale

1/22/23, 6:50 PM

@GeraldSchneider The actual message from the web browser is DNS_PROBE_FINISHED_NXDOMAIN

Gerald Schneider

1/22/23, 6:51 PM

So, you don't have a DNS record for that IP. Create one.

Jeremy Beale

1/22/23, 7:36 PM

@GeraldSchneider Thanks! It works now

Score:2

Server

Gerald Schneider

1/23/23, 4:39 AM

The error message DNS_PROBE_FINISHED_NXDOMAIN indicates that the URL you are trying to access cannot be resolved.

You need to create the DNS record for that URL.

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Nginx works with IP address but not server name

TH: Nginx ทำงานร่วมกับที่อยู่ IP แต่ไม่ใช่ชื่อเซิร์ฟเวอร์

RO: Nginx works with IP address but not server name

RU: Nginx работает с IP-адресом, но не с именем сервера

VI: Nginx hoạt động với địa chỉ IP chứ không phải tên máy chủ

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.