Can't connect to Healthchecks via reverse proxy or local network

LSIO Discussion Container Support
,
1

Hello,

I’m trying to setup the LSIO Healthchecks docker image behind a LSIO Letsencrypt reverse proxy.

Before, I successfully configured the LSIO Nextcloud image following the provided instructions and using the preconfigured nextcould.subdomain.conf file provided with the Letsencrypt image.
As a result, I assume that my port forwarding, DNS and general Letsencrypt configuration is correct.

Unfortunately, the Letsencrypt image does not provide a preconfigured Healthchecks NGINX configuration.
For this reason, I tried to create my own configuration file by using the information I found in this LSIO blog entry.

My configuration is as follows:
Excerpt from docker-compose.yml:

--
version: "2"
services:
  letsencrypt:
    image: linuxserver/letsencrypt
    container_name: letsencrypt
    cap_add:
      - NET_ADMIN
    environment:
      - PUID=1000
      - PGID=100
      - TZ=Europe/Berlin
      - URL=lemke.duckdns.org
      - SUBDOMAINS=nextcloud,healthchecks
      - VALIDATION=http
      - DNSPLUGIN=cloudflare #optional
      - DUCKDNSTOKEN=<TOKEN> #optional
      - EMAIL=<MAIL> #optional
      - DHLEVEL=2048 #optional
      - ONLY_SUBDOMAINS=false #optional
      - STAGING=false #optional
    volumes:
      - /sharedfolders/appdata/letsencrypt:/config
    networks:
      - my-net
    ports:
      - 450:443
      - 90:80 #optional
    restart: always
  healthchecks:
    image: linuxserver/healthchecks
    container_name: healthchecks
    environment:
      - PUID=1000
      - PGID=100
      - SITE_ROOT=healthchecks.<SUBDOMAIN>.duckdns.org
      - SITE_NAME=NAS Monitor
      - DEFAULT_FROM_EMAIL=<MAIL>
      - EMAIL_HOST=smtp.live.com
      - EMAIL_PORT=587
      - EMAIL_HOST_USER=<MAIL>
      - EMAIL_HOST_PASSWORD=<PASSWORD>
      - EMAIL_USE_TLS=True
      - ALLOWED_HOSTS=['healthchecks.<SUBDOMAIN>.duckdns.org']
    networks:
      - my-net
    volumes:
      - /sharedfolders/appdata/healthchecks:/config
    ports:
      - 8000:8000
    restart: always

networks:
  my-net:
    external: true

healthchecks.subdomain.conf:

server {
        listen 443 ssl;

        root /config/www;
        index index.php index.html index.htm;

        server_name healthchecks.*;

        include /config/nginx/ssl.conf;

        client_max_body_size 0;

        location / {
                include /config/nginx/proxy.conf;
                resolver 127.0.0.11 valid=30s;
                set $upstream_healthchecks healthchecks;
                proxy_pass https://$upstream_healthchecks:8000;
#                proxy_pass https://192.168.0.203:8000;
#                proxy_pass healthchecks;
        }
}

When I try to access https://healthchecks.subdomain.duckdns.org I get a 502 Bad Gateway error.
http://healthchecks.subdomain.duckdns.org redirects correctly to the https site and displays the same error.
Accessing the service via local network with its local IP adress and port specified results in a Bad Request (400).

I’m quite new to the topic and at this point I don’t know how to debug further. Any help and hints are appreciated :slight_smile:

2

Changing

- ALLOWED_HOSTS=['healthchecks.<SUBDOMAIN>.duckdns.org']

to

- ALLOWED_HOSTS=*

in docker-compose.yml
and

proxy_pass https://$upstream_healthchecks:8000;

to

proxy_pass http://$upstream_healthchecks:8000;

in healthchecks.subdomain.conf makes the configuration work.