If you are struggling with a proxy_pass directive that throws a “502 Bad Gateway” error for no apparent reason, it could be cause by a SELinux setting.
Security Enhanced Linux (SELinux) provides an additional layer of system security. SELinux fundamentally answers the question: “May [subject] do [action] to [object]”, for example: “May a web server access files in users’ home directories?”.
When SELinux is enforced, the httpd_can_network_connect rule will block any network connection starting from nginx.
For this reason proxy_pass directives will fail with “502 Bad Gateway” because it cannot reach the service it wants to proxy.
You can disable it using setsebool.
sudo setsebool httpd_can_network_connect 1 -P
To completely disable SELinux, you can put it in permissive mode with sudo setenforce 0.