Nginx+login sometimes fails with 502

Dear all,

I have configured home assistant and nginx and they work… most of the times.
The both of them start with an init.d file.
I’m running a Raspbian over a raspberry pi 3, set up a https connections using SSL certificates issued by letsencrypt.

Everything works fine. I can connect from the internet.
But, sometimes, it does not work. After the system boot, what I see is:

  • I can enter the dashboard if I connect to from inside my network
  • I can reach the login page from https://mywebsite:7443, but I cannot login. The login attempt takes some time and the file with the error: “Unable to connect”.
    Using the tools provided with the browser, I see that all the network request to websocket, started after I press the “login” button, fails with 502 - bad gateway.
    If I CTRL+F5 to force refresh the page, I see again the login page.
    When this occurs, I can fix the error just restarting nginx. Then everything is back to normal.

Just to be clear: it happens from time to time. Most of the time, everything work.
I suspect some dependency in the start of ha and nginx.
Unfortunately, even if I try manually to start ha BEFORE (or AFTER) nginx, I am not able to replicate the error.

This is my nginx conf:

map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;

server {
    # Update this line to be your domain
    server_name mywebsite;

    # These shouldn't need to be changed
    listen [::]:80 default_server ipv6only=off;
    return 301 https://$host$request_uri;

server {
    # Update this line to be your domain
    server_name mywebsite;

    # Ensure these lines point to your SSL certificate and key
    ssl_certificate /etc/letsencrypt/live/mywebsite/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/mywebsite/privkey.pem;
    # Use these lines instead if you created a self-signed certificate
    # ssl_certificate /etc/nginx/ssl/cert.pem;
    # ssl_certificate_key /etc/nginx/ssl/key.pem;

    # Ensure this line points to your dhparams file
    ssl_dhparam /etc/nginx/ssl/dhparams.pem;

    # These shouldn't need to be changed
    listen [::]:7443 default_server ipv6only=off; # if your nginx version is >= 1.9.5 you can also add the "http2" flag here
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
    ssl on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;

    proxy_buffering off;

    location / {
        proxy_pass http://localhost:8123;
        proxy_set_header Host $host;
        proxy_redirect http:// https://;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;

I can’t find any help online. Can you give me some hint?

I think I found something:


Rewrite your nginx config to use ip, not dns. For instance, instead of localhost , or remove the ipv6 alias from /etc/hosts.

seems to have fixed the problem.

Will update this topic when sure.