Nextcloud AIO Unhealthy 502 Errors in Logs

wraith1385 · June 13, 2023, 1:22am

Just installed the Nextcloud AIO on Ubuntu server running on a VM. I’ve tried multiple times but I keep seeing the apache docker as Unhealthy and it is running slow compared to my old setup. When I check the logs for the container, I see a bunch of the below errors.

Nextcloud version: AIO V6.0.0 (latest docker tag)
Operating system and version: Ubuntu Server 22.04

{"level":"error","ts":1686617898.7054336,"logger":"http.log.error","msg":"dial tcp 172.20.0.7:7867: connect: connection refused","request":{"remote_ip":"redactedIP","remote_port":"56084","proto":"HTTP/1.1","method":"GET","host":"redactedDomainName","uri":"/push/ws","headers":{"Sec-Fetch-Dest":["websocket"],"Cache-Control":["no-cache"],"Sec-Fetch-Mode":["websocket"],"Accept-Language":["en-US,en;q=0.9"],"Sec-Websocket-Version":["13"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Safari/605.1.15"],"Upgrade":["websocket"],"Sec-Fetch-Site":["same-origin"],"Sec-Websocket-Extensions":["permessage-deflate"],"Accept-Encoding":["gzip, deflate"],"Cookie":[],"Connection":["Upgrade"],"Pragma":["no-cache"],"Accept":["*/*"],"Sec-Websocket-Key":["ELCT4LbQg1+ePClrzmwIEA=="],"Origin":["https://redactedDomainName"]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"http/1.1","server_name":"redactedDomainName"}},"duration":0.000839787,"status":502,"err_id":"rnpp3n05s","err_trace":"reverseproxy.statusError (reverseproxy.go:1299)"}
{"level":"error","ts":1686617900.6585023,"logger":"http.log.error","msg":"dial tcp 172.20.0.7:7867: connect: connection refused","request":{"remote_ip":"redactedIP","remote_port":"56084","proto":"HTTP/1.1","method":"GET","host":"redactedDomainName","uri":"/push/ws","headers":{"Origin":["https://redactedDomainName"],"Accept":["*/*"],"Sec-Fetch-Site":["same-origin"],"Sec-Websocket-Version":["13"],"Sec-Fetch-Mode":["websocket"],"Pragma":["no-cache"],"Sec-Websocket-Key":["WwhhbFp5H3BHcZEesi9fIQ=="],"Sec-Websocket-Extensions":["permessage-deflate"],"Cookie":[],"Upgrade":["websocket"],"Sec-Fetch-Dest":["websocket"],"Cache-Control":["no-cache"],"Accept-Language":["en-US,en;q=0.9"],"Connection":["Upgrade"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Safari/605.1.15"],"Accept-Encoding":["gzip, deflate"]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"http/1.1","server_name":"redactedDomainName"}},"duration":0.001284768,"status":502,"err_id":"vq4sy9bu1","err_trace":"reverseproxy.statusError (reverseproxy.go:1299)"}
{"level":"error","ts":1686617901.6415071,"logger":"http.log.error","msg":"dial tcp 172.20.0.7:7867: connect: connection refused","request":{"remote_ip":"redactedIP","remote_port":"56084","proto":"HTTP/1.1","method":"GET","host":"redactedDomainName","uri":"/push/ws","headers":{"Cache-Control":["no-cache"],"Accept-Language":["en-US,en;q=0.9"],"Connection":["Upgrade"],"Accept-Encoding":["gzip, deflate"],"Upgrade":["websocket"],"Accept":["*/*"],"Sec-Fetch-Site":["same-origin"],"Cookie":[],"Sec-Websocket-Extensions":["permessage-deflate"],"Sec-Fetch-Dest":["websocket"],"Sec-Websocket-Version":["13"],"Sec-Fetch-Mode":["websocket"],"Origin":["https://redactedDomainName"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Safari/605.1.15"],"Pragma":["no-cache"],"Sec-Websocket-Key":["iEmQW3EoOxcQe4Kyx0ZDhw=="]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"http/1.1","server_name":"redactedDomainName"}},"duration":0.000878258,"status":502,"err_id":"esfhjgwup","err_trace":"reverseproxy.statusError (reverseproxy.go:1299)"}

szaimen · June 13, 2023, 6:05am

Hi, you can try to debug the health yourself by running sudo docker exec -it nextcloud-aio-apache bash -x /healthcheck.sh. What does it output?

As for the performance see General recommendations for the best performance · nextcloud/all-in-one · Discussion #1335 · GitHub and can you follow How to debug performance issues with Nextcloud? · nextcloud/all-in-one · Discussion #2475 · GitHub?

wraith1385 · June 13, 2023, 11:21am

Hmm, I get this when I try to run that command.

bash: /healtcheck.sh: No such file or directory

wraith1385 · June 13, 2023, 11:22am

I also looked at the volume mount point and didn’t see that directory.

sudo ls /var/lib/docker/volumes/nextcloud_aio_apache/_data/
caddy  caddy-imports

szaimen · June 13, 2023, 11:24am

Hi, please run the mentioned command. Here for better copy-and-paste:

sudo docker exec -it nextcloud-aio-apache bash -x /healthcheck.sh

szaimen · June 13, 2023, 11:26am

Sorry there was a h missing. Corrected it.

wraith1385 · June 13, 2023, 11:33am

This is what I get for output

sudo docker exec -it nextcloud-aio-apache bash -x /healthcheck.sh
+ nc -z nextcloud-aio-nextcloud 9000
+ nc -z localhost 8000
+ nc -z localhost 443
+ nc -z redactedurl 443
+ exit 1

szaimen · June 13, 2023, 11:37am

Okay so apparently it cannot reach your domain from inside the container. Most likely this is a problem caused by your network infrastructure.

wraith1385 · June 13, 2023, 11:59am

The underlying VM that hosts the AIO can dig the domain just fine as well as ping both the domain name and the ip address it points to. Is there anything I could have done wrong during the container setup?

szaimen · June 13, 2023, 12:02pm

Can you run nc -z "$domain" 443; echo $? on the underlying VM?

wraith1385 · June 13, 2023, 8:01pm

Yeah, that didn’t work so it looks like I’ve got something wrong in my network setup somewhere.

wraith1385 · June 13, 2023, 9:24pm

I was not able to get domain validation working either when setting the AIO up, but using the port checker website in the error message said that the port was open.

pmorch · August 4, 2023, 11:59am

This could be because of “hairpin NAT” not working. A common problem with crappy routers. See e.g. Hairpinning and Traffic Backhauling Guide