#Nginx - proxy HTTPS to Docker

1 messages · Page 1 of 1 (latest)

sleek pebble
#

I am trying to setup Nginx as reverse proxy (with HTTPS) for my app inside Docker. I already generated the certificate and it works (page shows the lock icon, which states it's secure with cert details), but i am struggling with setup proxy on Nginx.

I had generated cert with Certbot following this page https://certbot.eff.org/instructions?ws=nginx&os=debianbuster before i installed Nginx (i initially had wanted to manually setup HTTPS on Node, but then i heard about "reverse proxy", so i switched to Nginx attempt), so after i installed Nginx and added proxy_pass and server_name to nginx.conf, executing command nginx -s reload threw error, than my server name is already defined (because it has been in the Nginx default settings by Certbot). So then i tried to modify this default setup (before i had done a backup copy of file), which resulted in file including conflict (nginx.conf has like include sites-enabled/* directive, which also picked the backup file resulting in duplication). I removed my backup file and since then i cannot restart nor stop Nginx, because i receive error

ERROR : invalid PID number "" in "/run/nginx.pid"
I removed that file and the error is
nginx: [error] open() "/run/nginx.pid" failed (2: No such file or directory)
Re-creating that file shows previous error. I tried stopping nxing service, which doesn't help. Trying to manually kill it's process is surprisingly tricky, because ps -aux | grep 'nginx' shows one process, which very quickly increments it's PID ( 🤔 ), so i am unable to pick the current one to kill it. I tried restarting system, without success.

TLDR:

  • i have HTTPS cert generated by Certbot
  • i am trying to setup HTTPS reverse proxy by Nginx to my Docker app
  • i received server_name conflicting error from Nginx after i tried modifying it to do proxy thing
  • now i cannot even stop Nginx, because it's PID is corrupted/gone
sleek pebble
#

Ok, executing service nginx restart helps and then doing nginx -s stop once works, but second time it throws that PID error. Although, i think nginx is working (it shows it's "welcome" page).

I managed to configure that proxy:

  • i ensured sites-available/ contains only a single file (no backups there)
  • i put proxy_pass inside it's already existing server directive block with listen 443

And all seems to work.

jovial ermine
#

If you ever get annoyed by the Nginx hassle, you know, there is greener grass on the other side

sleek pebble
#

Apache?

#

Haven't used either

jovial ermine
#

Caddy, of course. That's two lines of config for automatically generating and renewing TLS certs and transparent reverse proxy

sleek pebble
#

Nginx is also a few lines 😛 Although i had to execute Certbot (and install it beforehand) too

jovial ermine
#

Nginx reverse proxy blocks are like, what, ten lines of mostly boilerplate code?

#

Even more when you realise the default setups don't support web sockets

odd steeple
#

if the PID is rapidly incrementing then it's probably stuck in a reboot loop no?

#

today is also not the day i read everything before replying. comment 2, you fixed it. shit, you even ticked it. oops

sleek pebble
sleek pebble
#

Fortunately it doesn't affect on nginx working

odd steeple
#

you could check the logs, expect it to be 4914TB big and full of identical lines panicking about something

#

i'm only making an assumption based on the PID incrementing and the way linux allocates PIDs

#

is there a typo somewhere in your conf? i wouldn't expect /run to be a root dir but rather ./run

sleek pebble
#

Btw, is it normal that calling nging -s stop more than once throws such PID error?

sleek pebble
odd steeple
#

but honestly i'd be guessing if i said either way

#

i've never actually run into this problem with nginx myself

sleek pebble
sleek pebble
odd steeple
#

heh, hyperbolic as it was i swear half the issues i've had with my homelab come back to me never setting up log pruning

jovial ermine
odd steeple
jovial ermine