Nextcloud 502 "Bad Gateway" / letsencrypt/swag

General Docker
1

Hi, I hope someone can help:
I run:

  • Raspi4
  • New install debian buster light
  • OpenMediaVault + Docker + Portrainer installed
  • Port 443 is open and forwarded to Raspi

I used the docker compose stack for nextcloud + mariadb + swag, see this website -> /general/swag#nextcloud-subdomain-reverse-proxy-example

My file:

---
version: "2.1"
services:
  nextcloud:
image: ghcr.io/linuxserver/nextcloud
container_name: nextcloud
environment:
  - PUID=998
  - PGID=100
  - TZ=Europe/Berlin
volumes:
  - /var/lib/appdata/nextcloud/config:/config
  - /var/lib/appdata/nextcloud/data:/data
depends_on:
  - mariadb
restart: unless-stopped
  mariadb:
image: ghcr.io/linuxserver/mariadb
container_name: mariadb
environment:
  - PUID=998
  - PGID=100
  - MYSQL_ROOT_PASSWORD=mariadbpassword
  - TZ=Europe/Berlin
  - MYSQL_DATABASE=nextcloud
  - MYSQL_USER=ncuser
  - MYSQL_PASSWORD=ncpassword
volumes:
  - /var/lib/appdata/mariadb:/config
restart: unless-stopped
  swag:
image: ghcr.io/linuxserver/swag
container_name: swag
cap_add:
  - NET_ADMIN
environment:
  - PUID=998
  - PGID=100
  - TZ=Europe/Berlin
  - URL=mydomain.duckdns
  - SUBDOMAINS=wildcard
  - VALIDATION=duckdns
  - DUCKDNSTOKEN=myToken
volumes:
  - /var/lib/appdata/swag:/config
ports:
  - 443:443
  - 82:80
restart: unless-stopped
  • I adapted the PUID/PGID to the OMV admin
  • I changed port 80 to 82, since OMV is using port 80

–> The containers are running

  • I renamed the nextcloud.subdomain.conf.sample --> nextcloud.subdomain.conf (and in there changed the proxy_max_tempfile_size to 1024m since rapsi doesn’t cope with 2048)
  • restarted all containers

–> swag log says: Certificate exists (did run before); parameters unchanged; starting nginx
–> nginx error.log says: [error] 462#462: 1 nextcloud could not be resolved (110: Operation timed out), client: my.external.ip.99, server: nextcloud., request: “GET / HTTP/2.0”, host: “nextcloud.mydomain.duckdns.org
–> nextcoud container log says: nginx: [emerg] cannot load certificate “/config/keys/cert.crt”: BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(’/config/keys/cert.crt’,‘r’) error:2006D080:BIO routines:BIO_new_file:no such file)

So somehow the cert.crt file is not placed there. A cert.key file is there, though.

Any ideas and regards!

2

See here: FAQ - LinuxServer.io

2 Likes
3

You are AMAZING! Thanks sooo much! Solving one week desperation with 2 words and a link!!

2 Likes
4

Thanks .!!! I got the same problem .

5

Can you clarify which solution worked for you? I am having a similar issue but I’m not sure how to solve this. I removed .sample from the nextcloud conf that is included with swag, and I can see my SWAG default page from swag.myurl, but nextcloud.myurl gives me this error page:

502 Bad Gateway

nginx

I don’t see anything anything in the swag container-level logs, and I didn’t see anything like your nextcloud error in my nextcloud container-level logs and actually no logs in nextcloud container since I quit my desktop app and those requests stopped coming in.

I did get it working for a different container which uses a different port, and so I tried changing https to http and the upstream_port of my nextcloud conf to the host port that I forward to my container. That didn’t resolve the issue so I changed it back to 443 and https in nexcloud conf.

Here is the error I see in my swag container’s nginx log
2022/10/13 00:41:59 [error] 281#281: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.50.1, server: nextcloud.*, request: "GET / HTTP/2.0", upstream: "https://172.21.0.3:443/", host: "nextcloud.#########.duckdns.org"