0

I have the following Docker setup:

  • jwilder/nginx-proxy for the reverse proxy

  • jrcs/letsencrypt-nginx-proxy-companion for SSL (Let's Encrypt)

  • custom WildFly container as the endpoint

My problem is that when visiting the website a 504 error gets thrown out. I give environment variables to the WildFly container containing multiple VIRTUAL_HOST, LETSENCRYPT_HOST and LETSENCRYPT_EMAIL. I tried exposing the ports but that did not help. Port 8080 gets shown in docker ps -a. The weight, max_fails etc is from a tutorial I found online because it wasn't working for me and I thought it would fix it. Using curl IP:8080 gives a successful response.

My Nginx config in the container:

# wildfly.example.com
upstream wildfly.example.com {
                                # Cannot connect to network of this container
                                server 172.17.0.5:8080 weight=100 max_fails=5 fail_timeout=5;
}
server {
        server_name wildfly.example.com;
        listen 80 ;
        access_log /var/log/nginx/access.log vhost;
        # Do not HTTPS redirect Let'sEncrypt ACME challenge
        location /.well-known/acme-challenge/ {
                auth_basic off;
                allow all;
                root /usr/share/nginx/html;
                try_files $uri =404;
                break;
        }
        location / {
                return 301 https://$host$request_uri;
        }
}
server {
        server_name wildfly.example.com;
        listen 443 ssl http2 ;
        access_log /var/log/nginx/access.log vhost;
        ssl_session_timeout 5m;
        ssl_session_cache shared:SSL:50m;
        ssl_session_tickets off;
        ssl_certificate /etc/nginx/certs/wildfly.example.com.crt;
        ssl_certificate_key /etc/nginx/certs/wildfly.example.com.key;
        ssl_dhparam /etc/nginx/certs/wildfly.example.com.dhparam.pem;
        ssl_stapling on;
        ssl_stapling_verify on;
        ssl_trusted_certificate /etc/nginx/certs/wildfly.example.com.chain.pem;
        add_header Strict-Transport-Security "max-age=31536000" always;
        include /etc/nginx/vhost.d/default;
        location / {
                proxy_pass http://wildfly.example.com;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $server_addr:$server_port;
                proxy_set_header X-Real-IP $remote_addr;
        }
}

P.S the comment that it cannot connect to the network exists because it did not automatically detect the server and I had to manually edit the internal IP. My docker logs nginxcontainerid output:

2020/06/04 14:14:37 [error] 22247#22247: *6228 upstream timed out (110: Connection timed out) while connecting to upstream, client: IPHERE, server: wildfly.example.com, request: "GET / HTTP/2.0", upstream: "http://172.17.0.5:8080/", host: "wildfly.example.com"
crispyzlata
  • 1
  • 1
  • 1

1 Answers1

0

I am not familiar with WildFly but will that application accept requests with the wildlfy.example.com header? You are CURLing the :8080 on the container with an IP, the WildFly server might need to be set up to accept requests from the domain itself as well. 504 error is usually the server simply dropping your requests due to incorrect configuration or not being reachable, which it is based on your CURL. I'd look for problems inside your WildFly container.

Chris
  • 318
  • 1
  • 5
  • Thank you for your answer! But could you get more into detail on what steps I have to do to achieve this? Thanks in advance – crispyzlata Jun 08 '20 at 09:09
  • [Here's the WildFly admin guide.](https://docs.wildfly.org/17/Admin_Guide.html#Core_management_concepts) I do not know the steps exactly because I have never used WildFly before. I think the problem is that your WildFly server is not configured to accept requests from `wildfly.yourdomain.com`, but only from the IP address or localhost. – Chris Jun 10 '20 at 18:14
  • hmm 0.0.0.0 is passed as a parameter for management and app, so that should work trouble-free, any other ideas? – crispyzlata Jun 12 '20 at 08:50