502 Bad Gateway remains! Meteor.js NGINX

Posted on May 4, 2016

Nginx

Deployment

DNS

DigitalOcean

Ubuntu

By helloe4fb8a1b98

Hi!

I have been researching and trying out many different ways to kill my 502 Bad Gateway but to no success!

Domain Registrar: GoDaddy. My normal home web-page’s domain is mydomain.com which forwards to an instapage website, but I have a subdomain login.mydomain.com to redirect (301) to my DO droplet. Added an A record for login that points to the DO IP.

Deploying Meteor I follow the this guide https://www.digitalocean.com/community/tutorials/how-to-deploy-a-meteor-js-application-on-ubuntu-14-04-with-nginx where I run “sudo npm install” while being the myapp user.

My /etc/nginx/sites-available/myapp.conf file:

server_tokens off;
map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}
server {
    listen 80 default_server; 
    listen [::]:80 default_server ipv6only=on;

    root /usr/share/nginx/html; # root is irrelevant
    index index.html index.htm; # this is also irrelevant

    server_name login.mydomain.com;
    location / {
        rewrite     ^ https://$server_name$request_uri? permanent;
    }
}
server {
    listen 443 ssl spdy;
    server_name login.mydomain.com;
    root html;
    index index.html;

    ssl_certificate /etc/nginx/ssl/server.pem;
    ssl_certificate_key /etc/nginx/ssl/server.key;

    ssl_stapling on;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 5m;

    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:RC4-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK';

    add_header Strict-Transport-Security "max-age=31536000;";
    if ($http_user_agent ~ "MSIE" ) {
        return 303 https://browser-update.org/update.html;
    }
    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade; # allow websockets
        proxy_set_header Connection $connection_upgrade;
        proxy_set_header X-Forwarded-For $remote_addr; # preserve client IP
        if ($uri != '/') {
            expires 30d;
        }
    }
}

My /etc/init/myapp.conf file:

description "Meteor.js (NodeJS) application"
author "Daniel Speichert <daniel@speichert.pro>"
start on started mongodb and runlevel [2345]
stop on shutdown
respawn
respawn limit 10 5
setuid myapp
setgid myapp

script
    export PATH=/opt/local/bin:/opt/local/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
    export NODE_PATH=/usr/lib/nodejs:/usr/lib/node_modules:/usr/share/javascript
    export PWD=/home/myapp
    export HOME=/home/myapp
    export BIND_IP=127.0.0.1
    export PORT=8080
    export HTTP_FORWARDED_COUNT=1
    export MONGO_URL=mongodb://localhost:27017/myapp
    export ROOT_URL=https://login.mydomain.com
    exec node /home/myapp/bundle/main.js >> /home/myapp/myapp.log
end script

NOTES

My DO is Ubuntu 14.04 x64
the names mydomain and myapp are not the same if that matters
I set-up SSL exactly like this: https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-nginx-for-ubuntu-12-04
When I run “start myapp” it says “myapp start/running, process 12218” and when I type “status myapp” it then shows “myapp stop/waiting”.
NGINX is running.
/home/myapp/myapp.log is empty so somehow the Meteor app doesn’t see any errors.
“nginx -t” returns all OK except SSL stapling warning
My NGINX error log says 2016/05/04 00:30:42 [error] 18144#0: *28 connect() failed (111: Connection refused) while connecting to upstream, client: <IP ADDRESS>, server: login.mydomain.com, request: “GET /favicon.ico HTTP/1.1”, upstream: “http://127.0.0.1:8080/favicon.ico”, host: “login.mydomain.com”, referrer: “https://login.mydomain.com/”
My code runs on my localhost just fine on my dev laptop (Mac OS).
I cannot access it on <IP ADDRESS>:8080 so it seems it just can’t reach Meteor on the server.
“sudo netstat -plutn” output: tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 12209/nginx
tcp 0 0 127.0.0.1:28017 0.0.0.0:* LISTEN 2880/mongod
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1103/sshd
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 12209/nginx
tcp 0 0 127.0.0.1:27017 0.0.0.0:* LISTEN 2880/mongod
tcp6 0 0 :::80 :::* LISTEN 12209/nginx
tcp6 0 0 :::22 :::* LISTEN 1103/sshd

Anybody any idea why there’s still a 502 Bad Gateway issue?

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.