Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

nginx-proxy uses default host without DEFAULT_HOST set

See original GitHub issue

We use nginx-proxy in front of about 25 containers with different sub-domains each.

If a container dies or is stopped, requests are just redirected to a different (other sub-domain) container.

We would rather expect a blank error page. Why is this happening? DEFAULT_HOST is not set.

docker run
  --name nginx-proxy 
  --restart always 
  --publish 80:80 
  --publish 443:443 
  --volume /system/nginx/proxy.conf:/etc/nginx/conf.d/my_proxy.conf:ro 
  --volume /system/nginx/htpasswd:/etc/nginx/htpasswd 
  --volume /system/certs:/etc/nginx/certs 
  --volume /var/run/docker.sock:/tmp/docker.sock:ro 
  --log-opt max-size=100m --log-opt max-file=1000 
  --detach jwilder/nginx-proxy

docker run 
  --name nginx-crypt 
  --restart always 
  --volumes-from nginx-proxy 
  --volume /var/run/docker.sock:/var/run/docker.sock:ro 
  --env "DEFAULT_EMAIL=abc@domain.tld" 
  --detach jrcs/letsencrypt-nginx-proxy-companion

docker run \
  --name demo-instance \
  --restart always \
  --env NODE_ENV=production \
  --env CUSTOMER=demo \
  --env VIRTUAL_HOST=demo.domain.tld \
  -d registry.domain.tld:443/system:latest

docker run \
  --name demo2-instance \
  --restart always \
  --env NODE_ENV=production \
  --env CUSTOMER=demo2 \
  --env VIRTUAL_HOST=demo2.domain.tld \
  -d registry.domain.tld:443/system:latest

proxy.conf:

  server_tokens off;
  client_max_body_size 1024m;
  proxy_connect_timeout       300;
  proxy_send_timeout          300;
  proxy_read_timeout          300;
  send_timeout                300;

Issue Analytics

State:
Created 3 years ago
Reactions:1
Comments:7 (1 by maintainers)

Top GitHub Comments

4reactions

bluepuma77commented, Apr 22, 2021

I am currently toying around with traefik. If the web container for a domain is not present it will automatically respond with a plain 404 instead of an arbitrary site that is listening to a different hostname.

Easy use-case: When multiple clients are on one server and a container dies, then I should not show the website of the competition.

If there is a DEFAULT_HOST functionality, then nginx-proxy should not just use an arbitrary service when the variable is not defined, but rather respond with a 404 or similar.

2reactions

junderwcommented, Sep 24, 2021

For now it seems wise to add a small container serving just a 502 page, set it as 502.yourdomain.com and set it as your DEFAULT_HOST.

Since this is the default behavior of nginx, the only way this could really be “fixed” is by making the above process more automated by adding DEFAULT_502 etc. option that will add a default_server which returns 502, and turn it off by default.

Top Results From Across the Web

jwilder/nginx-proxy - Docker Image

nginx-proxy sets up a container running nginx and docker-gen. docker-gen ... To set the default host for nginx use the env var DEFAULT_HOST=foo.bar.com...

Nginx default host when not defined - Server Fault

In this configuration nginx tests only the request's header field “Host” to determine which server the request should be routed to.

Docker proxy with custom networks - Stack Overflow

The problem was that I had the environment variable DEFAULTHOST: my-default-domain.com set in the docker-compose of the proxy container.

User Manual - M/Monit

If you need to setup firewall rules for M/Monit, the default set of rules will be: ... the defaultHost attribute in the <Engine>...

Apache Tomcat 9 Configuration Reference (9.0.70-dev)

If no match is found, the request is routed to the default host. ... MUST have a name that matches the defaultHost setting...