no servers inside upstream in /etc/nginx/conf.d/default.conf

[steffen-p]

Description

On my x86 fedora 33 server environment I face the following issue with latest nginx-proxy image. The automatic default.conf generation seems to fail and results in an empty upstream configuration.

Steps to Reproduce

I use this minimal example:

version: '2'

services:
  nginx-proxy:
    image: jwilder/nginx-proxy
    ports:
      - "80:80"
    volumes:
      - /var/run/docker.sock:/tmp/docker.sock:ro

  whoami:
    image: jwilder/whoami
    environment:
      - VIRTUAL_HOST=whoami.local

Startup log:

 admin@tpdachsserver:~/repos/reverse-proxy-test    ▶  docker-compose up              
Creating network "reverse-proxy-test_default" with the default driver
Creating reverse-proxy-test_nginx-proxy_1 ... done
Creating reverse-proxy-test_whoami_1      ... done
Attaching to reverse-proxy-test_whoami_1, reverse-proxy-test_nginx-proxy_1
whoami_1       | Listening on :8000
nginx-proxy_1  | WARNING: /etc/nginx/dhparam/dhparam.pem was not found. A pre-generated dhparam.pem will be used for now while a new one
nginx-proxy_1  | is being generated in the background.  Once the new dhparam.pem is in place, nginx will be reloaded.
nginx-proxy_1  | forego     | starting dockergen.1 on port 5000
nginx-proxy_1  | forego     | starting nginx.1 on port 5100
nginx-proxy_1  | dockergen.1 | 2021/01/02 03:07:54 Generated '/etc/nginx/conf.d/default.conf' from 2 containers
nginx-proxy_1  | dockergen.1 | 2021/01/02 03:07:54 Running 'nginx -s reload'
nginx-proxy_1  | dockergen.1 | 2021/01/02 03:07:54 Error running notify command: nginx -s reload, exit status 1
nginx-proxy_1  | dockergen.1 | 2021/01/02 03:07:54 Watching docker events
nginx-proxy_1  | dockergen.1 | 2021/01/02 03:07:54 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload'
nginx-proxy_1  | 2021/01/02 03:07:55 [emerg] 47#47: no servers are inside upstream in /etc/nginx/conf.d/default.conf:58
nginx-proxy_1  | nginx: [emerg] no servers are inside upstream in /etc/nginx/conf.d/default.conf:58
nginx-proxy_1  | Generating DSA parameters, 4096 bit long prime
nginx-proxy_1  | dhparam generation complete, reloading nginx
nginx-proxy_1  | nginx.1    | 172.28.0.1 - - [02/Jan/2021:03:11:18 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.71.1" "-"

As a consequence curl request returns the following:

Curl request

admin@tpdachsserver:~    ▶  curl -H "Host: whoami.local" localhost
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

Please expand to see the resulting configuration:

default.conf

 admin@tpdachsserver:~/repos/reverse-proxy-test $  docker exec -it reverse-proxy-test_nginx-proxy_1 cat /etc/nginx/conf.d/default.conf 
# If we receive X-Forwarded-Proto, pass it through; otherwise, pass along the
# scheme used to connect to this server
map $http_x_forwarded_proto $proxy_x_forwarded_proto {
  default $http_x_forwarded_proto;
  ''      $scheme;
}
# If we receive X-Forwarded-Port, pass it through; otherwise, pass along the
# server port the client connected to
map $http_x_forwarded_port $proxy_x_forwarded_port {
  default $http_x_forwarded_port;
  ''      $server_port;
}
# If we receive Upgrade, set Connection to "upgrade"; otherwise, delete any
# Connection header that may have been passed to this server
map $http_upgrade $proxy_connection {
  default upgrade;
  '' close;
}

# Apply fix for very long server names
server_names_hash_bucket_size 128;
# Default dhparam
ssl_dhparam /etc/nginx/dhparam/dhparam.pem;
# Set appropriate X-Forwarded-Ssl header
map $scheme $proxy_x_forwarded_ssl {
  default off;
  https on;
}
gzip_types text/plain text/css application/javascript application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
log_format vhost '$host $remote_addr - $remote_user [$time_local] '
                 '"$request" $status $body_bytes_sent '
                 '"$http_referer" "$http_user_agent"';
access_log off;
		ssl_protocols TLSv1.2 TLSv1.3;
		ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384';
		ssl_prefer_server_ciphers off;
resolver 127.0.0.11;
# HTTP 1.1 support
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $proxy_connection;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
proxy_set_header X-Forwarded-Ssl $proxy_x_forwarded_ssl;
proxy_set_header X-Forwarded-Port $proxy_x_forwarded_port;
# Mitigate httpoxy attack (see README for details)
proxy_set_header Proxy "";
server {
	server_name _; # This is just an invalid value which will never trigger on a real hostname.
	listen 80;
	access_log /var/log/nginx/access.log vhost;
	return 503;
}
# whoami.local
upstream whoami.local {
}
server {
	server_name whoami.local;
	listen 80 ;
	access_log /var/log/nginx/access.log vhost;
	location / {
		proxy_pass http://whoami.local;
	}
}

Pre-Analysis

I found one common issue which often results in this behaviour. It needs to be ensured the started containers are really in the same network and can reach each other. I tried many variants with external network and manually adding the containers to that network etc. All without success.

The second hint I found is that in some cases cgroup might be a reason .Docker.CurrentContainerID, used in nginx.tmpl, can't be resolved. Since Fedora33 uses cgroup2 there might be a link. However, I lack the debug knowledge on how to check whether .Docker.CurrentContainerID is empty or not. I tried this very same example on an Debian Stretch server with 4.9 Kernel. Here the default.conf gets configured correctly. Thus, I assume some relation to the host environment.

Please let me know the supported Information is not sufficient. I'm grateful for any kind of support. TIA

Thanks,
Steffen

Update #1

After some investigation I found that CurrentContainerID is empty and docker-gen can not get the information to fill the template.
I prepared a RFC PR and a preliminary fix here: nginx-proxy/docker-gen#335

[christianuhlmann]

push for nginx-proxy/docker-gen#335

[mejo-]

I ran into the same problem with Docker 20.10.3 on Debian Bullseye. @jwilder would you mind looking into (and merging) nginx-proxy/docker-gen#335

[andriusdj]

Hi,

The same issue is here. However some of my containers have host names set in their docker-compose file, e.g.:

gyventojams:
    container_name: gyventojams
    hostname: gyventojams

Some do not have the hostname set but all of them have a pingable/reachable hostname in /etc/hostname or by running hostname command, e.g. hostname=$(hostname):

bash-4.4$ hostname
gyventojams
bash-4.4$ cat /etc/hostname
gyventojams

this one does not have hostname set in the config:

giantus_mysql:
    container_name: giantus-mysql

www-data@637dbe8aec88:/$ cat /etc/hostname
637dbe8aec88
www-data@637dbe8aec88:/$ hostname
637dbe8aec88

both can be reached by either "gyventojams" or "637dbe8aec88" hostname from within the containers or the docker network.

I am on Debian bullseye (11) and Docker 20.10.

The development environment here has stopped working!

Regards

[hathagat]

@christianuhlmann @mejo- @andriusdj You can find a fix here.

[daisukixci]

I have the same issue and tried the fix by building myself the following image for the proxy (I changed the DOCKER_GEN_VERSION=0.7.5 to match the last tagged version which looks like embed the patch supposed to fix ):

# setup build arguments for version of dependencies to use
ARG DOCKER_GEN_VERSION=0.7.5
ARG FOREGO_VERSION=0.16.1

# Use a specific version of golang to build both binaries
FROM golang:1.15.10 as gobuilder

# Build docker-gen from scratch
FROM gobuilder as dockergen

# Download the sources for the given version
ARG DOCKER_GEN_VERSION
ADD https://github.com/jwilder/docker-gen/archive/${DOCKER_GEN_VERSION}.tar.gz sources.tar.gz

# Move the sources into the right directory
RUN tar -xzf sources.tar.gz && \
   mkdir -p /go/src/github.com/jwilder/ && \
   mv docker-gen-* /go/src/github.com/jwilder/docker-gen

# Install the dependencies and make the docker-gen executable
WORKDIR /go/src/github.com/jwilder/docker-gen
RUN go get -v ./... && \
   CGO_ENABLED=0 GOOS=linux go build -ldflags "-X main.buildVersion=${DOCKER_GEN_VERSION}" ./cmd/docker-gen

# Build forego from scratch
# Because this relies on golang workspaces, we need to use go < 1.8.
FROM gobuilder as forego

# Download the sources for the given version
ARG FOREGO_VERSION
ADD https://github.com/jwilder/forego/archive/v${FOREGO_VERSION}.tar.gz sources.tar.gz

# Move the sources into the right directory
RUN tar -xzf sources.tar.gz && \
   mkdir -p /go/src/github.com/ddollar/ && \
   mv forego-* /go/src/github.com/ddollar/forego

# Install the dependencies and make the forego executable
WORKDIR /go/src/github.com/ddollar/forego/
RUN go get -v ./... && \
   CGO_ENABLED=0 GOOS=linux go build -o forego .

# Build the final image
FROM nginx:1.19.3
LABEL maintainer="Jason Wilder mail@jasonwilder.com"

# Install wget and install/updates certificates
RUN apt-get update \
 && apt-get install -y -q --no-install-recommends \
    ca-certificates \
    wget \
 && apt-get clean \
 && rm -r /var/lib/apt/lists/*


# Configure Nginx and apply fix for very long server names
RUN echo "daemon off;" >> /etc/nginx/nginx.conf \
 && sed -i 's/worker_processes  1/worker_processes  auto/' /etc/nginx/nginx.conf

# Install Forego + docker-gen
COPY --from=forego /go/src/github.com/ddollar/forego/forego /usr/local/bin/forego
COPY --from=dockergen /go/src/github.com/jwilder/docker-gen/docker-gen /usr/local/bin/docker-gen

# Add DOCKER_GEN_VERSION environment variable
# Because some external projects rely on it
ARG DOCKER_GEN_VERSION
ENV DOCKER_GEN_VERSION=${DOCKER_GEN_VERSION}

COPY network_internal.conf /etc/nginx/

COPY . /app/
WORKDIR /app/

ENV DOCKER_HOST unix:///tmp/docker.sock

VOLUME ["/etc/nginx/certs", "/etc/nginx/dhparam"]

ENTRYPOINT ["/app/docker-entrypoint.sh"]
CMD ["forego", "start", "-r"]

But got the same upstream error
Here is my docker info

Client:
 Context:    default
 Debug Mode: false
 Plugins:
  app: Docker App (Docker Inc., v0.9.1-beta3)
  buildx: Build with BuildKit (Docker Inc., v0.5.1-tp-docker)

Server:
 Containers: 10
  Running: 5
  Paused: 0
  Stopped: 5
 Images: 31
 Server Version: 20.10.5
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: false
 Logging Driver: json-file
 Cgroup Driver: systemd
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: active
  NodeID: REDACTED
  Is Manager: true
  ClusterID: REDACTED
  Managers: 1
  Nodes: 1
  Default Address Pool: 10.0.0.0/8
  SubnetSize: 24
  Data Path Port: 4789
  Orchestration:
   Task History Retention Limit: 5
  Raft:
   Snapshot Interval: 10000
   Number of Old Snapshots to Retain: 0
   Heartbeat Tick: 1
   Election Tick: 10
  Dispatcher:
   Heartbeat Period: 5 seconds
  CA Configuration:
   Expiry Duration: 3 months
   Force Rotate: 0
  Autolock Managers: false
  Root Rotation In Progress: false
  Node Address: REDACTED
  Manager Addresses:
   REDACTED
 Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 05f951a3781f4f2c1911b05e61c160e9c30eaa8e.m
 runc version: 12644e614e25b05da6fd08a38ffa0cfe1903fdec
 init version: de40ad0
 Security Options:
  seccomp
   Profile: default
  cgroupns
 Kernel Version: 5.11.11-arch1-1
 Operating System: Arch Linux
 OSType: linux
 Architecture: x86_64
 CPUs: 8
 Total Memory: 15.59GiB
 Name: REDACTED
 ID: XB5C:65VO:KHNJ:DLXF:NGS2:LDHI:HX34:EOJW:PWSZ:IURK:UKSW:WFCJ
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

WARNING: Support for cgroup v2 is experimental

EDIT: It looks like the upstream in default.conf is indeed empty where I run it locally it's filled, so maybe linked to Arch/Docker swarm

[daisukixci]

The cat /proc/self/moutinfo inside the nginxproxy doesn't show the others containers

cat /proc/self/mountinfo
705 661 0:96 / / rw,relatime master:192 - overlay overlay rw,lowerdir=/var/lib/docker/overlay2/l/CVAK3VWZFQCUGTLHRJHPEKJ4UL:/var/lib/docker/overlay2/l/XMJZ73SKVWVECU7TJCOY62F3H2:/var/lib/docker/overlay2/l/AVNBXO52GHDY3MZU3R4RCSNMCE:/var/lib/docker/overlay2/l/L4IJZ33E6NAMXJ5W3SKJSVX5TS:/var/lib/docker/overlay2/l/JXAUAD5TDJCXA34FGS6NYGUZKT:/var/lib/docker/overlay2/l/TBQDSAFKBSTFMUS3QCFWN5NRLB:/var/lib/docker/overlay2/l/MXIUXRGB7MU4Y4NUNZE2VXTXIN:/var/lib/docker/overlay2/l/HN7E4YWJG7TMG7BXLZTGICTBOA:/var/lib/docker/overlay2/l/65XQPC72Z5VRY4THGASZIQXS57:/var/lib/docker/overlay2/l/BVQKC7LU6D7MOSLBDKFHY7YSO3:/var/lib/docker/overlay2/l/R4GGX3SFPMLXTNM3WKMVOKDTOY:/var/lib/docker/overlay2/l/VHGYTU73JLTRCGX45ZF2VGW4FK,upperdir=/var/lib/docker/overlay2/e1fab975d5ffd51474b11a964c82c3bfda1c0e82aec6845a1f12c8150bf61419/diff,workdir=/var/lib/docker/overlay2/e1fab975d5ffd51474b11a964c82c3bfda1c0e82aec6845a1f12c8150bf61419/work,index=off
706 705 0:105 / /proc rw,nosuid,nodev,noexec,relatime - proc proc rw
707 705 0:106 / /dev rw,nosuid - tmpfs tmpfs rw,size=65536k,mode=755,inode64
708 707 0:107 / /dev/pts rw,nosuid,noexec,relatime - devpts devpts rw,gid=5,mode=620,ptmxmode=666
709 705 0:108 / /sys ro,nosuid,nodev,noexec,relatime - sysfs sysfs ro
710 709 0:25 / /sys/fs/cgroup ro,nosuid,nodev,noexec,relatime - cgroup2 cgroup rw,nsdelegate,memory_recursiveprot
711 707 0:104 / /dev/mqueue rw,nosuid,nodev,noexec,relatime - mqueue mqueue rw
712 707 0:109 / /dev/shm rw,nosuid,nodev,noexec,relatime - tmpfs shm rw,size=65536k,inode64
713 705 8:3 /var/lib/docker/containers/e881f8c51a72db7da515e9d5cab8ed105b869579eb9923fdcf4ee80933160802/resolv.conf /etc/resolv.conf rw,relatime - ext4 /dev/sda3 rw
714 705 8:3 /var/lib/docker/containers/e881f8c51a72db7da515e9d5cab8ed105b869579eb9923fdcf4ee80933160802/hostname /etc/hostname rw,relatime - ext4 /dev/sda3 rw
715 705 8:3 /var/lib/docker/containers/e881f8c51a72db7da515e9d5cab8ed105b869579eb9923fdcf4ee80933160802/hosts /etc/hosts rw,relatime - ext4 /dev/sda3 rw
716 705 8:3 /var/lib/docker/volumes/ca8074e1a2eb12edc86c59c5108bb48c31bb7ace4b90beb0da8137a9baa45812/_data /etc/nginx/certs rw,relatime master:1 - ext4 /dev/sda3 rw
717 705 8:3 /var/lib/docker/volumes/2cf8a52c907469a56f6e2cc7d1959d74a4dd04131e7edcd53eaf909db28f770f/_data /etc/nginx/dhparam rw,relatime master:1 - ext4 /dev/sda3 rw
662 707 0:107 /0 /dev/console rw,nosuid,noexec,relatime - devpts devpts rw,gid=5,mode=620,ptmxmode=666
663 706 0:105 /bus /proc/bus ro,relatime - proc proc rw
664 706 0:105 /fs /proc/fs ro,relatime - proc proc rw
665 706 0:105 /irq /proc/irq ro,relatime - proc proc rw
666 706 0:105 /sys /proc/sys ro,relatime - proc proc rw
667 706 0:105 /sysrq-trigger /proc/sysrq-trigger ro,relatime - proc proc rw
668 706 0:110 / /proc/acpi ro,relatime - tmpfs tmpfs ro,inode64
669 706 0:106 /null /proc/kcore rw,nosuid - tmpfs tmpfs rw,size=65536k,mode=755,inode64
670 706 0:106 /null /proc/keys rw,nosuid - tmpfs tmpfs rw,size=65536k,mode=755,inode64
671 706 0:106 /null /proc/latency_stats rw,nosuid - tmpfs tmpfs rw,size=65536k,mode=755,inode64
672 706 0:106 /null /proc/timer_list rw,nosuid - tmpfs tmpfs rw,size=65536k,mode=755,inode64
673 706 0:106 /null /proc/sched_debug rw,nosuid - tmpfs tmpfs rw,size=65536k,mode=755,inode64
674 706 0:111 / /proc/scsi ro,relatime - tmpfs tmpfs ro,inode64
675 709 0:112 / /sys/firmware ro,relatime - tmpfs tmpfs ro,inode64

[buchdag]

@daisukixci could you docker inspect the nginx-proxy container and post the result ?

[buchdag]

The /proc/self/moutinfo (and /proc/self/cgroup) file(s) aren't used by docker-gen to find the ID of the other containers but to find its own container ID, which is in turn used to find the Docker network(s) the container is attached to, and that info is used to avoid adding containers IP that the nginx-proxy container can't reach because they're not in the same network to begin with.

[daisukixci]

@daisukixci could you docker inspect the nginx-proxy container and post the result ?

Here it is @buchdag

 docker inspect web_reverseproxy.1.5axd16mkemdtpgm8xag8tk3og
[
    {
        "Id": "77f4d9c968d036e7c04600b71ce7e511d3c4f213bab2813523df2e18bc336a8e",
        "Created": "2021-04-08T12:32:02.716284607Z",
        "Path": "/app/docker-entrypoint.sh",
        "Args": [
            "forego",
            "start",
            "-r"
        ],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 3826314,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2021-04-08T12:32:08.871440706Z",
            "FinishedAt": "0001-01-01T00:00:00Z"
        },
        "Image": "sha256:a615f5f74df3ded2c800483c09d062d01c37d02a660510393678c573808269ca",
        "ResolvConfPath": "/var/lib/docker/containers/77f4d9c968d036e7c04600b71ce7e511d3c4f213bab2813523df2e18bc336a8e/resolv.conf",
        "HostnamePath": "/var/lib/docker/containers/77f4d9c968d036e7c04600b71ce7e511d3c4f213bab2813523df2e18bc336a8e/hostname",
        "HostsPath": "/var/lib/docker/containers/77f4d9c968d036e7c04600b71ce7e511d3c4f213bab2813523df2e18bc336a8e/hosts",
        "LogPath": "/var/lib/docker/containers/77f4d9c968d036e7c04600b71ce7e511d3c4f213bab2813523df2e18bc336a8e/77f4d9c968d036e7c04600b71ce7e511d3c4f213bab2813523df2e18bc336a8e-json.log",
        "Name": "/web_reverseproxy.1.5axd16mkemdtpgm8xag8tk3og",
        "RestartCount": 0,
        "Driver": "overlay2",
        "Platform": "linux",
        "MountLabel": "",
        "ProcessLabel": "",
        "AppArmorProfile": "",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": null,
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "json-file",
                "Config": {}
            },
            "NetworkMode": "default",
            "PortBindings": {},
            "RestartPolicy": {
                "Name": "",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": null,
            "CapAdd": null,
            "CapDrop": null,
            "CgroupnsMode": "private",
            "Dns": null,
            "DnsOptions": null,
            "DnsSearch": null,
            "ExtraHosts": null,
            "GroupAdd": null,
            "IpcMode": "private",
            "Cgroup": "",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "Privileged": false,
            "PublishAllPorts": false,
            "ReadonlyRootfs": false,
            "SecurityOpt": null,
            "UTSMode": "",
            "UsernsMode": "",
            "ShmSize": 67108864,
            "Runtime": "runc",
            "ConsoleSize": [
                0,
                0
            ],
            "Isolation": "default",
            "CpuShares": 0,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": null,
            "BlkioDeviceReadBps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteIOps": null,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": null,
            "DeviceCgroupRules": null,
            "DeviceRequests": null,
            "KernelMemory": 0,
            "KernelMemoryTCP": 0,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": null,
            "OomKillDisable": null,
            "PidsLimit": null,
            "Ulimits": [],
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0,
            "Mounts": [
                {
                    "Type": "bind",
                    "Source": "REDACTED/reverseproxy/conf.d",
                    "Target": "/etc/nginx/conf.d"
                },
                {
                    "Type": "bind",
                    "Source": "REDACTED/reverseproxy/vhost.d",
                    "Target": "/etc/nginx/vhost.d"
                },
                {
                    "Type": "bind",
                    "Source": "REDACTED/reverseproxy/html",
                    "Target": "/usr/share/nginx/html"
                },
                {
                    "Type": "bind",
                    "Source": "REDACTED/reverseproxy/certs",
                    "Target": "/etc/nginx/certs",
                    "ReadOnly": true
                },
                {
                    "Type": "bind",
                    "Source": "/etc/localtime",
                    "Target": "/etc/localtime",
                    "ReadOnly": true
                },
                {
                    "Type": "bind",
                    "Source": "/var/run/docker.sock",
                    "Target": "/tmp/docker.sock",
                    "ReadOnly": true
                }
            ],
            "MaskedPaths": [
                "/proc/asound",
                "/proc/acpi",
                "/proc/kcore",
                "/proc/keys",
                "/proc/latency_stats",
                "/proc/timer_list",
                "/proc/timer_stats",
                "/proc/sched_debug",
                "/proc/scsi",
                "/sys/firmware"
            ],
            "ReadonlyPaths": [
                "/proc/bus",
                "/proc/fs",
                "/proc/irq",
                "/proc/sys",
                "/proc/sysrq-trigger"
            ]
        },
        "GraphDriver": {
            "Data": {
                "LowerDir": "/var/lib/docker/overlay2/b2ade9e006d1fd9c6dac771cacb29639c99be9358710ff8a7098ccaa4826e929-init/diff:/var/lib/docker/overlay2/9535c238035a883a593cf82e3ead0a2b52169655046810269c18801346b15f30/diff:/var/lib/docker/overlay2/f24d9aba6af9e72c498c5b7948052319ecd16b060d72f3ed3002c0b64f3a82c2/diff:/var/lib/docker/overlay2/dd37898cacb36b4ff1c2586811af88fec013ef037d58703e68d478eb7eba81b1/diff:/var/lib/docker/overlay2/76c9404f1d346e007c54abf55bec84514cf0933f32591bd77c07e5805998b75a/diff:/var/lib/docker/overlay2/5a11291e8d43db11354cdbdfad8cc5de599ad8dbdf505556e7542ca98301fe78/diff:/var/lib/docker/overlay2/9ea87db8702a2ba81595448c37bfbdef2946dbf8f4b226d414a6d350cc161b3b/diff:/var/lib/docker/overlay2/a245da6b126496fd512367e50524683db743b34d14d8635a73098e844f3bcc9c/diff:/var/lib/docker/overlay2/601ade3c93d74617b1d25542bcd9d2bb0eb063e75e08863834a610bffcf94538/diff:/var/lib/docker/overlay2/601beabfc8f3ba4691f746dceec2b2805d04df67859942c138a2983f4087ae6a/diff:/var/lib/docker/overlay2/093d2e5d6e8fc016512b189781afa331467e2c3430cef24e363373acc6e3db5f/diff:/var/lib/docker/overlay2/7b6e18291277fb7fe2e53c788c2f8942318232c5eaef7fddd3f6fe4babb188f5/diff",
                "MergedDir": "/var/lib/docker/overlay2/b2ade9e006d1fd9c6dac771cacb29639c99be9358710ff8a7098ccaa4826e929/merged",
                "UpperDir": "/var/lib/docker/overlay2/b2ade9e006d1fd9c6dac771cacb29639c99be9358710ff8a7098ccaa4826e929/diff",
                "WorkDir": "/var/lib/docker/overlay2/b2ade9e006d1fd9c6dac771cacb29639c99be9358710ff8a7098ccaa4826e929/work"
            },
            "Name": "overlay2"
        },
        "Mounts": [
            {
                "Type": "bind",
                "Source": "/var/run/docker.sock",
                "Destination": "/tmp/docker.sock",
                "Mode": "",
                "RW": false,
                "Propagation": "rprivate"
            },
            {
                "Type": "volume",
                "Name": "b3727d891e3628a85ff31507d42e2a90f0f89f887ef209e0f23b190a562deba3",
                "Source": "/var/lib/docker/volumes/b3727d891e3628a85ff31507d42e2a90f0f89f887ef209e0f23b190a562deba3/_data",
                "Destination": "/etc/nginx/dhparam",
                "Driver": "local",
                "Mode": "",
                "RW": true,
                "Propagation": ""
            },
            {
                "Type": "bind",
                "Source": "REDACTED/reverseproxy/conf.d",
                "Destination": "/etc/nginx/conf.d",
                "Mode": "",
                "RW": true,
                "Propagation": "rprivate"
            },
            {
                "Type": "bind",
                "Source": "REDACTED/reverseproxy/vhost.d",
                "Destination": "/etc/nginx/vhost.d",
                "Mode": "",
                "RW": true,
                "Propagation": "rprivate"
            },
            {
                "Type": "bind",
                "Source": "REDACTED/reverseproxy/html",
                "Destination": "/usr/share/nginx/html",
                "Mode": "",
                "RW": true,
                "Propagation": "rprivate"
            },
            {
                "Type": "bind",
                "Source": "REDACTED/reverseproxy/certs",
                "Destination": "/etc/nginx/certs",
                "Mode": "",
                "RW": false,
                "Propagation": "rprivate"
            },
            {
                "Type": "bind",
                "Source": "/etc/localtime",
                "Destination": "/etc/localtime",
                "Mode": "",
                "RW": false,
                "Propagation": "rprivate"
            }
        ],
        "Config": {
            "Hostname": "reverseproxy",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "80/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "NGINX_VERSION=1.19.3",
                "NJS_VERSION=0.4.4",
                "PKG_RELEASE=1",
                "DOCKER_GEN_VERSION=0.7.4",
                "DOCKER_HOST=unix:///tmp/docker.sock"
            ],
            "Cmd": [
                "forego",
                "start",
                "-r"
            ],
            "Image": "jwilder/nginx-proxy:alpine@sha256:ec8af88085f179858d57676ea9c7cce742fbaf1a154c7458d2f684b869db7604",
            "Volumes": {
                "/etc/nginx/certs": {},
                "/etc/nginx/dhparam": {}
            },
            "WorkingDir": "/app",
            "Entrypoint": [
                "/app/docker-entrypoint.sh"
            ],
            "OnBuild": null,
            "Labels": {
                "com.docker.stack.namespace": "web",
                "com.docker.swarm.node.id": "2qk202sqpighsfg9gi9n8m1es",
                "com.docker.swarm.service.id": "m2fp2dynu1agvia7g127lx9ew",
                "com.docker.swarm.service.name": "web_reverseproxy",
                "com.docker.swarm.task": "",
                "com.docker.swarm.task.id": "5axd16mkemdtpgm8xag8tk3og",
                "com.docker.swarm.task.name": "web_reverseproxy.1.5axd16mkemdtpgm8xag8tk3og",
                "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy": "true",
                "maintainer": "Jason Wilder mail@jasonwilder.com",
                "org.opencontainers.image.created": "2021-04-07T15:10:57.154Z",
                "org.opencontainers.image.description": "Automated nginx proxy for Docker containers using docker-gen",
                "org.opencontainers.image.licenses": "MIT",
                "org.opencontainers.image.revision": "6613e272eb41c926605bc0411b7af9f70c2ebeee",
                "org.opencontainers.image.source": "https://github.com/nginx-proxy/nginx-proxy",
                "org.opencontainers.image.title": "nginx-proxy",
                "org.opencontainers.image.url": "https://github.com/nginx-proxy/nginx-proxy",
                "org.opencontainers.image.version": "alpine"
            },
            "StopSignal": "SIGTERM"
        },
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "bcc7e51a38387b44e7a3263dd7ddbc9542ae246240825cc5cb97d99bc9706fcd",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {
                "80/tcp": null
            },
            "SandboxKey": "/var/run/docker/netns/bcc7e51a3838",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "",
            "Gateway": "",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "",
            "IPPrefixLen": 0,
            "IPv6Gateway": "",
            "MacAddress": "",
            "Networks": {
                "ingress": {
                    "IPAMConfig": {
                        "IPv4Address": "10.0.0.169"
                    },
                    "Links": null,
                    "Aliases": [
                        "77f4d9c968d0",
                        "reverseproxy"
                    ],
                    "NetworkID": "p65v6kntzcaa8bxz48qb91fp5",
                    "EndpointID": "c1c3af3d5204ba840013cf8c0d9cf19af35c033f3be9f4f4e5757c21e221183d",
                    "Gateway": "",
                    "IPAddress": "10.0.0.169",
                    "IPPrefixLen": 24,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:0a:00:00:a9",
                    "DriverOpts": null
                },
                "web_deathstar_network": {
                    "IPAMConfig": {
                        "IPv4Address": "10.0.40.89"
                    },
                    "Links": null,
                    "Aliases": [
                        "77f4d9c968d0",
                        "reverseproxy"
                    ],
                    "NetworkID": "vo0alax7stymwx82fn46hvee4",
                    "EndpointID": "48d6bbcababae6c7a6b752a45276caffce0404777e1f237d5e59098435521b64",
                    "Gateway": "",
                    "IPAddress": "10.0.40.89",
                    "IPPrefixLen": 24,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:0a:00:28:59",
                    "DriverOpts": null
                }
            }
        }
    }
]

[buchdag]

There you go:

"Config": {
            "Hostname": "reverseproxy",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "80/tcp": {}
            }

nginx-proxy/docker-gen#336 introduced a regression that prevent docker-gen from getting its own container ID when you provide a custom hostname.

[daisukixci]

@buchdag Still have the issue with hostname removed from the compose

[buchdag]

Out of curiosity, could you post:

• the content of /proc/1/cpuset
• the content of /proc/self/cgroup
• the value of the container's $HOSTNAME env var ?

[daisukixci]

@buchdag

bash-5.0# cat /proc/1/cpuset
/
bash-5.0# cat /proc/self/cgroup
0::/
bash-5.0# echo $HOSTNAME
8b6855cddf92
bash-5.0#

[daisukixci]

This might help too

bash-5.0# cat /proc/self/mountinfo | grep 8b6855cddf92
631 621 8:3 /var/lib/docker/containers/8b6855cddf925aa600e756bd8449858618b1d941b13ce14f72b8f20fc3d34f71/hostname /etc/hostname rw,relatime - ext4 /dev/sda3 rw
632 621 8:3 /var/lib/docker/containers/8b6855cddf925aa600e756bd8449858618b1d941b13ce14f72b8f20fc3d34f71/hosts /etc/hosts rw,relatime - ext4 /dev/sda3 rw
633 621 8:3 /var/lib/docker/containers/8b6855cddf925aa600e756bd8449858618b1d941b13ce14f72b8f20fc3d34f71/resolv.conf /etc/resolv.conf rw,relatime - ext4 /dev/sda3 rw

[buchdag]

Sorry I meant /proc/1/cpuset and /proc/self/cgroup from inside the container, are those empty ?

[daisukixci]

Sorry I meant /proc/1/cpuset and /proc/self/cgroup from inside the container, are those empty ?

@buchdag yes

[root@deathstar nginx-proxy-orig]# docker exec -it web_reverseproxy.1.h8klj42xiw0f13l893ukdli3s /bin/bash
bash-5.0# cat /proc/1/cpuset
/
bash-5.0# cat /proc/self/cgroup
0::/

FYI I chmod 400 the default.conf and fix it manually to get my stack working

[buchdag]

That's ... interesting. It doesn't explain why the method of nginx-proxy/docker-gen#336 does not work once you've removed the custom hostname though. The regular expression should match the correct ID on one of those three lines of /proc/self/moutinfo you've quoted earlier (with docker-gen 0.7.5).

[daisukixci]

I have opened an issue on their hand nginx-proxy/docker-gen#344, hope we will find a fix, I have been using nginxproxy for some time and it stopped working after an update.

[daisukixci]

@buchdag I rebooted my server for an update and it's back to working, looking at the hash used for the docker image I may have confused things when doing debug. So when running my own image of nginxproxy with the 0.7.5 version of dockergen things works as expected once I removed the hostname like you said.
2021/04/08 17:32:03 Generated '/etc/nginx/conf.d/default.conf' from 6 containers

[elfring]

Would you like to add any advices for the following information from an openSUSE Tumbleweed system?

Markus_Elfring@localhost:~/…/frontproxy> docker-compose up -d && LANG=C curl -H 'Host: whoami.local' localhost; docker logs nginx-proxy && docker ps
Creating network "frontproxy_default" with the default driver
Creating frontproxy_whoami_1 ... done
Creating nginx-proxy         ... done
curl: (7) Failed to connect to localhost port 80: Connection refused
Custom dhparam.pem file found, generation skipped
forego     | starting dockergen.1 on port 5000
forego     | starting nginx.1 on port 5100
nginx.1    | 2021/04/21 14:21:33 [emerg] 28#28: no servers are inside upstream in /etc/nginx/conf.d/default.conf:58
nginx.1    | nginx: [emerg] no servers are inside upstream in /etc/nginx/conf.d/default.conf:58
forego     | starting nginx.1 on port 5200
forego     | sending SIGTERM to nginx.1
forego     | sending SIGTERM to dockergen.1
CONTAINER ID   IMAGE            COMMAND       CREATED        STATUS                  PORTS      NAMES
9b4d2bdbd035   jwilder/whoami   "/app/http"   1 second ago   Up Less than a second   8000/tcp   frontproxy_whoami_1

[DanHartman]

I'm also receiving no servers are inside upstream when attempting the example whoami app

[elfring]

@DanHartman: How do you think about to share a bit more information about your test system?

How will the involved software components evolve further?

[elfring]

How do you think about to add any updates according to related bug reports?

• nginx-proxy container fails to start
• Upgrade to latest on 2021.04.12 broke upstream generation
• 503 Service Temporarily Unavailable after update (fpm nginx proxy)

[daisukixci]

How do you think about to add any updates according to related bug reports?

• nginx-proxy container fails to start
• Upgrade to latest on 2021.04.12 broke upstream generation
• 503 Service Temporarily Unavailable after update (fpm nginx proxy)

You can build the image upgrading docker-gen version to 7.5 but I think if it's not done right now, it's because this version introduce regression that prevent users to use hostname in the docker-compose file

[elfring]

Are the software version dependencies especially challenging at the moment?

[daisukixci]

cf #1585 and #1586 (comment)

[elfring]

• How do you think about development efforts to generate improved software combinations before the next release will be officially published?
• How are the chances to test evolving software components any more accordingly?

[sjoerd222888]

Same issue on Arch Linux. It's a blocker unfortunately but I would like to thank everybody for putting their efforts into this issue. Is there an indication when a potential fix could be available? Does a timeline exist? Is there at least an applicable work-around for the time being?

[daisukixci]

Same issue on Arch Linux. It's a blocker unfortunately but I would like to thank everybody for putting their efforts into this issue. Is there an indication when a potential fix could be available? Does a timeline exist? Is there at least an applicable work-around for the time being?

#1548 (comment)
The workaround is to create your own nginxproxy docker image with dockerg-gen in version 7.5.0 but you will have to unsert hostname if you used that key in your docker compose

[elfring]

Are the chances growing that another improved docker image “jwilder/nginx-proxy:alpine” will be published according to evolution with the software release “docker-gen 0.7.6”?

[wlouckx]

I'm still having the issue :/

Some relevant info:

docker inspect nginx-proxy

docker inspect nginx-proxy
[
    {
        "Id": "a0346ea077c1fb3a72211c36bd9c3efc951fdb7206faecca81768b7fcbb8fa1c",
        "Created": "2021-05-05T18:16:13.84677097Z",
        "Path": "/app/docker-entrypoint.sh",
        "Args": [
            "forego",
            "start",
            "-r"
        ],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 22424,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2021-05-05T18:16:14.430302245Z",
            "FinishedAt": "0001-01-01T00:00:00Z"
        },
        "Image": "sha256:ff7a29a2cd2def6dfd3e878a4123c716e2376131c5293940d6c1a972b95723bc",
        "ResolvConfPath": "/var/lib/docker/containers/a0346ea077c1fb3a72211c36bd9c3efc951fdb7206faecca81768b7fcbb8fa1c/resolv.conf",
        "HostnamePath": "/var/lib/docker/containers/a0346ea077c1fb3a72211c36bd9c3efc951fdb7206faecca81768b7fcbb8fa1c/hostname",
        "HostsPath": "/var/lib/docker/containers/a0346ea077c1fb3a72211c36bd9c3efc951fdb7206faecca81768b7fcbb8fa1c/hosts",
        "LogPath": "/var/lib/docker/containers/a0346ea077c1fb3a72211c36bd9c3efc951fdb7206faecca81768b7fcbb8fa1c/a0346ea077c1fb3a72211c36bd9c3efc951fdb7206faecca81768b7fcbb8fa1c-json.log",
        "Name": "/nginx-proxy",
        "RestartCount": 0,
        "Driver": "overlay2",
        "Platform": "linux",
        "MountLabel": "",
        "ProcessLabel": "",
        "AppArmorProfile": "",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": [
                "/var/run/docker.sock:/tmp/docker.sock:ro"
            ],
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "json-file",
                "Config": {}
            },
            "NetworkMode": "def-network",
            "PortBindings": {
                "443/tcp": [
                    {
                        "HostIp": "127.0.0.1",
                        "HostPort": "443"
                    }
                ],
                "80/tcp": [
                    {
                        "HostIp": "127.0.0.1",
                        "HostPort": "80"
                    }
                ]
            },
            "RestartPolicy": {
                "Name": "",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": [],
            "CapAdd": null,
            "CapDrop": null,
            "CgroupnsMode": "private",
            "Dns": null,
            "DnsOptions": null,
            "DnsSearch": null,
            "ExtraHosts": null,
            "GroupAdd": null,
            "IpcMode": "private",
            "Cgroup": "",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "Privileged": false,
            "PublishAllPorts": false,
            "ReadonlyRootfs": false,
            "SecurityOpt": null,
            "UTSMode": "",
            "UsernsMode": "",
            "ShmSize": 67108864,
            "Runtime": "runc",
            "ConsoleSize": [
                0,
                0
            ],
            "Isolation": "",
            "CpuShares": 0,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": null,
            "BlkioDeviceReadBps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteIOps": null,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": null,
            "DeviceCgroupRules": null,
            "DeviceRequests": null,
            "KernelMemory": 0,
            "KernelMemoryTCP": 0,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": null,
            "OomKillDisable": null,
            "PidsLimit": null,
            "Ulimits": null,
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0,
            "Mounts": [
            ],
            "MaskedPaths": [
                "/proc/asound",
                "/proc/acpi",
                "/proc/kcore",
                "/proc/keys",
                "/proc/latency_stats",
                "/proc/timer_list",
                "/proc/timer_stats",
                "/proc/sched_debug",
                "/proc/scsi",
                "/sys/firmware"
            ],
            "ReadonlyPaths": [
                "/proc/bus",
                "/proc/fs",
                "/proc/irq",
                "/proc/sys",
                "/proc/sysrq-trigger"
            ]
        },
        "GraphDriver": {
            "Data": {
                "LowerDir": "/var/lib/docker/overlay2/dd983bcbb0a498d730dbc36508b71b986086c0a7764811ac21cb9773612a20dd-init/diff:/var/lib/docker/overlay2/efb77533b8800c262b8356b116d7589f29d5145dfd25a839bdf80ab6bcdcff85/diff:/var/lib/docker/overlay2/df4ad48c89e256fccaee8875679818324198fcf6f60731458af80cd3417da85a/diff:/var/lib/docker/overlay2/b26908a42d7e184fcd3588eb73cce4845c269309309adbe5c70ae93efb30be9a/diff:/var/lib/docker/overlay2/b9b6e29d3ffd085229a712459f5c483551d4f300e04f74a5940aacf2071c0f42/diff:/var/lib/docker/overlay2/2fdce0224dc1344de41271996a70d3cd59b6f44a58cd84e6b3ed41f82d6062db/diff:/var/lib/docker/overlay2/3ea2528e1c792f49aea31021db72c5e26bd489470b68d4be96ee7a862ccb8a43/diff:/var/lib/docker/overlay2/d63fc04bce4f6b47387872256886ef4504fa22f67979b29418badf834a0f204f/diff:/var/lib/docker/overlay2/11ce5753c3114f3f264a5f03987c2086580e9a2bbc4566250ad3adc92aca8b9c/diff:/var/lib/docker/overlay2/596801a27596a29cd6f78006a3a283c3ffd55b2d1b7b1902a3e811101e2ce71e/diff:/var/lib/docker/overlay2/407a70cc305a505c8ebe785a70f837a779b00397a11612c41fa8acdde608d50f/diff:/var/lib/docker/overlay2/d2d98f0ec99d089bd1b03ad835f73690717627c661d23f391c3dd9bd5f039d93/diff:/var/lib/docker/overlay2/20215a3a23c3b546c8455fa9ded5307e5ac2b7fd993b4862294ade06b5e67665/diff",
                "MergedDir": "/var/lib/docker/overlay2/dd983bcbb0a498d730dbc36508b71b986086c0a7764811ac21cb9773612a20dd/merged",
                "UpperDir": "/var/lib/docker/overlay2/dd983bcbb0a498d730dbc36508b71b986086c0a7764811ac21cb9773612a20dd/diff",
                "WorkDir": "/var/lib/docker/overlay2/dd983bcbb0a498d730dbc36508b71b986086c0a7764811ac21cb9773612a20dd/work"
            },
            "Name": "overlay2"
        },
        "Mounts": [
            {
                "Type": "bind",
                "Source": "/var/run/docker.sock",
                "Destination": "/tmp/docker.sock",
                "Mode": "ro",
                "RW": false,
                "Propagation": "rprivate"
            },
            {
                "Type": "volume",
                "Name": "a1a79020c85ca775ba26a1e166a5ae07062eb20799de12ffa959d8419e2234db",
                "Source": "/var/lib/docker/volumes/a1a79020c85ca775ba26a1e166a5ae07062eb20799de12ffa959d8419e2234db/_data",
                "Destination": "/etc/nginx/certs",
                "Driver": "local",
                "Mode": "",
                "RW": true,
                "Propagation": ""
            },
            {
                "Type": "volume",
                "Name": "b816bddd890bdb690ca67e0aca91eed203fc3896333ede2f91c8f862f6b4c339",
                "Source": "/var/lib/docker/volumes/b816bddd890bdb690ca67e0aca91eed203fc3896333ede2f91c8f862f6b4c339/_data",
                "Destination": "/etc/nginx/dhparam",
                "Driver": "local",
                "Mode": "",
                "RW": true,
                "Propagation": ""
            }
        ],
        "Config": {
            "Hostname": "nginx-proxy",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "443/tcp": {},
                "80/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "NGINX_VERSION=1.19.10",
                "NJS_VERSION=0.5.3",
                "PKG_RELEASE=1~buster",
                "DOCKER_GEN_VERSION=0.7.6",
                "DOCKER_HOST=unix:///tmp/docker.sock"
            ],
            "Cmd": [
                "forego",
                "start",
                "-r"
            ],
            "Image": "jwilder/nginx-proxy",
            "Volumes": {
                "/etc/nginx/certs": {},
                "/etc/nginx/dhparam": {},
                "/tmp/docker.sock": {}
            },
            "WorkingDir": "/app",
            "Entrypoint": [
                "/app/docker-entrypoint.sh"
            ],
            "OnBuild": null,
            "Labels": {
                "com.docker.compose.config-hash": "1d9c843b67e0c8f9a7f85c1bf8329a0a3832707915ea39c310cd2bd9287a90fe",
                "com.docker.compose.container-number": "1",
                "com.docker.compose.oneoff": "False",
                "com.docker.compose.project": "def",
                "com.docker.compose.project.config_files": "docker-compose.yml",
                "com.docker.compose.project.working_dir": "/mnt/shared/home/Workspaces/environment/def",
                "com.docker.compose.service": "nginx-proxy",
                "com.docker.compose.version": "1.29.1",
                "maintainer": "Nicolas Duchon <nicolas.duchon@gmail.com> (@buchdag)",
                "org.opencontainers.image.created": "2021-05-03T00:02:36.782Z",
                "org.opencontainers.image.description": "Automated nginx proxy for Docker containers using docker-gen",
                "org.opencontainers.image.licenses": "MIT",
                "org.opencontainers.image.revision": "09d30cf1a60f9e6edbd741819ab73e64397e7f9e",
                "org.opencontainers.image.source": "https://github.com/nginx-proxy/nginx-proxy",
                "org.opencontainers.image.title": "nginx-proxy",
                "org.opencontainers.image.url": "https://github.com/nginx-proxy/nginx-proxy",
                "org.opencontainers.image.version": "latest"
            },
            "StopSignal": "SIGQUIT"
        },
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "f884d275670b564d7aad7c5178aa21fe2eed75f74bbe8b24c0c9475edbbad42c",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {
                "443/tcp": [
                    {
                        "HostIp": "127.0.0.1",
                        "HostPort": "443"
                    }
                ],
                "80/tcp": [
                    {
                        "HostIp": "127.0.0.1",
                        "HostPort": "80"
                    }
                ]
            },
            "SandboxKey": "/var/run/docker/netns/f884d275670b",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "",
            "Gateway": "",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "",
            "IPPrefixLen": 0,
            "IPv6Gateway": "",
            "MacAddress": "",
            "Networks": {
                "def-network": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": [
                        "nginx-proxy",
                        "a0346ea077c1"
                    ],
                    "NetworkID": "b9767f6bbcb333bf06018687715d98d26b0e2df66ffdfdbfebc7cb7fc9fec161",
                    "EndpointID": "c628e8cdabfad5b82d09b85bfabc6fa3f6375c7dc4561249db7e8f896e644078",
                    "Gateway": "182.18.20.1",
                    "IPAddress": "182.18.20.3",
                    "IPPrefixLen": 24,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:b6:12:14:03",
                    "DriverOpts": null
                }
            }
        }
    }
]

Docker version:

Client:
 Version:           20.10.6
 API version:       1.41
 Go version:        go1.16.3
 Git commit:        370c28948e
 Built:             Mon Apr 12 14:10:41 2021
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server:
 Engine:
  Version:          20.10.6
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.16.3
  Git commit:       8728dd246c
  Built:            Mon Apr 12 14:10:25 2021
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          v1.5.0
  GitCommit:        8c906ff108ac28da23f69cc7b74f8e7a470d1df0.m
 runc:
  Version:          1.0.0-rc93
  GitCommit:        12644e614e25b05da6fd08a38ffa0cfe1903fdec
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

Docker compose example:

version: '3.5'

networks:
    def-network:
        name: 'def-network'
        driver: bridge
        driver_opts:
            com.docker.network.enable_ipv6: "false"
        ipam:
            driver: default
            config:
                - subnet: 182.18.20.0/24

services:
    nginx-proxy:
        container_name: nginx-proxy
        hostname: nginx-proxy
        image: jwilder/nginx-proxy
        ports:
            - "127.0.0.1:80:80"
            - "127.0.0.1:443:443"
        volumes:
            - /var/run/docker.sock:/tmp/docker.sock:ro
        networks:
            def-network:

    ansible:
        container_name: ansible
        image: ansible/ansible-runner
        command: ["/ansible/run.sh"]
        tty: true
        networks:
            def-network:
        restart: on-failure
        secrets:
            - ssl_private_key
            - ssl_public_key
            - ssh_private_key
            - ssh_public_key
        volumes:
            - ./ansible:/ansible
            - ./shared-config/ssh/id_rsa:/ansible/env/ssh_key

    admin:
        container_name: admin.127.0.0.1.nip.io
        hostname: admin
        domainname: '127.0.0.1.nip.io'
        depends_on:
            - nginx-proxy
        entrypoint: /start/entrypoint.sh
        environment:
            VIRTUAL_HOST: 'admin.127.0.0.1.nip.io'
            DOMAIN: '127.0.0.1.nip.io'
        image: registry.local.test/ops/auth/admin:v4
        networks:
           def-network:
        tty: true
        working_dir: /var/www/admin
        volumes:
            # Ansible SSH connection
            - ./shared-config/ssh/id_rsa.pub:/root/.ssh/authorized_keys
            # Application
            - ./projects/ops/auth/admin:/var/www/admin
            - ./scripts/ops/auth/admin:/start

    auth:
        container_name: auth.127.0.0.1.nip.io
        hostname: auth
        domainname: '127.0.0.1.nip.io'
        depends_on:
            - nginx-proxy
            - admin
        entrypoint: /start/entrypoint.sh
        environment:
            VIRTUAL_HOST: 'auth.127.0.0.1.nip.io'
            DOMAIN: '127.0.0.1.nip.io'
        image: registry.local.test/ops/auth/auth:v1
        networks:
            def-network:
        tty: true
        working_dir: /var/www/auth
        volumes:
            # Ansible SSH connection
            - ./shared-config/ssh/id_rsa.pub:/root/.ssh/authorized_keys
            # Application
            - ./projects/ops/auth/auth:/var/www/auth
            - ./scripts/ops/auth/auth:/start