I'm configuring nginx as a reverse proxy. I have the following in my nginx.conf:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_names_hash_bucket_size 64;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip off;
gzip_disable "msie6";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
mail {
server {
listen localhost:110;
protocol pop3;
proxy on;
}
server {
listen localhost:143;
protocol imap;
proxy on;
}
}
And this in sites-available:
<^>upstream phoenix {
server 127.0.0.1:4000;
}<^>
server {
listen 80;
server_name mywebsite.com www.mywebsite.com;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name mywebsite.com wwww.mywebsite.com;
add_header Strict-Transport-Security "max-age=31536000";
ssl_certificate /etc/letsencrypt/live/mywebsite.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mywebsite.com/privkey.pem;
ssl_stapling on;
ssl_stapling_verify on;
access_log /var/log/nginx/sub.log combined;
root /var/www/mywebsite.com/html;
index index.html index.php index.htm;
location / {
allow all;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Cluster-Client-Ip $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://phoenix;
}
location ~ /\.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
}
When I run nginx -t
I get the error:
nginx: [emerg] unknown directive "<^>upstream" in /etc/nginx/sites-enabled/mywebsite.com:19
nginx: configuration file /etc/nginx/nginx.conf test failed
However, sites-enabled contents are included in the http block, as you can see above. What's going wrong here?