I have a problem with a service built with a docker compose, I don’t understand what’s wrong.
I have a Debian server on which I want to host 3 instances of Etherpad, each with its own configuration. In addition to the 3 Etherpads, I want apache on the front end to allow access to the Etherpad instances via https.
At the moment, my system is only partially working. The docker compose launches without a hitch, the 3 Etherpads are accessible via their ports and I can create pads:
- http://etherpad.mydomain.com:9001 (etherpad libre)
- http://etherpad.mydomain.com:9002 (etherpad moodle)
- http://etherpad.mydomain.com:9003 (etherpad redmine)
So I’ve configured apache2 to do reverse proxy:
- https://etherpad.mydomain.com/libre/ (etherpad libre)
- https://etherpad.mydomain.com/moodle/ (etherpad moodle)
- https://etherpad.mydomain.com/redmine/ (etherpad redmine)
No problems with the reverse proxy to the first pad (etherpad libre), it works and I can create pads.
However, the other two don’t work, I get the error :
Service Unavailable. The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.
And on the apache2 front-end logs I get this error :
[Wed Jul 24 13:54:38.027789 2024] [proxy:error] [pid 22:tid 25] (111)Connection refused: AH00957: http: attempt to connect to 127.0.0.1:9002 (127.0.0.1:9002) failed
[Wed Jul 24 13:54:38.027895 2024] [proxy_http:error] [pid 22:tid 25] [client 10.26.24.52:52664] AH01114: HTTP: failed to make connection to backend: 127.0.0.1
I can’t figure out why. Any clue is welcome ?!
Here is the docker compose :
x-proxy-args: &proxy-args
HTTP_PROXY: http://proxy.mydomaine.com:3333
HTTPS_PROXY: http://proxy.mydomaine.com:3333
no_proxy: localhost,127.0.0.1
x-ether-args: ðer-args
INSTALL_SOFFICE: true
ETHERPAD_PLUGINS: ep_adminpads2 ep_align ep_author_hover ep_font_color ep_font_family ep_font_size ep_headings2 ep_remove_embed ep_set_title_on_pad ep_special_characters ep_subscript_and_superscript ep_table_of_contents
services:
etherpad-libre:
image: etherpad-libre
build:
context: ./etherpad-lite
args:
HTTP_PROXY: ${HTTP_PROXY}
HTTPS_PROXY: ${HTTPS_PROXY}
no_proxy: ${no_proxy}
INSTALL_SOFFICE: ${INSTALL_SOFFICE}
ETHERPAD_PLUGINS: ${ETHERPAD_PLUGINS}
networks:
- etherpad
ports:
- "9001:9001"
volumes:
- ./etherpad-config/libre-settings.json:/opt/etherpad-lite/settings.json
- ./etherpad-config/libre-credentials.json:/opt/etherpad-lite/credentials.json
etherpad-moodle:
image: etherpad-moodle
build:
context: ./etherpad-lite
args:
HTTP_PROXY: ${HTTP_PROXY}
HTTPS_PROXY: ${HTTPS_PROXY}
no_proxy: ${no_proxy}
INSTALL_SOFFICE: ${INSTALL_SOFFICE}
ETHERPAD_PLUGINS: ${ETHERPAD_PLUGINS}
networks:
- etherpad
ports:
- "9002:9001"
volumes:
- ./etherpad-config/moodle-settings.json:/opt/etherpad-lite/settings.json
- ./etherpad-config/moodle-credentials.json:/opt/etherpad-lite/credentials.json
etherpad-redmine:
image: etherpad-redmine
build:
context: ./etherpad-lite
args:
HTTP_PROXY: ${HTTP_PROXY}
HTTPS_PROXY: ${HTTPS_PROXY}
no_proxy: ${no_proxy}
INSTALL_SOFFICE: ${INSTALL_SOFFICE}
ETHERPAD_PLUGINS: ${ETHERPAD_PLUGINS}
networks:
- etherpad
ports:
- "9003:9001"
volumes:
- ./etherpad-config/redmine-settings.json:/opt/etherpad-lite/settings.json
- ./etherpad-config/redmine-credentials.json:/opt/etherpad-lite/credentials.json
apache2-frontal:
image: apache2-frontal
build:
context: ./apache2-frontal
args:
HTTP_PROXY: ${HTTP_PROXY}
HTTPS_PROXY: ${HTTPS_PROXY}
no_proxy: ${no_proxy}
networks:
- etherpad
ports:
- "80:80"
- "443:443"
volumes:
- /etc/certificats/etherpad.mydomaine.com:/etc/certificats/etherpad.mydomaine.com
networks:
etherpad:
driver: bridge
And here is the apache2 configuration :
# préconisations RSSI
ServerTokens Prod
# global servername
ServerName etherpad.mydomaine.com
<VirtualHost *:80>
ServerName etherpad.mydomaine.com
Redirect permanent / https://etherpad.mydomaine.com/libre/
</VirtualHost>
<VirtualHost *:443>
ServerName etherpad.mydomaine.com
# logs
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# SSL
SSLEngine on
SSLCertificateFile /etc/certificats/etherpad.mydomaine.com/cert.pem
SSLCertificateKeyFile /etc/certificats/etherpad.mydomaine.com/privkey.pem
SSLCertificateChainFile /etc/certificats/etherpad.mydomaine.com/fullchain.pem
# préconisations RSSI
ServerSignature Off
FileETag None
<IfModule mod_headers.c>
<Directory />
Header set X-XSS-Protection "1; mode=block"
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
Header always append X-Frame-Options SAMEORIGIN
</Directory>
</IfModule>
# redirection / vers l'Etherpad libre
Redirect permanent / https://etherpad.mydomaine.com/libre/
# Etherpad réécritures
RewriteEngine On
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteRule ^/libre/socket.io/(.*) ws://etherpad-libre:9001/socket.io/$1 [P,L]
RewriteRule ^/moodle/socket.io/(.*) ws://etherpad-moodle:9002/socket.io/$1 [P,L]
RewriteRule ^/redmine/socket.io/(.*) ws://etherpad-redmine:9003/socket.io/$1 [P,L]
# Etherpad proxypass
ProxyVia On
ProxyRequests Off
ProxyPreserveHost On
ProxyPass /libre/ http://etherpad-libre:9001/
ProxyPassReverse /libre/ http://etherpad-libre:9001/
ProxyPass /moodle/ http://etherpad-moodle:9002/
ProxyPassReverse /moodle/ http://etherpad-moodle:9002/
ProxyPass /redmine/ http://etherpad-redmine:9003/
ProxyPassReverse /redmine/ http://etherpad-redmine:9003/
<Proxy *>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Proxy>
</VirtualHost>