Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Running behind proxy #1

Closed
Jogai opened this issue Feb 6, 2025 · 5 comments
Closed

Running behind proxy #1

Jogai opened this issue Feb 6, 2025 · 5 comments

Comments

@Jogai
Copy link

Jogai commented Feb 6, 2025

This seems like a nice tool. however, I cant get it to run. The log says its running on port 5555, and the database tables are filled with data, so it seems to start fine. Is there anything in the software itself that would refuse traffic?

# wget --spider nimletter:5555
Spider mode enabled. Check if remote file exists.
--2025-02-06 20:16:53--  http://nimletter:5555/
Resolving nimletter (nimletter)... 172.16.2.18
Connecting to nimletter (nimletter)|172.16.2.18|:5555... failed: Connection refused.
@ThomasTJdev
Copy link
Owner

Hi @Jogai ,

Thanks!

Could you provide the command you use to run it? From the log it seems your are requesting http://nimletter:5555, try with http://127.0.0.1 instead 👍

@Jogai
Copy link
Author

Jogai commented Feb 7, 2025

Then I see the issue. The 'nimletter' address is of course internal to the proxy (it resolves correctly to 172.16.2.18) but nimletter is just listening to localhost. Can you change this to listening to its own ip or any ip (often 0.0.0.0).

@Jogai Jogai mentioned this issue Feb 7, 2025
Merged
@Jogai
Copy link
Author

Jogai commented Feb 7, 2025

To be complete, here is my docker compose file where the external docknet network is for the traefik proxy. This way the database is not exposed publicly, and has an extra authentication layer trough authelia.

services:

  nim-db:
    image: docker.io/postgres:17-alpine
    container_name: nim-db
    restart: unless-stopped
    environment:
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD: postgres
      POSTGRES_DB: nimletter_db
    volumes:
      - /root/nimletter/db:/var/lib/postgresql/data
    networks:
      - nim-net
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U postgres"]
      start_period: 4s
      interval: 16s
      timeout: 8s
      retries: 4

  nimletter:
    image: ghcr.io/jogai/nimletter:v0.4.1-jogai
    container_name: nimletter
    restart: unless-stopped
    depends_on:
      nim-db:
        condition: service_healthy
    environment:
      PG_HOST: nim-db:5432
      PG_USER: postgres
      PG_PASSWORD: postgres
      PG_DATABASE: nimletter_db
      PG_WORKERS: 3
      SMTP_HOST: mail.•••••••••••••••
      SMTP_PORT: 465
      SMTP_USER: ••••••••••••••••••••
      SMTP_PASSWORD: ••••••••••••••••
      SMTP_FROMEMAIL: noreply@•••••••
      SMTP_FROMNAME: "•••••••••••••••• notifications"
      # Maximum number of emails to send per second
      SMTP_MAILSPERSECOND: 1
      # Use a random long string - it's part of the route to the webhook
      ADMIN_EMAIL: ••••••••••••••••@•••••••••••••••••
      ADMIN_PASSWORD: ••••••••••••••••
      SNS_WEBHOOK_SECRET: ••••••••••••••••
    networks:
      - docknet
      - nim-net
    labels:
      - 'traefik.enable=true'
      - 'traefik.http.routers.nimletter.rule=Host(`letter.•••••••••••••••••`)'
      - 'traefik.http.routers.nimletter.entrypoints=https'
      - 'traefik.http.routers.nimletter.tls=true'
      - 'traefik.http.routers.nimletter.tls.certresolver=letsencrypt'
      - 'traefik.http.routers.nimletter.middlewares=authelia@docker,error-pages@docker'
      - 'traefik.http.routers.nimletter.service=nimletter-service'
      - 'traefik.http.services.nimletter-service.loadbalancer.server.port=5555'

  nim-dbgate:
    image: dbgate/dbgate
    container_name: nim-dbgate
    restart: always
    environment:
      CONNECTIONS: con2
      LABEL_con2: nim
      SERVER_con2: nim-db
      USER_con2: postgres
      PASSWORD_con2: postgres
      PORT_con2: 5432
      ENGINE_con2: postgres@dbgate-plugin-postgres
    depends_on:
      nim-db:
        condition: service_healthy
    networks:
      - docknet
      - nim-net
    labels:
      - 'traefik.enable=true'
      - 'traefik.http.routers.nim-dbgate.rule=Host(`nim-db.•••••••••••••••••`)'
      - 'traefik.http.routers.nim-dbgate.entrypoints=https'
      - 'traefik.http.routers.nim-dbgate.tls=true'
      - 'traefik.http.routers.nim-dbgate.tls.certresolver=letsencrypt'
      - 'traefik.http.routers.nim-dbgate.middlewares=authelia@docker,error-pages@docker'
      - 'traefik.http.routers.nim-dbgate.service=nim-dbgate-service'
      - 'traefik.http.services.nim-dbgate-service.loadbalancer.server.port=3000'      
      
networks:
  nim-net:
    name: nim-net
  docknet:
    name: docknet
    external: true

@ThomasTJdev
Copy link
Owner

Thanks for PR#2. Regarding the above then it might be because, that I used an older version of podman go generate it - it's still a bit flaky.

I would be glad to accept a ready-to-run docker compose file 👍

@ThomasTJdev ThomasTJdev reopened this Feb 8, 2025
@Jogai
Copy link
Author

Jogai commented Feb 10, 2025

Every environment is different, so I'd imagine with the above most users will be able to run nimletter. If you dont use traefik you can just omit the labels, although they wont hinder running in a different setup. The network part is dependent on the proxy, if any, and which.

@Jogai Jogai closed this as completed Feb 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Jogai @ThomasTJdev