Closed creactiv closed 3 years ago
hmm this is a very interesting issue as from what you posted everything looks to be correct. I did not include an explanation on how to setup nginx proxy because that might change so please use their official documentation there.
But the recipes container looks good. Can you post the docker compose logs of both the proxy stack and the application itself in the moment the 502 occurs ?
I think it is related to the proxy not routing correctly but that is just guessing
Well,
recipes_nginx log: /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/ /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh 10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/default.conf is not a file or does not exist /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh /docker-entrypoint.sh: Configuration complete; ready for start up
recipes_web log:
Updating database Operations to perform: Apply all migrations: account, admin, auth, authtoken, contenttypes, cookbook, sessions, sites, socialaccount Running migrations: No migrations to apply. Your models in app(s): 'cookbook' have changes that are not yet reflected in a migration, and so won't be applied. Run 'manage.py makemigrations' to make new migrations, and then re-run 'manage.py migrate' to apply them. js-reverse file written to /opt/recipes/cookbook/static/django_js_reverse
Looks like the same from before, but i tried to access my server which returned again 502.
Best
I might have misunderstood you, i just created the log from container nginx-proxy, which gave me this error:
WARNING: /etc/nginx/dhparam/dhparam.pem was not found. A pre-generated dhparam.pem will be used for now while a new one
is being generated in the background. Once the new dhparam.pem is in place, nginx will be reloaded.
2021/05/02 15:13:58 [notice] 69#69: signal process started
The content of the log is as follows:
[0;37;1mforego | [0mstarting dockergen.1 on port 5000
[0;37;1mforego | [0mstarting nginx.1 on port 5100
[0;36;1mdockergen.1 | [0;31;1m2021/05/02 15:13:56 Generated '/etc/nginx/conf.d/default.conf' from 2 containers
[0m[0;36;1mdockergen.1 | [0;31;1m2021/05/02 15:13:56 Running 'nginx -s reload'
[0m[0;36;1mdockergen.1 | [0;31;1m2021/05/02 15:13:56 Watching docker events
[0m[0;36;1mdockergen.1 | [0;31;1m2021/05/02 15:13:57 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload'
[0mGenerating DSA parameters, 4096 bit long prime
dhparam generation complete, reloading nginx
[0;33;1mnginx.1 | [0mexample.com 3.19.56.43 - - [02/May/2021:15:14:08 +0000] "GET /.well-known/acme-challenge/jB7SWMO9imcHp1R8nwJsTWT6NX_A2AiVwS1snIP67AU HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
[0;33;1mnginx.1 | [0mexample.com 34.221.255.206 - - [02/May/2021:15:14:08 +0000] "GET /.well-known/acme-challenge/jB7SWMO9imcHp1R8nwJsTWT6NX_A2AiVwS1snIP67AU HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
[0;33;1mnginx.1 | [0mexample.com 66.133.109.36 - - [02/May/2021:15:14:08 +0000] "GET /.well-known/acme-challenge/jB7SWMO9imcHp1R8nwJsTWT6NX_A2AiVwS1snIP67AU HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
[0;36;1mdockergen.1 | [0;31;1m2021/05/02 15:14:10 Received event start for container eb186055f8fd
[0m[0;36;1mdockergen.1 | [0;31;1m2021/05/02 15:14:10 Generated '/etc/nginx/conf.d/default.conf' from 3 containers
[0m[0;36;1mdockergen.1 | [0;31;1m2021/05/02 15:14:10 Received event start for container 7a7f570d652d
[0m[0;33;1mnginx.1 | [0mexample.com 18.184.114.154 - - [02/May/2021:15:14:10 +0000] "GET /.well-known/acme-challenge/jB7SWMO9imcHp1R8nwJsTWT6NX_A2AiVwS1snIP67AU HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
[0;36;1mdockergen.1 | [0;31;1m2021/05/02 15:14:11 Generated '/etc/nginx/conf.d/default.conf' from 4 containers
[0m[0;36;1mdockergen.1 | [0;31;1m2021/05/02 15:14:11 Received event start for container ad8dee490b99
[0m[0;36;1mdockergen.1 | [0;31;1m2021/05/02 15:14:11 Generated '/etc/nginx/conf.d/default.conf' from 5 containers
[0m[0;33;1mnginx.1 | [0;31;1m2021/05/02 15:14:38 [error] 180#180: *5 no live upstreams while connecting to upstream, client: 1.1.1.10, server: example.com, request: "GET / HTTP/2.0", upstream: "http://example.com-upstream/", host: "example.com"
[0m[0;33;1mnginx.1 | [0mexample.com 1.1.1.10 - - [02/May/2021:15:14:38 +0000] "GET / HTTP/2.0" 502 158 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:88.0) Gecko/20100101 Firefox/88.0"
[0;33;1mnginx.1 | [0;31;1m2021/05/02 15:14:39 [error] 180#180: *5 no live upstreams while connecting to upstream, client: 1.1.1.1, server: example.com, request: "GET /favicon.ico HTTP/2.0", upstream: "http://example.com-upstream/favicon.ico", host: "example.com", referrer: "https://example.com/"
[0m[0;33;1mnginx.1 | [0mexample.com 1.1.1.1 - - [02/May/2021:15:14:39 +0000] "GET /favicon.ico HTTP/2.0" 502 158 "https://example.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:88.0) Gecko/20100101 Firefox/88.0"
[0;33;1mnginx.1 | [0;31;1m2021/05/02 15:16:09 [error] 180#180: *8 no live upstreams while connecting to upstream, client: 1.1.1.1, server: example.com, request: "GET / HTTP/2.0", upstream: "http://example.com-upstream/", host: "example.com"
[0m[0;33;1mnginx.1 | [0mexample.com 1.1.1.1 - - [02/May/2021:15:16:09 +0000] "GET / HTTP/2.0" 502 158 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:88.0) Gecko/20100101 Firefox/88.0"
[0;33;1mnginx.1 | [0;31;1m2021/05/02 15:17:19 [error] 180#180: *9 no live upstreams while connecting to upstream, client: 2.2.2.2, server: example.com, request: "GET / HTTP/1.1", upstream: "http://example.com-upstream/", host: "example.com"
[0m[0;33;1mnginx.1 | [0mexample.com 2.2.2.2 - - [02/May/2021:15:17:19 +0000] "GET / HTTP/1.1" 502 158 "-" "Mozilla/5.0 (X11; Linux i686; rv:10.0) Gecko/20100101 Firefox/10.0"
[0;33;1mnginx.1 | [0;31;1m2021/05/02 15:17:34 [error] 180#180: *10 no live upstreams while connecting to upstream, client: 2.2.2.2, server: example.com, request: "GET / HTTP/1.1", upstream: "http://example.com-upstream/", host: "example.com"
[0m[0;33;1mnginx.1 | [0mexample.com 2.2.2.2 - - [02/May/2021:15:17:34 +0000] "GET / HTTP/1.1" 502 158 "-" "Mozilla/5.0 (X11; Linux i686; rv:10.0) Gecko/20100101 Firefox/10.0"
[0;33;1mnginx.1 | [0;31;1m2021/05/02 15:18:06 [error] 180#180: *11 no live upstreams while connecting to upstream, client: 2.2.2.2, server: example.com, request: "GET / HTTP/1.1", upstream: "http://example.com-upstream/", host: "example.com"
[0m[0;33;1mnginx.1 | [0mexample.com 2.2.2.2 - - [02/May/2021:15:18:06 +0000] "GET / HTTP/1.1" 502 158 "-" "Mozilla/5.0 (X11; Linux i686; rv:10.0) Gecko/20100101 Firefox/10.0"
[0;33;1mnginx.1 | [0mexample.com 5.147.244.90 - - [02/May/2021:15:24:15 +0000] "GET / HTTP/1.1" 301 170 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Edg/90.0.818.51"
[0;33;1mnginx.1 | [0;31;1m2021/05/02 15:24:15 [error] 180#180: *14 no live upstreams while connecting to upstream, client: 5.147.244.90, server: example.com, request: "GET / HTTP/2.0", upstream: "http://example.com-upstream/", host: "example.com"
[0m[0;33;1mnginx.1 | [0mexample.com 5.147.244.90 - - [02/May/2021:15:24:15 +0000] "GET / HTTP/2.0" 502 560 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Edg/90.0.818.51"
[0;33;1mnginx.1 | [0;31;1m2021/05/02 15:24:16 [error] 180#180: *14 no live upstreams while connecting to upstream, client: 5.147.244.90, server: example.com, request: "GET /favicon.ico HTTP/2.0", upstream: "http://example.com-upstream/favicon.ico", host: "example.com", referrer: "https://example.com/"
[0m[0;33;1mnginx.1 | [0mexample.com 5.147.244.90 - - [02/May/2021:15:24:16 +0000] "GET /favicon.ico HTTP/2.0" 502 560 "https://example.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Edg/90.0.818.51"
Thank you very much.
Best
this looks correct as well. Have you made sure that after creating all the test containers you have properly removed them with docker-compose down because it says something about mutliple containers in the log ?
Also please try exposing the nginx container in the application stack on some port directly so we can figure out if this is related to the proxy or the application
This are the running containers: CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ad8dee490b99 nginx:mainline-alpine "/docker-entrypoint.…" 33 minutes ago Up 33 minutes 80/tcp recipe s_nginx_recipes_1 7a7f570d652d vabene1111/recipes "/opt/recipes/boot.sh" 33 minutes ago Up 33 minutes 8080/tcp recipe s_web_recipes_1 eb186055f8fd postgres:11-alpine "docker-entrypoint.s…" 33 minutes ago Up 33 minutes 5432/tcp recipe s_db_recipes_1 371fd05156d9 jrcs/letsencrypt-nginx-proxy-companion "/bin/bash /app/entr…" 33 minutes ago Up 33 minutes nginx- proxy-letsencrypt 1c534359e92b jwilder/nginx-proxy "/app/docker-entrypo…" 33 minutes ago Up 33 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp nginx- proxy
PS: Could you elaborate a little more about this: Also please try exposing the nginx container in the application stack on some port directly so we can figure out if this is related to the proxy or the application
this container is currently only accessible trough your proxy
nginx_recipes:
image: nginx:mainline-alpine
restart: always
env_file:
- ./.env
depends_on:
- web_recipes
volumes:
- nginx_config:/etc/nginx/conf.d:ro
- staticfiles:/static
- ./mediafiles:/media
networks:
- default
- nginx-proxy
add the following to it and try to access port 8080 on your host to see what happens. Basically the plain setup to make sure its not a proxy issue https://docs.tandoor.dev/install/docker/#plain
ports:
- 8080:8080
Well, when i add that ports: directive to my docker-compose.yml, it does not connect at all: Firefox cannot open the connection to server example.com:8080
My current docker-compose.yml looks like this:
version: "3"
services: db_recipes: restart: always image: postgres:11-alpine volumes:
default
web_recipes: image: vabene1111/recipes restart: always env_file:
default
nginx_recipes: image: nginx:mainline-alpine restart: always ports:
web_recipes
volumes:
networks: default: nginx-proxy: external: name: nginx-proxy
volumes: nginx: staticfiles: nginx_config: mediafiles:
so, it should work, right?
it did change the setting of the port:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 16afc7bb7016 nginx:mainline-alpine "/docker-entrypoint.…" About a minute ago Up About a minute 80/tcp, 0.0 .0.0:8080->8080/tcp, :::8080->8080/tcp recipes_nginx_recipes_1 bb3e478ac452 vabene1111/recipes "/opt/recipes/boot.sh" About a minute ago Up About a minute 8080/tcp recipes_web_recipes_1 e6f36811f3f8 postgres:11-alpine "docker-entrypoint.s…" About a minute ago Up About a minute 5432/tcp recipes_db_recipes_1 371fd05156d9 jrcs/letsencrypt-nginx-proxy-companion "/bin/bash /app/entr…" About an hour ago Up About an hour nginx-proxy-letsencrypt 1c534359e92b jwilder/nginx-proxy "/app/docker-entrypo…" About an hour ago Up About an hour 0.0.0.0:80- >80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp nginx-proxy
i am sorry, i think you need 8080:80 as the port mapping on the nginx container because it already maps to 80 internally
also please use your ip just to make sure nothing funky happens in the proxy (your.ip.addr.ess:8080)
Yes indeed, it works with port 8080:80. Now it would be brilliant, if i could use it with a domain name and with https:// :-)
so if it works with the port directly exposed the issue is related to the proxy server. I have not been using nginx-prody for quite a while but you basically need to check your configuration, the variables and their documentation.
You might also want to try to set DEBUG to 1 and ALLOWED_HOSTS to * in the tandoor .env file to rule out any potential problems.
Are you running any other services with nginx-proxy that do work or is this your first one ? if so you might want to give traefik a shot. It is a little steeper in the learning curve but i liked it a lot in the end
Since i run it on a quite small cloud server, therefore it is the only application to run on it. I just thought, that using docker, would make it easier to upgrade in the long run.
I will check with Debug set to 1; Allowed Hosts is already * and let you know. If this does not work, i'll try to run it on traefik. Interestingly enough it created the certificate for the domain; and i am just wondering, how to connect to nginx.
Another thing i am wondering about: If you have different parts of creating a meal, you might need the same ingredient in a different step again. But it looks like, i can only use an ingredient once, therefore it is not available in a later step. If i check in your demo i find this one:
which shows me, if you see the tbsp Mayonnaise being used in two different steps.
Did i miss a specific setting? I have to admit, that it takes a while to figure out, how all components fit together in order to be able to create data :-)
This also brings me to the question, do you think about summarizing the ingredients in the toplist, so instead of 1 tbsp Mayonnaise 1 tbsp Mayonnaise to print 2 tbsp Mayonnaise?
Thanks and best
Oh, well, i set DEBUG to 1; but haven't found out much on that behalf.
What i am wondering about, is, that this directive: proxy_pass http://example.com-upstream;
has an -upstream after my domainname. Should it be that way?
you are mixing a lot of things now in one issue but i will try to answer them
Well, i think there is something with the docker compose file and how the application works. Shouldn't i have a default.conf in the folder /opt/recipes/nginx/conf.d? There wasn't any, so i went into the docker container and copied that one into that folder and changed the pass proxy directive which was telling example.com-upstream to example.com. But it seems that the system does not read it, because in the log i continue to have this error message:
nginx_recipes_1 | 10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/defa ult.conf is not a file or does not exist
When i log into the recipes_nginxrecipes container (why are all containers named that way? in docker ps they all have recipes in front of their name. might that be part of the problem?) it shows me: /etc/nginx # cd conf.d /etc/nginx/conf.d # ls Recipes.conf /etc/nginx/conf.d #
so it is really missing the default.conf, therefore the error message is correct.
Above that i am a little confused, having to admit, that i am not fluent in nginx, the first run of that docker compose file you provided did claim, that it was missing the nginx_config volume, so i added it and then this error was gone.
Bottom line: Shouldn't the system copy the generated nginx default.conf into the folder /opt/recipes/nginx/conf.d, which it doesnt, and read it back in, which it seems doesn't to do either.
So, what am i missing here?
Best
I do not think that that assesment is correct but i also am not 100% sure if i am correct since there are so many variables involved i cannot really see from here.
Nginx does not need a default.conf. it just looks for one and if it does not find one that is ok. The Recipes.conf is a working nginx config file (we know that because you were able to connect to the application via port 8080 after exposing it trough the nginx container).
The naming of the docker containers is not relevant although you cannot simply change it as the DB and nginx refer to them as host names.
Why your config is not applied i have no idea but i have not yet seen a setup where the nginx container worked when directly exposing the ports but did not work after adding a properly configured proxy server.
Issue
Error 502 after setup.
Setup Info
Version: latest i suppose, since i pulled dockerimages today. OS: Ubuntu 20.02 Server Used the setup with nginxproxy.
.env
docker-compose.yml
When running with docker compose please provide your
docker-compose.yml
Logs
Well, had a hard time to get it up and running. I tried several times to startup the system, and i missed a little bit an more detailed installation guide. First i overlooked those nginx companion containers to create certificates, then i got them, after tandoor had been pulled. So i decided to start over and do a fresh install today.
I got errors on behalf of missing volume in docker-compose.yml (it worried about nginx folder, which i gave him, i also read about downloading an nginx folder to put in the opt/recipes folder; haven't found more on that besides a Recipes.conf file, which i put into my nginx/conf.d folder. No avail.
So my file /folder structure is: opt/recipes opt/recipes/docker-compose.yml opt/recipes/.env opt/recipes/mediafiles opt/recipes/nginx opt/recipes/nginx/conf.d/Recipes.conf opt/recipes/postgresql
I DO get my certificate from letsencrypt, but whatever i do, i cannot see the setup window to create a superadmin.
i got Error 502 and 503; i tried several ideas i found in several issues, but no avail.
I am pretty sure, i am missing an important bit, but can't see which.
Any idea? Thanks and best