Domain setup and SSL

Hoping someone can help me. I’m having a ridiculous amount of trouble getting my ERPNext instance online. I’ve done it successfully once before, however those steps are no longer working for me. Here is what I’ve done so far:

I’m using an AWS EC2 Ubuntu 22.04 instance with an Elastic IP assigned to the instance (fixed IP, not sure why they called it elastic).

Move from dev to production:

bench --site mydomain enable-scheduler
bench --site mydomain set-maintenance-mode off
bench --site mydomain scheduler resume
sudo bench setup production ubuntu
sudo rm -r /home/bench/frappe/config/supervisor.conf /etc/supervisor/conf.d/frappe.conf
sudo ln -s /home/bench/frappe/config/supervisor.conf /etc/supervisor/conf.d/frappe.conf
sudo bench setup sudoers $(whoami)

Everything seems to be up and running:

ubuntu@ip-xxxxxxxx:/home/bench/frappe$ sudo supervisorctl status all
frappe-redis:frappe-redis-cache                 RUNNING   pid 956, uptime 0:23:46
frappe-redis:frappe-redis-queue                 RUNNING   pid 957, uptime 0:23:46
frappe-redis:frappe-redis-socketio              RUNNING   pid 958, uptime 0:23:46
frappe-web:frappe-frappe-web                    RUNNING   pid 2736, uptime 0:06:00
frappe-web:frappe-node-socketio                 RUNNING   pid 2737, uptime 0:06:00
frappe-workers:frappe-frappe-default-worker-0   RUNNING   pid 2706, uptime 0:06:01
frappe-workers:frappe-frappe-long-worker-0      RUNNING   pid 2708, uptime 0:06:01
frappe-workers:frappe-frappe-schedule           RUNNING   pid 2705, uptime 0:06:01
frappe-workers:frappe-frappe-short-worker-0     RUNNING   pid 2707, uptime 0:06:01

Updated /etc/hosts

mydomain localhost hostname

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

# Your domain and IP address mydomain

Created SSL/TLS certs via certbot (letsencrypt)

Updated my site_config.json file

 "backup_encryption_key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
 "db_name": "xxxxxxxxxxxxxxxxxxxx",
 "db_password": "xxxxxxxxxxxxxxxxx",
 "db_type": "mariadb",
 "developer_mode": 1,
 "domains": [
 "enable_two_factor_auth": true,
 "encryption_key": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
 "maintenance_mode": 0,
 "pause_scheduler": false,
 "ssl_certificate": "/etc/letsencrypt/live/mydomain/fullchain.pem",
 "ssl_certificate_key": "/etc/letsencrypt/live/mydomain/privkey.pem"

After generating the certs I re-run this, generate new nginx.conf (which is pointing correctly to the SSL files)
sudo bench setup production ubuntu

I’m using Google Domains. In the DNS records I’ve added two A records pointing to my server’s public IP

The website seems to resolve in their preview, however when I go to the domain in a browser (I’ve tried chrome, firefox, brave), it doesn’t resolve. I’ve also cleared all site data from these browsers to try access the sites ‘fresh’.

That’s basically it, I think. I know DNS stuff can sometimes take a while to propagate… but I’ve been at this for a few days now, trying different domains that I have available to me. I’ve tried all of the frappe docs suggestions for HTTPS setup, custom domains, etc. This forum. No damn luck.

Any suggestions would be greatly appreciated. Very confused and sick of going around in circles.

The issue was infuriatingly simple :unamused:

It was an AWS security group inbound rule. HTTPS was set to instead of