Nginx Proxy Upstream Server Docker Compose - 502 Bad Gateway Connection Refused

docker nginx docker-compose reverse-proxy jwilder-nginx-proxy
Chris Rogers picture Chris Rogers · Jan 6, 2019 · Viewed 7.3k times · Source

I am trying to containerize all things related to my web app using Docker Compose, including Nginx & SSL Certificates. To do this I am using the Nginx Proxy image from JWilder and the LetsEncrypt Companion, but am having trouble getting the nginx proxy to work, result ends up being:

Nginx 502 Bad Gateway

[error] 31160#0: *35 connect() failed (111: Connection refused) while connecting to upstream, client: xx.xx.xx.xx, server: domain.com, request: "GET /dev/ HTTP/1.1", upstream: "webapp://127.0.0.1:8080", host: "domain.com"

This only happened when trying to set up the Nginx proxy and SSL certificates so I know it's a configuration issue for either or both of these containers. If anyone can spot where I am going wrong, I would be extremely grateful!

Here are the containers in question:

version: '3.1'

networks:
  mywebapp:

services:
  nginx-proxy:
    container_name: nginx-proxy
    build: ./env/nginx-proxy
    networks:
      - mywebapp
    ports:
      - 80:80
      - 443:443
    env_file:
      - ./env/nginx-proxy/.env
    depends_on:
      - webapp
    tty: true
    volumes:
      - ./src:/home/www/mywebapp/src
      - ./storage:/home/www/storage/mywebapp
      - ./data/nginx-proxy/logs:/var/log/nginx
      - ./env/nginx-proxy/webserver/nginx.conf:/etc/nginx/nginx.conf
      - ./env/nginx-proxy/webserver/conf.d:/etc/nginx/conf.d
      - ./env/nginx-proxy/webserver/vhost.d:/etc/nginx/vhost.d
      - ./env/nginx-proxy/webserver/defaults:/etc/nginx/defaults
      - ./env/nginx-proxy/webserver/global:/etc/nginx/global
      - ./env/nginx-proxy/ssl/certs:/etc/nginx/certs
      - ./env/nginx-proxy/share:/usr/share/nginx/html
      - /var/run/docker.sock:/tmp/docker.sock:ro
    labels:
      com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy: "true"

  letsencrypt:
    restart: always
    container_name: letsencrypt
    image: jrcs/letsencrypt-nginx-proxy-companion
    env_file:
      - ./env/letsencrypt/.env
    volumes:
      - ./data/letsencrypt/logs:/var/log
      - ./env/nginx-proxy/webserver/nginx.conf:/etc/nginx/nginx.conf
      - ./env/nginx-proxy/webserver/conf.d:/etc/nginx/conf.d
      - ./env/nginx-proxy/webserver/vhost.d:/etc/nginx/vhost.d
      - ./env/nginx-proxy/webserver/defaults:/etc/nginx/defaults
      - ./env/nginx-proxy/webserver/global:/etc/nginx/global
      - ./env/nginx-proxy/ssl/certs:/etc/nginx/certs
      - ./env/nginx-proxy/share:/usr/share/nginx/html
      - /var/run/docker.sock:/var/run/docker.sock:ro
    depends_on:
      - nginx-proxy

  webapp:
    container_name: webapp
    build: ./env/webapp
    hostname: webapp
    networks:
      - mywebapp
    ports:
      - 9000:9000
      - 8080:8080
    volumes:
      - ./env/composer:/home/www/.composer
      - ./env/global/bashrc:/home/www/.bashrc
      - ./data/bash/.bash_history:/home/www/.bash_history
      - ~/.ssh:/home/www/.ssh:ro
      - ~/.gitconfig:/home/www/.gitconfig:ro
      - ./storage:/home/www/storage/mywebapp
      - ./src:/home/www/mywebapp/src

Key points being:

  • Webapp is the source of my web application which is running PHP, MySQL and Nginx webserver. The webapp webserver exposes and listens on port 8080 to serve the PHP files.
  • Nginx proxy exposes standard ports 443 and 80 and proxy passes to webapp on port 8080
  • LetsEncrypt Companion generates the certs and renews.

Nginx Proxy server configuration:

upstream webapp {
    server 127.0.0.1:8080;
}

server {

    listen 80;
    listen [::]:80;

    server_name webapp.localhost;

    location / {
        proxy_pass http://webapp;
    }
}

server {

    # SSL configuration
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    ssl_certificate certs/default.crt;
    ssl_certificate_key certs/default.key;

    include /etc/nginx/global/ssl-params.conf;

    server_name webapp.localhost;

    location / {
        proxy_pass http://webapp;
    }
}

Webapp webserver configuration:

server {
    listen 8080;
    listen [::]:8080;

    server_name webapp.localhost;

    root /home/www/webapp/src;
    index index.php;

    include /etc/nginx/defaults/php.conf;

    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }
}

When visiting http://webapp.localhost:8080 I can see the webapp webserver serves the page no trouble, so I suspect it's something wrong with my Nginx Proxy server configuration.

Thanks for reading.

Answer

Siyu picture Siyu · Jan 6, 2019

Since nginx and webapp are on two separate containers, nginx can't reach webapp on localhost(127.0.0.1) as you've configured for upstream:

upstream webapp {
    server 127.0.0.1:8080;
}

Change it to webapp:8080.

Related questions

How to correctly link php-fpm and Nginx Docker containers?

I am trying to link 2 separate containers: nginx:latest php:fpm The problem is that php scripts do not work. Perhaps the php-fpm configuration is incorrect. Here is the source code, which is in my repository. Here is the file …

Read More
Docker Networking - nginx: [emerg] host not found in upstream

I have recently started migrating to Docker 1.9 and Docker-Compose 1.5's networking features to replace using links. So far with links there were no problems with nginx connecting to my php5-fpm fastcgi server located in a different server in one …

Read More
Docker nginx multiple apps on one host

I'm confused by how I should manage reverse proxy (nginx) with multiple independent webapps on the same host. I know that i can use https://github.com/jwilder/nginx-proxy and configure VIRTUAL_HOST per app but then I wont be …

Read More