EDIT: It was a firewall issue. I disabled my firewall and it works.

https://listmonk.app/

The site loads properly on serverIP:5870 and if I change proxy_pass http://127.0.0.1:5870; to proxy_pass http://listmonk.mydomain.com:5870; then it will load on listmonk.mydomain.com:5870. But it gives the 502 error when I visit the site without the port.

If I set proxy_pass http://127.0.0.1:5870; and visit listmonk.mydomain.com:5870 I get:

The connection for this site is not secure
listmonk.mydomain.com sent an invalid response.
[Try running Windows Network Diagnostics](javascript:diagnoseErrors()).
ERR_SSL_PROTOCOL_ERROR

docker-compose.yml:

version: "3.7"

x-app-defaults: &app-defaults
  restart: unless-stopped
  image: listmonk/listmonk:latest
  ports:
    - "5870:9000"
  networks:
    - listmonk
  environment:
    - TZ=Etc/UTC

x-db-defaults: &db-defaults
  image: postgres:13
  ports:
    - "9432:5432"
  networks:
    - listmonk
  environment:
    - POSTGRES_PASSWORD=pw
    - POSTGRES_USER=listmonk
    - POSTGRES_DB=listmonk
  restart: unless-stopped
  healthcheck:
    test: ["CMD-SHELL", "pg_isready -U listmonk"]
    interval: 10s
    timeout: 5s
    retries: 6

services:
  db:
    <<: *db-defaults
    container_name: listmonk_db
    volumes:
      - type: volume
        source: listmonk-data
        target: /var/lib/postgresql/data

  app:
    <<: *app-defaults
    container_name: listmonk_app
    depends_on:
      - db
    volumes:
      - ./config.toml:/listmonk/config.toml
      - ./uploads:/listmonk/uploads

networks:
  listmonk:

volumes:
  listmonk-data:

nginx config:

server {
        listen              443 ssl;
        server_name            listmonk.example.com;

  location / {
     proxy_pass  http://127.0.0.1:5870;
     proxy_set_header   Host            $http_host;
     proxy_set_header   X-Real-IP       $remote_addr;
     proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for; 
    }

}

server {
    listen              80;
    server_name            listmonk.example.com;
      location / {
return 301 https://$host$request_uri;
      }
}
  • bigredgiraffe@lemmy.worldEnglish
    4·
    11 months ago

    the purpose of using nginx is to not have to use the port number in this scenario, the reason it works is because your DNS for that hostname still points to that machine that both containers are running on. Normal DNS A and cname records do not contain port information.

    The 502 bad gateway error means that nginx is not able to connect to the upstream host for that hostname, this is where you need to use the port for the other container (5870). Do know that using localhost in docker will not have the results you are expecting, if these are on the same host you can use the name you have configured for the container as the hostname in nginx otherwise use the host IP, in your case it would be http://listmonk_app:5870.

    Hope that helps!

    • MaximilianKohler@lemmy.worldOPEnglish
      1·
      11 months ago

      Thanks! I was using 127.0.0.1 because that’s what other people were successfully using: https://github.com/knadh/listmonk/issues/1590#issuecomment-1812399067. I had tried variations of proxy_pass http://app:5870; because I’m running listmonk successfully on another server using proxy_pass http://app:9000;, but that is when nginx is running from inside the docker container:

      services:
  db:
    <<: *db-defaults
    container_name: listmonk_db
    volumes:
      - type: volume
        source: listmonk-data
        target: /var/lib/postgresql/data

  app:
    <<: *app-defaults
    container_name: listmonk_app
    depends_on:
      - db
    volumes:
      - ./config.toml:/listmonk/config.toml
      - ./listmonk/uploads:/listmonk/uploads

  nginx:
    image: nginx:mainline-alpine
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./data/nginx:/etc/nginx/conf.d
      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/certbot/www:/var/www/certbot
    networks:
      - listmonk
    depends_on:
      - app
    command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"

  certbot:
    image: certbot/certbot
    restart: unless-stopped
    container_name: certbot
    volumes:
      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/certbot/www:/var/www/certbot
    networks:
      - listmonk
    depends_on:
      - nginx
    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"

      I forgot to try proxy_pass http://listmonk_app:5870; though. I just tried that and I got the same error that I get with proxy_pass http://app:5870;.

      Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.

      systemctl status nginx.service
 nginx.service - Centmin Mod NGINX Server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/nginx.service.d
           └─failure-restart.conf, openfileslimit.conf
   Active: failed (Result: start-limit) since Sun 2023-11-26 01:07:52 UTC; 1min 57s ago
  Process: 34289 ExecStop=/bin/sh -c /bin/kill -s TERM $(/bin/cat /usr/local/nginx/logs/nginx.pid) (code=exited, status=0/SUCCESS)
  Process: 18426 ExecReload=/bin/sh -c /bin/kill -s HUP $(/bin/cat /usr/local/nginx/logs/nginx.pid) (code=exited, status=0/SUCCESS)
  Process: 25700 ExecStart=/usr/local/sbin/nginx -c /usr/local/nginx/conf/nginx.conf (code=exited, status=0/SUCCESS)
  Process: 34339 ExecStartPre=/usr/local/sbin/nginx -t (code=exited, status=1/FAILURE)
 Main PID: 25702 (code=exited, status=0/SUCCESS)

Nov 26 01:07:47 centos7test systemd[1]: nginx.service: control process exited, code=exited status=1
Nov 26 01:07:47 centos7test systemd[1]: Failed to start Centmin Mod NGINX Server.
Nov 26 01:07:47 centos7test systemd[1]: Unit nginx.service entered failed state.
Nov 26 01:07:47 centos7test systemd[1]: nginx.service failed.
Nov 26 01:07:52 centos7test systemd[1]: nginx.service holdoff time over, scheduling restart.
Nov 26 01:07:52 centos7test systemd[1]: Stopped Centmin Mod NGINX Server.
Nov 26 01:07:52 centos7test systemd[1]: start request repeated too quickly for nginx.service
Nov 26 01:07:52 centos7test systemd[1]: Failed to start Centmin Mod NGINX Server.
Nov 26 01:07:52 centos7test systemd[1]: Unit nginx.service entered failed state.
Nov 26 01:07:52 centos7test systemd[1]: nginx.service failed.

      journalctl -xe
--
-- The result is timeout.
Nov 26 01:08:56 centos7test systemd[1]: Dependency failed for /mnt/HC_Volume_33691542.
-- Subject: Unit mnt-HC_Volume_33691542.mount has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit mnt-HC_Volume_33691542.mount has failed.
--
-- The result is dependency.
Nov 26 01:08:56 centos7test systemd[1]: Job mnt-HC_Volume_33691542.mount/start failed with result 'dependency'.
Nov 26 01:08:56 centos7test systemd[1]: Job dev-disk-by\x2did-scsi\x2d0HC_Volume_33691542.device/start failed with result 'timeout'.
Nov 26 01:09:01 centos7test systemd[1]: Started Session 313 of user root.
-- Subject: Unit session-313.scope has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit session-313.scope has finished starting up.
--
-- The start-up result is done.
Nov 26 01:09:01 centos7test CROND[34567]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Nov 26 01:09:10 centos7test kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=85.203.42.26 DST= LEN
Nov 26 01:09:35 centos7test kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=205.185.121.3 DST= LE
Nov 26 01:09:45 centos7test kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=107.148.82.29 DST= LE
Nov 26 01:09:53 centos7test kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=62.204.41.118 DST= LE
Nov 26 01:10:01 centos7test systemd[1]: Started Session 314 of user root.
-- Subject: Unit session-314.scope has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit session-314.scope has finished starting up.
--
-- The start-up result is done.
Nov 26 01:10:01 centos7test systemd[1]: Started Session 315 of user root.
-- Subject: Unit session-315.scope has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit session-315.scope has finished starting up.
--
-- The start-up result is done.
Nov 26 01:10:01 centos7test CROND[34680]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Nov 26 01:10:01 centos7test CROND[34679]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Nov 26 01:10:11 centos7test kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=91.92.246.145 DST= LE
Nov 26 01:10:12 centos7test kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=85.203.42.26 DST= LEN
Nov 26 01:10:21 centos7test kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=85.209.11.142 DST= LE
Nov 26 01:10:22 centos7test sshd[34734]: Received disconnect from 180.101.88.196 port 14758:11:  [preauth]
Nov 26 01:10:22 centos7test sshd[34734]: Disconnected from 180.101.88.196 port 14758 [preauth]
Nov 26 01:10:40 centos7test kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=162.216.150.164 DST=
lines 1377-1425/1425 (END)