biff

Nik 2025-10-10T07:26:47.528249Z

Another question, do we have to complete certbot --nginx to test out demo on a remote server. After pushing for first time (with boilerplate code). I can visit ip address at port 80 and see the NGINX welcome page not the app signup page

Nik 2025-10-13T04:00:52.035719Z

Haha I’ll share the my findings next time I’m trying to set it up from scratch Thanks, though 😁

🙌 1
2025-10-11T17:05:31.877209Z

hm. that's just weird haha. glad it's working. I wonder if nginx starts out with the welcome page as an index.html fine that gets served by try_files, then cert bot removes it as a side effect. that's the only thing I can think of anyway.

2025-10-10T10:41:22.625089Z

yeah, I think you should be able to visit the app before setting up a certificate. Did you run the server-setup.sh script on the server? That includes this bit which should make port 80 requests get proxied to your app:

# Nginx
rm /etc/nginx/sites-enabled/default
cat > /etc/nginx/sites-available/app << EOD
server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name _;
    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
    root /home/app/target/resources/public;
    location / {
        try_files \$uri \$uri/index.html @resources;
    }
    location @resources {
        root /home/app/resources/public;
        try_files \$uri \$uri/index.html @proxy;
    }
    location @proxy {
        proxy_pass ;
        proxy_http_version 1.1;
        proxy_set_header Host \$host;
        proxy_set_header Upgrade \$http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header X-Real-IP \$remote_addr;
    }
}
EOD
ln -s /etc/nginx/sites-{available,enabled}/app
You could take a look at /etc/nginx/sites-enabled/app to see if that file exists/has the contents above. When you do run certbot --nginx, it'll modify that file to set up a section for port 443 that also proxies requests to your app, and then it'll give port 80 requests a redirect to port 443. Also, you may need to set :biff.middleware/secure false (just while testing of course) in resources/config.edn, otherwise some things like sign-in might get screwed up.

Nik 2025-10-11T05:10:37.084489Z

@foo The file exists and has the same contents. I checked biff logs and the app is running, but I still get nginx welcome page. I got cheap domain name and added A records and ran certbot --nginx and that fixed the problem. I'll remember to try with :biff.middleware/secure false next time 🙂 thanks