I
Immich5mo ago
Gomo

[SOLVED] 502 Bad Gateway with latest Immich version

After upgrading my Immich to the latest version I am getting "502 Bad Gateway" and cannot access immich / login, etc. I am using Nginx Proxy Manager with a publicly exposed domain. With previous version (v1.122.3) everything worked without issues. This is my .ENV file 
UPLOAD_LOCATION=/mnt/Immich
DB_DATA_LOCATION=./postgres
IMMICH_VERSION=release
DB_PASSWORD=XXXXXXX
IMMICH_TRUSTED_PROXIES=192.X.X.X
DB_USERNAME=XXXX
DB_DATABASE_NAME=XXXX
UPLOAD_LOCATION=/mnt/Immich
DB_DATA_LOCATION=./postgres
IMMICH_VERSION=release
DB_PASSWORD=XXXXXXX
IMMICH_TRUSTED_PROXIES=192.X.X.X
DB_USERNAME=XXXX
DB_DATABASE_NAME=XXXX
And on the Nginx Proxy Manager I have
- websockets support enabled
- block common exploits enabled
- force SSL enabled
- HTTP/2 Support enabled
- HSTS Enabled
- And following custom config added:
client_max_body_size 50000M;
proxy_request_buffering off;
- websockets support enabled
- block common exploits enabled
- force SSL enabled
- HTTP/2 Support enabled
- HSTS Enabled
- And following custom config added:
client_max_body_size 50000M;
proxy_request_buffering off;
I thought I could fix the issue by adding "IMMICH_TRUSTED_PROXIES=192.X.X.X" in the .ENV file but that did not change anything. Your help would be appreciated!
28 Replies
Immich
Immich5mo ago
:wave: Hey @Gomo, Thanks for reaching out to us. Please carefully read this message and follow the recommended actions. This will help us be more effective in our support effort and leave more time for building Immich :immich:. References - Container Logs: docker compose logs docs - Container Status: docker ps -a docs - Reverse Proxy: https://immich.app/docs/administration/reverse-proxy - Code Formatting https://support.discord.com/hc/en-us/articles/210298617-Markdown-Text-101-Chat-Formatting-Bold-Italic-Underline#h_01GY0DAKGXDEHE263BCAYEGFJA Checklist I have... 1. :ballot_box_with_check: verified I'm on the latest release(note that mobile app releases may take some time). 2. :ballot_box_with_check: read applicable release notes. 3. :ballot_box_with_check: reviewed the FAQs for known issues. 4. :ballot_box_with_check: reviewed Github for known issues. 5. :blue_square: tried accessing Immich via local ip (without a custom reverse proxy). 6. :blue_square: uploaded the relevant information (see below). 7. :ballot_box_with_check: tried an incognito window, disabled extensions, cleared mobile app cache, logged out and back in, different browsers, etc. as applicable (an item can be marked as "complete" by reacting with the appropriate number) Information In order to be able to effectively help you, we need you to provide clear information to show what the problem is. The exact details needed vary per case, but here is a list of things to consider: - Your docker-compose.yml and .env files. - Logs from all the containers and their status (see above). - All the troubleshooting steps you've tried so far. - Any recent changes you've made to Immich or your system. - Details about your system (both software/OS and hardware). - Details about your storage (filesystems, type of disks, output of commands like fdisk -l and df -h). - The version of the Immich server, mobile app, and other relevant pieces. - Any other information that you think might be relevant. Please paste files and logs with proper code formatting, and especially avoid blurry screenshots. Without the right information we can't work out what the problem is. Help us help you ;) If this ticket can be closed you can use the /close command, and re-open it later if needed.
Gomo
GomoOP5mo ago
This is my docker-compose.yml 
name: immich
services:
  immich-server:
    container_name: immich_server
    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
    volumes:
      - ${UPLOAD_LOCATION}:/usr/src/app/upload
      - /etc/localtime:/etc/localtime:ro
    env_file:
      - .env
    ports:
      - 2283:2283
    depends_on:
      - redis
      - database
    restart: always

  immich-machine-learning:
    container_name: immich_machine_learning
    image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
    volumes:
      - model-cache:/cache
    env_file:
      - .env
    restart: always

  redis:
    container_name: immich_redis
    image: registry.hub.docker.com/library/redis:6.2-alpine@sha256:84882e87b54734154586e5f8abd4dce69fe7311315e2fc6d67c29614c8de>
    restart: always

  database:
    container_name: immich_postgres
    image: registry.hub.docker.com/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9d>
    environment:
      POSTGRES_PASSWORD: ${DB_PASSWORD}
      POSTGRES_USER: ${DB_USERNAME}
      POSTGRES_DB: ${DB_DATABASE_NAME}
      POSTGRES_INITDB_ARGS: '--data-checksums'
    volumes:
      - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
    restart: always
    command: ["postgres", "-c" ,"shared_preload_libraries=vectors.so", "-c", 'search_path="$$user", public, vectors', "-c", "lo>

volumes:
  model-cache:
name: immich
services:
  immich-server:
    container_name: immich_server
    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
    volumes:
      - ${UPLOAD_LOCATION}:/usr/src/app/upload
      - /etc/localtime:/etc/localtime:ro
    env_file:
      - .env
    ports:
      - 2283:2283
    depends_on:
      - redis
      - database
    restart: always

  immich-machine-learning:
    container_name: immich_machine_learning
    image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
    volumes:
      - model-cache:/cache
    env_file:
      - .env
    restart: always

  redis:
    container_name: immich_redis
    image: registry.hub.docker.com/library/redis:6.2-alpine@sha256:84882e87b54734154586e5f8abd4dce69fe7311315e2fc6d67c29614c8de>
    restart: always

  database:
    container_name: immich_postgres
    image: registry.hub.docker.com/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9d>
    environment:
      POSTGRES_PASSWORD: ${DB_PASSWORD}
      POSTGRES_USER: ${DB_USERNAME}
      POSTGRES_DB: ${DB_DATABASE_NAME}
      POSTGRES_INITDB_ARGS: '--data-checksums'
    volumes:
      - ${DB_DATA_LOCATION}:/var/lib/postgresql/data
    restart: always
    command: ["postgres", "-c" ,"shared_preload_libraries=vectors.so", "-c", 'search_path="$$user", public, vectors', "-c", "lo>

volumes:
  model-cache:
Alex Tran
Alex Tran5mo ago
Let's remove IMMICH_TRUSTED_PROXIES. Can you check if you can access the instance over local IP?
Zeus
Zeus5mo ago
Alex, what is that env var actually supposed to do..?
Alex Tran
Alex Tran5mo ago
I don't know without diving into the code 😛
Alex Tran
Alex Tran5mo ago
No description
Zeus
Zeus5mo ago
well I just tested and I don't think it does anything lol I am digging through the code rn #11286 I don't think it actually does anything lol
Immich
Immich5mo ago
[Pull Request] feat(server): add IP trust list for reverse proxy (immich-app/immich#11286)
Zeus
Zeus5mo ago
not to sidebar, but I think maybe we need a GH issue or something because I don't think we enforce anything based on it currently
Gomo
GomoOP5mo ago
docker logs immich_server

message.txt

Daniel
Daniel5mo ago
That should be handled by nestjs ootb
Gomo
GomoOP5mo ago
Instance cannot be reached via local IP no matter if this entry is present or not.
bo0tzz
bo0tzz5mo ago
IPs from which it will accept headers indicating the 'actual' client IP
Gomo
GomoOP5mo ago
But now upon exporting logs, I think the issue is not related to the proxy
bo0tzz
bo0tzz5mo ago
Which is then used in logs and such
Zeus
Zeus5mo ago
yeah but uh it doesn't lol
bo0tzz
bo0tzz5mo ago
Those headers usually being set by a reverse proxy ofc It's a nestjs thing So it should :P
Alex Tran
Alex Tran5mo ago
There seems to be issues with your database container can you check the logs of the container?
Daniel
Daniel5mo ago
Gomo
GomoOP5mo ago
Ahhh.. darn it ..
Gomo
GomoOP5mo ago
don't know how I could oversee this
No description
Alex Tran
Alex Tran5mo ago
glad it is easy problem to solve 😄
Gomo
GomoOP5mo ago
I'll deal with the space topic and post an update
Alex Tran
Alex Tran5mo ago
you can clean out dangling docker images with docker image prune
Gomo
GomoOP5mo ago
Ty All working well after I ran "docker image prune" & re-started the instance. One quick additional question, is this needed in Nginx Proxy Manager? 
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; 
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
I am asking as I think it works fine without it?
Zeus
Zeus5mo ago
idk how NPM works but you shold pass those headers somehow whether they do if by default or you need to add it, I do not know
Gomo
GomoOP5mo ago
Alright, will have it added then. Thank you all for looking into my issue, even tho it turned out to be something simple. I appreciate it! ❤️
Mraedis
Mraedis5mo ago
I don't have these set anywhere in NPM and everything works fine just FYI.

Did you find this page helpful?