nextcloud
docker-compose with-nginx-proxy example with self-signed ssl crashes with no debug logs
When running the compose.yaml file from .examples/.examples/docker-compose/with-nginx-proxy/mariadb/apache with a self-signed certificate, nginx will crash with little to no explanation of what is happening. The example, running with a MYSQL_PASSWORD set and the db.env file appropriately updated, shows log entries like this, but does not explain why it is shutting down:
nginx.1 | 2025/02/08 14:22:09 [notice] 17#17: using the "epoll" event method
nginx.1 | 2025/02/08 14:22:09 [notice] 17#17: nginx/1.27.3
nginx.1 | 2025/02/08 14:22:09 [notice] 17#17: built by gcc 13.2.1 20240309 (Alpine 13.2.1_git20240309)
nginx.1 | 2025/02/08 14:22:09 [notice] 17#17: OS: Linux 6.1.118-Unraid
nginx.1 | 2025/02/08 14:22:09 [notice] 17#17: getrlimit(RLIMIT_NOFILE): 40960:40960
nginx.1 | 2025/02/08 14:22:09 [notice] 17#17: start worker processes
nginx.1 | 2025/02/08 14:22:09 [notice] 17#17: start worker process 24
nginx.1 | 2025/02/08 14:22:09 [notice] 17#17: start worker process 25
nginx.1 | 2025/02/08 14:22:09 [notice] 17#17: start worker process 26
<snip...>
dockergen.1 | 2025/02/08 14:22:09 Generated '/etc/nginx/conf.d/default.conf' from 4 containers
dockergen.1 | 2025/02/08 14:22:09 Running 'nginx -s reload'
nginx.1 | 2025/02/08 14:22:09 [notice] 17#17: signal 1 (SIGHUP) received from 57, reconfiguring
nginx.1 | 2025/02/08 14:22:09 [notice] 17#17: reconfiguring
dockergen.1 | 2025/02/08 14:22:10 Watching docker events
nginx.1 | 2025/02/08 14:22:09 [notice] 17#17: using the "epoll" event method
For reference, here is the dockerfile that I am using, the two changes are to set the VIRTUAL_HOST and the location of the db.env file with an appropriately updated db.env file:
services:
db:
image: mariadb:10.11
command: --transaction-isolation=READ-COMMITTED
restart: always
volumes:
- db:/var/lib/mysql:Z
environment:
- MYSQL_ROOT_PASSWORD=12345
- MARIADB_AUTO_UPGRADE=1
- MARIADB_DISABLE_UPGRADE_BACKUP=1
env_file:
- /path/to/your/db.env
redis:
image: redis:alpine
restart: always
app:
image: nextcloud:apache
restart: always
volumes:
- nextcloud:/var/www/html:z
# NOTE: The `volumes` config of the `cron` and `app` containers must match
environment:
- VIRTUAL_HOST=servhostname.local
- LETSENCRYPT_HOST=
- LETSENCRYPT_EMAIL=
- MYSQL_HOST=db
- REDIS_HOST=redis
env_file:
- /path/to/your/db.env
depends_on:
- db
- redis
# Added proxy container dependency below.
# It is unclear on when or why it happens, but sometimes NC manages to start before the proxy
# and it breaks for whatever weird reason resulting in the need of manual proxy container restart.
- proxy
networks:
- proxy-tier
- default
cron:
image: nextcloud:apache
restart: always
volumes:
- nextcloud:/var/www/html:z
# NOTE: The `volumes` config of the `cron` and `app` containers must match
entrypoint: /cron.sh
depends_on:
- db
- redis
# letsencrypt-companion:
# image: nginxproxy/acme-companion
# restart: always
# environment:
# - DEFAULT_EMAIL=
# volumes:
# - certs:/etc/nginx/certs:z
# - acme:/etc/acme.sh:z
# - vhost.d:/etc/nginx/vhost.d:z
# - html:/usr/share/nginx/html:z
# - /var/run/docker.sock:/var/run/docker.sock:z,ro
# networks:
# - proxy-tier
# depends_on:
# - proxy
# self signed
omgwtfssl:
image: paulczar/omgwtfssl
restart: "no"
volumes:
- certs:/certs
environment:
- SSL_SUBJECT=servhostname.local
- [email protected]
- SSL_KEY=/certs/servhostname.local.key
- SSL_CSR=/certs/servhostname.local.csr
- SSL_CERT=/certs/servhostname.local.crt
networks:
- proxy-tier
volumes:
db:
nextcloud:
certs:
acme:
vhost.d:
html:
dhparam:
networks:
proxy-tier:
I believe this example should be configured so that nginx-proxy produces more granular log messages, or at least put a comment in the compose.yaml that provides an environment variable that can be set to increase nginx verbosity. I'm not sure how to fix the example so that it actually runs with the self-signed certificate, though.
Colors also appear muted in other views for all events in the past. While I can kind of see the usefulness of this, it lowers readability/usability when looking over past events. The feature really should be optional, or maybe replaced with some other design language that doesn't so severely affect readability when looking at past events.
