Search code examples
nginxdnswebserverrouternat

Can't connect to my webserver from within the local network

It works from outside (ipv4).

My nginx configuration has to be messed up, since when I browse for 192.168.xxx.xxx (address of my webserver), I get forwarded to my homepage's DNS. Even if I use "localhost" or "0.0.0.0" in my browser bar on the webserver itself, it doesn't work.

Can anyone tell me how to properly solve this? If I insert anything else than "cooldomain.com", it won't be reachable from the outside, right? But there has to be a solution.

The nginx server is running in a docker container, which is based on the official nginx image.

This is my nginx config file:

server {
    listen 80;
    listen 443 ssl http2;
    server_name cooldomain.com;
    ssl_protocols TLSv1.2;
    ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
    ssl_prefer_server_ciphers On;
    ssl_certificate /usr/share/nginx/fullchain.pem;
    ssl_certificate_key /usr/share/nginx/privkey.pem;
    ssl_trusted_certificate /usr/share/nginx/chain.pem;
    ssl_session_cache shared:SSL:128m;
    add_header Strict-Transport-Security "max-age=31557600; includeSubDomains";
    ssl_stapling on;
    ssl_stapling_verify on;

    # Your favorite resolver may be used instead of the Google one below
    # resolver 8.8.8.8;
    # /usr/share/nginx/html;
    # index index.html;

    # charset koi8-r;
    # access_log  /var/log/nginx/host.access.log  main;

    location / {
    if ($scheme = http) {
            return 301 https://$server_name$request_uri;
        }
        root   /usr/share/nginx/html;
        # index  index.html index.htm;
    try_files $uri$args $uri$args/ /index.html;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}

Edit:

Output of docker ps:

faXXXXX nginx "nginx -g 'daemon off" 14 minutes ago, up 14 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp webserver (this is sadly not a copy paste)

Output of curl -v http://127.0.0.1:

$ curl -v http://127.0.0.1
Rebuilt URL to: http://127.0.0.1/
Trying 127.0.0.1...
Connected to 127.0.0.1 (127.0.0.1) port 80 (#0)
GET / HTTP/1.1
Host: 127.0.0.1
User-Agent: curl/7.47.0
Accept: 

HTTP/1.1 301 Moved Permanently
Server: nginx/1.13.3
Date: Wed, 20 Sep 2017 15:46:55 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://cooldomain.com/
Strict-Transport-Security: max-age=31557600; includeSubDomains

Connection #0 to host 127.0.0.1 left intact
Solution

  • I managed to workaround it. I don't know if this is the right way to do it, but it does the job.

    I added another server-block before my server block, which has the default_server prefix.

    If you have a better idea, feel free to write an answer. :)

    This is how my config file looks now. Pay attention to the first block:

    server {
    listen 80;
    server_name 127.0.0.1 default_server;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}

server {
    listen 80;
    listen 443 ssl http2;
    server_name cooldomain.com;
    ssl_protocols TLSv1.2;
    ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
    ssl_prefer_server_ciphers On;
    ssl_certificate /usr/share/nginx/fullchain.pem;
    ssl_certificate_key /usr/share/nginx/privkey.pem;
    ssl_trusted_certificate /usr/share/nginx/chain.pem;
    ssl_session_cache shared:SSL:128m;
    add_header Strict-Transport-Security "max-age=31557600; includeSubDomains";
    ssl_stapling on;
    ssl_stapling_verify on;

    # Your favorite resolver may be used instead of the Google one below
    # resolver 8.8.8.8;
    # /usr/share/nginx/html;
    # index index.html;

    # charset koi8-r;
    # access_log  /var/log/nginx/host.access.log  main;

    location / {
    if ($scheme = http) {
            return 301 https://$server_name$request_uri;
        }
        root   /usr/share/nginx/html;
        # index  index.html index.htm;
    try_files $uri$args $uri$args/ /index.html;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}