I have been trying for more than a week few hours daily.
Needless to say, I'm beginner in most of these things, but I have tried hundreds of configurations and nothing worked.
That's why I am finally coming here for help.
I am currently getting 502 Bad Gateway.
My suspicion is that either Nginx can't find staticfiles (if that's a reason for a 50x error) or nginx upstream doesn't know what is web (in config), or something with permissions on nginx.
Nginx error logs are printing this:
connect() failed (111: Connection refused) while connecting to upstream...upstream: "https://some-ip-address-here?:443" (this might be that nginx doesn't know about the web)
Dockerfile
# Pull base image
FROM python:3.10.2-slim-bullseye
# Set environment variables
ENV PYTHONDONTWRITEBYTECODE 1
ENV PYTHONUNBUFFERED 1
# Create and set work directory called `app`
RUN mkdir -p /app
RUN mkdir -p /app/staticfiles
WORKDIR /app
# Install dependencies
COPY requirements.txt /tmp/requirements.txt
RUN set -ex && \
pip install --upgrade pip && \
pip install -r /tmp/requirements.txt && \
apt-get -y update && \
apt-get -y upgrade && \
apt-get install -y ffmpeg && \
rm -rf /root/.cache/
# Copy local project
COPY . /app/
COPY wait-for-it.sh /wait-for-it.sh
RUN chmod +x /wait-for-it.sh
docker-compose.yml
version: '3.7'
services:
web:
container_name: web
build: .
restart: always
command: ["/wait-for-it.sh", "db:5432", "--", "gunicorn", "--bind", "0.0.0.0:8000", "--workers", "3", "my_project.wsgi"]
volumes:
- .:/app
ports:
- "8000:8000"
- "443"
env_file: .env
depends_on:
- db
nginx:
container_name: nginx
restart: always
image: jonasal/nginx-certbot:4.2.0-nginx1.23.3
env_file:
- .env.nginx
volumes:
- nginx_secrets:/etc/letsencrypt
- ./nginx/user_conf.d:/etc/nginx/user_conf.d
- .:/app
ports:
- 80:80
- 443:443
depends_on:
- web
- db
db:
container_name: db
image: postgres:13
restart: always
volumes:
- postgres_data:/var/lib/postgresql/data/
env_file: .env
celery:
container_name: celery
restart: always
build:
context: .
command: celery -A my_project worker -l info -B
volumes:
- .:/app
env_file:
- .env
depends_on:
- web
- rabbitmq3
rabbitmq3:
container_name: rabbitmq
image: rabbitmq:3-management-alpine
ports:
- 5672:5672
- 15672:15672
volumes:
postgres_data:
nginx_secrets:
Nginx config
upstream web {
server web:443;
}
# Redirect all HTTP requests to HTTPS
server {
listen 80;
server_name myurl.com;
return 301 https://$server_name$request_uri;
location /static/ {
alias /app/staticfiles/;
}
location /media/ {
alias /app/media/;
}
}
# Pass request to the web container
server {
location / {
proxy_pass https://web/;
}
access_log /var/log/nginx/project.access.log;
error_log /var/log/nginx/project.error.log;
# Listen to port 443 on both IPv4 and IPv6.
listen 443 ssl default_server reuseport;
listen [::]:443 ssl default_server reuseport;
server_name www.myurl.com myurl.com;
# Load the certificate files
ssl_certificate /etc/letsencrypt/live/my-site/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/my-site/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/my-site/chain.pem;
# Load the Diffie-Hellman parameter
ssl_dhparam /etc/letsencrypt/dhparams/dhparam.pem;
location /static/ {
alias /app/staticfiles/;
}
location /media/ {
alias /app/media/;
}
}
docker-compose uplocally, and you can load a web page athttp://localhostandhttps://localhostthen nginx would definitely be working.127.0.0.1:8000. Going tohttp://localhostimmediately redirects tohttps://localhostand this doesn't even load the page - I get this error: Secure Connection Failed - An error occurred during a connection to localhost. PR_END_OF_FILE_ERRORlocalhost:8000loads the page (but I had to change nginx image to one without certbot because It was throwing an error that localhost can't get SSL, so I also changed much of the config just to http). I am really confused from how this all works, I will do some studying on nginx, but it's impossible to debug when each time I need to do so many changes. It must be something with nginx though and SSL