Hi,
I am trying to install Retool on AWS EC2, followed all the documentation
I think both ngnix & docker are attempting to bin on the ports 80 & 443. Should ngnix be running as a stanalone service ?
any advise appreciated..
Hi @montanauk, are you still having this issue? 
It looks like there is a process already running on Port 443.
Run $lsof - i :443, this should show what is running on that Port, get the PID of that process.
Then, $kill -9 PID (replace PID for the one you got from the previous command).
Hi @Paulo, this happens whenever i try to change https-portal to nginx and restart docker-compose. I am having to run the application from an IP address and cant use a URL as it wont start. The SSL documentation arent clear
Thank you for expanding on it. 
Let's try stopping all the containers and running $lsof - i :443 just for the peace of mind. I know this may sound like "did you try unplugging it and plugging it back in?" But it would be a good idea to ensure nothing else is running on that port as a first step. If something does show up there, running the kill -9 PID command should fix it.
Now, since that is most likely not the case, do you mind sharing the "docker-compose" and the "nginx.conf" files? This will help us identify if it is related to a config issue.
To your original question: "Should ngnix be running as a stanalone service?" The answer is yes. When we replace the "http-portals" key in the docker-compose.yml to:
nginx:
image: nginx:latest
ports:
- "80:80"
- "443:443"
command: [nginx-debug, "-g", "daemon off;"] # Improve error logging in the container
volumes:
- ./nginx:/etc/nginx/conf.d
- ./certs:/etc/nginx/certs
links:
- api
depends_on:
- api
networks:
- frontend-network
It should run as a standalone service, and from looking at your logs, it looks like that part was set up correctly.
Hi @Paulo,
Thanks for getting back to me, i stopped and cleared containers, i used the prune command. Now when i run the command docker-compose up -d i donot get the binding error and all container seem to start OK. But when i browse to the configure url it timesout. Running sudo docker-compose ps return nginx process as restarting.. I have blurred out sensitive information as this is a public forum, but happy to share the files privately
Thanks for sharing these screenshots! We should be able to debug this without seeing those values.
I noticed we are missing the depends_on key for the nginx service. Let's add it below links:
links:
- api
depends_on:
- api
When we specify depends_on, Docker Compose will ensure that the api service is up and running. Although the api service shows as "Up," we may still need this setting.
If the above does not fix the issue, could you also share the logs from the nginx container? We should be able to see why it's restarting.
Hi @Paulo,
I followed your advise and added depend_on, and restarted the docker containers but had the same issues. I am sharing the logs from nginx.
From the first error message, invalid PID number "", let's check if the PID file exists and contains a valid PID. We can do this by accessing the nginx container's shell, and inspecting the contents of the PID file:
​$docker-compose exec nginx sh
$cat /var/run/nginx.pid
What do we see there? 
Hi Paulo,
So everytime i ran the command $docker-compose exec nginx sh i was getting
I noticed that the nginx logs werent being populated. I removed nginx with $ sudo apt purge nginx, rebooted the server and reinstalled it again. Restarted the docker.
Now, despite the errors, when i browser to the IP page or the desired URL of the APP i get
So nginx is now running on http & https but not serving the retool APPS
Getting close @Paulo 
@montanauk, we are getting closer to finding the root cause. From the "Welcome to nginx!" page we see, I'm starting to think this may be a proxy issue.
From this screenshot you shared:
On the first black line that blocks your domain, did you add http:// or https:// at the beginning? It should only be domain.retool.com.
The issue could also potentially be related to the server name configuration:
Please send these two screenshots attached to a DM to me. I'm happy to take a closer look at this.
@Paulo , sent to your inbox 
For anyone running into the same issue:
This was caused by a misunderstanding of the Configure SSL and custom certificates doc. The doc goes over two different configurations, SSL with Let's Encrypt and Add custom certificates manually. We should only do the latter if we deploy Retool on a VPC without complete access to the internet. If that is the case, we should not follow the steps from the former configuration.
Following the steps from both will cause the issues we see above.
We made a request internally to separate these configurations into two different pages to prevent other users to run into similar deployment bugs.
Happy building! 
