NGINX Reverse Proxy 504 Gateway Time-out

Hello there,

I am have a few issues with the reverse proxy NGINX setup for generating certs using docker from the sample config created by @kurt here

It seems that the proxy container times out with a 504 Gateway Time-out error during multiple instances, like making a request to the stripe API or possibly due to a redirect. I’ve tried to increase the proxy_connect_timeout value to prevent this but it doesn’t seem to have worked after restart.

The access and error logs doesn’t seem to be available when I ssh into the container.

Hi @jacob, sorry I don’t have much to offer here, except that I see that the fly-apps/nginx repo is on a list of not-recently-updated example apps I’m slowly archiving. It’s possible the reason for your trouble is that Things Have Changed since this was last updated.

Thank you for the update, we are currently using this setup to assign certs and previously used the javascript apps that are no longer supported in terms of updates since it’s read only now. It’s critical to try to fix this since we cannot signup new customers due to this issue.

It also seems to lose the site if www. is removed from the url after a site is loaded with it: www.homebasestorefront.com then homebasestorefront.com is one such example.

Only difference is in the nginx.conf with the origin_url being https://(our ip) and commenting out:

    set $origin_host_header example.org;

and uncommenting:

    set $origin_host_header $http_host;

Is this running in Virginia by chance? AWS is having networking issues that affect connectivity from Fly apps in Virginia. These could be the cause of 504s. If you are running in iad, the quick fix is fly region remove iad.

All of our cloud services are now on Azure but this server is Virginia as well.

Ah, probably not related then.

How long should the requests take that are timing out? And is the 504 coming from nginx or from our proxy? If it’s nginx, you’ll see a little thing on the footer saying nginx generated the error (by default).

504s mean there’s a timeout issue, yes. Probably not a connect timeout, you’ll need to tweak the read timeout setting: Module ngx_http_proxy_module

Our proxy has a 60s read timeout. I’d suggest setting the nginx read timeout to, like, 45 seconds. That might help.

It’s an nginx error, gives the version number 1.21.5 and everything. I’ve increased these previously beyond the original 30000ms for proxy_read_timeout. It feels like the gateway timeout error happens pretty quickly and the requests usually do not take that long.

Does it need to be restarted for these to take affect? If so, I assume I would have to redeploy the local docker setup as it resets the values.

Oh yes, you’ll definitely need to update the config and redeploy to get it to take. Editing the file on the running VM won’t have any affect, if that’s what you’re doing.

But that 30s proxy read timeout seems like it should be enough. You may be able to see exactly what it thinks is happening with fly logs.