Closed mighty-services closed 1 year ago
I have same problem with MAILCOW, only when I run command: sudo docker-comose -up -d
Error: Error response from daemon: driver failed programming external connectivity on endpoint mailcowdockecow-1 (nxnxnnxnxxnxnnxnnxnxnxnnxnxnnxnxnxnnxnxnnxnxnxnnxnnxnxnx): Error starting userland pr 0.0.0.0:443: bind: address already in use
Is not a problem if a changed port into mailcow.conf:
For technical reasons, http bindings are a bit different from other service bindings. You will find the following variables, separated by a bind address and its port: Example: HTTP_BIND=1.2.3.4
HTTP_PORT=80 HTTP_BIND= HTTPS_PORT=443 for -->8443 ? HTTPS_BIND=
Or How to apply Reverse Proxy? In fact: I'm use digitalocean.com, they use port 80 and 443 for resolve names::https secure site ...
Sorry for the late response, as @mark33sv already mentioned, you need to change the port. Can you tell me whether this is still an issue, or if you need anything else?
Hy Christian,
I tried that but the problem is not the port forwarding itself for this container - I'm sorry for not pointing that out clearly. I run many containers already through my ngnix reverse-proxy and they are working, but teleport (just like netcloud aio) is different, since its recommending to manage the certification with Lets Encrypt by himself and not via the reverse proxy.
I found other discussions (https://github.com/gravitational/teleport/discussions/7857) that say its not possible, but you mentioned it in one of your video tutorials using a loadbalancer. They both have the same "issue" regarding the SSL-Handling by themself. You mentioned it in one of your videos and managed to get a cluster running. But when I try to add a linux server it sais it cant connect since the cerrtificate on the cluster differs from the URL. Its probaly, because the cluster stil uses his own selfsigned certificate, since it cannot do the HTTP/HTTPS-chalenge by himself. Just like this guy posted. The only workaround I see right now is to obtain a certificate on the reverse proxy for the specific teleport URL and copy it over to the maschine where I run the teleport cluster. This I have to do every time the certificate changes.
Honestly that was to complicated in my sight, so by now I bought a raspi, set up a teleport-instance on another site, whee there's only teleport running.
But I would be happy if someone could jump in and help me with this :)
I think at some point I need to make another video about Teleport set-up on Kubernetes with Traefik. That would probably solve some of your questions, as it requires Traefik to add additional entry points with TLS pass-through. Let me schedule that for next year, I might reach out to Teleport if they'd like to support another dedicated self-hosted tutorial :) For now, I would advise setting it up without a reverse proxy, and just use different ports and the ACME service integrated in Teleport.
Thanks a lot Christian. I'm looking forward to the video :)
Am 02.12.2022 um 09:33, Christian Lempa @.***> schrieb:
I think at some point I need to make another video about Teleport set-up on Kubernetes with Traefik. That would probably solve some of your questions, as it requires Traefik to add additional entry points with TLS pass-through. Let me schedule that for next year, I might reach out to Teleport if they'd like to support another dedicated self-hosted tutorial :) For now, I would advise setting it up without a reverse proxy, and just use different ports and the ACME service integrated in Teleport.
— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you authored the thread.Message ID: @.***>
Dear Christian,
thanks a lot for your tutorials in this toppic! Great to see others be enthusiastic about teleport :)
I also have a homelab running on proxmox and Nginx reverse Proxy and have several Services running on it, so I simply cant use port 443 by default like you described. I´d like to pass it through the Reverse proxy butcant get it to work. I always get the error
WARN [MX:PROXY:] "\nERROR REPORT:\nOriginal Error: *trace.BadParameterError multiplexer failed to detect connection protocol
Based on this post, I´ve edited the teleport.yml file to this:
In the reverse Proxy I forwarded "teleport.example.com" as https Protokoll to my host-IP on port 443
Can you explain how to configure the Reverse proxy or how to use teleport on another port?