I recently installed Nextcloud over a lamp stack and want to run Traefik in front. For that, I tweaked the apache2 ports.conf to:
Listen: 127.0.0.1:180
. Now I also configured a .toml for Traefik that points to this address.
When I try to open the website, it gives me "Bad Gateway".
Trying to solve the error I searched the Traefik logs and found this:
msg="'502 Bad Gateway' caused by: dial tcp 127.0.0.1:180: connect: connection refused"
Thinking it must be a problem with trusted_proxies I configured Apache to open it's port to the public and also changed the Traefik .toml to see wheter it would work.
It did. That means that Nextcloud definetly accepts my proxy and the proxying works all good.
Problem is, It doesn't work when I configure it on localhost.
The access.log and nextcloud.log show nothing.
Any help?
Many thanks
The solution is simple, but hidden.
Traefik is a Docker container, so normally it can't communicate with services not in the docker network.
The fix is:
ip addr show docker0
Bind Apache2 to this IPv4: (my example) Listen 172.17.0.1:180 and also modify the Traefik Config.
Then Apache2 will listen on the docker0 network which containers have access to.
Related
Background: I'm trying to have XDebug connect to my IDE from within a docker container (my php app is running inside a container on my development machine). On my Macbook, it has no issue doing this. However, on linux, I discovered that from within the container, the port I was using (9000) was not visibile on the host gateway (Using sudo nmap -sT -p- 172.20.0.1 where 172.20.0.1 is my host gateway in docker).
I was able to fix this issue by opening port 9000 on my development machine (sudo ufw allow 9000/tcp). Once I did this, the container could see port 9000 on the host gateway.
My Question: Is this completely necessary? I don't love the idea of opening up a firewall port just so a docker container, running on my machine, can connect to it. Is there a more secure alternative to this?
From what you've told us, opening the port does sound necessary. If a firewall blocks a port, all traffic over that port is blocked and you won't be able to use the application on the container from the host machine.
What you can do to make this more secure is to specify a specific interface to open the port for as specified here:
ufw allow in on docker0 port 9000 proto tcp
Obviously replace docker0 with the docker interface on your machine. You can find this by looking at the output of ip address show or by following the steps here if the interface name is not obvious.
I'm trying to run the official Caddy 2 docker image. According to that page, to do that you should run:
docker run -p 80:80 \
-v $PWD/index.html:/usr/share/caddy/index.html \
-v caddy_data:/data \
caddy
When I run this, I get the following error:
{"level":"info","ts":1590185286.853735,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
run: loading initial config: loading new config: starting caddy administration endpoint: listen tcp 45.90.28.0:2019: bind: cannot assign requested address
I'm not sure why it's trying to bind to that IP address by default? I tried changing it in the Caddyfile but it still doesn't bind correctly, and anyway that doesn't really solve the underlying issue here.
What could be causing this problem? Should I be using Caddy 1 instead?
I experienced this issue recently on Linux and the root cause for me was that my ISP supplied routers DNS server was resolving localhost to an incorrect IP address.
You might want to try changing your DNS servers to Cloudflare's 1.1.1.1 or Google's 8.8.8.8 servers.
I have a NodeJs/Express project in Alibaba cloud based Ubuntu server.
When I run project and access with curl localhost:3000 and curl 127.0.0.1:3000 it works!
When I access with IP public, e.g. curl 192.x.x.x:3000 it doesn't work, even though I have edited config in Express project in some code to : server.listen(3000,"0.0.0.0") OR server.listen("3000","192.x.x.x").
FYI I have Apache on this server. When I access on Internet with IP public no problem.
What can I do to solve this problem? Thanks beforehand.
PS: the 192.x.x.x is my IP public and it works access with Apache project
Issue the following command to open port 3000 for TCP traffic.
sudo ufw allow 3000/tcp
You have to configure your security ground and create a inbound rule to allow port 3000. Follow this guideline.
https://www.alibabacloud.com/help/doc-detail/25471.htm
Make sure you allow TCP traffic or all traffic from all sources to the port 3000 as the inbound rule.
The fact that you can access your service locally - but not publicly could mean 2 possible configurations:
The server running your application has blocked the port 3000
You have not configured your server to map the port 80 of a specific route to the port 3000
It is highly possible that a most essential part of your server configuration has not been done.
I have installed nginx on my AMI by yum
sudo yum install nginx
And then, I open all port in my AMI security group
All traffic - All - All - 0.0.0.0/0
And then, I start nginx by command
sudo service nginx start
And then, I access my nginx web service by http://public-ip
but I cannot access by this way.
I try to check the connection in my server.
ssh my_account#my_ip
And then,
wget http://localhost -O-
And It worked fine.
I cannot figure out what is the root cause, and then I change nginx port from 80 to 8081 and I restart the nginx server.
And then, I try to access again. It worked fine. WTH...
http://public-ip:8081
I don't know exactly what is going on?
Could you tell me what is the problem.
I see a few possibilities:
You are blocking the connections with a firewall on the host.
Security Group rules disallow this access
You are in a VPC and have not set up an Internet Gateway or route to host
Your Nginx configurations are set to explicitly listen on host and port combinations such that it responds to "localhost" but not to the public IP or host name. You could post your Nginx configs and be more specific about how it doesn't work when you try remotely. It is timing out? Not resolving? Receiving an HTTP response but not what you expected?
I have a VPS with node.js installed, I already uploaded a basic example to test it on the server, so I tried doing this:
I access by SSH, navigate to my project folder and run
node app.js
I get this message
Express server listening on port 8080
I thought i could see my app here
example.com:8080 or server.example:8080... but nothing. Then I tried with the info from os.networkInterfaces(); and os.host(); and still nothing happen
could you help me out? as you can see I am a total noob on node.js. What I'm doing wrong? or what should I do before running my app? Something related to DNS's? i have no idea
How do you ssh to your host? with ip or name? Is it something like:
ssh root#example.com
if so then at least you know your DNS is ok.
Once on the server do a
netstat -a
if you find *:8080 then your server is listening in the default ip. If you see something like 12.23.45.67:8080 then this number is the ip your server is listening.
ifconfig
will give you the servers ip. This should be the same as the ip of example.com. If not then maybe there is some router/firewall in front of your server and you have to configure that to allow port 8080 to reach your server.
if someone ever has the same problem this is how i solved on CentOS:
Open this file
/ Etc / csf / csf.conf
Add the required port
Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,26"
Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,37,43,53,80,110,113,443,587,873"
Restart
# # Csf-r