NGINX - "server" directive is not allowed here

mutantChickenHer0 Published at Dev

mutantChickenHer0

I'm trying to reconfigure my NGINX install to proxy to the local ghost install.

In addition to that, I'm adding SSL (letsencrypt) but I keep getting an error.

The error I get is -

nginx -t -c /etc/nginx/sites-available/ghost
nginx: [emerg] "server" directive is not allowed here in /etc/nginx/sites-available/ghost:1
nginx: configuration file /etc/nginx/sites-available/ghost test failed

Here is my config

server {
       listen         80;
       server_name    domainnamehere.com;
       return         301 https://$server_name$request_uri;
}

server {
        listen 443;
        server_name www.nonstopdev.com;
        access_log      /var/log/nginx/domainnamehere.com.access.log;
        error_log       /var/log/nginx/domainnamehere.com.error.log;

        ssl on;
        ssl_certificate         /etc/letsencrypt/live/domainnamehere.com/fullchain.pem;
        ssl_certificate_key     /etc/letsencrypt/live/domainnamehere.com/privkey.pem;


        location / {
                proxy_set_header   X-Real-IP $remote_addr;
                proxy_set_header   Host      $http_host;
                proxy_pass         http://127.0.0.1:2368;
        }
}

The following config works fine without any issues -

server {
    listen 80;
    server_name mydomainname.com;
    location / {
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_set_header   Host      $http_host;
        proxy_pass         http://127.0.0.1:2368;
    }
}

mutantChickenHer0

I was able to resolve the issue using the following config file. Looks like its good, there are a number of bugs listed for Ghost and HTTPS redirects.

server {
    listen 443;

    ssl on;
    server_name mydomain.com www.mydomain.com;
    ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;

    location / {
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_set_header        Host $http_host;
        proxy_intercept_errors  on;
        proxy_pass              http://127.0.0.1:2368;
    }
}

server {
    listen 80;
    server_name mydomain.com;
    return 301 https://$host$request_uri;
}

Collected from the Internet

Please contact [email protected] to delete if infringement.