Hey guys. I have two docker-compose.yml each with different applications and each with a nginx reverse proxy container. In the one docker-compose the nginx is running on ports 80:80 / 443:443 …so everything is standard and it runs fine. I want to start another application in the second docker compose file and run the nginx container on 81:80 / 445:443. Unfortunately I consistently get 502 bad gateway.
What’s the result of curl --include --verbose --location http://localhost:14441?
Since your post is not in any Docker Desktop category, I assume it’s a Linux system.
If the service is reachable by it’s published host port, you confirmed the container port is correct, and the application actually responds with a http staus code 200.
Though, from what I remember domain names are not allowed to have underscore characters. You might want to rename your service to use a dash instead of underscore, and update the hostname in your nginx.conf.
It makes a difference: one is not compliant with the rfc that defines hostnames, the other is not
If the outcome is the same, I have no futher ideas. Judging by your compose file, your nginx.conf and and the fixed hostname in both files, it should work.
We had cases of people running windows container on Windows server with such kind of problems. You can run as many containers using the same container ports as you like, it shouldn’t matter. The host port on the other hand must be unique.
I have set the application to the default port 443:443 and it works fine. The problem is not with the certificates or configurations on the Ubuntu server. Am I doing something wrong when I set the port to 445:443? The port 445 is released by the firewall. I would expect the application in the container to continue listening on 443 and I would not need to change anything in the proxy conf. Also in the docker compose I would keep the port of the frontend running on xxxx:80.
Hey guys… an update of my problem. The problem was never the configuration. I just wasn’t aware that if the application wasn’t running on the default port, it had to be called through the port. (https://domain.com:port). Is there any way to avoid this !?! Since I want to use multiple ports 44x in the long run a forwarding via iptables to 44x falls out.
If I understand you correctly, you expected the webbrowser find out that you have port 445 open and use that port for specific domains. the default port for HTTP is 80 and the default port for HTTPS is 443. In any other cases you have to add the port after the domain name or ip address. Domains are handled only by the application on server side. Your browser just sends the request to the IP address and also sends the hostname as a HTTP header. If you want use a single port (443) for HTTPS requests, you need a single reverse proxy as a separate project and use a common docker network for the proxy and all the containers you want to be handled by the proxy…
Here is a simple Traefike example that demonstrates how Traefik reverse proxy is used with Docker with Configuration Discovery.
Every Docker service you run gets a label with the (sub-)domain used and Traefik will automatically forward requests to the matching service/container inside the Docker network. And on top it will create LetsEncrypt TLS certs for https for every domain.
Traefik is a complex tool, has the advantage that it supports Docker Swarm if you grow to multi nodes. If you just use a single server, nginx-proxy might be easier, you use env vars to declare the domain per service/container (doc). It also supports LE TLS (doc).