Rev Your Nginx

For the longest time I though it was pronounced en jinx, and that name still lives in my head rent free..

Nginx has always been super easy and convenient every time I have used it. Today that all changed. I wanted to add a subdomain to the website to play around with some ideas. Simple right?

I slept through the process:¹

• Set up some some content to point the domain at.
• Set the A record up
• Type up an Nginx config
• Run cert bot
• Restart the nginx service

Oh wait, now everything is broken..

nginx.service failed because the control process exited

What?²

Time to do some digging.

The debug text showed a problem with line 12 of my config.

listen [::]:443 ssl ipv6only=on; # managed by Certbot

I commented out ipv6only=on and things seemed to work again, but why?

After solving the issue I came across the very same problem reported on the official github for certbot

It seems that the issue occours when ipv6only=on is set twice across server blocks or configs. Setting it a second time breaks things. It also seems that in modern versions on nginx the default value for this variable is on so I could omit the value altogether… good to know.

I may take some time to play around with different configurations of domains, listeners and configs to see what breaks and why.