dockertraefiknominatim

Get 502 Bad Gateway when running Nominatif with Traefik

I have a server with Traefik and Docker running a few apps. I'm very satisfied with it but wanting to run nominatim on my server I'm blocked.

When I run the Nominatim image with a configuration very close to my other apps, I get a 502. I tried many adjustments but nothing worked, I still have this 502.

My traefik.yml

version: '3'

services:
  traefik:
    image: "traefik:v2.9"
    container_name: "traefik"
    network_mode: "host"
    command:
      - "--api.dashboard=true"
      - "--api.insecure=true"
      - "--entryPoints.web.address=:80"
      - "--entryPoints.websecure.address=:443"
      - "--providers.docker=true"
      - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
      - "--certificatesresolvers.myresolver.acme.email=XXXXXX"
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
      - "--log.level=DEBUG"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "./letsencrypt:/letsencrypt"
      - "/var/run/docker.sock:/var/run/docker.sock"
      - "/root/shared:/root/shared"
    labels:
      - "traefik.http.services.dashboard.loadbalancer.server.port=80"
      - "traefik.http.middlewares.httpsonly.redirectscheme.scheme=https"
      - "traefik.http.middlewares.httpsonly.redirectscheme.permanent=true"
      - "traefik.http.routers.httpsonly.rule=HostRegexp(`{any:.*}`)"
      - "traefik.http.routers.httpsonly.middlewares=httpsonly"
      - "traefik.http.routers.dashboard.rule=Host(`tra.XXXXXXXX`)"
      - "traefik.http.routers.dashboard.entrypoints=websecure"
      - "traefik.http.routers.dashboard.tls.certresolver=myresolver"
      - "traefik.http.routers.dashboard.service=dashboard@internal"
      - "traefik.http.routers.api.rule=Host(`tra.XXXXXXX`) && PathPrefix(`/api`)"
      - "traefik.http.routers.api.service=api@internal"
      - "traefik.http.routers.api.entrypoints=websecure"
      - "traefik.http.routers.api.tls.certresolver=myresolver"
      - "traefik.http.routers.dashboard.middlewares=traefik-auth"
      - "traefik.http.routers.api.middlewares=traefik-auth"
      - "traefik.http.middlewares.traefik-auth.basicauth.usersfile=/root/shared/users"
      - "traefik.http.middlewares.traefik-auth.basicauth.removeheader=true"

My nominatim.yml

version: '3'

services:
  nominatim:
    image: "mediagis/nominatim:4.1"
    container_name: "nominatim"
    shm_size: '1gb'
    environment:
      - "PBF_URL=https://download.geofabrik.de/europe-latest.osm.pbf"
      - "REPLICATION_URL=https://download.geofabrik.de/europe-updates/"
      - "IMPORT_WIKIPEDIA=false"
      - "NOMINATIM_PASSWORD=XXXXXXX"
      - "IMPORT_STYLE=address"
    volumes:
      - "/root/nominatim/data:/var/lib/postgresql/14/main"
    ports:
      - "1237:8080"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.nominatim-r.rule=Host(`nominatim.XXXXXX`)"
      - "traefik.http.routers.nominatim-r.entrypoints=websecure"
      - "traefik.http.routers.nominatim-r.tls.certresolver=myresolver"
      - "traefik.http.routers.nominatim-r.service=nominatim-s@docker"
      - "traefik.http.services.nominatim-s.loadbalancer.server.port=1237"

My docker stack with all apps accessible via domainname except nominatim enter image description here

Exemple of my geodude.yaml

version: '3'

services:
  geodude:
    image: "ghcr.io/mueslidotio/geodude:main"
    container_name: "geodude"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.geodude.rule=Host(`api.XXXXXX`)"
      - "traefik.http.routers.geodude.entrypoints=websecure"
      - "traefik.http.routers.geodude.tls.certresolver=myresolver"
Solution

  • Ok I "solved" the problem, it's just Nominatim take long long time to start.