Getting 502 bad gateway in Docker container - configs below

Installation & Configuration
1

Hi.

I’m trying to configure a Nextcloud stack using Docker Compose with Nextcloud and Collabora, running on local server 10.10.2.2.

I’m also running an Nginx Proxy Manager as a reverse proxy on local server 10.10.2.4.

Nextcloud is up and running, but I’m getting a “502 Bad Gateway” message from my reverse proxy when I try to connect to office.mydomain.com.

If I try connecting directly to the IP, I get a “Unable to connect” message.

And of course because of this, Nextcloud can’t connect to the Collabora address either.

This is my proxy configuration:

image
image751×816 34.2 KB

So I’m hoping someone can maybe test the setup I’m trying and come up with configuration ideas on how I can make it work.

I’m pretty sure the problem is isolated to Collabora and/or proxy configuration, since Nextcloud in itself seems to be working fine.

This is the docker-compose.yml I’m starting the containers with:

version: '3'

services:

  nextcloud:
    image: linuxserver/nextcloud:latest
    container_name: nextcloud-cloud
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/Copenhagen
    volumes:
      - /mnt/docker-data/nextcloud/nextcloud-data:/config
      - /mnt/zfs/postern/nextcloud:/data
    ports:
      - 8775:443
    restart: unless-stopped

  collabora:
    image: collabora/code:latest
    container_name: nextcloud-office
    cap_add:
      - MKNOD
    environment:
      - domain=cloud\\.mydomain\\.com
      - server_name=office.mydomain.com
      - dictionaries=en_GB en_US da_DK
    ports:
      - 127.0.0.1:8780:9980
    restart: unless-stopped
    depends_on:
      - nextcloud

I was actually trying to start the container with the environment variable DONT_GEN_SSL_CERT (because I’m running my own reverse proxy), but I couldn’t get this to work initially. So any tips on running without generating certificates would be much appreciated too.

The Docker log for the Collabora container is here.

Collabora Docker Log

2

if you don’t want to use ssl internally, consider adding
- "extra_params=--o:ssl.enable=false --o:ssl.termination=true"
to the environment:

3

I’ll give it a try tomorrow.

I think I’m going to troubleshoot this by trying to get a Collabora container running by itself and working with my proxy solution.

And then afterwards I’ll port that configuration to the Docker Compose stack.

4

I’ve been digging into this some more.

It seems I can reach the Collabora from localhost with:

curl -k https://localhost:8780
OK

But when I try from the host running the proxy (10.10.2.4) I get an error when trying to reach:

curl -k https://10.10.2.2:8780
curl: (7) Failed to connect to 10.10.2.2 port 8780: Connection refused

So it seems the problem here is to be able to reach the Collabora server from another server than localhost, namely my proxy server on 10.10.2.4.

Any suggestions still much appreciated.

5

Ok I finally fixed this. The obvious mistake was prefixing the port with 127.0.0.1.

Other than that, I also didn’t need the server_name. And I followed @joergmschulz advice to disable internal SSL.

This is my working config file now:

version: '3'

services:

  nextcloud:
    image: linuxserver/nextcloud:latest
    container_name: nextcloud-cloud
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/Copenhagen
    volumes:
      - /mnt/docker-data/nextcloud/nextcloud-conf:/config
      - /mnt/docker-data/nextcloud/nextcloud-data:/data
    ports:
      - 8775:443
    restart: unless-stopped

  collabora:
    image: collabora/code:latest
    container_name: nextcloud-office
    cap_add:
      - MKNOD
    environment:
      - 'domain=cloud\\.mydomain\\.com'
      - 'dictionaries=en_GB en_US da_DK'
      - 'extra_params=--o:ssl.enable=false --o:ssl.termination=true'
      - DONT_GEN_SSL_CERT=true
      - TZ=Europe/Copenhagen
    ports:
      - 8780:9980
    restart: unless-stopped
    depends_on:
      - nextcloud
1 Like