Help setting up pigallery2 subfolder proxy conf?

Hi all, I originally posted this as an github issue (SWAG issue #407 (I’m limited to 2 links as a new user, so hopefully this is enough info for someone to find it)) and was told it would be more appropriate here. Any help would be appreciated!

I’m using SWAG with a variety of self-hosted services on my raspberry pi and I’m trying to create a subfolder proxy conf for pigallery2. As there’s no existing file for it, I created one based on the subfolder template, but I always get a 404 error. I tried following the docker compose set up instructions for pigallery2, and also looked at the example nginx configuration file they provide. (I tried including and removing the proxy_set_header and proxy_cache_bypass lines, and they have no effect on my error.)

I also modified pigallery2’s config.json to set the urlBase to /pigallery2/, but that change the behavior either (from pigallery2 issue #695 (I’m limited to 2 links as a new user, so hopefully this is enough info for someone to find it), it looks like urlBase only affects the generated links, so it shouldn’t have an effect here).

The relevant parts of my docker compose yml file and the proxy conf are pasted below. I am running this on a raspberry pi, and I’ve been able to get several other services working using the existing SWAG proxy confs (I can paste those or the parts of my docker compose file if they’d be helpful). This is my first time trying to write my own proxy conf file.

Expected Behavior

I should be able to access pigallery2 at the /pigallery2/ subfolder. pigallery2 does have support for subfolder proxy confs, but I haven’t been able to figure out how to get it working nicely with SWAG.

Steps To Reproduce

I created a custom pigallery2.subfolder.conf file, which I placed in the swag/nginx/proxy-confs/ directory:

## Version 2023/09/04
# no official SWAG conf for pigallery2, so copied and modified this from the
# template one, based on
# https://github.com/bpatrik/pigallery2/blob/master/docker/docker-compose/default/nginx.conf

location /pigallery2 {
    return 301 $scheme://$host/pigallery2/;
}

# Only allow all methods (GET,POST,PUT,etc..) for root (/pgapi).
# see https://github.com/bpatrik/pigallery2/issues/214
location ^~ /pigallery2/pgapi { # NOTE: no ending '/' as it would forward /pgapi to /
    include /config/nginx/proxy.conf;
    include /config/nginx/resolver.conf;
    set $upstream_app pigallery2;
    set $upstream_port 80;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

location ^~ /pigallery2/ {
    limit_except GET {
      deny  all;
    }
    include /config/nginx/proxy.conf;
    include /config/nginx/resolver.conf;
    set $upstream_app pigallery2;
    set $upstream_port 80;
    set $upstream_proto http;
    proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}

Environment

- OS: Raspbian Bullseye
- How docker service was installed: `curl -fsSL https://get.docker.com -o get-docker.sh`

CPU architecture

aarch64

Docker creation

version: "2"
services:
  swag:
    image: linuxserver/swag
    container_name: swag
    cap_add:
      - NET_ADMIN
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/New_York
      - URL=pi.wfbroderick.com
      - SUBDOMAINS=recipes
      - VALIDATION=http
      - EMAIL=billbrod@gmail.com #optional
    volumes:
      - /home/pi/selfhost/swag:/config
      - /media/darderick/darderick/tandoor_data/media:/media
    ports:
      - 443:443
      - 80:80 #optional
    restart: unless-stopped
  pigallery2:
    image: bpatrik/pigallery2:latest
    container_name: pigallery2
    environment:
      - NODE_ENV=production # set to 'debug' for full debug logging
    volumes:
      - "./pigallery2/config:/app/data/config"
      - "./pigallery2/db:/app/data/db"
      - "/media/darderick/darderick/Billy_Pictures/:/app/data/images:ro"
      - "./pigallery2/tmp:/app/data/tmp"
    ports:
      - 8081:80
    restart: always

Container logs

Neither of docker logs swag or docker logs pigallery2 show anything strange, and swag/nginx/acces.log shows the following (I’m accessing it from the local url below, but the public one looks the same):

192.168.1.241 - - [04/Sep/2023:16:33:58 -0400] "GET /pigallery2/ HTTP/2.0" 404 9 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firef
ox/117.0"
192.168.1.241 - - [04/Sep/2023:16:33:59 -0400] "GET /favicon.ico HTTP/2.0" 200 1345 "https://192.168.1.26/pigallery2/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_
64; rv:109.0) Gecko/20100101 Firefox/117.0"

and swag/nginx/error.log doesn’t show anything.

Your primary problem is that you have the upstream port set to 8081 but used 80 in the swag config. Nothing can see that port 80 outside the pigallery2 container. If you are using swag with authelia then you can drop the /pgapi location because no one can reach the endpoint unless they get past authelia. Also, you’ve used pigallery2 as the upstream app so don’t forget to define pigallery2 in dns to return your host ip.