Develop Reference

certbot challenge fails with jellyfin as it returns 404

jellyfin container runs behind nginx reverse proxy.
When I try to get an ssl certificate, jellyfin unfortunately returns a 404 error. Anyone know what I need to change in the configuration to make it work?
my docker-compose.yml
services:
nginx:
container_name: nginx
image: nginx:1.23.3-alpine
restart: unless-stopped
ports:
- 80:80
- 443:443
volumes:
- ./nginx/conf.d/:/etc/nginx/conf.d/
- ./nginx/nginx.conf:/etc/nginx/nginx.conf
- ./nginx/certs/:/etc/nginx/certs/
networks:
- jellyfin
jellyfin:
container_name: jellyfin
image: jellyfin/jellyfin
restart: unless-stopped
user: 1000:1000
volumes:
- ./jellyfin/config:/config
- ./jellyfin/cache:/cache
- ./jellyfin/media/:/media
networks:
- jellyfin
networks:
jellyfin:
driver: bridge
my nginx .conf file
upstream jellyfin {
server jellyfin:8096;
}
server {
listen 80;
server_name jellyfin.mydomain.com;
location / {
proxy_pass http://jellyfin/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#upgrade to WebSocket protocol when requested
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}
certbot response
Type: unauthorized
Detail: Invalid response from
http://jellyfin.mydomain.com/.well-known/acme-challenge/C8YTfjbIku65D_Hb2BCTkWEzdcwBqk4g8Wks0umq4Hw:
404

reverse proxy using nginx container TOO_MANY_REDIRECTS

I am using xibo-cms with docker and I would like to set an nginx proxy server for ssl purposes I created a docker-compose file with all containers but I always got error TOO_MANY_REDIRECTS when I set proxy_set_header Host $host; parameter without the parameter the url is redirected to the container service name which is unknown by the browser. I didn't understand what is wrong with my configuration.
my docker compose
version: "2.1"
services:
proxy:
image: nginx:1.23.2-alpine
volumes:
- ./conf/:/etc/nginx/conf.d/
- /etc/ssl/certs/STAR_mydomain.com.pem:/etc/ssl/certs/STAR_mydomain.com.pem
ports:
- "443:443"
- "80:80"
restart: always
cms-db:
image: mysql:5.7
volumes:
- "./shared/db:/var/lib/mysql:Z"
environment:
- MYSQL_DATABASE=cms
- MYSQL_USER=cms
- MYSQL_RANDOM_ROOT_PASSWORD=yes
mem_limit: 1g
env_file: config.env
restart: always
cms-xmr:
image: xibosignage/xibo-xmr:0.9
ports:
- "9505:9505"
restart: always
mem_limit: 256m
env_file: config.env
cms-web:
image: xibosignage/xibo-cms:release-3.2.1
volumes:
- "./shared/cms/custom:/var/www/cms/custom:Z"
- "./shared/backup:/var/www/backup:Z"
- "./shared/cms/web/theme/custom:/var/www/cms/web/theme/custom:Z"
- "./shared/cms/library:/var/www/cms/library:Z"
- "./shared/cms/web/userscripts:/var/www/cms/web/userscripts:Z"
- "./shared/cms/ca-certs:/var/www/cms/ca-certs:Z"
restart: always
links:
- cms-db:mysql
- cms-xmr:50001
- proxy
environment:
- XMR_HOST=cms-xmr
- CMS_USE_MEMCACHED=true
- MEMCACHED_HOST=cms-memcached
env_file: config.env
# ports:
# - "8080:80"
mem_limit: 1g
cms-memcached:
image: memcached:alpine
command: memcached -m 15
restart: always
mem_limit: 100M
cms-quickchart:
image: ianw/quickchart
restart: always
and here is my nginx config
upstream docker-xibo {
server xiboo-cms-web-1:80;
}
server {
if ($host = display.mydomain.com) {
return 301 https://$host$request_uri;
}
listen 80;
server_name display.mydomain.com;
}
server {
listen 443 ssl;
server_name display.mydomain.com;
ssl_certificate /etc/ssl/certs/STAR_mydomain.com.pem;
ssl_certificate_key /etc/ssl/certs/STAR_mydomain.com.pem;
location / {
proxy_pass http://docker-xibo;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
Thank you

The problem was on the backend which have configured with https connection nginx proxy configuration was right.

ECONNREFUSED api call to strapi from nextjs with nginx dockerdocker

I have a docker container with strapi, nextjs and nginx. I have it set up so that if I navigate to front.development I hit the next front end and if I go to back.development I hit the strapi backend.
I can make a request to back.development/articles/some-article-title in postman and it works. However if I make a fetch or axios request to that same url in nextjs I get Error: connect ECONNREFUSED 127.0.0.1:80.
I'm stuck on how to resolve this. I've read the solution in a similar question here
Can't call my Laravel API from the Node.js container but I can call it from Postman but trying that solution results in a 404.
docker-compose.yml
version: "3"
services:
# NGINX reverse proxy
nginx:
image: nginx:1.17.10
container_name: nginx_reverse_proxy
restart: unless-stopped
depends_on:
- frontend
- strapi
volumes:
- ./reverse_proxy/nginx.conf:/etc/nginx/nginx.conf
ports:
- 80:80
# NextJS Front end
frontend:
build:
context: ./frontend
dockerfile: Dockerfile
container_name: frontend
restart: unless-stopped
volumes:
- ./frontend:/srv/frontend
- /srv/frontend/node_modules
- /srv/frontend/.next
ports:
- 3000:3000
# Strapi CMS
strapi:
image: strapi/strapi
container_name: strapi
restart: unless-stopped
env_file: .env
environment:
DATABASE_CLIENT: ${DATABASE_CLIENT}
DATABASE_NAME: ${DATABASE_NAME}
DATABASE_HOST: ${DATABASE_HOST}
DATABASE_PORT: ${DATABASE_PORT}
DATABASE_USERNAME: ${DATABASE_USERNAME}
DATABASE_PASSWORD: ${DATABASE_PASSWORD}
volumes:
- ./app:/srv/app
ports:
- 1337:1337
# MongoDB database
db:
image: mongo
container_name: db
restart: unless-stopped
env_file: .env
environment:
MONGO_INITDB_ROOT_USERNAME: ${MONGO_INITDB_ROOT_USERNAME}
MONGO_INITDB_ROOT_PASSWORD: ${MONGO_INITDB_ROOT_PASSWORD}
volumes:
- strapidata:/data/db
ports:
- 27017:27017
networks:
wellington-network:
driver: bridge
volumes:
strapidata:
Nginx config
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 1024;
}
http {
server {
listen 80;
server_name front.development;
location / {
proxy_pass http://frontend:3000;
proxy_pass_request_headers on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
}
}
server {
listen 80;
server_name back.development;
location / {
proxy_pass http://strapi:1337;
proxy_pass_request_headers on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
}
}
}

Strapi w. Docker-compose - how do I create a config/server to attach Strapi to a url?

I hope one of you can help me.
I have a website running Strapi in Docker as Backend. I use Nginx as a server. For now, I have used it with the original URL, but I want to run it over HTTPS with an upstream URL like dashboard.website.com.
My problem is that I don’t know how to create the server.js file to tell Strapi that it should allow another URL instead of the standard one. There are many guides but none showing how to create it with docker-compose.
Can one of you explain how I can create the server.js file for Strapi and make Strapi aware of it when I run Docker-compose?
Here is a copy of my docker-compose.yml file:
version: '3'
services:
nodejs:
build:
context: .
dockerfile: Dockerfile
image: nodejs
container_name: nodejs
ports:
- 8081:8081
restart: unless-stopped
networks:
- app-network
webserver:
image: nginx:stable-perl
container_name: webserver
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- web-root:/var/www/html
- ./server/nginx-conf:/etc/nginx/conf.d
- certbot-etc:/etc/letsencrypt
- certbot-var:/var/lib/letsencrypt
depends_on:
- nodejs
networks:
- app-network
certbot:
image: certbot/certbot
container_name: certbot
volumes:
- certbot-etc:/etc/letsencrypt
- certbot-var:/var/lib/letsencrypt
- web-root:/var/www/html
depends_on:
- webserver
command: certonly --webroot --webroot-path=/var/www/html --email [EMAIL ADDRESS] --agree-tos --no-eff-email --force-renewal -d [DOMAIN]
strapi:
container_name: strapi
image: strapi/strapi:3.6-alpine
environment:
- APP_NAME=strapi-app
- DATABASE_CLIENT=mongo
- DATABASE_HOST=db
- DATABASE_PORT=27017
- DATABASE_NAME=strapi
- DATABASE_USERNAME=
- DATABASE_PASSWORD=
- AUTHENTICATION_DATABASE=strapi
ports:
- 1337:1337
volumes:
- strapi-app:/srv/app
depends_on:
- db
restart: unless-stopped
networks:
- app-network
db:
container_name: mongo
image: mongo:4.4.5-bionic
environment:
- MONGO_INITDB_DATABASE=strapi
volumes:
- dbdata:/data/db
restart: unless-stopped
networks:
- app-network
networks:
app-network:
driver: bridge
volumes:
dbdata:
node_modules:
certbot-etc:
certbot-var:
strapi-app:
web-root:
driver: local
driver_opts:
type: none
device: /
o: bind
And here is a copy of my nginx configuration:
server {
listen 80;
listen [::]:80;
access_log off;
server_name [DOMAIN];
location ~ /.well-known/acme-challenge {
allow all;
root /var/www/html;
}
if ($http_user_agent ~ (LieBaoFast|UCBrowser|MQQBrowser|Mb2345Browser) ) {
return 403;
}
location / { return 301 https://[DOMAIN].org$request_uri; }
}
upstream dashboard {
server strapi:1337;
}
server {
listen 443 ssl;
server_name [DOMAINN];
access_log off;
ssl_certificate /etc/letsencrypt/live/[DOMAIN]/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/[DOMAIN]/privkey.pem;
if ($http_user_agent ~ (LieBaoFast|UCBrowser|MQQBrowser|Mb2345Browser) ) {
return 403;
}
# WEBSITE
location / {
proxy_pass http://nodejs:8081;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
# STRAPI - ADMIN
location /d {
#rewrite ^/d/?(.*)$ /$1 break;
proxy_pass http://dashboard;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass_request_headers on;
}
}

Unknown "server" variable from nginx

I'm deploying containerized nginx server onto AWS. However, when I try to access it I get "Unable to connect" error from the browser. Log file is giving me error: nginx: [emerg] unknown "server" variable
This is my prod.conf file:
server {
listen 80;
location / {
proxy_pass http://users:5000;
proxy_redirect default;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server-name;
}
}
this is in Dockerfile-prod file:
FROM nginx:1.15.8-alpine
RUN rm /etc/nginx/conf.d/default.conf
COPY /prod.conf /etc/nginx/conf.d
compose-prod.yml file:
version: '3.7'
services:
users:
build:
context: ./services/users
dockerfile: Dockerfile-prod
expose:
- '5000'
environment:
- FLASK_ENV=production
- APP_SETTINGS=project.config.ProductionConfig
- DATABASE_URL=postgres://postgres:postgres#users-db:5432/users_prod
- DATABASE_TEST_URL=postgres://postgres:postgres#users-db:5432/users_test
depends_on:
- users-db
users-db:
build:
context: ./services/users/project/db
dockerfile: Dockerfile
expose:
- '5432'
environment:
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
nginx:
build:
context: ./services/nginx
dockerfile: Dockerfile-prod
restart: always
ports:
- 80:80
depends_on:
- users
Why is it giving me this error ?

You should use $server_name with underscore instead of $server-name http://nginx.org/en/docs/http/ngx_http_core_module.html#server_name