Problem with starting the service

[ghost]

After I set up the environment, start all docker images. I am getting the ERROR GET http://xx.xxx.xxx.xx/api/2.0/capabilities.json 502 (Bad Gateway) when I start it in browser.

[kmanojkumar]

Any solution to this issue?

[ibnpetr]

You can first try to restart/recreate the containers. If it doesn't help specify the version of the product, host os, version of the docker. We will try to reproduce the issue.

[kotopesutility]

Well, I've restarted containers with community and mysql servers, document server is on another one server and it works, however I got 404 not found for https:/my_domain/api/2.0/capabilities.json (for https://my_domain I've got 200 OK from curl)

[Carazyda]

Hello @PsinaSutulaya what do you get in the browser? Do you use a proxy? Use onlyoffice on a local network? Please describe this moments, and open a new issue.

[cortopy]

I'm also experiencing this issue. I have the docker server running in an instance in a private network. The instance is exposed to the Internet using an nginx proxy in another instance.

However, I don't think this is an issue related with my own proxy. When I do curl localhost/api/2.0/capabilities.json I get this response:

root@onlyoffice:~# curl localhost/api/2.0/capabilities.json
<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.17.6</center>
</body>
</html>

That request is the same one which the portal startup process keeps requesting and getting 502.

This is my proxy config. It's an expanded version of the one recommended for onlyoffice

upstream onlyoffice {
    server 10.0.0.7;
}

map $http_host $this_host {
    "" $host;
    default $http_host;
}

map $http_x_forwarded_proto $the_scheme {
     default $http_x_forwarded_proto;
     "" $scheme;
}

map $http_x_forwarded_host $the_host {
    default $http_x_forwarded_host;
    "" $this_host;
}

map $http_upgrade $proxy_connection {
  default upgrade;
  "" close;
}

proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $proxy_connection;
proxy_set_header X-Forwarded-Host $the_host;
proxy_set_header X-Forwarded-Proto $the_scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;


server {
    listen <my.ip.address>:443 ssl http2;
    server_name <my_site>;
    ssl_certificate /etc/letsencrypt/live/<my_site>/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/<my_site>/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/<my_site>/chain.pem;
    ssl_dhparam /etc/ssl/private/dh_param.pem;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
    ssl_session_cache shared:MozSSL:10m;
    ssl_session_timeout 1d;
    ssl_session_tickets off;
    ssl_stapling on;
    ssl_stapling_verify on;
    add_header Referrer-Policy "no-referrer" always;
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always;
    add_header X-Robots-Tag "none" always;
    add_header X-Permitted-Cross-Domain-Policies "none" always;
    add_header X-Download-Options "noopen" always;
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-XSS-Protection "1; mode=block" always;
    resolver 1.1.1.1 1.0.0.1 valid=86400s;
    server_tokens off;

    location / {
        proxy_pass http://onlyoffice;
	proxy_http_version 1.1;
    }

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}
server {
    listen 78.47.50.42:80;
    server_name office.j3a.solutions;
    return 301 https://$host$request_uri;
}

Other things I've tried:

• my proxy with the bare minimum (no maps or headers)
• accessing the https port

[Carazyda]

Hello @cortopy, sorry for the late reply. Please check for the errors in web.log or web.api.log, and status of monoserve service. Your instance, where you run the onlyoffice, have enough system requrements?

[cortopy]

Hi @Carazyda! Thanks for looking into this.

I believe I had enough requirements as it had 2 vCPU and 4GB RAM for only one user (me)

I investigated a bit further and I could see that the database container was crashing all the time, causing a docker restart loop. I don't know what the issue was with that container

Unfortunately I gave up on this and the instance is now gone to test again

[jamlev]

I also experience intermittent "502 Bad Gateway" messages from nginx although my installation of community server is natively on a Debian 9 vm of the same resource profile. I've monitored logs and restarted mono several times to no avail. I didn't know of the web.api.log but all I found in there is an ASC cookie auth failed message. Could this be causing it? Thanks

[Carazyda]

Hello @jamlev Does your portal work and do you sometimes get 502? How often do you fall in 502? Are there enough system requirements on the server?

[jamlev]

@Carazyda my portal does work and my VM has 2 vCPUs and 4GB of memory as well. Again, I'm able to work in the portal carrying out all of the task of Community Server, including accessing the Document Server on another VM of the same size. However, the 502 error pops up it's ugly face every now and then, often times so much so to annoy my users and prevent them from coming back to the portal.

[Carazyda]

Document server installed on another vm? Please add swap file to vm with communityserver. And how many active users do you have?