[SOLVED] How to fix Nginx'S ipv6only=on double definition problem?

How to fix Nginx'S ipv6only=on double definition problem?

Ubuntu 22.04 / DigitalOcean / Nginx

I would like to get working ssl connections with my main domain "scores-catalog.org" and its subdomains like "jvds.scores-catalog". For that I created 2 separate "block" files:

1. block "scores-catalog.org"

server {
    root /var/www/scores-catalog.org/html;
    server_name scores-catalog.org www.scores-catalog.org;

     location / {
        proxy_set_header Host $http_host;
        ...
        proxy_pass http://127.0.0.1:8055;
    }

    listen [::]:443 ssl #ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/scores-catalog.org/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/scores-catalog.org/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server {
    if ($host = www.scores-catalog.org) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    if ($host = scores-catalog.org) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80;
    listen [::]:80;

    server_name scores-catalog.org www.scores-catalog.org;
    return 404; # managed by Certbot
}

2. block "jvds.scores-catalog.org" (same as above, but with subdomain and Port set to 8083)

server {
    root /var/www/jvds.scores-catalog.org/html;
    server_name jvds.scores-catalog.org;

    location / {
        proxy_set_header Host $http_host;
        ...
        proxy_pass http://127.0.0.1:8083;
    }

    listen [::]:443 ssl #ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/jvds.scores-catalog.org/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/jvds.scores-catalog.org/privkey.pem; # managed by Certbot
    ...
}

server {
    # Include your SSL details here #
    if ($host = jvds.scores-catalog.org) {
        return 301 https://$host$request_uri;
    } # managed by Certbot
    # End including ssl details #

    access_log  /var/log/nginx/jvds.scores-catalog.org.log;
    error_log  /var/log/nginx/jvds.scores-catalog.org.error.log;
}

sudo nginx -t throws an error:

nginx: [emerg] duplicate listen options for [::]:443 in /etc/nginx/sites-enabled/scores-catalog.org.conf:21

Upon research it turns out that "ipv6only" must only be defined once. But when I remove "ipv6only" from the second block I get a new error:

nginx: [emerg] invalid parameter "ssl_certificate" in /etc/nginx/sites-enabled/scores-catalog.org.conf:23

So simply removing "ipv6only" does not fix the problem.

What do I have to do to get a valid Nginx configuration?

Solution

Most likely when you removed "ipv6only" you forgot to include a trailing semicolon to end your statement.