Nginx reverse proxy seems to ignore specified port

Question

I have a gitea server listening on public IP 111.222.333.444, port 3000. If I open http://111.222.333.444:3000 on my browser, I can access normally.

I have an nginx server running on 999.888.777.666. I have domain registered, and the DNS specifies that mysubdomain.example.com points to 999.888.777.666.

In the nginx server config, I have included the following entrance:

server {
    listen 80;
    server_name mysubdomain.example.com;

    location / {
        proxy_pass http://111.222.333.444:3000;
        proxy_set_header Host $host;
        proxy_redirect off;
    }
}

If I access http://mysubdomain.example.com through my browser, I can't access my gitea server. But, if I access http://mysubdomain.example.com:3000, I can successfully reach the server.

Actually, I can remove the port from the nginx config and leave it like this, and my browser experience remains unchanged:

server {
    listen 80;
    server_name mysubdomain.example.com;

    location / {
        proxy_pass http://111.222.333.444;
        proxy_set_header Host $host;
        proxy_redirect off;
    }
}

Why is this happening?

An additional note: I have other reverse proxies set up in this same nginx server in the same fashion that work just fine, with no need to specify the port on top of the subdomain.

What am I doing wrong? What should I change to be able to reach my gitea server on http://mysubdomain.example.com with no need to specify the port?

check `lsof -in :3000,443,80` and also provide the output native of `nginx -T -t` — djdomi, Sep 10 '22 at 16:35
"I can't access my gitea server". Please provide the exact response you get when you try to access the server. — Tero Kilkanen, Sep 10 '22 at 21:43
Do `ping $domainname` _on the same machine as the browser (or `getent hosts $domainname` if Unix); what address do you get? If your browser is set to use a proxy either manually or by something like WPAD and that proxy is on a different machine, check it also. — dave_thompson_085, Sep 11 '22 at 04:23

score 0 · Answer 1 · answered Mar 20 '23 at 08:00

Sorry to reply so late, but hopefully this will be useful to you or someone else in the future:

Assuming your directory permissions are correct, I believe you need to add an upstream connection to proxy gitea via nginx.

Assuming a given configuration file at /etc/nginx/conf.d/mysubdomain.example.com.conf:

# Default gitea port on localhost address (127.0.0.1)

upstream gitea {
    server 127.0.0.1:3000;
}

# Server "root" location should be where gitea is installed

server {
    listen 80;
    server_name mysubdomain.example.com;
    root /var/lib/gitea/public;

    # Give gitea some handling options

    location / {
        try_files maintain.html $uri $uri/index.html @node;
    }

    # And proxy it onward  

    location @node {
        client_max_body_size 0;
        proxy_pass http://localhost:3000;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_max_temp_file_size 0;
        proxy_redirect off;
        proxy_read_timeout 120;

     }

}

And then check under the [server] section in /etc/gitea/app.ini. You want to make sure that you aren't forcing port 3000 twice in the root url:

DOMAIN           = mysubdomain.example.com
HTTP_PORT        = 3000
ROOT_URL         = http://mysubdomain.example.com/

If you add on a certificate then you will want to change the ROOT_URL to https://mysubdomain.example.com/

If this doesn't get you anywhere it may be a permissions issue: The user running gitea needs to have permissions over the gitea directory, so to serve gitea you may need to add nginx to the group of the user running gitea.

Nginx reverse proxy seems to ignore specified port

1 Answers1