Varnish Cache - Connection Refused - nginx

I have Nginx running on 8080, while Varnish runs on port 80. I can do
wget localhost:8080
in shell and get a response, but if I run
wget localhost
I get connection refused. For reference, I'm trying to access it externally but get the same problem. Hopefully I can solve access from localhost first!
Thanks in advance!

netstat -tulnp shows you every port and service running
iptables -L shows you if port open or blocked
cheers

Related

Set GITLAB to be accessible on LAN

After many research i have not found anything...
I install GITLAB on a CentOS VM. The CentOS ip address is 192.168.100.1.
In the file /etc/gitlab/gitlab.rb, I modified the line:
external_url 'http:192.168.100.1:1234'
I executed the command 'gitlab-ctl reconfigure' and no errors appeared.
When I use Firefox, and I can access to my Gitlab with all the Centos' interfaces:
192.168.100.1:1234
127.0.0.1:1234
It is normal because when i execute 'netstat -ntlp', I can see:
tcp 0 0.0.0.0:1234 LISTEN 22222/nginx:master
What is the problem?
I cannot access to GitLAB outside from the same Network 192.168.100.1/24.
From an other VM on the same network (192.168.100.2), i can ping '192.168.100.2'. I also make an ssh connection but if I made a:
curl 192.168.100.1:1234
The result is "Time out"
Thank,
Vincent

HTTP Loopback Connections are not enabled on this server - wordpress on docker

I have a wordpress official container with a dock port 80 mapped to 32795 external... when I go to administration area of wordpress I get this error:
Important: HTTP Loopback Connections are not enabled on this server. If you need to contact your web host, tell them that when PHP tries to connect back to the site at the URL http://localhost:32795/wp-admin/admin-ajax.php and it gets the error cURL error 7: Failed to connect to localhost port 32795: Connection refused. There may be a problem with the server configuration (eg local DNS problems, mod_security, etc) preventing connections from working properly.
I think the problem is that the site inside the container tries to communicate with the 32795 port instead of 80, but it can not because this door is only seen from the outside of the container...
I created a script inside the site with phpinfo, and I checked the loopback connections are on...
There is a solution for this? I have docker un windows with kitematic
thanks
I had a similar problem running WordPress with Nginx on Docker Desktop for Windows. I needed to add an entry to the container's hosts file that directed my local.example.com domain to hit my ingress-nginx controller so that WordPress' loopback requests would work. Although my setup might be slightly different this might help you.
Open /Windows/System32/drivers/etc/hosts and copy the IP address that's next to host.docker.internal. Add an entry to the container's hosts file on startup that ties the domain to the hosts IP by doing one of the following. IP is what you copied from your machine's hosts file by host.docker.internal
Docker argument:
--add-host="local.example.com:IP"
Docker compose:
extra_hosts:
- "local.example.com:IP"
Kubernetes:
hostAliases:
- ip: "IP"
hostnames:
- "local.example.com"
Problem is inside the container the opened port is 80 and docker is exposing 32795 for external connections
Wordpress configuration is pointing to port 32795, you might expose port 80 by doing docker run -p 80:80 and change wordpress configuration to use port 80
If you can't use port :80 a little bit more complicated solution is to use iptables port forwarding internally
Example
➜ ~ docker run -d --cap-add=NET_ADMIN --cap-add=NET_RAW -p 5000:80 nginx
835b039cc92bd9f32b960181bf370d39869c88f5a757423966b467fe01ac219e
➜ ~ docker exec -it 835b039cc92bd9 bash
root#835b039cc92b:/# apt update -qqq ; apt install iptables -yqqq
root#835b039cc92b:/# iptables -t nat -A OUTPUT -o lo -p tcp --dport 5000 -j REDIRECT --to-
port 80
root#835b039cc92b:/# apt install telnet -yqqq
root#835b039cc92b:/# telnet localhost 5000
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
root#835b039cc92b:/# exit
# from outside the container
➜ ~ telnet localhost 5000
Trying ::1...
Connected to localhost.
Escape character is '^]'.
^]
telnet> quit
Connection closed.

Nginx- error: bind() to 0.0.0.0:80 failed. permission denied

I am trying to run Nginx, but I am getting the error below:
bind() to 0.0.0.0:80 failed (10013: An attempt was made to access a
socket in a way forbidden by its access permissions)
Please provide some help on what changes I need to do to make it working?
I have tried running on ports other than 80 and it works. but I need it to be running on 80.
Note: I am running on Windows 7 with command prompt running as Administrator.
If the port is already in use, you can change the default port of 80 to a different port that is not in use (maybe 8070). In conf\nginx.conf:
server {
listen 8070;
...
}
After startup, you should be able to hit localhost:8070.
tl;dr
netsh http add iplisten ipaddress=::
Faced similar issue. Run the above command in command prompt.
This should free up port 80, and you'd be able to run nginx.
Description:
netsh http commands are used to query and configure HTTP.sys settings and parameters.
add iplisten :
Adds a new IP address to the IP listen list, excluding the port number.
"::" means any IPv6 address.
For more netsh http commands refer the netsh http commands documentation.
Hope this helps!!
You have to be admin or root to bind port 80. Something you can do if you cannot run as root, is that your application listens to other port, like 8080, and then you redirect messages directed to 80 to 8080. If you are using Linux you redirect messages with iptables.
nginx: [emerg] bind() to 0.0.0.0:80 failed (10013: An attempt was made to access a socket in a way forbidden by its access permissions)
I got a similar problem, My 80 port was listening to IIS (windows machine). Stopping IIS freed up 80 port.
The problem got resolved...!!
Please check if another Proxy is running under port 80 ---> in my case IIS was running as a reverse proxy, so nginx could not start..
Stopping IIS, and starting of NGXIN solved the problem
My Tomcat server was running on port 80. Changed the port number in conf\nginx.conf file and it started to work.
This is an old question but since I had this problem recently I thought of posting another possible reason in this problem.
If the user is using Docker and has already tried all proposed solutions as stated above and is wondering why port 80 is trying to bind although on your configurations you are overwriting the port to non root port e.g. listen 8080; it seems that the newer NGINX images have a default nginx.conf file in /etc/nginx/conf.d.
Sample:
$ grep -r 80 /etc/nginx/
/etc/nginx/conf.d/default.conf: listen 80;
On my case I removed it on my Dockerfile:
RUN set -x \
&& rm -f /etc/nginx/nginx.conf \
&& rm -f /etc/nginx/conf.d/default.conf
Next step pass from my custom configurations:
COPY ["conf/nginx.conf", "/etc/nginx/nginx.conf"]

docker nginx container not receiving request from outside, connection refused

I have a running nginx container: # docker run --name mynginx1 -P -d nginx;
And got its PORT info by docker ps: 0.0.0.0:32769->80/tcp, 0.0.0.0:32768->443/tcp
Then I could get response from within the container(id: c30991a04b2f):
docker exec -i -t c3099 bash
curl http://localhost => which return the default index.html page content, it works
However, when I make the curl http://localhost:32769 outside of the container, I got this:
curl: (7) failed to connect to localhost port 32769: Connection refused
I am running on a mac with docker version 1.9.0; nginx latest
Does anyone know what cause this? Any help? thank you
If you are On OSX, you are probably using a VirtualBox VM for your docker environment.
Make sure you have forwarded your port 32769 to your actual host (the mac), in order for that port to be visible from localhost.
This is valid for the old boot2docker, or the new docker machine.
VBoxManage controlvm "boot2docker-vm" --natpf1 "tcp-port32769 ,tcp,,32769,,32769"
VBoxManage controlvm "boot2docker-vm" --natpf1 "udp-port32769 ,udp,,32769,,$32769
(controlvm if the VM is running, modifyvm is the VM is stopped)
(replace "boot2docker-vm" b ythe name of your vm: see docker-machine ls)
I would recommend to not use -P, but a static port mapping -p xxx:80 -p yyy:443.
That way, you can do that port forwarding once, using fixed values.
Of course, you can access the VM directly through docker-machine ip vmname
curl http://$(docker-machine ip vmname):32769
Solved.. I misunderstood how docker port mapping works.
Since I'm using mac, the host for nginx container is a VM, 0.0.0.0:32769->80/tcp maps the port 80 of the container to the port 32769 of the VM.
solution:
docker-machine ip vm-name => 192.168.99.xx
curl http://192.168.99.xx:32769
Not exactly answers for your question but spend some time trying to figure out similar thing in context of "why is my docker container not connecting to elastic search localhost:9200" and this was the first S.O. question that pops up, so I hope it helps some other googling person
if you are linking containers together (e.g. docker run --rm --name web2 --link db:db training/webapp env)
... then Dockers adds enviroment variables:
DB_NAME=/web2/db
DB_PORT=tcp://172.17.0.5:5432
DB_PORT_5432_TCP=tcp://172.17.0.5:5432
DB_PORT_5432_TCP_PROTO=tcp
DB_PORT_5432_TCP_PORT=5432
DB_PORT_5432_TCP_ADDR=172.17.0.5
... and also updates your /etc/hosts
# /etc/hosts
#...
172.17.0.9 db
so you can technically connect to ping db
https://docs.docker.com/v1.8/userguide/dockerlinks/
so for elastic search is
# /etc/hosts
# ...
172.17.0.28 elasticsearch f9db83d0dfb5 ecs-awseb-qa-3Pobblecom-env-f7yq6jhmpm-10-elasticsearch-fcbfe5e2b685d0984a00
so wget elasticseach:9200 will work

Vagrant forward port 8080 to 80

So I have a NGINX server listening on port 8080 with uwsgi on Vagrant box. The config.vm.forward_port 8080, 80 is not working for me. I know that it's recommended to forward on ports higher than 2000, but I need the 80. Is there any issue for that?
I'm using vagrant for development, but I need to make some tests from outside using my domain name on port 80.
Thanks for your help.
When trying to forward ports to less than 1025 vagrant gives me following message which you might have missed:
You are trying to forward to privileged ports (ports <= 1024). Most
operating systems restrict this to only privileged process (typically
processes running as an administrative user). This is a warning in case
the port forwarding doesn't work. If any problems occur, please try a
port higher than 1024.
I was using port forwarding to same port with following configuration:
config.vm.forward_port 80, 80
And then run vagrant up, but when trying curl localhost, it wasn't able to connect to host. But when running vagrant as sudo user sudo vagrant up, then I was able to access the port from my host.
is port 80 available i.e. if you run netstat -an | grep 80, does it show in the list as already being used by another process? Is uwsgi added to the module list of nginx (and did you run make/make install on it)? Have you tried checking if you need to use higher privilenges (perhaps try running as sudo).

Resources