Skip to content

nginx-proxy-automation with varnish cache http accellerator #367

New issue
New issue
Closed
Closed
nginx-proxy-automation with varnish cache http accellerator#367
@allanext

Description

@allanext
allanext
opened on Feb 7, 2023

Hi,

I'm trying to integrate Varnish cache http accelerator between nginx-proxy-automation and my web containers:

nginx-proxy-automation (proxy-web-auto, docker-gen-auto, letsencrypt-auto) [host mapped ports 80->80 and 443->443] 
       ▲
       │ (docker proxy network)
       ▼
Varnish cache on port 8080 -> 80
       ▲
       │ (docker web containers internal networks)
       ▼
Web docker containers running on port 80

In data/conf.d/default.conf I've added the proxy_pass to varnish:

server {                                                                                                                                     
        server_name a.site.org;                                                                                                 
        listen 443 ssl http2 ;                                                                                                               
        access_log /var/log/nginx/access.log vhost;                                                                                          
        ssl_session_timeout 5m;                                                                                                              
        ssl_session_cache shared:SSL:50m;                                                                                                    
        ssl_session_tickets off;                                                                                                             
        ssl_certificate /etc/nginx/certs/a.site.org.crt;                                                                        
        ssl_certificate_key /etc/nginx/certs/a.site.org.key;                                                                    
        ssl_dhparam /etc/nginx/certs/a.site.org.dhparam.pem;                                                                    
        ssl_stapling on;                                                                                                                     
        ssl_stapling_verify on;                                                                                                              
        ssl_trusted_certificate /etc/nginx/certs/a.site.org.chain.pem;                                                          
        add_header Strict-Transport-Security "max-age=31536000" always;                                                                      
        include /etc/nginx/vhost.d/default;                                                                                                  
        location / {                                                                                                                         
                proxy_pass http://127.0.0.1:8080;                                                                                            
                proxy_set_header X-Real-IP $remote_addr;                                                                                     
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;                                                                 
                proxy_set_header X-Forwarded-Proto http;                                                                                     
                proxy_set_header X-Forwarded-Port 80;                                                                                        
                proxy_set_header Host $host;                                                                                                 
                #proxy_pass http://a.site.org;                                                                                  
        }                                                                                                                                    
}

But when I load a page I get:

proxy-web-auto    | 2023/02/08 19:03:06 [error] 560#560: *1448 connect() failed (111: Connection refused) while connecting to upstream, client: 85.244.123.123, server: a.site.org, request: "GET / HTTP/2.0", upstream: "http://127.0.0.1:8080/", host: "a.site.org"

If i do a curl -I localhost:8080 I see that the varnish server responds but with

curl -k -I a.site.org
HTTP/2 502 
server: nginx/1.20.2
date: Wed, 08 Feb 2023 18:56:04 GMT
content-type: text/html
content-length: 157
strict-transport-security: max-age=31536000

I'm trying to understand what's wrong with my configuration and what is the best way to make the Varnish configuration permanent as it gets rewritten when the container is recreated.

Thanks

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions