Hello all
I have set of docker images (nextcloud, nginx, documentserver and mariadb) that run nextcloud, nginx and onlyoffice documenserver all together. The “nginx” server (let it call Nginx1) acts as an internal (“in-docker”) HTTP router. It distributes request between nextcloud and documetserver and communicates outside the docker cloud.
- All containers are connexted to single internal docker network (called ‘nextcloud’).
- The nextcloud docker image is latest fpm-alpine (now 15.0.2).
- Internally all containers communicate through pure HTTP protocol.
- Nginx1 exposes HTTP port for outside (out-docker) communication
- All is started from single docker-compose.yaml.
I also have one more nginx server on the same host (call in Nginx2) , which acts as a HTTPS proxy (exposed to Internet) and in addition it serves another applications (outside the docker).
Everything works well if I use HTTP to interconnext Nginx1 and Nginx2. But I wanted to use unix socket to interconnect them (it should be approx. 5x faster then HTTP - at least in case redis and databases it is) and it does not work. Nextcloud returns “Internal server error” page on every request.
The unix domain socket is created in the docker’s Nginx1 and exposed to local filesystem.
When I looked into browser HTTP commucation log for the “index.php” page, it seems that all is OK, until browser requires the “/files” folder, to which request the server responds by HTTP status 500.
Nothing usable is in logs on every chain element (Nginx1, Nginx2 nor Nextcloud).
I am attaching site configuration for “Nginx2”
#
# nextcloud site
#
server {
server_name my.domain.com;
server_tokens off;
client_max_body_size 10G;
# SSL configuration (managed by Certbot)
listen [::]:443 ;
listen 443 ;
ssl_certificate /etc/letsencrypt/live/my.domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/my.domain.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
# proxy_pass http://unix:/run/nginx/nextcloud.sock; # this does not work
proxy_pass http://localhost:8042; # this works well
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
I tried slightly tweak “proxy_pass” parameters, but without success. Also I did not find anything reasonable using Google. Can someone help me ?
It is of course possible to use only 1 proxy (the outside Nginx2), but in this case the nginx.conf will be much more complex and the solution looses it’s flexibility. And benefit of using unix socket is significant against network (even against localhost; mainly under heavy load).