Upload behind NGINX as Reverse proxy not possible

Hi everyone!

I’ve installed Teddycloud on a public VPS using docker-compose and nginx. Everything seems to be working fine so far.

The web panel is secured with basic auth. I’ve managed to connect my ESP32-Box and the web GUI is functioning as expected.

However, I’m facing an issue with uploading files to the Teddycloud. The library or audio encoder seems to be causing trouble.

Here’s what I’ve found:

NGINX:

upstream prematurely closed connection while reading response header from upstream

Teddycloud:

WARN |platform_linux.c:0293:socketReceive| buffer does not contain null terminator

You can find my setup details and more logs here:

Any ideas on how to resolve this issue? I’ve tried increasing the nginx buffer, but it didn’t help. Any input would be greatly appreciated.

regards,
Quentendo64

1 Like

What version of teddyCloud are you using?

At the moment: TeddyCloud v0.6.4 (f13703a)

It works fine for me on v0.6.4 with nginx-proxymanager in the default configuration.
Are there any more errors around it?

1 Like

Then I just switch to the nginx-proxymanager as well and give it a try.

Could you share your Config with me for some guidance?

1 Like

I am using the default configuration.

1 Like

So, you don’t perform any authentication for the web UI? You just proxy everything to the teddycloud container?

No, I don’t host it publicly, so no need for that.

To how much? Where did you configure this? How big is the file you are trying to upload?

edit:
Besides increasing upload size, did you also increase any timeouts? Is the upload failing everytime after the same amount of time?
Are you using temp files? →Module ngx_http_proxy_module

Ahh… Then thats a different situation.

Hi @Magician,

I set:
client_max_body_size 128M;

No adjustments for timeouts etc.
Do you have a external teddycloud instance up and running? Any examples?

Unfortunately not, but i would be interested in setting this up if there would be some guidance.

I had some busy last weeks. But this weekend I will invest some time and try out a new configuration. If I found a working solution I keep you updated.

1 Like

@Magician
I did some rework on my compose file and the config. Try this as a starting point:

I have a similar problem and already done some debugging but without success.

My pretty minimal nginx config looks like this. I am using ipv6 only for the webinterface to not conflict with the connection of the box (which is ipv4 only).

events {}

http
{

client_max_body_size 200M;

server {
    listen [::]:80 default_server;

    server_name my.domain;
    server_tokens off;

    location /.well-known/acme-challenge/ {
        root /var/www/certbot;
    }

    location / {
        return 301 https://my.domain$request_uri;
    }
}

server {
    listen [::]:443 ssl;

    server_name my.domain;

    ssl_certificate /etc/letsencrypt/live/my.domain/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/my.domain/privkey.pem;
    
    location / {
        auth_basic             "Restricted";
        auth_basic_user_file   /www/.htpasswd;
    	proxy_pass http://127.0.0.1$request_uri;
    }
}
}

Before adding client_max_body_size I got

[error] 21#21: *12 client intended to send too large body: 140480148 bytes

in nginx when encoding anything but the smallest files.
With that setting I get

[error] 22#22: *1 writev() failed (32: Broken pipe) while sending request to upstream

Hi @devnull,

My recommendation is:
Use the TeddyCloudStarter as Config Generator.
The Configuration there is working.

I can confirm that. Very smooth :slight_smile: and easy to use.

From security point also as far as I can see very good :slight_smile:

1 Like

TeddyCloudStarter itself didn’t work well for me but I used its proxy settings and one/some of them seem to make the difference. Didn’t narrow this down further

            proxy_request_buffering off;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Host $server_name;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_max_temp_file_size 4096M;
            proxy_connect_timeout  60s;
            proxy_read_timeout  10800s;
            proxy_send_timeout  10800s;
            send_timeout  10800s;
            proxy_buffers 8 16k;
            proxy_buffer_size 32k;
            proxy_busy_buffers_size 32k;

What was the Problem with teddycloudstarter?