docs: document 502 incident - NPMPlus HTTPS to HTTP backend fix
+14
@@ -171,6 +171,20 @@ When building_number is entered in the manual asset form or location form, it au
|
||||
- [README](https://gitea.ourpad.casa/shawn/canteen-asset-tracker/src/branch/main/README.md)
|
||||
- [PROJECT.md](https://gitea.ourpad.casa/shawn/canteen-asset-tracker/src/branch/main/PROJECT.md)
|
||||
|
||||
## Incident: 502 — NPMPlus HTTPS → HTTP backend mismatch (2026-05-21)
|
||||
|
||||
**Symptom:** `canteen.ourpad.casa` returned Cloudflare 502 Bad Gateway.
|
||||
|
||||
**Root cause:** NPMPlus proxy host #13 was configured with `forward_scheme: https` to backend `192.168.0.127:8901`, but the canteen backend (FastAPI/uvicorn) only serves plain HTTP — no TLS. The TLS handshake from NPMPlus to the backend failed silently, producing a 502.
|
||||
|
||||
**Fix:**
|
||||
1. Changed `forward_scheme` from `https` → `http` in `/opt/npmplus/nginx/proxy_host/13.conf`
|
||||
2. Updated `proxy_pass https://...` → `proxy_pass http://...` in same file
|
||||
3. Reloaded nginx: `docker exec npmplus nginx -s reload`
|
||||
4. Updated NPMPlus SQLite DB: `UPDATE proxy_host SET forward_scheme='http' WHERE id=13` (prevents revert on next UI edit)
|
||||
|
||||
**Verification:** `curl -H "Host: canteen.ourpad.casa" https://192.168.0.115/ -k` → 200 ✓
|
||||
|
||||
## T11c - Pull-to-Refresh + Swipe Gestures
|
||||
|
||||
**Date:** 2026-05-21
|
||||
|
||||
Reference in New Issue
Block a user