Anyone have an idea what I’m doing wrong here?
https://gist.github.com/pganssle/31a899ea34d2ecff77034b25e077b600
I can’t seem to get a minimal docker-compose configuration to expose nginx outside of the container.
(Note, replace _ with / in the file names of the gist).
π³π±
@pganssle yup I can help you.. your binding to localhost in container, you can not expose localhost bindings using the normal network driver.. your choices are:
1) Bind to 0.0.0.0 in your nginx
2) bind the container to your hosts network stack directly.
@pganssle wait nevermind your nginx config does appear to be binding to *…. but your curling localhost to test… you still have to curl the exposed IP not local host to make sure its a valid test. Containers dont expose localhost ports.
@freemo How do I know what the exposed IP is? I’ve tried curling the IP of this machine from another machine and I get the same thing.
@pganssle here is what I use to get the specific IP you need to bind to (assuming you cant bind to all IPs): #!/bin/bash
HOST_IP=$(/sbin/ip route|awk ‘/default/ { print $3 }’)
echo “$HOST_IP host.docker.internal” » /etc/hosts
@freemo What do you mean by “bind to all IPs”?
The long-term goal of this particular container is as a reverse proxy β my idea was that I’ll have one nginx container sit on top of all my other containers, all of which will expose ports only on the container network or whatever it’s called, and nginx would redirect various subdomains to the relevant container.
So at the end of the day, this container needs to be exposed to the internet (and preferably the LAN and local machine as well, for easy testing).
@pganssle I already designed a container that does exactly what you need AND will automatically obtain and renew lets encrypt certificates.
It also auto-configures.. that is, you dont need to tell it (in a static way) what the other containers are or what their subdomains are. It will discover it based on swarm variables set.. if you dont use swarm and want to do it with plain docker there is already a container that does everything I just mentioned there as well (it is what my own container is based off of).
If you still want to roll your own for any reason, then I’d be happy to help you debug this. You are most of the way there but by the looks of it you just arent binding to 0.0.0.0 for some reason. Looks like your only binding to localhost in the container, which wont work. Or at least, your only testing localhost… hard to tell since you didnt test against the proper IP (maybe it is binding to it, your config does have a wildcard bind).
If you want to roll your own lets start simple… show me the output of ifconfig to see what your various ip addresses are, then lets try curling the correct IP
@pganssle Sure, give me a minute and ill pop you a link.
@pganssle yes as I said it is inside the container that needs to bind to the public IP not outside… localhost on the outside is the norm..
You were curling localhost inside the container, which is where you were going wrong testing.
@pganssle Here is my container for docker swarm, let me know if you need the one for plain docker (I think its in the readmes which i dont think i really updated as I mostly use it for myself):
@freemo Nice, thanks!
@pganssle hit me up if you have any more problems or need help using it. I am using it to run all the QOTO services by the way so its fairly well tested.
@freemo That said I am 100% on board to take what you’ve got and run with it. Is there a link to what you’ve got somewhere?