Nginx always falls back on wrong server block

Question

I've got two different domains and two nginx files in sites-available. I also added the symlinks.

First site config, which should handle a Silex based API:

server {
    listen 443 ssl;
    listen [::]:443 ipv6only=on ssl;

    server_name bwr.mydomain1.com;
    root /srv/www/bwr/src;

    location / {
        # try to serve file directly, fallback to front controller
        try_files $uri /index.php$is_args$args;
    }

    # If you have 2 front controllers for dev|prod use the following line instead
    # location ~ ^/(index|index_dev)\.php(/|$) {
    location ~ ^/index\.php(/|$) {
        # the ubuntu default
        fastcgi_pass   unix:/var/run/php5-fpm.sock;
        # for running on centos
        #fastcgi_pass   unix:/var/run/php-fpm/www.sock;

        fastcgi_split_path_info ^(.+\.php)(/.*)$;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param HTTPS off;

        # Prevents URIs that include the front controller. This will 404:
        # http://domain.tld/index.php/some-path
        # Enable the internal directive to disable URIs like this
        # internal;
    }

    #return 404 for all php files as we do have a front controller
    location ~ \.php$ {
        return 404;
    }

    # SSL configuration with letsencrypt
    ssl_certificate "/etc/letsencrypt/live/bwr.mydomain1.com/fullchain.pem";
    ssl_certificate_key "/etc/letsencrypt/live/bwr.mydomain1.com/privkey.pem";
    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout  10m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:SEED:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!RSAPSK:!aDH:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!SRP;
    ssl_prefer_server_ciphers on;


    error_log /var/log/nginx/bwr_error.log;
    access_log /var/log/nginx/bwr_access.log;
}

server {
    listen 80;
    listen [::]:80 ipv6only=on;
    server_name bwr.mydomain1.com;
    return 301 https://$host$request_uri;
}

The second domain just serves a normal php website:

server {
  listen 443 ssl default_server;

  server_name domain2.ch www.domain2.ch;

  root /srv/www/hgtconnect;
  index index.html index.php;

  location ~ \.php$ {
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_pass unix:/var/run/php5-fpm.sock;
    fastcgi_index index.php;
    include fastcgi_params;
  }

  error_log /var/log/nginx/domain2_error.log;
  access_log /var/log/nginx/domain2_access.log;

    # SSL configuration with letsencrypt
  ssl_certificate "/etc/letsencrypt/live/domain2.ch/fullchain.pem";
  ssl_certificate_key "/etc/letsencrypt/live/domain2.ch/privkey.pem";
  ssl_session_cache shared:SSL:1m;
  ssl_session_timeout  10m;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers HIGH:SEED:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!RSAPSK:!aDH:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!SRP;
  ssl_prefer_server_ciphers on;
}

server {
  listen 80 default_server;
  server_name domain2.ch www.domain2.ch;
  return 301 https://$host$request_uri;
}

Whenever I open https://domain2.ch I get the content of bwr.domain1.com. Also the wrong ssl cerificate is used and the site is untrusted.

Thanks!

Answer 1

Found the soultion. Ipv6 wasn't enabled on both server blocks. I always requested the page in an Ipv6 network, so nginx was always falling back on the wrong server because ipv6 was configured there.