THANKS SO MUCH! One of those things where I started with something someone else built without fully understanding it. Learning as I go. Thanks again!
Rhys On 12/16/19 12:36 AM, Sergey Kandaurov wrote: >> On 16 Dec 2019, at 12:14, Rhys Ferris <rhys.j.fer...@gmail.com> wrote: >> >> hi, sorry for the extreme delay... i was lazy. >> Here's what happens when I connect to my server on IPv6 (mind you, >> everything works fine if I remove the AAAA record): >> 2019/12/15 22:53:44 [crit] 15662#15662: *2225 bind(<my server's IPv6 address >> here>) failed (97: Address family not supported by protocol) while >> connecting to upstream, client: <my desktop's IPv6 address here>, server: >> domain.net, request: "GET >> /sonarr/plugins/bower_components/bootstrap-select/bootstrap-select.min.js >> HTTP/2.0", upstream: >> "http://192.168.136.135:8989/sonarr/plugins/bower_components/boots >> trap-select/bootstrap-select.min.js" >> , host: "domain.net", referrer: "https://domain.net/sonarr/"; >> >> [...] >> >> The way I'm reading it is that it is trying to connect from IPv6 source >> interface to IPv4 destination interface, and well, that obviously doesn't >> work. Here's my configs >> nginx.conf >> > Your analysis looks correct (see below). > >> [..] >> >> excerpt of domain.net.conf >> >> >> ##Orgv2 Let's encrypt vhost - Non SSL >> ##vhost_template_v: v1.0.2 >> ##author: elmerfdz >> >> ## >> http://domain.net redirects to https://domain.net >> >> # include config/domain.net/http_server.conf; >> upstream sonarr-upstream { server 192.168.136.135:8989; } >> upstream radarr-upstream { server 192.168.136.135:7878; } >> upstream tautulli-upstream { server 192.168.136.141:8181; } >> upstream webmin-upstream { server 192.168.136.130:10000; } >> >> ## Serves >> https://www.domain.net >> >> server { >> listen 443 ssl http2; listen [::]:443 ssl http2; >> server_name domain.net; >> include /etc/nginx/config/domain.net/ssl.conf; #edit path to your certs >> root /var/www/domain.net/html; >> index index.php index.html index.htm index.nginx-debian.html; >> location ~ /auth-(.*) { rewrite ^/auth-(.*) /api/?v1/auth&group=$1; } >> #Org Auth >> error_page 400 401 403 404 405 408 500 502 503 504 /?error=$status; >> #error page >> location / {try_files $uri $uri/ =404;} >> include config/domain.net/phpblock.conf; #PHP Block >> location /sonarr/ { >> proxy_pass >> http://sonarr-upstream >> ; >> include config/domain.net/proxy.conf; >> error_page 400 401 403 404 405 408 500 502 503 504 >> /?error=$status; #error page >> } >> ssl_certificate /etc/letsencrypt/live/domain.net/fullchain.pem; # >> managed by Certbot >> ssl_certificate_key /etc/letsencrypt/live/domain.net/privkey.pem; # >> managed by Certbot >> >> >> And on the off chance you need it, heres proxy.conf >> >> client_max_body_size 10m; >> client_body_buffer_size 128k; >> proxy_bind $server_addr; > Try removing this directive, that's likely the culprit. > Your backend addresses are IPv4, while you're trying binding IPv6 > ($server_addr), > hence address family mismatch. That's not going to work. > -- Sent from Thunderbird on Ubuntu 19.04
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
