I have a dev server that runs with https on port 3000 and I need to access it via port 443 for CORS reasons.
I’ve tried the following configuration
networking.nat = {
enable = true;
enableIPv6 = true;
internalInterfaces = ["lo"];
externalInterface = "enp27s0";
forwardPorts = [
{ proto = "tcp"; sourcePort = 443; destination = "::1:3000"; }
];
};
but whatever I try, I get the following error from curl:
curl -k https://devserver.myworkdomain.com -v
* Trying [::1]:443...
* connect to ::1 port 443 failed: Connection refused
* Trying 127.0.0.1:443...
* connect to 127.0.0.1 port 443 failed: Connection refused
* Failed to connect to devserver.myworkdomain.com port 443 after 0 ms: Couldn't connect to server
* Closing connection 0
curl: (7) Failed to connect to devserver.myworkdomain.com port 443 after 0 ms: Couldn't connect to server
I have dnsmasq setup to resolve the workdomain to localhost ipv4 and v6.
I have also set the following sysctl setting:
boot.kernel.sysctl = {
"net.ipv4.conf.lo.route_localnet" = true;
};
If I do the same curl command but with :3000 on the end of the domain, I get a proper response so I’m pretty sure it’s just not forwarding the port properly.
Update
I can see the port forward in the iptables output and I think that should be working but I still get the same error
Chain nixos-nat-pre (1 references)
target prot opt source destination
DNAT tcp -- anywhere anywhere tcp dpt:https to:127.0.0.1:3000
curling 127.0.0.1:3000 directly works and I get the proper response