ERROR: for nginx: Bind for 0.0.0.0:443 failed: port is already allocated while running Coolify & BTCPayServer

Question

I use Coolify which is a self-hosted heroku to host my next.js app.

Coolify uses nginx or I think Traefik. At least, I used Traefik when onboarding on Coolify.

I tried installing btcpayserver after Coolify by running . ./btcpay-setup.sh -i, but I got this error:

ERROR: for nginx Cannot start service nginx: driver failed programming external connectivity on endpoint nginx (ee0b6d6bc2391dfa4d66c1214a2a7c9e64648461ef4220129ca8d56f401005cf9): Bind for 0.0.0.0:443 failed: port is already allocated

How do I fix this?

Both are running on the same server (coolify.example.com & btcpay.example.com). I don't want to use another server.

I tried netstat -tulpn:

it gave me this output:

root@lols-193cb9:~# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      365/systemd-resolve
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      462/sshd: /usr/sbin
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      358716/docker-proxy
tcp        0      0 0.0.0.0:8000            0.0.0.0:*               LISTEN      2412005/docker-prox
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      358815/docker-proxy
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      358595/docker-proxy
tcp        0      0 0.0.0.0:6001            0.0.0.0:*               LISTEN      2411667/docker-prox
tcp6       0      0 :::22                   :::*                    LISTEN      462/sshd: /usr/sbin
tcp6       0      0 :::443                  :::*                    LISTEN      358725/docker-proxy
tcp6       0      0 :::8000                 :::*                    LISTEN      2412012/docker-prox
tcp6       0      0 :::80                   :::*                    LISTEN      358827/docker-proxy
tcp6       0      0 :::8080                 :::*                    LISTEN      358605/docker-proxy
tcp6       0      0 :::6001                 :::*                    LISTEN      2411685/docker-prox
udp        0      0 127.0.0.53:53           0.0.0.0:*                           365/systemd-resolve

I guess it's running docker-proxy which Coolify uses. I saw that here -> https://coolify.io/docs/installation#uninstall

I don't think I can kill 443 because Coolify runs my next.js app on it.

I tried systemctl status nginx and it gave me:

Unit nginx.service could not be found.

and doing ps -ax | grep nginx

gave me the following:

1111274 pts/0    S+     0:00 grep --color=auto nginx
2412146 ?        S      0:00 s6-supervise nginx
2412342 ?        Ss     0:00 nginx: master process nginx
2412348 ?        S      0:00 nginx: worker process
2412349 ?        S      1:32 nginx: worker process

I think this is the solution: https://docs.btcpayserver.org/FAQ/Deployment/#can-i-use-an-existing-nginx-server-as-a-reverse-proxy-with-ssl-termination

But I can't try it because I can't find nginx conf anywhere as said in the docs.

I don't even know how to check if Coolify is running nginx somewhere.

How do I solve this?

This seems similar to this question, but it's not. I want to know how Coolify & btcpayserver work together on the same server, while the question linked to close my question just closes a port already in use. I don't want to close the port like that at all.

Answer 1

The . ./btcpay-setup.sh -i gives you Bind for 0.0.0.0:443 failed: port is already allocated.
And the netstat -tulpn shows a 0 0.0.0.0:443 LISTEN 58716/docker-proxy: the same port 443 is already being used by a process (docker-proxy), which is likely associated with Coolify.

So, both Coolify and the NGiNX service of BTCPayServer attempting to use the same port (443) for HTTPS connections. That would prevent BTCPayServer from starting properly, since the port is already allocated by Coolify.

From btcpay-setup.sh, you would need to set the environment variable REVERSEPROXY_HTTPS_PORT to another port, like 4443.

export REVERSEPROXY_HTTPS_PORT=4443
. ./btcpay-setup.sh -i

Make sure DNS records for btcpay.example.com point to the same server.

+-----------------------+
|                       |
|    Coolify Server     |
|                       |
|     Nginx/Traefik     |
|     (Port 443)        |
|                       |
| +-------------------+ |
| | BTCPayServer      | |
| | (Proxy to Port    | |
| |  4443)            | |
| +-------------------+ |
+-----------------------+

Check if launching btcpay with a different port for its own reverse-proxy is enough.
Or check if you need to configure Coolify reverse-proxy, to proxy requests for btcpay.example.com to the new port of BTCPayServer.

---

I used Traefik instead of Nginx, as I used Traefik in coolify as well. I did what you said, but again got the same error:

WARNING: Host is already in use by another container 690fedaad0b9072758d7621387f4839ed05030468e9e91212a821054f7e0ae4): Bind for 0.0.0.0:8080 failed: port is already allocated

Curious if I have to edit ./btcpay-setup.sh on the server or just exporting is fine?

The warning Host is already in use by another container and the Bind for 0.0.0.0:8080 failed: port is already allocated error means there is a conflict with another service using port 8080. That issue might be separate from the original conflict on port 443.

Use netstat or similar tools to check which service is currently using port 8080. That will help you identify the conflicting service. If BTCPayServer is attempting to use port 8080 and it is already in use, you will need to configure BTCPayServer to use a different port.

The btcpay-setup.sh script sets up the environment for BTCPayServer. Simply exporting a variable in your shell could change the script's behavior, since the OP confirms the script reads these environment variables.
You could also modify the Docker Compose configuration file directly, which is generated by the setup script. Look for the service using port 8080 and change it to a free port.

After running the setup script, locate the docker-compose.generated.yml file in the generated directory.
Edit this file to change the port configuration for the service that is conflicting on port 8080.
After changing the Docker Compose file, redeploy BTCPayServer using docker-compose up -d.

If you changed the port for BTCPayServer, make sure to update the Traefik configuration accordingly to route traffic to the new port.

That requires you to directly manipulate the Docker Compose configuration rather than just setting environment variables. It is important to identify which service within BTCPayServer's Docker Compose setup is trying to bind to port 8080 and change it to a port that is not currently in use on your system.