My issue:
I’m trying to reverse proxy Firefly III (running in Docker) using nginx (also in Docker), but I’m getting a 502 Bad Gateway when accessing the app through nginx on port 80. Direct access via the exposed port works fine.
How I encountered the problem:
After deploying Firefly III in Docker, I set up an nginx container to reverse proxy it. Accessing http://my_vps_ip_address:8000
works as expected (this is Firefly directly). But accessing http://my_vps_ip_address
(which hits nginx on port 80) results in a 502 error. Both containers are in the same Docker network, and nginx is configured to proxy to http://firefly:8000
.
Solutions I’ve tried:
- Verified Firefly is running and accessible via
my_vps_ip_address:8000
- Confirmed that both containers are in the same custom Docker network
- Used container name
firefly
in the nginx proxy_pass
directive
- Tried restarting both containers
Still, nginx returns a 502 Bad Gateway.
My config:
nginx.conf (simplified)
http {
server {
listen 80;
server_name my_vps_ip_address;
location / {
proxy_pass http://firefly:8000;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
proxy_buffering off;
proxy_buffer_size 16k;
proxy_busy_buffers_size 24k;
proxy_buffers 64 4k;
}
}
docker-compose.yml (excerpt)
services:
nginx:
image: nginx:latest
container_name: nginx
restart: always
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf:ro
ports:
- "80:80"
networks:
- firefly_iii
depends_on:
- firefly
firefly:
image: fireflyiii/core:latest
container_name: firefly
restart: always
networks:
- firefly_iii
ports:
- "8000:8080"
env_file: .env
networks:
firefly_iii:
driver: bridge
Any insights into what might be causing the 502 or how to properly connect nginx to a Docker service on the same network would be greatly appreciated. Thanks!
2 Likes
The most likely problem is a port mismatch between your Nginx configuration and your actual Firefly III container. In your docker-compose.yml, Firefly III exposes port 8080 internally, but your Nginx is trying to connect to port 8000.
2 Likes
If the firefly app is available on my_vps_ip_address:8000
, you would want to use that in the proxy_pass directive. I am assuming that NGINX is unable to properly resolve the firefly hostname, which would cause this sort of error.
1 Like
Thanks for your response. From my understanding, it would be required to use the internal name and not the public ip address because after nginx works, I would like to disable the my_vps_ip_address:8000 port reveal and allow access only using :80 or :443 later on. I’m wondering why the hostname cannot be resolved, I put them in the same network. Also when using the my_vps_ip_address, it results in a 504 Gateway Timeout. Currently I cannot grasp why.
Thank you for your response. I tried using 8080, but this also results in 502 Bad Gateway unfortunately.
Try running these inside the nginx container:
curl -v http://firefly:8000
curl -v http://firefly:8080
8000 did not work (Connection refused)
8080 did work (302 Found)
It seems like 8080 would be correct than, that is a good learning. However it still says 502 Bad Gateway when using 8080 despite having http://firefly:8080 in nginx config. I also tried 172.18.0.4:8080 now, this is the internal ip address presented by curl. But this does not work as well unfortunately.
Try this now:
set $upstream_firefly "firefly";
proxy_pass http://$upstream_firefly:8080;
1 Like
When you were testing on port 8080, was that on the nginx node? it seems like this is a connectivity issue between the nginx node and the application.
2 Likes
Yes I tested it using
sudo docker exec -it 775484b6576f sh
and then used curl commands. So I did this in nginx container.
I tried but it still says Bad Gateway. 
What does the logs says for both nginx and firefly containers?
Firefly:
+------------------------------------------------------------------------------+
| |
| Thank you for installing Firefly III, v6.2.12! |
| There are no extra installation instructions. |
| Firefly III should be ready for use. |
| |
| Did you know you can support the development of Firefly III? |
| You can donate in many ways, like GitHub Sponsors or Patreon. |
| For more information, please visit https://bit.ly/donate-to-Firefly-III |
| |
+------------------------------------------------------------------------------+
[01-May-2025 22:48:50] NOTICE: fpm is running, pid 166
[01-May-2025 22:48:50] NOTICE: ready to handle connections
✅ NGINX + PHP-FPM is running correctly.
nginx:
2025/05/01 20:58:57 [error] 22#22: *5 no resolver defined to resolve firefly, client: IP_ADDRESS, server: SERVER_IP_ADDRESS, request: "GET / HTTP/1.1", host: "SERVER_IP_ADDRESS"
IP_ADDRESS - - [01/May/2025:20:58:57 +0000] "GET / HTTP/1.1" 502 157 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0"
Seems like I have to define a resolver, how do I define that?
@ServiceGuards I added
resolver 127.0.0.11;
which seems to be Docker-specific, to http in NGINX config.
Now this error occurs:
2025/05/01 21:02:41 [error] 22#22: *1 connect() failed (111: Connection refused) while connecting to upstream, client: CLIENT_ADDRESS, server: SERVER_ADDRESS, request: "GET / HTTP/1.1", upstream: "http://172.18.0.4:8080/", host: "SERVER_ADDRESS"
CLIENT_ADDRESS - - [01/May/2025:21:02:41 +0000] "GET /favicon.ico HTTP/1.1" 499 0 "http://SERVER_ADDRESS/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0"
Try these commands:
docker exec -it nginx curl -v -H "Host: localhost:8080" http://firefly:8080
docker exec -it nginx curl -v -H "Host: firefly:8080" http://firefly:8080
docker exec -it nginx curl -v -H "Host: my_vps_ip_address" http://firefly:8080
docker exec -it nginx curl -v -H "Host: my_vps_ip_address:8000" http://firefly:8080
Each of them returns this:
* Trying 172.18.0.4:8080...
* Connected to firefly (172.18.0.4) port 8080 (#0)
> GET / HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.88.1
> Accept: */*
>
< HTTP/1.1 302 Found
< Server: nginx
< Content-Type: text/html; charset=utf-8
...
For me that looks like it should work but does not while it seems to be found though
1 Like
I used another browser and now I was able to connect. Seems to be working now! So the problem was the resolver resolver 127.0.0.11;
I think. Thank you a lot for your help so far!
2 Likes