3

I'm trying to reconfigure my NGINX install to proxy to the local ghost install.

In addition to that, I'm adding SSL (letsencrypt) but I keep getting an error.

The error I get is - 

nginx -t -c /etc/nginx/sites-available/ghost
nginx: [emerg] "server" directive is not allowed here in /etc/nginx/sites-available/ghost:1
nginx: configuration file /etc/nginx/sites-available/ghost test failed

Here is my config 

server {
       listen         80;
       server_name    domainnamehere.com;
       return         301 https://$server_name$request_uri;
}

server {
        listen 443;
        server_name www.nonstopdev.com;
        access_log      /var/log/nginx/domainnamehere.com.access.log;
        error_log       /var/log/nginx/domainnamehere.com.error.log;

        ssl on;
        ssl_certificate         /etc/letsencrypt/live/domainnamehere.com/fullchain.pem;
        ssl_certificate_key     /etc/letsencrypt/live/domainnamehere.com/privkey.pem;


        location / {
                proxy_set_header   X-Real-IP $remote_addr;
                proxy_set_header   Host      $http_host;
                proxy_pass         http://127.0.0.1:2368;
        }
}

The following config works fine without any issues - 

server {
    listen 80;
    server_name mydomainname.com;
    location / {
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_set_header   Host      $http_host;
        proxy_pass         http://127.0.0.1:2368;
    }
}
mutantChickenHer0
  • 223
  • 1
  • 4
  • 14

2 Answers2

3

it looks like an incomplete configuration.

Normal NGINX configuration starts with the nginx.conf file (ie /etc/nginx/nginx.conf) which declares the user, process id, and other necessary stuff followed by an http { } branch. the server {} branches that are typically held in the conf.d directory or else where are typically included at the end of this http{} branch in nginx.conf. so even though they start with server as the out node, it's not really the outer node. it's inside the http node.

if you are loading a config file directly maybe make sure it contains a full nginx config, including these missing parts?

Lindsay Ryan
  • 433
  • 3
  • 9
1

I was able to resolve the issue using the following config file. Looks like its good, there are a number of bugs listed for Ghost and HTTPS redirects. 

server {
    listen 443;

    ssl on;
    server_name mydomain.com www.mydomain.com;
    ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;

    location / {
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_set_header        Host $http_host;
        proxy_intercept_errors  on;
        proxy_pass              http://127.0.0.1:2368;
    }
}

server {
    listen 80;
    server_name mydomain.com;
    return 301 https://$host$request_uri;
}
mutantChickenHer0
  • 223
  • 1
  • 4
  • 14