NGINX + Let's encrypt: Could not automatically find a matching server block
Solution 1
Here is the solution:
I was changing the file in the sites-available
folder and not changing the file at the sites-enabled
folder. This is the final file content:
server {
listen 80 default_server;
server_name dev.anything.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name elglobe_snow_service
server_tokens off;
ssl_certificate /etc/letsencrypt/live/dev.anything.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/dev.anything.com/privkey.pem;
charset utf-8;
client_max_body_size 1M;
location /static {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
alias /webapps/englobe_snow_pyramid_rest_api/pyramid_rest_api/static;
expires 1d;
}
location / {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
try_files $uri @yourapplication;
}
location @yourapplication {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
server_tokens off;
include uwsgi_params;
proxy_set_header Host $host;
proxy_set_header real_scheme $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://127.0.0.1:8999;
}
}
Solution 2
The files in sites-enabled should just be links to the "real" files in sites-available. You should only edit the ones in sites-available, and then run
cd /etc/nginx/sites-enabled ln -s ../sites-available/your-site.conf
to enable that site.
If you want to disable the site, you can just delete the link in sites-enabled.
André Luiz
Updated on July 19, 2022Comments
-
André Luiz almost 2 years
I'm publishing a website made with Python Pyramid on an Ubuntu 18.04 server. The website is running properly on HTTP and now I'm trying to make it run on HTTPS by following this article but when trying to install I get this message:
IMPORTANT NOTES: - Unable to install the certificate - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/dev.anything.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/dev.anything.com/privkey.pem Your cert will expire on 2019-03-17. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew"
This is my configuration file, which lives on
/etc/nginx/sites-available/snow_service.nginx
:server { listen 80; listen 443 ssl; server_name dev.anything.com server_tokens off; ssl_certificate /etc/letsencrypt/live/dev.anything.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev.anything.com/privkey.pem; charset utf-8; client_max_body_size 1M; location /static { gzip on; gzip_buffers 8 256k; uwsgi_buffers 8 256k; alias /webapps/englobe_snow_pyramid_rest_api/pyramid_rest_api/static; expires 1d; } location / { gzip on; gzip_buffers 8 256k; uwsgi_buffers 8 256k; try_files $uri @yourapplication; } location @yourapplication { gzip on; gzip_buffers 8 256k; uwsgi_buffers 8 256k; server_tokens off; include uwsgi_params; proxy_set_header Host $host; proxy_set_header real_scheme $scheme; proxy_set_header X-Forwarded-Protocol $scheme; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://127.0.0.1:8999; } }
I also tried to rename the file with the domain name but it doesn't work as well. The path for the ssl certificates I put manually because I saw it in another answer here at the Stack Overflow.
What am I missing? Thanks for any help
-
Charith Jayasanka over 3 yearsWhat is the exact path?
-
Admin over 2 yearsIn my case I had
default
file insites-available/
. I just created a link to that file insidesites-enabled/
as suggested above and then ransudo certbot --nginx
and it finally worked. -
oomer over 2 yearsThe order of paths should be file followed by directory i believe, i-e
ln -s ../sites-available/your-site.conf /etc/nginx/sites-enabled