无法获得 Http -> Https 301 重定向以使用 Nginx

Question

Unfortunately I'm unable to get this HTTP redirect to HTTPS to work. I'm hosting a web app and running it with PM2, with nginx acting as a reverse proxy. I have no problems when I have my location / block inside the listen 80 block, but after using the letsencrypt certbot, the site just won't load. I'm getting no errors in /var/log/nginx/errors.log, but also no records of access in /var/log/nginx/access.log. Nginx syntax test passes. When I look at the Chrome network tab, it just shows the 301 redirect and that the headers are provisional. I have port 80 and 443 and nginx full open on ufw, using ubuntu 20.04. What am I missing here? Attached my sites-available below, and I have a working symlink to sites-enabled.

server {
    listen 80;
    listen [::]:80;
    server_name www.example.com;

    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name www.example.com;
    
    ssl_certificate /etc/letsencrypt/live/www.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/www.example.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/www.example.com/chain.pem;

    include /etc/letsencrypt/options-ssl-nginx.conf;

    location / {
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_pass http://localhost:3000;
    }
}

Answer 1

The virtual server I was running this on was a Google Cloud Server provisioned by my employer, I ended up guessing that port 443 was blocked by a GCS firewall, and that was correct. Here are instructions for adjusting that firewall: https://cloud.google.com/vpc/docs/using-firewalls