Jwilder nginx proxy - 503 after docker compose structure update

Question

I'm using jwilder/nginx-proxy with separate docker-compose.yaml. It looks like this:

proxy:
   image: jwilder/nginx-proxy
   restart: always
   volumes:
     - /var/run/docker.sock:/tmp/docker.sock:ro
     - ./nginx/conf.d/proxy.conf:/etc/nginx/conf.d/proxy.conf:ro
     - /Users/marcin/Docker/local_share/certificates:/etc/nginx/certs:ro      
   ports:
     - "80:80"
     - "443:443"
   container_name: proxy

I'm using it for quite a long time and it's working fine when my project docker-compose.yaml looks like this:

web:
  build: /Users/marcin/Docker/definitions/php-nginx/php-7.1-ubuntu
  volumes:
    - /Users/marcin/Docker/projects/test.local/html/:/usr/share/nginx/html/
    - /Users/marcin/Docker/projects/test.local/nginx/conf.d/:/etc/nginx/conf.d/
    - /Users/marcin/Docker/projects/test.local/nginx/log/:/var/log/nginx/
    - /Users/marcin/Docker/projects/test.local/supervisor/conf.d/:/etc/supervisor/conf.d/
    - /Users/marcin/Docker/projects/test.local/supervisor/log/:/var/log/supervisor/
    - /Users/marcin/Docker/projects/test.local/cron/:/root/.cron/
    - /Users/marcin/Docker/local_share/:/root/.local_share/
    - /Users/marcin/Docker/local_share/certificates/:/usr/share/nginx/certificates/  
  working_dir: /usr/share/nginx/html/
  links:
    - db
  container_name: test.php
  hostname: test.local
  ports:
    - "336:22"
    - "8081:80"
    - "18080:443"    
  environment:
    - VIRTUAL_HOST=test.local   
    - CERT_NAME=default
    - HTTPS_METHOD=noredirect
db:
  build: /Users/marcin/Docker/definitions/mysql/5.7
  environment:
     - MYSQL_ROOT_PASSWORD=pass
     - MYSQL_DATABASE=
     - MYSQL_USER=
     - MYSQL_PASSWORD=
  expose:
     - 3306
  volumes:
    - /Users/marcin/Docker/projects/test.local/mysql/data/:/var/lib/mysql/
    - /Users/marcin/Docker/projects/test.local/mysql/conf.d/:/etc/mysql/conf.d/source
    - /Users/marcin/Docker/projects/test.local/mysql/log/:/var/log/mysql/
  ports:
    - "33060:3306"
  container_name: test.db
  hostname: test.local

I can access site without any problem using http://test.local or https://test.local what is expected.

However I had to update my file structure to newer version:

version: "3.2"
services:
  web:
    build: /Users/marcin/Docker/definitions/php-nginx/php-7.1-ubuntu
    volumes:
      - /Users/marcin/Docker/projects/test.local/html/:/usr/share/nginx/html/
      - /Users/marcin/Docker/projects/test.local/nginx/conf.d/:/etc/nginx/conf.d/
      - /Users/marcin/Docker/projects/test.local/nginx/log/:/var/log/nginx/
      - /Users/marcin/Docker/projects/test.local/supervisor/conf.d/:/etc/supervisor/conf.d/
      - /Users/marcin/Docker/projects/test.local/supervisor/log/:/var/log/supervisor/
      - /Users/marcin/Docker/projects/test.local/cron/:/root/.cron/
      - /Users/marcin/Docker/local_share/:/root/.local_share/
      - /Users/marcin/Docker/local_share/certificates/:/usr/share/nginx/certificates/  
    working_dir: /usr/share/nginx/html/
    links:
      - db
    container_name: test.php
    hostname: test.local
    ports:
      - "336:22"
      - "8081:80"
      - "18080:443"    
    environment:
      - VIRTUAL_HOST=test.local   
      - CERT_NAME=default
      - HTTPS_METHOD=noredirect
  db:
    build: /Users/marcin/Docker/definitions/mysql/5.7
    environment:
       - MYSQL_ROOT_PASSWORD=pass
       - MYSQL_DATABASE=
       - MYSQL_USER=
       - MYSQL_PASSWORD=
    expose:
       - 3306
    volumes:
      - /Users/marcin/Docker/projects/test.local/mysql/data/:/var/lib/mysql/
      - /Users/marcin/Docker/projects/test.local/mysql/conf.d/:/etc/mysql/conf.d/source
      - /Users/marcin/Docker/projects/test.local/mysql/log/:/var/log/mysql/
    ports:
      - "33060:3306"
    container_name: test.db
    hostname: test.local

and after that it seems not to work. I can access site using ip and port without a problem, but I cannot longer use domain to access it. When I try I'm getting:

503 Service Temporarily Unavailable

nginx/1.13.8

And this is for sure from jwilder nginx (and not the nginx in project).

So the question is - where should I put environment variables to make it work? It seems that when they are placed as they are at the moment they are not read by proxy.

Answer 1

The 503 indicates that the nginx-proxy container can see your container running in docker and it has the configuration needed for nginx to route traffic to it, but it is unable to connect to that container over the docker network. For container-to-container networking to work, you need to have a common docker network defined. You should first run the following to create a network:

docker network create proxy

Then update your nginx-proxy compose file to use the network (this should also be upgraded to at least a v2 syntax, I've gone with 3.2 to match your other file):

version: "3.2"

networks:
  proxy:
    external: true

services:
  proxy:
    image: jwilder/nginx-proxy
    restart: always
    volumes:
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - ./nginx/conf.d/proxy.conf:/etc/nginx/conf.d/proxy.conf:ro
      - /Users/marcin/Docker/local_share/certificates:/etc/nginx/certs:ro      
    ports:
      - "80:80"
      - "443:443"
    container_name: proxy
    networks:
      - proxy

And then do something similar for your application:

version: "3.2"
networks:
  proxy:
    external: true
services:
  web:
    build: /Users/marcin/Docker/definitions/php-nginx/php-7.1-ubuntu
    volumes:
      - /Users/marcin/Docker/projects/test.local/html/:/usr/share/nginx/html/
      - /Users/marcin/Docker/projects/test.local/nginx/conf.d/:/etc/nginx/conf.d/
      - /Users/marcin/Docker/projects/test.local/nginx/log/:/var/log/nginx/
      - /Users/marcin/Docker/projects/test.local/supervisor/conf.d/:/etc/supervisor/conf.d/
      - /Users/marcin/Docker/projects/test.local/supervisor/log/:/var/log/supervisor/
      - /Users/marcin/Docker/projects/test.local/cron/:/root/.cron/
      - /Users/marcin/Docker/local_share/:/root/.local_share/
      - /Users/marcin/Docker/local_share/certificates/:/usr/share/nginx/certificates/  
    working_dir: /usr/share/nginx/html/
    links:
      - db
    container_name: test.php
    hostname: test.local
    ports:
      - "336:22"
      - "8081:80"
      - "18080:443"    
    environment:
      - VIRTUAL_HOST=test.local   
      - CERT_NAME=default
      - HTTPS_METHOD=noredirect
    networks:
      - proxy
      - default
  db:
    build: /Users/marcin/Docker/definitions/mysql/5.7
    environment:
       - MYSQL_ROOT_PASSWORD=pass
       - MYSQL_DATABASE=
       - MYSQL_USER=
       - MYSQL_PASSWORD=
    expose:
       - 3306
    volumes:
      - /Users/marcin/Docker/projects/test.local/mysql/data/:/var/lib/mysql/
      - /Users/marcin/Docker/projects/test.local/mysql/conf.d/:/etc/mysql/conf.d/source
      - /Users/marcin/Docker/projects/test.local/mysql/log/:/var/log/mysql/
    ports:
      - "33060:3306"
    container_name: test.db
    hostname: test.local

If you were upgrading from a v1 syntax (without a version defined), you will find that docker switches from running everything on the same network without dns to running each compose project or stack on a dedicated network with dns. To run your apps on other networks, you'll need to explicitly configure that. In the above example, only the web container was placed on the proxy network, and both are on the default network created for this project or stack.