Docker + Nginx/LetsEncrypt -> Connection Reset by Peer (502 Bad Gateway)

Nextcloud version:
Operating system and version: Linux nasbot 4.14.24-qnap #1 SMP Fri Apr 10 05:20:41 CST 2020 x86_64 GNU/Linux
nginx version: 1.18.0 (from docker hub linuxserver/letsencrypt)
PHP version: 7.4.8

The issue you are facing:

My setup is as follows…

docker running on QNAP NAS.

Router redirects external incoming traffic from 443/80 to 8090/8091 on the NAS since the NAS web interface is already running on 443.

My docker-compose.yml:
My nginx proxy configuration:

I have replaced my actual domain name with ‘mydomain’ in my pastebin links.

After running docker-compose up -d, the letsencrypt container does its thing, receives a valid SSL certificate, and then starts accepting traffic.

At that point, I logged in to the nextcloud container and ran occ maintenance:install with the proper parameters for my database configuration. Everything appears to have worked successfully. Database tables exist, no error output to console.

Now, if I browse to my nextcloud server I am asked for my Basic HTTP Auth, as specified in the nginx configuration, then I receive a 502 Bad Gateway error in my browser.

Nginx logs show the following:

2020/07/26 11:34:04 [error] 409#409: *56 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 66.XX.YY.108, server: nextcloud, request: "GET / HTTP/2.0", upstream: "http://", host: ""

I’ve tried configuring nextcloud logging, but have been unsuccessful, so I don’t have any logs to share from that container other than the output from docker logs:

[26-Jul-2020 15:12:07] NOTICE: fpm is running, pid 1
[26-Jul-2020 15:12:07] NOTICE: ready to handle connections

Running a curl from the letsencrypt container looks like this:

root@8f8836b0f1c5:/# curl -v http://nextcloud:9000/
*   Trying
* Connected to nextcloud ( port 9000 (#0)
> GET / HTTP/1.1
> Host: nextcloud:9000
> User-Agent: curl/7.69.1
> Accept: */*
* Recv failure: Connection reset by peer
* Closing connection 0
curl: (56) Recv failure: Connection reset by peer

Is this the first time you’ve seen this error? (Y/N): Y

Steps to replicate it: See above

The output of your Nextcloud log in Admin > Logging: Not available

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

The output of your Apache/nginx/system log in /var/log/____: See above

I’ve spent a ton of time googling and trying various permutations of configuration variables all last night and this morning, but am not having any luck. Thanks in advance for any help you can offer.

(note, I’ve had to put spaces in a few URLs in this message since “New users are only allowed to post 4 links in a message”)

I think if someone could help me get the nextcloud/php-fpm logging figured out, I could probably figure the rest out.

The nextcloud.log file was created in my data directory upon running occ maintenance:install, but it’s never written to. I have tried changing ownership to www-data to no avail, as well.

Apparently nextcloud logging is working. I just saw that some output was dumped into it when I ran occ config:list to post in this thread. I assumed it was broken because nothing is ever logged when I make a request.

Alright, I figured out how to enable php-fpm debug logging inside the container, but it doesn’t provide any further information when I make a request. All I see in the logs is this over and over again:

[26-Jul-2020 18:17:36.606687] DEBUG: pid 1, fpm_pctl_perform_idle_server_maintenance(), line 382: [pool www] currently 0 active children, 2 spare children, 2 running children. Spawning rate 1

I don’t see any logs related to my requests…

Still having this issue if anyone has any suggestions.