-2

I have AWS EC2 instance running with Load Balancer (LB) listening on port 443:

enter image description here

LB forwards to target group named wordpress-80:

enter image description here

when I enter my domain https://my-domain.com/ I can see default nginx page:

enter image description herebut instead of that I'd like to expose what is running on port 8000, so the url https://my-domain.com/ directly opens port 8000. How should I configure nginx? I tried this answer, but it didn't work.

Taz
  • 5,755
  • 6
  • 26
  • 63
  • Why didn't the solution in the linked answer work? All you need to do is configure nginx to proxy port 80 to port 8000 on localhost. You should be able to do that via the answer you linked, simply changing `8080` in that answer to `8000`. Do you get an error or something when you try that? – Mark B Sep 21 '19 at 15:16
  • @MarkB linked solution results in _Safari can't open the page_. – Taz Sep 21 '19 at 15:48
  • 1
    Did you take any steps to debug that? Did you look at the nginx logs to see if it was getting a bad response from the server running on port `8000`? Do you actually have something running on port `8000`? What happens when you SSH into the EC2 instance and run `curl http://localhost:8000`? – Mark B Sep 21 '19 at 16:00
  • I made changes in `nginx` config https://www.codepile.net/pile/z7BE9rWG and now page opens but is not fully loaded and in chrome logs I see errors `Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR`. – Taz Sep 21 '19 at 16:15
  • 2
    why you need nginx? if you are using load balancer? use host base routing and remove the nginx and pass traffic to target port `8000` when it recive to LB. you do not need to manage any thing on your nginx LB will take care of routing. every thing working the issue with nginx config. – Adiii Sep 21 '19 at 16:15
  • 2
    show your Nginx config and how you generate the certificate? the certificate is not valid either its generated against wrong DNS or you are using the wrong configuration. SSL should terminated LB level and the instance will receive decrypt traffic. – Adiii Sep 21 '19 at 16:17

1 Answers1

0

you can let nginx listen to 80 and proxy to 8000 like so:

server {
    listen      [::]::80;
    ...
    location / {
        proxy_pass http://127.0.0.1:8080;
    }
    ...
}
Eslam Abu Hugair
  • 1,162
  • 1
  • 11
  • 23