Welcome! Log In Create A New Profile

Advanced

Adding second server and location - help!

Posted by mjames73 
Forum List Message List New Topic
mjames73
Adding second server and location - help!
September 23, 2018 08:23AM
Ive got a working config for my DO droplet to handle the Ubiquiti Unifi Controller installed on the droplet...i figured this config out and ive had this working for ages with no issues

Basically it bumps the subdomain url from http to https and uses the port 8443 where Tomcat is running, and uses letsencrypt

But now i need to run another web server for a basic page on the same server

Ive installed lighttpd and set the port to 88, the html files are under /var/www/html/admin (/var/www/html being the correct root folder for lighttpd)

But no matter what i do adding another service or location tot he existing config leads to nothing being displayed and the usual 404 500 or 502 errors

I could use a fresh pair of eyes, ive been going around in circles for hours :)

Ive read plenty of articles, but none the wiser, im sure its something simple im missing...

Thanks in advance for any suggestions

Current config below:



#/etc/nginx/sites-enabled/default

server_tokens off;
add_header X-Frame-Options SAMEORIGIN;
add_header X-XSS-Protection "1; mode=block";

server {
listen 80;
server_name default_server;
error_log /var/log/unifi/nginx.log;

location ^~ /.well-known/acme-challenge/ {
default_type "text/plain";
root /var/www/html/letsencrypt;
}
}

server {
listen 443 ssl default_server http2;
server_name wifi.domain.com.au;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_certificate /etc/letsencrypt/live/wifi.domain.com.au/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/wifi.domain.com.au/privkey.pem;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
keepalive_timeout 300;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_stapling on;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA;
add_header Strict-Transport-Security max-age=31536000;
add_header X-Frame-Options DENY;
error_log /var/log/unifi/nginx.log;
client_max_body_size 8M;
proxy_cache off;
proxy_store off;

location / {
include /etc/nginx/proxy_params;
proxy_pass https://127.0.0.1:8443$request_uri;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}



Edited 2 time(s). Last edit at 09/23/2018 08:26AM by mjames73.
Reply Quote
Newer Topic Older Topic
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 241
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready