1

I am having issues getting my web application to launch correctly with https. Currently, when trying to access the site, it looks like this with a 404 error.

My docker-compose.yml file is as follows: 

version: '3'
services:
nginx:
restart: always
image: nginx:latest
container_name: nginx
volumes:
  - ./nginx.conf:/home/comas/COMAS/COMAS-Docker/nginx.conf
  - ./ssl:/home/comas/COMAS/COMAS-Docker/certs/
ports:
  - "80:80"
  - "443:443"
  - "5000:5000"
  - "3000:3000"
networks:
  - ephemeris-public
depends_on:
  - api
  - ephemeris-web
db:
restart: always
image: mysql:latest
environment:
  MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASS}
  MYSQL_USER: ${MYSQL_USER_NAME}
  MYSQL_PASS: ${MYSQL_USER_PASS}
  MYSQL_DATABASE: ${MYSQL_DB_NAME}
volumes:
  - db-datavolume:/var/lib/mysql
ports:
  - "3306:3306"
networks:
  - api
api:
image: localhost:6969/comas-api:latest
expose:
  - "5000"
volumes:
  - ${API_LOCATION}:/app
depends_on:
  - db
networks:
  - api
  - ephemeris-public
  ephemeris-web:
  image: localhost:6969/ephemeris-ui:latest
  command: npm start
  expose:
  - "443"
environment:
  NODE_TLS_REJECT_UNAUTHORIZED: 0
  NODE_ENV: 'production'
  #    volumes:
  # - ${EPHEMERIS_UI_LOCATION}:/app
  networks:
  - ephemeris-public
  depends_on:
  - api
  portainer:
  image: portainer/portainer
  restart: always
  user: "${DOCKER_UID}:${DOCKER_GID}"
  networks:
  - ephemeris-public
  ports:
  - "9000:9000"
  - "8000:8000"
  volumes:
  - /var/run/docker.sock:/var/run/docker.sock
  - portainer_data:/portainer_data
  volumes:
  db-datavolume:
  portainer_data:
  networks:
  ephemeris-public:
  api:

My nginx.conf file is as follows: 

# Prints everything going wrong to standard error output
error_log stderr;

events {
    worker_connections  4096;  ## Default: 1024
}

http {
    # Prints everything nginx is doing to standard output
    access_log /dev/stdout;

    # Location of the API
    upstream docker-api {
        server api:5000;
    }

    # Location of the Ephemeris interface
    upstream docker-ephemeris-web {
        server ephemeris-web:443;
    }

    # Grants access to ephemeris over port 443 (HTTPS)
    server {
        listen 443;
        listen [::]:443;

        ssl on;
        ssl_certificate /home/comas/COMAS/nginx/bundle.crt;
        ssl_certificate_key /home/comas/COMAS/nginx/ephermis.key;

        root /var/www/html;
        server_name ephemeris.ecrl.organization.edu;

        location / {
            try_files $uri $uri/ =404;
        }
    }

    # Redirect to https(HTTPS)
    server {
        listen 80;
        listen [::]:80;

        server_name ephemeris.ecrl.organization.edu;
        return 301 https://ephemeris.ecrl.organization.edu;
    }

    # Grants access to ephemeris over port 3000, its default port
    server {
        listen 443;

        location / {
            proxy_pass https://docker-ephemeris-web;
        }
    }

    server {
        listen 5000;
        location / {
            # Aight if we're being honest I just slapped everything on here until it worked, I'll fix it up later
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-NginX-Proxy true;
            proxy_pass https://docker-api;
            proxy_ssl_session_reuse off;
            proxy_ssl_verify off;
            proxy_set_header Host $https_host;
            proxy_set_header X_FORWARDED_PROTO https;
            proxy_redirect off;
        }
    }
}

Here is a screenshot I took from log of nginx container from portainer:

This is my first time doing anything related to docker, docker-compose, or nginx, so I am just not sure where I am going wrong. Please let me know if there is any information not listed in this post that would help with figuring out a solution. Thank you all for your time.

Improve this question

1 Answer 1

Reset to default
1

You have started with a pretty complex first step with these technologies. It would likely be easier, and a better learning experience, to start simpler, and step by step add complexity. Eg first start with a plain nginx Docker container, get that working, then update your nginx.conf and get your https redirection working. Then update your docker-compose to add your DB and get it working ... and so on, step by step, finally adding your API which itself is quite a complex part. Starting with such a complex config as your first step, you'll - understandably - have no idea what pieces of the moving parts puzzle to look at when it does not work.

My guess is you are going to face a series of problems, each new one exposed as you fix the previous one.

In any case, starting with the first one I can see. You have mapped your nginx.conf into the container:

- ./nginx.conf:/home/comas/COMAS/COMAS-Docker/nginx.conf

But nginx will not know about it. The docs for the nginx Docker image you are using show (see "Complex configuration") that the nginx.conf that the nginx server uses lives at /etc/nginx/nginx.conf. If you want nginx to use your conf, you need to map it there:

- ./nginx.conf:/etc/nginx/nginx.conf

Right now your conf is completely ignored, and nginx is just happily using its normal, default conf, which is sitting untouched in the normal, default location.

Once you fix that, I suspect you'll hit the next problem. Some notes:

  • From your wording I think you're concerned about the 404 for favicon.ico. Every browser automatically looks for a favicon, to show in the browser tab. Many sites do not have one, so you see 404s for those request in the logs all the time. This is not something to be worried about - unless you have already added a favicon.ico and are wondering why it isn't showing up.

  • The screenshot shows you are visiting an IP address - which server block in your nginx.conf is supposed to handle that? All of them have a server_name (which does not include an IP), and none of them is marked as default_server. I am not sure what will happen there. To avoid doubt you should probably set up a default server, and anyway use your server names to access the site.

  • I am sure it is just here in SO (as otherwise you would be seeing all kinds of errors) but the formatting of your docker-compose is all broken. It would make it easier for others to help you if you take some time and use the correct formatting you are using in your real file - it is much easier to read, and we can even copy-paste it and try it ourselves.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.