search

Cloud-RF / tak-server

TAK Server docker setup
GNU General Public License v3.0
153 stars 52 forks source link

How can I specify the IP address used for intitial certificate generation? #38

Closed km6lslf closed 7 months ago

km6lslf commented 1 year ago

image

The installer automatically selected the LAN IP of my VM, but I need it to use the public IPv4 address that I have access to. All appropriate ports are forwarded, so if it uses the IP address I can provide, it should work seamlessly. How can I make this work?

km6lslf commented 1 year ago

It looks like I may have solved the IP address issue by making changes to the "get IP" section of the setup script and the hostIP locations in CoreConfig.xml.

It's still throwing the Java error, though. I'll search for a solution to that now.

modernham commented 12 months ago

That IP address is for connecting to the database container from the TAK server container that is running on your local system, not really for you. It should be the local address. You should probably change that back because it's configured to talk to itself.

The IP also has nothing to do with certificate generation. That's just a name given to your certificate chain so that when you give it to clients you can keep track of what server you are trusting, but the computer doesn't really care. If you were using a FQDN it would matter because you could have actual trust without a certificate import.

If you want to access it publicly, you only need to make sure your ports are open and forwarded to your servers LAN IP on the default configuration. If your server is behind a NAT such as a router, it has no use for a WAN IP. You access it from outside via your wan IP, it comes in via your modem to get to you router, your router will see that there is a port forward for the port you are attempting to reach, and send that request to the configured LAN IP. Your server will receive it and reply back.

km6lslf commented 12 months ago

Thanks for the tip!

On Sun, Sep 17, 2023, 1:17 AM modernham @.***> wrote:

That IP address is for connecting to the database from the TAK server that is running on your local system. It should be the local address. You should probably change that back because it's configured to talk to itself.

The IP also has nothing to do with certificate generation. If you want to access it publicly, you only need to make sure your ports are open and forwarded to your servers LAN IP on the default configuration. If your server is behind a NAT such as a router, it has no use for a WAN IP.

— Reply to this email directly, view it on GitHub https://github.com/Cloud-RF/tak-server/issues/38#issuecomment-1722422182, or unsubscribe https://github.com/notifications/unsubscribe-auth/ARKNSMVUDB4GAUEE2TOWLPTX22W3PANCNFSM6AAAAAA4PRQV4A . You are receiving this because you authored the thread.Message ID: @.***>