I followed the docker installation instructions and added the certificate successfully but I get this status:
400 Bad Request | nginx
host nginx error logs:
2023/06/11 12:12:45 [debug] 10161#10161: *16 http upstream process header
2023/06/11 12:12:45 [error] 10161#10161: *16 connect() failed (111: Connection refused) while connecting to upstream, client: 198.199.109.53, server: mydomain.tld, request: "GET /version HTTP/1.1", upstream: "http://127.0.0.1:82/version", host: "xxx.xxx.xx.xxx"
2023/06/11 12:12:45 [debug] 10161#10161: *16 http next upstream, 2
2023/06/11 12:12:45 [debug] 10161#10161: *16 free rr peer 2 4
2023/06/11 12:12:45 [warn] 10161#10161: *16 upstream server temporarily disabled while connecting to upstream, client: 198.199.109.53, server: mydomain.tld, request: "GET /version HTTP/1.1", upstream: "http://127.0.0.1:82/version", host: "xxx.xxx.xx.xxx"
I replaced my host IP and domain for privacy
Please see my comments below for more info. I tried putting all text here in the body but it won’t let me post.
EDIT: It is now fixed! What I did is replace the following line in my host nginx:
location / {
proxy_pass http://localhost:82;
proxy_set_header Host $host; <---- replace this
include proxy_params;
}
With this:
location / {
proxy_pass http://127.0.0.1:82;
proxy_set_header Connection "keep-alive, Upgrade";
proxy_set_header Upgrade websocket;
include proxy_params;
}
And thanks to @[email protected] who pointed me in the right direction to allow search to other instances:
networks:
# communication to web and clients
lemmyexternalproxy:
lemmybridge: <<----- added this
# communication between lemmy services
lemmyinternal:
driver: bridge
internal: true
services:
proxy:
image: nginx:1-alpine
networks:
- lemmyinternal
- lemmyexternalproxy
- lemmybridge <<----- added this
lemmy:
image: dessalines/lemmy:0.17.3
hostname: lemmy
networks:
- lemmyinternal
- lemmybridge <<----- added this
docker-compose
spoiler
version: "3.3" networks: # communication to web and clients lemmyexternalproxy: # communication between lemmy services lemmyinternal: driver: bridge internal: true services: proxy: image: nginx:1-alpine networks: - lemmyinternal - lemmyexternalproxy ports: # only ports facing any connection from outside - "127.0.0.1:82:80" - "127.0.0.1:444:443" volumes: - ./nginx.conf:/etc/nginx/nginx.conf:ro # setup your certbot and letsencrypt config - ./certbot:/var/www/certbot - ./letsencrypt:/etc/letsencrypt/live - ./nginx/logs:/var/log/nginx restart: always depends_on: - pictrs - lemmy-ui lemmy: image: dessalines/lemmy:0.17.3 hostname: lemmy networks: - lemmyinternal restart: always environment: - RUST_LOG="warn,lemmy_server=warn,lemmy_api=info,lemmy_api_common=info,lemmy_api_crud=info,lemmy_apub=info,lemmy_db_schema=info,lemmy_db_views=info,lemmy_db_views_actor=info,lemmy_db_views_moderator=info,lemmy_routes=info,lemmy_utils=info,lemmy_websocket=info" volumes: - ./lemmy.hjson:/config/config.hjson depends_on: - postgres - pictrs lemmy-ui: image: dessalines/lemmy-ui:0.17.3 networks: - lemmyinternal environment: # this needs to match the hostname defined in the lemmy service - LEMMY_UI_LEMMY_INTERNAL_HOST=lemmy:8536 # set the outside hostname here - LEMMY_UI_LEMMY_EXTERNAL_HOST=localhost:1236 - LEMMY_HTTPS=true depends_on: - lemmy restart: always pictrs: image: asonix/pictrs:0.3.1 # this needs to match the pictrs url in lemmy.hjson hostname: pictrs # we can set options to pictrs like this, here we set max. image size and forced format for conversion # entrypoint: /sbin/tini -- /usr/local/bin/pict-rs -p /mnt -m 4 --image-format webp networks: - lemmyinternal environment: - PICTRS__API_KEY=my_key user: 991:991 volumes: - ./volumes/pictrs:/mnt restart: always postgres: image: postgres:15-alpine # this needs to match the database host in lemmy.hson hostname: postgres networks: - lemmyinternal environment: - POSTGRES_USER=lemmy - POSTGRES_PASSWORD=mypass - POSTGRES_DB=lemmy volumes: - ./volumes/postgres:/var/lib/postgresql/data restart: always
The lemmy service needs access to the external network, too. It’s not in the docs, but there’s a bug on GitHub about it (on mobile, can’t find it).
I created a third network called lemmybridge and added it to my lemmy service definition.
Thank you for the tip, I’ve been fighting this damn problem for hours trying to figure out why my instance wasn’t able to make external requests.
Popped in a third network into the docker compose file and now things seem to be working