Docker: Nexcloud, swag, mariadb 502 Bad Gateway after fresh install

  • Raspi 4 (configured to aarch64, but no native x64 install)
  • debian buster light + libseccomp2.4.4 installed
  • omv, docker

Hi,
after changing my os to aarch64 I freshly installed nextcloud on reverse proxy following this really great guide: Nextcloud subdomain reverse proxy example

Now I get the 502 Bad Gateway. The /appdata/swag/log/nginx/error.log tells me:

[error] 470#470: *229 nextcloud could not be resolved (110: Operation timed out), client: 82.212.15.36, server: nextcloud.*, request: "GET / HTTP/2.0", host: "nextcloud.my.domain.org"
[error] 470#470: *229 nextcloud could not be resolved (110: Operation timed out), client: 82.212.15.36, server: nextcloud.*, request: "GET /favicon.ico HTTP/2.0", host: "nextcloud.holbeinfamilie.duckdns.org"

From inside the swag container (/var/log/nginx), the swag error log tells me:
[error] 470#470: send() failed (111: Connection refused) while resolving, resolver: 127.0.0.11:53

Any idea? Any file I could provide?

Thanks for a response lot from a rather helpless… :slight_smile:
Flo

Hi.

Although I do not use OMV, a little more information would be necessary (the link you send does not work for me).
For example, the docker-compose you have used, the nginx / swag .conf file, if you can access the server’s ip, if you use your own domain or another service…

Googling, I was able to find this with your error message: networking - Docker Network Nginx Resolver - Stack Overflow

Perhaps, with more details of your installation, not me but someone expert could help you.

@Forero: Thank you very much for caring and sorry, I couldn’t indulge in this project for a while.
I tried to rule out the ipv6 without success.
OMV (open media vault) is just a small browser based os that handles my NAS and also provides a “Portainer-Plugin” for easy handling of docker installations.

What puzzles me:

It works perfectly if I use composition file 1 (letsencrypt) but I get the 502 Bad gateway if I use the composition file 2 (swag).
After deploying the stack I always do the same thing: I edit the nextcloud.subdomain.conf and change the proxy_max_temp_file_size to 1024m.

See composition files below.

@aptalca since you created the composition files, maybe you can kindly explain to me:

  • What is the actual difference when using the images from ghcr.io/linuxserver/… or only linuxserver/? Could this play a role? Do you have another clue?

  • The reason for my update was that according to nextcloud the current mariadb version will not be working with nextcloud 21. And I thought that using the latest images from here will solve this.

  • What would be your general advise for me to do updates: Nextloud manually via the Nextcloud surface and mariadb from within the container or using occ?

Composition file 1 (letsencrypt):

 version: "2"

services:
nextcloud:
image: linuxserver/nextcloud
container_name: nextcloud
environment:
- PUID=998
- PGID=100
- TZ=Europe/Berlin
volumes:
- /srv/dev-disk-by-uuid-33d220fd-843b-4798-9b8d-0dc25c0bf9e9/appdata/nextcloud/config:/config
- /srv/dev-disk-by-uuid-33d220fd-843b-4798-9b8d-0dc25c0bf9e9/appdata/nextcloud/data:/data
depends_on:
- mariadb
restart: unless-stopped
mariadb:
image: linuxserver/mariadb
container_name: mariadb
environment:
- PUID=998
- PGID=100
- MYSQL_ROOT_PASSWORD=mymariandbpw
- TZ=Europe/Berlin
volumes:
- /srv/dev-disk-by-uuid-33d220fd-843b-4798-9b8d-0dc25c0bf9e9/appdata/mariadb:/config
restart: unless-stopped
letsencrypt:
image: linuxserver/letsencrypt
container_name: letsencrypt
cap_add:
- NET_ADMIN
environment:
- PUID=998
- PGID=100
- TZ=Europe/Berlin
- URL=mydomain.duckdns.org
- SUBDOMAINS=wildcard
- VALIDATION=duckdns
- DUCKDNSTOKEN=myToken
volumes:
- /srv/dev-disk-by-uuid-33d220fd-843b-4798-9b8d-0dc25c0bf9e9/appdata/letsencrypt:/config
ports:
- 443:443
- 82:80
restart: unless-stopped

Composition file 2 with swag:


version: “2.1”
services:
nextcloud:
image: ghcr.io/linuxserver/nextcloud
container_name: nextcloud
environment:
- PUID=998
- PGID=100
- TZ=Europe/Berlin
volumes:
- /srv/dev-disk-by-uuid-33d220fd-843b-4798-9b8d-0dc25c0bf9e9/appdata/nextcloud/config:/config
- /srv/dev-disk-by-uuid-33d220fd-843b-4798-9b8d-0dc25c0bf9e9/appdata/nextcloud/data:/data
depends_on:
- mariadb
restart: unless-stopped
mariadb:
image: ghcr.io/linuxserver/mariadb
container_name: mariadb
environment:
- PUID=998
- PGID=100
- MYSQL_ROOT_PASSWORD=mariadbpw
- TZ=Europe/Berlin
volumes:
- /srv/dev-disk-by-uuid-33d220fd-843b-4798-9b8d-0dc25c0bf9e9/appdata/mariadb:/config
restart: unless-stopped
swag:
image: ghcr.io/linuxserver/swag
container_name: swag
cap_add:
- NET_ADMIN
environment:
- PUID=998
- PGID=100
- TZ=Europe/Berlin
- URL=mydomain.duckdns.org
- SUBDOMAINS=wildcard
- VALIDATION=duckdns
- DUCKDNSTOKEN=mytoken
volumes:
- /srv/dev-disk-by-uuid-33d220fd-843b-4798-9b8d-0dc25c0bf9e9/appdata/swag:/config
ports:
- 443:443
- 82:80
restart: unless-stopped

EDIT:
I got it working now on Nextcloud 21 with correct mariadb DB using the maria:alpine image (thanks @aptalca, I found this in another topic. Still it only works not using the ghcr.io images. I still wonder why. This is my working compose:

---
version: "2"
services:
  nextcloud:
    image: linuxserver/nextcloud
    container_name: nextcloud
    environment:
      - PUID=998
      - PGID=100
      - TZ=Europe/Berlin
    volumes:
      - /srv/dev-disk-by-uuid-33d220fd-843b-4798-9b8d-0dc25c0bf9e9/appdata/nextcloud/config:/config
      - /srv/dev-disk-by-uuid-33d220fd-843b-4798-9b8d-0dc25c0bf9e9/appdata/nextcloud/data:/data
    depends_on:
      - mariadb
    restart: unless-stopped
  mariadb:
    image: linuxserver/mariadb:alpine
    container_name: mariadb
    environment:
      - PUID=998
      - PGID=100
      - MYSQL_ROOT_PASSWORD=mariadbpw
      - TZ=Europe/Berlin
    volumes:
      - /srv/dev-disk-by-uuid-33d220fd-843b-4798-9b8d-0dc25c0bf9e9/appdata/mariadb:/config
    restart: unless-stopped
  swag:
    image: linuxserver/swag
    container_name: swag
    cap_add:
      - NET_ADMIN
    environment:
      - PUID=998
      - PGID=100
      - TZ=Europe/Berlin
      - URL=mydomain.duckdns.org
      - SUBDOMAINS=wildcard
      - VALIDATION=duckdns
      - DUCKDNSTOKEN=myToken
    volumes:
      - /srv/dev-disk-by-uuid-33d220fd-843b-4798-9b8d-0dc25c0bf9e9/appdata/swag:/config
    ports:
      - 443:443
      - 82:80
    restart: unless-stopped