nginx tries to bind port 80

[bassista]

I don't get why I have this error at startup: nginx: [emerg] socket() [::]:80 failed (97: Address family not supported by protocol)

I'm using this docker image: ghcr.io/ahwxorg/librey:latest and ipv6 is disabled on the host machine.

If I look at docker/nginx.conf I see that It should bind port 8080 so why do I get this error related to port 80?

Can you add an env variable to have only ipv4 binding, otherwise can you explain to me how I can build the docker image disabling the ipv6 binding? - my best guess was that I had to modify the nginx.con file, but there I found a mismatch between the port stated in this file (8080) and the one bound at server start (80).

Thanks in advance.

[Ahwxorg]

Could you share your docker-compose.yaml file?

[bassista]

services:
  librey:
    image: ghcr.io/ahwxorg/librey:latest
    container_name: librey
    environment:      
      - CONFIG_GOOGLE_DOMAIN=en
      - CONFIG_LANGUAGE=en
      - CONFIG_WIKIPEDIA_LANGUAGE="en"    
      - CONFIG_NUMBER_OF_RESULTS=100
      - CONFIG_INVIDIOUS_INSTANCE=https://yt.ahwx.org
      - CONFIG_DISABLE_BITTORRENT_SEARCH=false
      - CONFIG_HIDDEN_SERVICE_SEARCH=false
      - CONFIG_INSTANCE_FALLBACK=true
      - CONFIG_RATE_LIMIT_COOLDOWN=25
      - CONFIG_CACHE_TIME=20
      - CONFIG_DISABLE_API=false
      - CONFIG_TEXT_SEARCH_ENGINE=auto
      - CURLOPT_PROXY_ENABLED=false
      - CURLOPT_PROXY=192.0.2.53:8388
      - CURLOPT_PROXYTYPE=CURLPROXY_HTTP
      - CURLOPT_USERAGENT=Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:116.0) Gecko/20100101 Firefox/116.0
      - CURLOPT_FOLLOWLOCATION=true
    volumes:
      - ./php_logs:/var/log/php83 
    restart: unless-stopped 

[Ahwxorg]

Can you add an env variable to have only ipv4 binding

As far as I am aware, (and after a quick search, it looks like that's still the case) NGINX does not automatically bind to IPv6. I have not implemented IPv6 here either.

It does look like an IP/port related error, so that's weird.

Also: I strongly recommend against letting Docker bind to IPv6, as you are better of doing that on the reverse proxy side, in my opinion.

[Ahwxorg]

services:
  librey:
    image: ghcr.io/ahwxorg/librey:latest
    container_name: librey
    environment:    
      - CONFIG_GOOGLE_DOMAIN=en
      - CONFIG_LANGUAGE=en
      - CONFIG_WIKIPEDIA_LANGUAGE="en"      
      - CONFIG_NUMBER_OF_RESULTS=100
      - CONFIG_INVIDIOUS_INSTANCE=https://yt.ahwx.org
      - CONFIG_DISABLE_BITTORRENT_SEARCH=false
      - CONFIG_HIDDEN_SERVICE_SEARCH=false
      - CONFIG_INSTANCE_FALLBACK=true
      - CONFIG_RATE_LIMIT_COOLDOWN=25
      - CONFIG_CACHE_TIME=20
      - CONFIG_DISABLE_API=false
      - CONFIG_TEXT_SEARCH_ENGINE=auto
      - CURLOPT_PROXY_ENABLED=false
      - CURLOPT_PROXY=192.0.2.53:8388
      - CURLOPT_PROXYTYPE=CURLPROXY_HTTP
      - CURLOPT_USERAGENT=Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:116.0) Gecko/20100101 Firefox/116.0
      - CURLOPT_FOLLOWLOCATION=true
    volumes:
      - ./php_logs:/var/log/php83 
    restart: unless-stopped   

Kindly copy-paste the whole file here. This seems to cut off halfway...

[bassista]

no, that's it. There is no port cause if it will start I will use a reverse proxy to expose it.

[Ahwxorg]

Please take a look at how Docker networking works.

[bassista]

Using the docker-compose.yml you versioned here gives the same error:

[+] Running 1/1 ✔ Container librey Created 0.2s Attaching to librey librey | nginx: [emerg] socket() [::]:80 failed (97: Address family not supported by protocol) librey exited with code 1

services:
  librey:
    image: ghcr.io/ahwxorg/librey:latest
    container_name: librey
    network_mode: bridge
    ports:
      - 8080:8080
    environment:
      - CONFIG_GOOGLE_DOMAIN=com
      - CONFIG_LANGUAGE=en
      - CONFIG_NUMBER_OF_RESULTS=10
      - CONFIG_INVIDIOUS_INSTANCE=https://yt.ahwx.org
      - CONFIG_DISABLE_BITTORRENT_SEARCH=false
      - CONFIG_HIDDEN_SERVICE_SEARCH=false
      - CONFIG_INSTANCE_FALLBACK=true
      - CONFIG_RATE_LIMIT_COOLDOWN=25
      - CONFIG_CACHE_TIME=20
      - CONFIG_DISABLE_API=false
      - CONFIG_TEXT_SEARCH_ENGINE=auto
      - CURLOPT_PROXY_ENABLED=false
      - CURLOPT_PROXY=192.0.2.53:8388
      - CURLOPT_PROXYTYPE=CURLPROXY_HTTP
      - CURLOPT_USERAGENT=Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:116.0) Gecko/20100101 Firefox/116.0
      - CURLOPT_FOLLOWLOCATION=true
    volumes:
      # - ./nginx_logs:/var/log/nginx # Disabled by default. These are the NGINX request logs.
      - ./php_logs:/var/log/php83 # Enabled by default. These are the PHP error logs.
    restart: unless-stopped
  watchtower: # Watchtower is not required but highly recommended, since Watchtower will re-pull and restart the LibreY container automatically whenever there's an update.
    image: containrrr/watchtower
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock

[codedipper]

Let's take a close look at the ports part of the configuration:

      - 8080:8080

The port is formatted as: IPADDR:HOSTPORT:CONTAINERPORT

By default, without a specific hostname (in this case the IPADDR part) specified, Docker tries to automatically listen on ALL available IPv4 interfaces (0.0.0.0) and ALL available IPv6 interfaces (::). If you are running an IPv4-only network, Docker might be improperly detecting if IPv6 is available on your system and trying to listen on a link-local IPv6 interface that doesn't exist. This problem has been observed here and here. This normally wouldn't happen, because even if outside IPv6 access is unavailable, a link-local IPv6 interface should still exist for most sane network configurations. There should be a specific option for this, for example, in the GNOME desktop environment.

To fix this problem, you can bind directly to 127.0.0.1 similar to the example below. It's also generally unnecessary to listen on all interfaces if you're going to use a reverse proxy anyway.

...
    ports:
      - 127.0.0.1:8080:8080
...

[Ahwxorg]

@bassista please let me know if the above (setting ports: - 127.0.0.1:8080:8080) solved your issue!

[Ahwxorg]

Closing due to inactivity. Feel free to reopen.

[wastlnd]

@Ahwxorg chiming in to report that the proposed settings don't work for me..I have an ipv4 only system.

[Ahwxorg]

Drop your compose file and logs here please :)

[wastlnd]

Yes sure :) I followed this instructions to host libreY over Tor, and just changed the ports to 127.0.0.1:8080:8080 for the libreY container. When I start docker compose in console I get an endless series of: nginx: [emerg] socket() [::]:80 failed (97: Address family not supported by protocol)

[Ahwxorg]

Could you try to see what happens when you bind it to 0.0.0.0? Before trying however, you should be aware that this will bind to all (IPv4) addresses.

[Ahwxorg]

Otherwise please make sure Docker is up to date from their official repositories, that could also be a solution.

[wastlnd]

Ok, the docker package is up to date, I also tried to bind to 0.0.0.0 but I have the same error.

[Ahwxorg]

Weird. I have no clue... @davidovski, do you know?

[davidovski]

Not really too familiar with docker, but this looks like it could be an nginx issue with ipv6. Since you said you've disabled ipv6 on the host, maybe the nginx image is trying to bind to ipv6 and failing because of it.

Quick search told me to have DISABLE_IPV6=true in env, so try that, might do the trick

[wastlnd]

Hey @davidovski unfortunately this didn't fix the issue either. It looks like whatever the docker settings, nginx will always look for IPv6. Maybe the nginx image should be rebuilt disabling all the references to IPv6 but I have no idea how.