Welcome to nginx - как попасть на сайт?

vreitech,

# configuration file /etc/nginx/sites-enabled/default:
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

# Default server configuration
#
server {
        listen 80 default_server;
        listen [::]:80 default_server;

        # SSL configuration
        #
        # listen 443 ssl default_server;
        # listen [::]:443 ssl default_server;
        #
        # Note: You should disable gzip for SSL traffic.
        # See: https://bugs.debian.org/773332
        #
        # Read up on ssl_ciphers to ensure a secure configuration.
        # See: https://bugs.debian.org/765782
        #
        # Self signed certs generated by the ssl-cert package
        # Don't use them in a production server!
        #
        # include snippets/snakeoil.conf;

        root /var/www/html;

        # Add index.php to the list if you are using PHP
        index index.html index.htm index.nginx-debian.html;

        server_name _;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
        }

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #       include snippets/fastcgi-php.conf;
        #
        #       # With php7.0-cgi alone:
        #       fastcgi_pass 127.0.0.1:9000;
        #       # With php7.0-fpm:
        #       fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #       deny all;
        #}
}


# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
#       listen 80;
#       listen [::]:80;
#
#       server_name example.com;
#
#       root /var/www/example.com;
#       index index.html;
#
#       location / {
#               try_files $uri $uri/ =404;
#       }
#}

server {
        listen 80 ;
        listen [::]:80 ;

        # SSL configuration
        #
        # listen 443 ssl default_server;
        # listen [::]:443 ssl default_server;
        #
        # Note: You should disable gzip for SSL traffic.
        # See: https://bugs.debian.org/773332
        #
        # Read up on ssl_ciphers to ensure a secure configuration.
        # See: https://bugs.debian.org/765782
        #
        # Self signed certs generated by the ssl-cert package
        # Don't use them in a production server!
        #
        # include snippets/snakeoil.conf;

        root /var/www/html;

        # Add index.php to the list if you are using PHP
        index index.html index.htm index.nginx-debian.html;
    server_name postal.domayn.ru; # managed by Certbot


        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
        }

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #       include snippets/fastcgi-php.conf;
        #
        #       # With php7.0-cgi alone:
        #       fastcgi_pass 127.0.0.1:9000;
        #       # With php7.0-fpm:
        #       fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #       deny all;
        #}


    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/postal.domayn.ru/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/postal.domayn.ru/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
# configuration file /etc/letsencrypt/options-ssl-nginx.conf:
# This file contains important security parameters. If you modify this file
# manually, Certbot will be unable to automatically provide future security
# updates. Instead, Certbot will print and log an error message with a path to
# the up-to-date file that you will need to refer to when manually updating
# this file.

ssl_session_cache shared:le_nginx_SSL:1m;
ssl_session_timeout 1440m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;

ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS";

Welcome to nginx - как попасть на сайт?

vreitech,

nginx -T
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# configuration file /etc/nginx/nginx.conf:
user www-data;
worker_processes auto;
pid /run/nginx.pid;

events {
        worker_connections 768;
        # multi_accept on;
}

http {

        ##
        # Basic Settings
        ##

        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        # server_tokens off;

         server_names_hash_bucket_size 64;
        # server_name_in_redirect off;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        ##
        # SSL Settings
        ##

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
        ssl_prefer_server_ciphers on;

        ##
        # Logging Settings
        ##

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        ##
        # Gzip Settings
        ##

        gzip on;
        gzip_disable "msie6";

        # gzip_vary on;
        # gzip_proxied any;
        # gzip_comp_level 6;
        # gzip_buffers 16 8k;
        # gzip_http_version 1.1;
        # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

        ##
        # Virtual Host Configs
        ##

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
}


#mail {
#       # See sample authentication script at:
#       # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
#       # auth_http localhost/auth.php;
#       # pop3_capabilities "TOP" "USER";
#       # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
#       server {
#               listen     localhost:110;
#               protocol   pop3;
#               proxy      on;
#       }
#
#       server {
#               listen     localhost:143;
#               protocol   imap;
#               proxy      on;
#       }
#}

# configuration file /etc/nginx/mime.types:

types {
    text/html                             html htm shtml;
    text/css                              css;
    text/xml                              xml;
    image/gif                             gif;
    image/jpeg                            jpeg jpg;
    application/javascript                js;
    application/atom+xml                  atom;
    application/rss+xml                   rss;

    text/mathml                           mml;
    text/plain                            txt;
    text/vnd.sun.j2me.app-descriptor      jad;
    text/vnd.wap.wml                      wml;
    text/x-component                      htc;

    image/png                             png;
    image/tiff                            tif tiff;
    image/vnd.wap.wbmp                    wbmp;
    image/x-icon                          ico;
    image/x-jng                           jng;
    image/x-ms-bmp                        bmp;
    image/svg+xml                         svg svgz;
    image/webp                            webp;

    application/font-woff                 woff;
    application/java-archive              jar war ear;
    application/json                      json;
    application/mac-binhex40              hqx;
    application/msword                    doc;
    application/pdf                       pdf;
    application/postscript                ps eps ai;
    application/rtf                       rtf;
    application/vnd.apple.mpegurl         m3u8;
    application/vnd.ms-excel              xls;
    application/vnd.ms-fontobject         eot;
    application/vnd.ms-powerpoint         ppt;
    application/vnd.wap.wmlc              wmlc;
    application/vnd.google-earth.kml+xml  kml;
    application/vnd.google-earth.kmz      kmz;
    application/x-7z-compressed           7z;
    application/x-cocoa                   cco;
    application/x-java-archive-diff       jardiff;
    application/x-java-jnlp-file          jnlp;
    application/x-makeself                run;
    application/x-perl                    pl pm;
    application/x-pilot                   prc pdb;
    application/x-rar-compressed          rar;
    application/x-redhat-package-manager  rpm;
    application/x-sea                     sea;
    application/x-shockwave-flash         swf;
    application/x-stuffit                 sit;
    application/x-tcl                     tcl tk;
    application/x-x509-ca-cert            der pem crt;
    application/x-xpinstall               xpi;
    application/xhtml+xml                 xhtml;
    application/xspf+xml                  xspf;
    application/zip                       zip;

    application/octet-stream              bin exe dll;
    application/octet-stream              deb;
    application/octet-stream              dmg;
    application/octet-stream              iso img;
    application/octet-stream              msi msp msm;

    application/vnd.openxmlformats-officedocument.wordprocessingml.document    docx;
    application/vnd.openxmlformats-officedocument.spreadsheetml.sheet          xlsx;
    application/vnd.openxmlformats-officedocument.presentationml.presentation  pptx;

    audio/midi                            mid midi kar;
    audio/mpeg                            mp3;
    audio/ogg                             ogg;
    audio/x-m4a                           m4a;
    audio/x-realaudio                     ra;

    video/3gpp                            3gpp 3gp;
    video/mp2t                            ts;
    video/mp4                             mp4;
    video/mpeg                            mpeg mpg;
    video/quicktime                       mov;
    video/webm                            webm;
    video/x-flv                           flv;
    video/x-m4v                           m4v;
    video/x-mng                           mng;
    video/x-ms-asf                        asx asf;
    video/x-ms-wmv                        wmv;
    video/x-msvideo                       avi;
}

Welcome to nginx - как попасть на сайт?

как была заглушка так и осталась.
я изнчально ставил одной командой, у меня все встало и заработало, после ребута выдавал ошибку

ostal / 502 Bad Gateway nginx/1.10.3 (Ubuntu), 
не стартует nginx
tail -f /var/log/nginx/error.log
2019/07/28 07:03:01 [error] 1363#1363: *62 connect() failed (111: Connection refused) while connecting to upstream, client: 141.8.183.17, server: postal.yourdomain.com, request: "GET /catalog/upakovka_i_khranenie/shkatulki_dlya_nozhey/ HTTP/1.1", 
upstream: "127.0.0.1:5000/catalog/upakovka_i_khranenie/shkatu...", host: "damassk.ru"

тоже рылся не смог разобраться.

Решил поставить все запчасти отдельно по их расширенному мануало, все встало так же - и заглушка.
Я postal запускаю - пишет статус run на все.
попасть в пpostal не как

Welcome to nginx - как попасть на сайт?

vreitech, grep -P -re '(postal\.(domayn|cert)|5000)' /etc/nginx
/etc/nginx/sites-available/default: server_name postal.domayn.ru; # managed by Certbot
/etc/nginx/sites-available/default: ssl_certificate /etc/letsencrypt/live/postal.domayn.ru/fullchain.pem; # managed by Certbot
/etc/nginx/sites-available/default: ssl_certificate_key /etc/letsencrypt/live/postal.domayn.ru/privkey.pem; # managed by Certbot
/etc/nginx/sites-available/postal.domayn.ru: server_name postal.domayn.ru; # managed by Certbot
/etc/nginx/sites-available/postal.domayn.ru: ssl_certificate /etc/letsencrypt/live/postal.domayn.ru/fullchain.pem; # managed by Certbot
/etc/nginx/sites-available/postal.domayn.ru: ssl_certificate_key /etc/letsencrypt/live/postal.domayn.ru/privkey.pem; # managed by Certbot

Welcome to nginx - как попасть на сайт?

vreitech, в мануале есть такое описание

После установки вы можете изменить конфигурацию сайта по умолчанию, чтобы она соответствовала чему-то подходящему. Репозиторий содержит пример файла конфигурации, который вы можете скопировать на место.

sudo cp /opt/postal/app/resource/nginx.cfg / etc / nginx / sites-available / default

есть файл на сервереnginx.cfg

server {
    listen [::]:80;
    listen 0.0.0.0:80;
    server_name _; #postal.domayn.ru;
    return 301 https://$host$request_uri;
}

server {
    listen [::]:443 ssl;
    listen 0.0.0.0:443 ssl;
    root /opt/postal/app/public;
    server_name _; #postal.domayn.ru;
    ssl_certificate      ssl/postal.cert;
    ssl_certificate_key  ssl/postal.key;

    # Generate using: openssl dhparam 4096 -out /etc/ssl/dhparam.pem
    # ssl_dhparam /etc/ssl/dhparam.pem;

    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
    ssl_prefer_server_ciphers on;
    ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA512:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:ECDH+AESGCM:ECDH+AES256:DH+AESGCM:DH+AES256:RSA+AESGCM:!aNULL:!eNULL:!LOW:!RC4:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS;

    location / {
       client_max_body_size 50M;
       try_files $uri $uri/index.html $uri.html @puma;
    }

    location /assets {
       add_header Cache-Control max-age=3600;
    }

    location @puma {
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_pass http://127.0.0.1:5000;
    }
}

Welcome to nginx - как попасть на сайт?

grep -re -P '(postal\.(domayn|cert)|5000)' /etc/nginx
grep: (postal\.(domayn|cert)|5000): No such file or directory
/etc/nginx/proxy_params:proxy_set_header X-Forwarded-Proto $scheme;

Welcome to nginx - как попасть на сайт?

ls -la /etc/nginx/sites-available
total 16
drwxr-xr-x 2 root root 4096 Jul 28 18:36 .
drwxr-xr-x 6 root root 4096 Jul 28 17:09 ..
-rw-r--r-- 1 root root 3719 Jul 28 17:53 default
-rw-r--r-- 1 root root 873 Jul 28 18:54 postal.domayn.ru

ls -la /etc/nginx/sites-enabled
total 8
drwxr-xr-x 2 root root 4096 Jul 28 18:47 .
drwxr-xr-x 6 root root 4096 Jul 28 17:09 ..
lrwxrwxrwx 1 root root 38 Jul 28 18:47 default -> /etc/nginx/sites-available/example.com
lrwxrwxrwx 1 root root 43 Jul 28 18:40 postal.domayn.ru -> /etc/nginx/sites-available/postal.domayn.ru

Welcome to nginx - как попасть на сайт?

я не знаю важно нет, он у меня все просил поставить apt-transport-https
типа нету, но в мануале не чего про нее не сказано.

Welcome to nginx - как попасть на сайт?

ln -la /etc/nginx/sites-available
ln: invalid option -- 'l'
Try 'ln --help' for more information.
ln -la /etc/nginx/sites-enabled
ln: invalid option -- 'l'
Try 'ln --help' for more information.

Welcome to nginx - как попасть на сайт?

vreitech, ln -s /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
ln: failed to create symbolic link '/etc/nginx/sites-enabled/default': File exists
root@domayn:~# systemctl reload nginx
nginx.service is not active, cannot reload.

Welcome to nginx - как попасть на сайт?

Евгений Матвеев, vreitech, попробовал просписать, выдает ошибку.
unknown directive "postal.yml" in /etc/nginx/sites-enabled/postal.domayn.ru:8
nginx: configuration file /etc/nginx/nginx.conf test failed

создал файл postal.domayn.ru в /etc/nginx/sites-available
с содержанием (где postal.yml - файл конфигурации)

server {
	listen 80 default_server;
	listen [::]:80 default_server;


	root /opt/postal/config;
	postal.yml index index.html index.htm index.nginx-debian.html;

	server_name _;

	location / {
		try_files $uri $uri/ =404;
	}

}


server {
	listen 80 ;
	listen [::]:80 ;

	root /opt/postal/config;
	postal postal.yml index index.html index.htm index.nginx-debian.html;
    server_name postal.domayn.ru; # managed by Certbot


	location / {
		try_files $uri $uri/ =404;
	}


    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/postal.domayn.ru/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/postal.domayn.ru/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

Welcome to nginx - как попасть на сайт?

vreitech, тут у меня настройки /opt/postal/config/postal.yml

Welcome to nginx - как попасть на сайт?

vreitech, grep -re "server_name postal.domayn.ru" /etc/nginx
/etc/nginx/sites-available/default: server_name postal.domayn.ru; # managed by Certbot

ls -la /etc/nginx
total 64
drwxr-xr-x 6 root root 4096 Jul 28 17:09 .
drwxr-xr-x 85 root root 4096 Jul 28 17:06 ..
drwxr-xr-x 2 root root 4096 Nov 6 2018 conf.d
-rw-r--r-- 1 root root 1077 Feb 12 2017 fastcgi.conf
-rw-r--r-- 1 root root 1007 Feb 12 2017 fastcgi_params
-rw-r--r-- 1 root root 2837 Feb 12 2017 koi-utf
-rw-r--r-- 1 root root 2223 Feb 12 2017 koi-win
-rw-r--r-- 1 root root 3957 Feb 12 2017 mime.types
-rw-r--r-- 1 root root 1462 Feb 12 2017 nginx.conf
-rw-r--r-- 1 root root 180 Feb 12 2017 proxy_params
-rw-r--r-- 1 root root 636 Feb 12 2017 scgi_params
drwxr-xr-x 2 root root 4096 Jul 28 17:37 sites-available
drwxr-xr-x 2 root root 4096 Jul 28 15:57 sites-enabled
drwxr-xr-x 2 root root 4096 Jul 28 15:57 snippets
-rw-r--r-- 1 root root 664 Feb 12 2017 uwsgi_params
-rw-r--r-- 1 root root 3071 Feb 12 2017 win-utf

Welcome to nginx - как попасть на сайт?

Алексей Долгов, то что тут указано то он и показывает
root /var/www/html;

а как узнать свою директорию и индекс что бы прописать, у меня не сайт а почтовый сервер разворачивали POSTAl у него посвоему там пути и папки, в мануале по этиому вопросу не чего нет.

Welcome to nginx - как попасть на сайт?

Алексей Долгов, я не особо в нем пойму
server {
listen 80 default_server;
listen [::]:80 default_server;

# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;

root /var/www/html;

# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;

server_name _;

location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php7.0-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php7.0-fpm:
# fastcgi_pass unix:/run/php/php7.0-fpm.sock;
#}

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}

# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
# listen 80;
# listen [::]:80;
#
# server_name example.com;
#
# root /var/www/example.com;
# index index.html;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}

server {
listen 80 ;
listen [::]:80 ;

# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;

root /var/www/html;

# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name postal.domayn.ru; # managed by Certbot

location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php7.0-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php7.0-fpm:
# fastcgi_pass unix:/run/php/php7.0-fpm.sock;
#}

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}

listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/postal.domayn.ru/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/postal.domayn.ru/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

Welcome to nginx - как попасть на сайт?

netstat -ntlp | grep LISTEN
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      729/nginx -g daemon
tcp        0      0 0.0.0.0:4369            0.0.0.0:*               LISTEN      743/epmd
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      630/sshd
tcp        0      0 127.0.0.1:5000          0.0.0.0:*               LISTEN      1126/[postal] web.1
tcp        0      0 0.0.0.0:25672           0.0.0.0:*               LISTEN      928/beam
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      911/mysqld
tcp6       0      0 :::80                   :::*                    LISTEN      729/nginx -g daemon
tcp6       0      0 :::4369                 :::*                    LISTEN      743/epmd
tcp6       0      0 :::22                   :::*                    LISTEN      630/sshd
tcp6       0      0 :::25                   :::*                    LISTEN      1132/[postal] smtp.
tcp6       0      0 :::5672                 :::*                    LISTEN      928/beam

Postal / 502 Bad Gateway nginx/1.10.3 (Ubuntu), как исправить?

его с коробки поставил - все ок, зашел.
Перезагрузил сервер - и такая ошибка - 502 Bad Gateway nginx/1.10.3 (Ubuntu)
делаю
tail -f /var/log/nginx/error.log
2019/07/28 07:03:01 [error] 1363#1363: *62 connect() failed (111: Connection refused) while connecting to upstream, client: 141.8.183.17, server: postal.yourdomain.com, request: "GET /catalog/upakovka_i_khranenie/shkatulki_dlya_nozhey/ HTTP/1.1",
upstream: "127.0.0.1:5000/catalog/upakovka_i_khranenie/shkatu...", host: "damassk.ru"

Postal / 502 Bad Gateway nginx/1.10.3 (Ubuntu), как исправить?

nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Postal / 502 Bad Gateway nginx/1.10.3 (Ubuntu), как исправить?

user www-data;
worker_processes auto;
pid /run/nginx.pid;

events {
	worker_connections 768;
	# multi_accept on;
}

http {

	##
	# Basic Settings
	##

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;
	# server_tokens off;

	# server_names_hash_bucket_size 64;
	# server_name_in_redirect off;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	##
	# SSL Settings
	##

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;

	##
	# Logging Settings
	##

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	##
	# Gzip Settings
	##

	gzip on;
	gzip_disable "msie6";

	# gzip_vary on;
	# gzip_proxied any;
	# gzip_comp_level 6;
	# gzip_buffers 16 8k;
	# gzip_http_version 1.1;
	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

	##
	# Virtual Host Configs
	##

	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
}


#mail {
#	# See sample authentication script at:
#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
# 
#	# auth_http localhost/auth.php;
#	# pop3_capabilities "TOP" "USER";
#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
# 
#	server {
#		listen     localhost:110;
#		protocol   pop3;
#		proxy      on;
#	}
# 
#	server {
#		listen     localhost:143;
#		protocol   imap;
#		proxy      on;
#	}
#}

а это конфиг Postal

web:
  # Хост, на котором будет доступен интерфейс управления
  host: postal.office-reklama.ru
  # ротокол, который запрашивает интерфейс управления, должен происходить на
  protocol: https

fast_server:
  # This can be enabled to enable click & open tracking on emails. It is disabled by
  # default as it requires a separate static IP address on your server.
  enabled: false
  bind_address:

general:
  # This can be changed to allow messages to be sent from multiple IP addresses
  use_ip_pools: false

main_db:
  # Specify the connection details for your MySQL database
  host: 127.0.0.1
  username: postal
  password: **********
  database: postal

message_db:
  # Specify the connection details for your MySQL server that will be house the
  # message databases for mail servers.
  host: 127.0.0.1
  username: postal
  password: **************
  prefix: postal

rabbitmq:
  # Specify the connection details for your RabbitMQ server.
  host: 127.0.0.1
  username: postal
  password: **************
  vhost: /postal

ns:
  # Specifies the DNS record that you have configured. Refer to the documentation at
  # https://github.com/atech/postal/wiki/Domains-&-DNS-Configuration for further
  # information about these.
  mx_records:
    - mx.postal.example.com
  smtp_server_hostname: postal.example.com
  spf_include: spf.postal.example.com
  return_path: rp.postal.example.com
  route_domain: routes.postal.example.com
  track_domain: track.postal.example.com

smtp:
  # Specify an SMTP server that can be used to send messages from the Postal management
  # system to users. You can configure this to use a Postal mail server once the
  # your installation has been set up.
  host: 127.0.0.1
  port: 2525
  username: # Complete when Postal is running and you can
  password: # generate the credentials within the interface.
  from_name: Postal
  from_address: postal@yourdomain.com

rails:
  # This is generated automatically by the config initialization. It should be a random
  # string unique to your installation.
  secret_key: 9ca7f25bfb9eb187ac944ceef4fdddc566471b663417dfbf1324064ddbd2860928d54cf87da474aac1044fe5cb5bcd1881cd04ca05def3d8d428a4efae7ae231fedf5d25f0e44f726bd74674781c317b16c22ca635724f09da6ecdca1f60ed2675246415f76342d630cd9a5a88421ec848236200bd28c32a306848cfa7268161

# These are the default configuration options that will be used if they aren't overriden
# in your postal.yml configuration file. No changes should be made to this file for
# your installation.

# You can refer to this for a complete listing all available configuration options.

web:
  host: postal.office-reklama.ru
  protocol: https

general:
  use_ip_pools: false
  exception_url:
  maximum_delivery_attempts: 18
  maximum_hold_expiry_days: 7
  use_local_ns_for_domains: false

web_server:
  bind_address: 127.0.0.1
  port: 5000
  max_threads: 5

fast_server:
  enabled: false
  bind_address:
    # Set appropriate IP addresses to listen on. These should be dedicated IP
    # addresses just used for this server. You should list IPv4 and IPv6 addresses
    # as appropriate.
    # - 1.2.3.4
    # - abcd:a:b:c:d::1
  port: 80
  ssl_port: 443
  proxy_protocol: false
  default_private_key_path: # Defaults to config/fast_server.key
  default_tls_certificate_path: # Defaults to config/fast_server.cert

main_db:
  host: 127.0.0.1
  port: 3306
  username: postal
  password:
  database: postal
  pool_size: 5

logging:
  stdout: false
  root: # Automatically determined based on config root
  max_log_file_size: 20
  max_log_files: 10
  greylog:
    host:
    port: 12201

message_db:
  host: 127.0.0.1
  port: 3306
  username: postal
  password:
  prefix: postal

rabbitmq:
  host: 127.0.0.1
  port: 5672
  username: postal
  password:
  vhost: /postal

workers:
  quantity: 1
  threads: 4

smtp_server:
  port: 25
  tls_enabled: false
  tls_certificate_path: # Defaults to config/smtp.cert
  tls_private_key_path: # Defaults to config/smtp.key
  tls_ciphers:
  ssl_version: SSLv23
  proxy_protocol: false
  log_connect: true
  strip_received_headers: false
  max_message_size: 14 # size in Megabytes

smtp_relays:
  -
    hostname:
    port: 25
    ssl_mode: Auto

dns:
  mx_records:
    - mx.postal.office-reklama.ru
  smtp_server_hostname: postal.office-reklama.ru
  spf_include: spf.postal.example.com
  return_path: rp.postal.office-reklama.ru
  route_domain: routes.mail.office-reklama.ru
  track_domain: track.mail.office-reklama.ru
  helo_hostname: # By default, this will be the same as the `smtp_server_hostname`
  dkim_identifier: postal
  domain_verify_prefix: postal-verification
  custom_return_path_prefix: psrp

smtp:
  host: 127.0.0.1
  port: 25
  username: # Complete when Postal is running and you can
  password: # generate the credentials within the interface.
  from_name: Postal
  from_address: postal@yourdomain.com

rails:
  environment: production
  secret_key:

spamd:
  enabled: false
  host: 127.0.0.1
  port: 783

clamav:
  enabled: false
  host: 127.0.0.1
  port: 2000

smtp_client:
  open_timeout: 30
  read_timeout: 60

Postal / 502 Bad Gateway nginx/1.10.3 (Ubuntu), как исправить?

я не совсем понимаю связку написанного с ошибкой, я поставил по умолчанию с коробки.
Конфиг nginx или postal?