connect() failed (111: Connection refused) while connecting to upstream

August 14, 2019 137 views
Nginx API Let's Encrypt DigitalOcean Ubuntu 18.04
hbendixlewis
By:
hbendixlewis

Hi all,

Followed this tutorial to get Let’s Encrypt working on my Nest.js/Node server.

Everything works - running sudo nginx -t returns:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

However, accessing my domain gives me a 502 Bad Gateway error. Specifically (from /var/log/nginx):

15004#15004: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 77.98.141.183, server: ww2.zone, request: "GET / HTTP/2.0", upstream: "http://127.0.0.1:8000/", host: "ww2.zone"

Here is my /etc/nginx/sites-available file:

Default server configuration
server {
    listen 80;
    listen 127.0.01;    
    listen [::]:80 default_server ipv6only=on;
    return 301 https://$host$request_uri;
}
server {
    # Enable HTTP/2
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name ww2.zone;

    # Use the Let’s Encrypt certificates
    ssl_certificate /etc/letsencrypt/live/ww2.zone/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/ww2.zone/privkey.pem;

    # Include the SSL configuration from cipherli.st
    include snippets/ssl-params.conf;

    location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-NginX-Proxy true;
        proxy_pass http://localhost:8000/;
        proxy_ssl_session_reuse off;
        proxy_set_header Host $http_host;
        proxy_cache_bypass $http_upgrade;
        proxy_redirect off;
    }
}

And my server is within a git Repo within home/username.

The code to listen on the port is:
await app.listen(process.env.PORT || 5000);

This used to be process.env.PORT || 80 but that would throw:

Error: listen EADDRINUSE: address already in use :::80

Any ideas? Pulling my hair out atm.

Log In to Comment
1 Answer
bobbyiliev MOD August 14, 2019
Accepted Answer

Hello,

You can only have 1 service listening on 1 port. So as you have Nginx listening on port 80 at the moment, you can not have your Node on the same port.

Also as you currently have your Nginx set to work as a reverse proxy for port 8000, what you could do is to just set Node to listen on port 8000.

This would fix your 502 error.

Hope that this helps!
Regards,
Bobby

Reply
  • hbendixlewis August 14, 2019

    Hi Bobby, appreciate the reply. I’ve just updated my Node server to listen on port 8000, however, I still get the same error!

    • bobbyiliev MOD August 14, 2019

      Hello,

      What I could suggest is checking the ports that are being used on your server with the netstat command. For example you could use the following:

      netstat -plant

      Make sure that Nginx is listening on 80 and 443 and that Node is listening on 8000 (as this is what you currently have in your Nginx config for your reverse proxy setup)

      • hbendixlewis August 14, 2019

        Hi Bobby,

        Here’s the output table: 

        Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      -
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      -
tcp        0    816 167.71.143.98:22        77.98.141.183:50089     ESTABLISHED -
tcp        0      0 167.71.143.98:22        77.98.141.183:53826     ESTABLISHED -
tcp        0      0 167.71.143.98:22        77.98.141.183:53788     ESTABLISHED -
tcp        0      0 167.71.143.98:34772     104.248.175.171:25060   ESTABLISHED -
tcp        0   1080 167.71.143.98:22        153.36.236.35:41061     ESTABLISHED -
tcp6       0      0 :::80                   :::*                    LISTEN      -
tcp6       0      0 :::22                   :::*                    LISTEN      -
tcp6       0      0 :::443                  :::*                    LISTEN      -
tcp6       0      0 :::5000                 :::*                    LISTEN      -

        I’m struggling to determine what is the Nginx stuff vs what is my Node server? (I have the server running using Pm2.)

        • bobbyiliev MOD August 14, 2019

          Hello,

          I can see that the service is still listening on port 5000:

          tcp6       0      0 :::5000                 :::*                    LISTEN      -

          You need to either adjust that and set it to 8000, or you need to adjust your Nginx config and adjust the reverse proxy rule and change it from:

                  proxy_pass http://localhost:8000/;

          To:

                  proxy_pass http://localhost:5000/;

          That way Nginx would start proxying the connections from port 80 and port 443 to the service that is running on port 5000.

          Hope that this helps!

Have another answer? Share your knowledge.

Related Questions