Debug: Nginx returns 502 Bad Gateway

Nginx returns 502 Bad Gateway when proxying to a backend service.

502 means nginx can't get a response from the upstream. Diagnose:

1. Check if backend is running:

curl http://localhost:3000 # Direct to backend
systemctl status myapp
# If backend is down, start it

1. Check nginx error log:

tail -f /var/log/nginx/error.log
# Common messages:
# 'connect() failed (111: Connection refused)' -> backend not running
# 'upstream prematurely closed connection' -> backend crashed
# 'no live upstreams' -> all backends in upstream block are down

1. Check upstream configuration:

# Ensure proxy_pass matches backend address/port:
location / {
proxy_pass http://127.0.0.1:3000; # NOT localhost (IPv6 issue)
}

1. Socket file issues (for gunicorn/uwsgi):

# Check socket exists and has correct permissions:
ls -la /run/myapp/socket
# Nginx user must have access to the socket

1. SELinux blocking connections:

# Check: ausearch -m AVC -ts recent
# Fix: setsebool -P httpd_can_network_connect 1

1. Timeout tuning:

proxy_connect_timeout 60;
proxy_send_timeout 60;
proxy_read_timeout 60;

1. Docker networking:

# Use container name, not localhost:
proxy_pass http://app-container:3000;