Error 502 Bad Gateway


#1

Hi there,

I’ve installed funkwhale using Docker on a Ubuntu 18.04 server.

I was already running docker and am using a Letsencrypt nginx container for my reverse proxies, I’m also using cloudflare.

I can access the homepage, and I see the correct lay-out but in my console I get:

and I can’t access the login page.

Any ideas what might be happening?

I’m using the following reverse proxy config:

upstream fw {
    server 192.168.178.34:5002;
}
map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}

server {
    listen 443 ssl;

    server_name funkwhale.*;

    include /config/nginx/ssl.conf;

    client_max_body_size 0;

    location / {
        include /config/nginx/proxy.conf;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
        proxy_pass   http://fw/;
    }
}

My .env:

FUNKWHALE_VERSION=0.17
FUNKWHALE_API_IP=192.168.178.34
FUNKWHALE_API_PORT=5002
FUNKWHALE_HOSTNAME=funkwhale.domain.tld
FUNKWHALE_PROTOCOL=https
DJANGO_ALLOWED_HOSTS=funkwhale.domain.tld
host:25
REVERSE_PROXY_TYPE=nginx
MEDIA_ROOT=/docker/funkwhale/data/media
STATIC_ROOT=/docker/funkwhale/data/static
DJANGO_SETTINGS_MODULE=config.settings.production
DJANGO_SECRET_KEY=secret
RAVEN_ENABLED=false
RAVEN_DSN=https://etc
MUSIC_DIRECTORY_PATH=/music
MUSIC_DIRECTORY_SERVE_PATH=/media/downloads/music
FUNKWHALE_FRONTEND_PATH=/media/funkwhale/front/dist
NGINX_MAX_BODY_SIZE=30M

#2

Hi!

The 502 error either indicate:

  1. that your reverse proxy is pointing to the wrong place (wrong port or IP)
  2. that Funkwhale’s nginx container is down
  3. That Funkwhale’s api container is down

Can you confirm that there is something listening on 192.168.178.34:5002 on your host (netstat -tlpn), and check in the logs of the api and nginx container while you’re doing a request (docker-compose logs -f --tail=50 nginx api) ?


#3

Hi,

netstat -tlpn shows:

docker-compose ps shows:

so it’s probably the API port that’s wrong?

The thing is, I can’t use port 5000, since it’s already used by the synology NAS.

What ports should I be using for API and NGINX?


#4

Hm based on your netstat output, it looks like the process listen on ipv6 only, which could cause the issue, since your nginx conf points to a ipv4 address. It looks like you edited the default compose file, because the nginx container is normally listening on the FUNKWHALE_API_PORT from your .env file:

ports:
      # override those variables in your .env file if needed
      - "${FUNKWHALE_API_IP}:${FUNKWHALE_API_PORT}:80"

Does putting that instead then relaunching your containers fix the issue ?


#5

Ok, I’ve changed the default back.

So about the netstat output, I doubt that’s an issue: https://stackoverflow.com/a/30006034/2726841

When setting up the proxy, Docker requests the loopback address ‘127.0.0.1’, Linux realises this is an address that exists in IPv6 (as ::0) and opens on both (but it is formally an IPv6 socket). When you run netstat it sees this and tells you it is an IPv6 - but it is still listening on IPv4.

When doing docker-compose logs -f --tail=50 nginx api:

and then when I visit my domain, I get:
2018/12/07 15:17:25 [error] 14#14: *9 connect() failed (111: Connection refused) while connecting to upstream, client: 172.19.0.1, server: funkwhale.domain.tld, request: "GET /api/v1/instance/settings/ HTTP/1.1", upstream: "http://172.19.0.21:5002/api/v1/instance/settings/", host: "funkwhale.domain.tld:443", referrer: "https://funkwhale.domain.tld/"


#6

Is it normal that you have 172.19.0.21 in the upstream IP, while you have FUNKWHALE_API_IP=192.168.178.34 in your .env? I’d say both values should match.


#7

No, I don’t think it’s normal. But I’m not sure where the NGINX docker gets it from.

Edit:
Nvm, changed the value to 192.168.178.34 getting a lot more output now:

Getting like 10 of the above messages when I visit now, but still some errors in the console:

The nginx logs look like some sort of redirect loop:


#8

Changing the API IP and port fixed the errors, however, when trying to create an account, the loading spinner keeps loading:


#9

Can you visit http://yourdomain/api/admin and log in with the credentials you gave when creating your superuser?


#10

Unable to access it, 504 Gateway Time-out.

Also getting the error: Invalid HTTP_HOST header: ‘192.168.178.34:5003’. You may need to add ‘192.168.178.34’ to ALLOWED_HOSTS.

When visiting the IP myself.


#11

You may have to add your ip 192.168.178.34 in the DJANGO_ALLOWED_HOSTS field (values separated with commas) in your .env file.


#12

Thanks, changed some things and everything seems to work. However, when logging in:

api_1 | 2018-12-08 00:06:31,953 ERROR Internal Server Error: /api/v1/playlists/
api_1 | Traceback (most recent call last):
api_1 | File “/usr/local/lib/python3.6/site-packages/django/db/backends/utils.py”, line 85, in _execute
api_1 | return self.cursor.execute(sql, params)
api_1 | psycopg2.IntegrityError: duplicate key value violates unique constraint “federation_actor_url_key”
api_1 | DETAIL: Key (fid)=(https://funkwhale.domain.tld/federation/actors/username) already exists.

Can I ignore this error?

Edit: Also, I see that it’s possible to import files, however, is it possible to sync certain folders? Or would I just need to run the manage.py import_files every once in a while?


#13

@GriffinSC you can get rid of this error by visiting /api/admin/federation/actor and deleting the object matching the one in the error (you probably only have one object anyway).

No, there is no way to do that, you will have to setup a cron job to do this for you on a regular basis :slight_smile: