0

I'm having this strange issue. I have a local network running a server with my gitlab instance and some webpages. The configuration of my reverse proxy is following:

server {
   server_name my.website.com;
   location / {
proxy_pass http://127.0.0.1:8086;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/my.website.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/my.website.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
if ($host = my.website.com) {
    return 301 https://$host$request_uri;
} # managed by Certbot


listen 80;
server_name my.website.com;
return 404; # managed by Certbot
 }
 server {
listen 80;
server_name service1.website.com;

root /var/www/service1;
index index.php index.html;

location / {
  try_files $uri $uri/ /index.php?$args;
}

location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;  # Adjust this to your PHP-FPM socket path/version
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
   }
 }
 server {
   listen 80;
server_name api.website.com;

root /var/www/api;
index index.php index.html;

location / {
try_files $uri $uri/ /index.php?$args;
}

location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;  # Adjust this to your PHP-FPM socket 
 path/version
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
   }
 }

I have censored the actual URLs, but the rest stays the same.

I have respective ports opened on my router so the websites and services are accessible from the outside. However if I try to connect to the same URL from the local network the server is running on, I'm getting timeout all the time. The only way to get anything else is to directly type in the IP and port and then I'm getting at least an SSL error, but I know this isn't the right way to do so.

What I need is to setup my reverse proxy to also allow connections from localhost the same way it allows it from the outside network.

I've looked at the nginx config, but I don't see any potential issue with the config. Also I have looked at the /etc/hosts file and firewall settings, but couldn't find anything that would look suspicious.

I'd appreciate any help, thank you.

EDIT: I've looked on whether my router supports NAT loopback and indeed it does. I can even ping to the URL of the server, but every connection ends with a timeout.

Just Bucket
  • 11
  • 3
  • you opened the ports on your router? is that a home non business environment? – djdomi Aug 05 '23 at 19:09
  • Yes, the ports are opened, I have 80 and 443 opened for my HTTP and HTTPS connections, then I use the reverse proxy to select the subdomain I want to access, so in my case I need to access gitlab.website.com and the reverse proxy would redirect me to the necessary internal port of the server. I've made a hotfix with adding a record to my /etc/hosts file, but that's really not elegant – Just Bucket Aug 05 '23 at 19:28
  • yes, this is your home network? – djdomi Aug 06 '23 at 05:12
  • Yes, this is my home network – Just Bucket Aug 07 '23 at 11:48
  • Questions on Server Fault must be about managing information technology systems in a business environment. Home and end-user computing questions may be asked on [su] – djdomi Aug 07 '23 at 17:11

0 Answers0