Troubleshooting:Service Troubleshooting: Difference between revisions
Added troubleshooting guide: Service Troubleshooting (troubleshooting) |
Updated documentation from markdown files |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
This guide covers troubleshooting for reverse proxy services. | This guide covers troubleshooting for reverse proxy services. | ||
| Line 8: | Line 6: | ||
'''Causes''': | '''Causes''': | ||
* Backend not running (Docker on VPS or service on NAS) | |||
* Caddy misconfigured or not reloaded after Caddyfile change | |||
* Wrong port number | |||
* Service not accessible via VPN | |||
'''Solutions''': | '''Solutions''': | ||
<pre class="lang-bash"> | <pre class="lang-bash"> | ||
= Test from VPS to NAS = | ==== Test from VPS to NAS ==== | ||
ping 10.8.0.2 | ping 10.8.0.2 | ||
curl http://10.8.0.2:PORT_NUMBER | curl http://10.8.0.2:PORT_NUMBER | ||
= Check if service is listening = | == Check if service is listening == | ||
= (from Synology NAS or via SSH) = | == (from Synology NAS or via SSH) == | ||
netstat -tlnp | grep PORT_NUMBER | netstat -tlnp | grep PORT_NUMBER | ||
</pre> | </pre> | ||
| Line 26: | Line 28: | ||
'''Causes''': | '''Causes''': | ||
* DNS not pointing to VPS | |||
* Port 80 blocked | |||
* Rate limiting from Let's Encrypt | |||
'''Solutions''': | '''Solutions''': | ||
<pre class="lang-bash"> | <pre class="lang-bash"> | ||
= Check DNS = | ==== Check DNS ==== | ||
nslookup newservice.jb-vpn.uk | nslookup newservice.jb-vpn.uk | ||
= Verify port 80 is open = | == Verify port 80 is open == | ||
curl -I http://newservice.jb-vpn.uk | curl -I http://newservice.jb-vpn.uk | ||
= Check firewall = | == Check firewall == | ||
sudo iptables -L -n -v | grep 80 | sudo iptables -L -n -v | grep 80 | ||
</pre> | </pre> | ||
| Line 45: | Line 49: | ||
'''Causes''': | '''Causes''': | ||
* Wrong proxy_pass URL | |||
* Missing headers | |||
* Service requires specific path | |||
'''Solutions''': | '''Solutions''': | ||
* Check Caddy: <code>journalctl -u caddy -n 50</code> | |||
* Verify backend directly: <code>curl http://127.0.0.1:PORT</code> (VPS) or <code>curl http://10.8.0.2:PORT</code> (NAS via VPN) | |||
* Test with different proxy_pass formats | |||
=== Issue: Connection Timeout === | === Issue: Connection Timeout === | ||
'''Causes''': | '''Causes''': | ||
* VPN tunnel down | |||
* Service not accessible | |||
* Firewall blocking | |||
'''Solutions''': | '''Solutions''': | ||
<pre class="lang-bash"> | <pre class="lang-bash"> | ||
= Check VPN = | ==== Check VPN ==== | ||
ip addr show tun0 | ip addr show tun0 | ||
ping 10.8.0.2 | ping 10.8.0.2 | ||
= Check routing = | == Check routing == | ||
ip route | grep 10.8.0.2 | ip route | grep 10.8.0.2 | ||
= Test connectivity = | == Test connectivity == | ||
curl -v http://10.8.0.2:PORT_NUMBER | curl -v http://10.8.0.2:PORT_NUMBER | ||
</pre> | </pre> | ||
| Line 77: | Line 87: | ||
<pre class="lang-bash"> | <pre class="lang-bash"> | ||
= Check service status = | === Check service status === | ||
systemctl status nginx | systemctl status nginx | ||
= Test nginx configuration = | == Test nginx configuration == | ||
nginx -t | nginx -t | ||
= View error logs = | == View error logs == | ||
tail -f /var/log/nginx/error.log | tail -f /var/log/nginx/error.log | ||
= View access logs = | == View access logs == | ||
tail -f /var/log/nginx/access.log | tail -f /var/log/nginx/access.log | ||
= Check SSL certificates = | == Check SSL certificates == | ||
certbot certificates | certbot certificates | ||
= Test service directly = | == Test service directly == | ||
curl -I https://service.jb-vpn.uk | curl -I https://service.jb-vpn.uk | ||
</pre> | </pre> | ||
| Line 98: | Line 108: | ||
== Related Documentation == | == Related Documentation == | ||
* [Adding Services](index.md) - Service configuration | |||
* [System Overview](index.md) - System architecture | * [System Overview](index.md) - System architecture | ||
[[Category:Documentation]] | [[Category:Documentation]] | ||
[[Category:Documentation/Troubleshooting]] | [[Category:Documentation/Troubleshooting]] | ||
Latest revision as of 14:04, 16 May 2026
This guide covers troubleshooting for reverse proxy services.
Common Issues
[edit]Issue: 502 Bad Gateway
[edit]Causes:
- Backend not running (Docker on VPS or service on NAS)
- Caddy misconfigured or not reloaded after Caddyfile change
- Wrong port number
- Service not accessible via VPN
Solutions:
==== Test from VPS to NAS ==== ping 10.8.0.2 curl http://10.8.0.2:PORT_NUMBER == Check if service is listening == == (from Synology NAS or via SSH) == netstat -tlnp | grep PORT_NUMBER
Issue: SSL Certificate Failed
[edit]Causes:
- DNS not pointing to VPS
- Port 80 blocked
- Rate limiting from Let's Encrypt
Solutions:
==== Check DNS ==== nslookup newservice.jb-vpn.uk == Verify port 80 is open == curl -I http://newservice.jb-vpn.uk == Check firewall == sudo iptables -L -n -v | grep 80
Issue: Service Not Loading
[edit]Causes:
- Wrong proxy_pass URL
- Missing headers
- Service requires specific path
Solutions:
- Check Caddy:
journalctl -u caddy -n 50
- Verify backend directly:
curl http://127.0.0.1:PORT(VPS) orcurl http://10.8.0.2:PORT(NAS via VPN)
- Test with different proxy_pass formats
Issue: Connection Timeout
[edit]Causes:
- VPN tunnel down
- Service not accessible
- Firewall blocking
Solutions:
==== Check VPN ==== ip addr show tun0 ping 10.8.0.2 == Check routing == ip route | grep 10.8.0.2 == Test connectivity == curl -v http://10.8.0.2:PORT_NUMBER
Diagnostic Commands
[edit]=== Check service status === systemctl status nginx == Test nginx configuration == nginx -t == View error logs == tail -f /var/log/nginx/error.log == View access logs == tail -f /var/log/nginx/access.log == Check SSL certificates == certbot certificates == Test service directly == curl -I https://service.jb-vpn.uk
Related Documentation
[edit]- [Adding Services](index.md) - Service configuration
- [System Overview](index.md) - System architecture