Loading issues with Docker and Nginx Proxy Manager

[ItsNoted]

I am getting a strange issue where the app will work fine on a local IP but when I try to add a domain and put it behind nginx proxy manager, I get loading issues. I cannot log in and get the spinning wheel indefinitely.

Domain is set in both the docker-compose.yml file and the lemmy.hjson file.

[dessalines]

What is nginx proxy manager? Paste your nginx, lemmy.hjson, and docker-compose file here.

Which install instructions are you following?

[Nutomic]

Check the browser console, i bet websocket connection isnt working. I dont think it shows any error messages for that in the UI.

[ItsNoted]

Check the browser console, i bet websocket connection isnt working. I dont think it shows any error messages for that in the UI.

Websockets are enabled in nginx proxy manager and it still does this. That was the first thing I thought of.

I installed using these instructions https://join-lemmy.org/docs/en/administration/install_docker.html

_lemmy_lemmy-ui_1_logs.txt

Logs are mentioning a JWT key but the thing is, there is no place to change or add one unless I am missing an environmental variable?

[dessalines]

JWT is automatically handled by the back end now.

You only pasted your lemmy-U logs, paste your lemmy docker logs too.

Don't screenshot, paste the 3 configs in here, especially your nginx one.

[ItsNoted]

These are the lemmy docker logs.

_lemmy_lemmy_1_logs.txt

Docker Compose

version: '2.2'

services:
  postgres:
    image: postgres:12-alpine
    environment:
      - POSTGRES_USER=lemmy
      - POSTGRES_PASSWORD=password
      - POSTGRES_DB=lemmy
    volumes:
      - ./volumes/postgres:/var/lib/postgresql/data
    restart: always

  lemmy:
    image: dessalines/lemmy:0.16.3
    ports:
      - "8536:8536"
      - "6669:6669"
    restart: always
    volumes:
      - ./lemmy.hjson:/config/config.hjson
    depends_on:
      - postgres
      - pictrs

  lemmy-ui:
    image: dessalines/lemmy-ui:0.16.3
    ports:
      - "1235:1234"
    restart: always
    environment:
      - LEMMY_INTERNAL_HOST=lemmy:8536
      - LEMMY_EXTERNAL_HOST=hosted.lol
      - LEMMY_HTTPS=true
    depends_on: 
      - lemmy

  pictrs:
    image: asonix/pictrs:0.3.1
    ports: 
      - "8537:8080"
      - "6670:6669"
    user: 991:991
    volumes:
      - ./volumes/pictrs:/mnt
    restart: always

lemmy.hjson

{
  # for more info about the config, check out the documentation
  # https://join-lemmy.org/docs/en/administration/configuration.html

  setup: {
    # username for the admin user
    admin_username: "Jeremy"
    # password for the admin user
    admin_password: somepassword"
    # name of the site (can be changed later)
    site_name: "Hosted"
  }

  opentelemetry_url: "http://otel:4137"

  # the domain name of your instance (eg "lemmy.ml")
  hostname: "hosted.lol"
  # address where lemmy should listen for incoming requests
  bind: "0.0.0.0"
  # port where lemmy should listen for incoming requests
  port: 8536
  # settings related to the postgresql database
  # address where pictrs is available
  pictrs_url: "http://pictrs:8080"
  database: {
    # name of the postgres database for lemmy
    database: "lemmy"
    # username to connect to postgres
    user: "lemmy"
    # password to connect to postgres
    password: "password"
    # host where postgres is running
    host: "postgres"
    # port where postgres can be accessed
    port: 5432
    # maximum number of active sql connections
    pool_size: 5
  }
  slur_filter:
    '''
    (fag(g|got|tard)?\b|cock\s?sucker(s|ing)?|ni((g{2,}|q)+|[gq]{2,})[e3r]+(s|z)?|mudslime?s?|kikes?|\bspi(c|k)s?\b|\bchinks?|gooks?|bitch(es|ing|y)?|whor(es?|ing)|\btr(a|@)nn?(y|ies?)|\b(b|re|r)tard(ed)?s?)
    '''
#  # optional: email sending configuration
#  email: {
#    # hostname and port of the smtp server
#    smtp_server: ""
#    # login name for smtp server
#    smtp_login: ""
#    # password to login to the smtp server
#    smtp_password: ""
#    # address to send emails from, eg "noreply@your-instance.com"
#    smtp_from_address: ""
#    # whether or not smtp connections should use tls
#    use_tls: true
#  }
}

The Nginx Proxy Manager does the routing for the IP and port. Here are some screenshots of that.

As you can see websockets are enabled. This is not production, only for testing. Once I get it working I plan to use it. I need to figure out what is causing the issue first.

As I said, everything works on the local IP but when I use the domain, I get those loading issues.

[dessalines]

WARN Error encountered while processing the incoming HTTP request: lemmy_server::root_span_builder: not_logged_in: InvalidSignature 0: lemmy_api_common::get_local_user_settings_view_from_jwt

Not sure how that could've happened, but clear your browser cache.

Remove the opentelemetry line from your config for now.

I have no idea what nginx proxy manager is, so we can't support it, but I imagine you'll still be able to hard-code whatever block you need. Here is the nginx template that is verified as working, as we use it for ansible installs.

[ItsNoted]

Ok. Removing the opentelemetry line didn't fix it. I will do more digging and try to see if there's anything I can do about my Nginx Proxy Manager setup. For now though, still unresolved.

[ItsNoted]

Tried this without using Nginx Proxy Manager and STILL it does the same thing. So annoying!

[dessalines]

I'm not sure if we should leave this open... we support nginx and provided working conf files. We shouldn't have to support different front ends people put over nginx.

[ItsNoted]

I'm not sure if we should leave this open... we support nginx and provided working conf files. We shouldn't have to support different front ends people put over nginx.

I’m not even sure it’s the proxy at this point. I tried it with cloudlfare tunnel and got the same exact issue. Perhaps it’s not the front end but something different. Here, I’ll close it for you if it’s that much of a burden.

[guysoft]

Hey, i am having a simlar issue. I am using a docker container on a local machine. I switched the lemmy-ui with a test websocket server and it works. However when switch back to lemmy-ui it does not. I also used ssh-tunnels and the websockets dont work on that neither

The error I am getting is that the server is returning 200 (instead of the expected 101 switching protocols).

I saw a similar refused error with the traefik/whoami container whe it had issues with the origin (issue on that here https://github.com/traefik/whoami/issues/6). I have a guess that something in the websocket setup in the ui is checking where the request is coming from and blocking based on that. Not sure where to check that.

[zombielinux]

@guysoft Did you ever solve this issue? If so, can you provide a solution?

[guysoft]

I did. I set it up though with traefik. I will post the yml setting when i am next to a pc. basically needed to route the ui and api correctly

[guysoft]

Sorry for the delay, here it is, change example.com to your domain

services:
  lemmy:
    image: dessalines/lemmy:0.16.7
    hostname: lemmy
    container_name: lemmy
    networks:
      - lemmyinternal
      - default
    restart: always
    environment:
      - RUST_LOG="warn,lemmy_server=info,lemmy_api=info,lemmy_api_common=info,lemmy_api_crud=info,lemmy_apub=info,lemmy_db_schema=info,lemmy_db_views=info,lemmy_db_views_actor=info,lemmy_db_views_moderator=info,lemmy_routes=info,lemmy_utils=info,lemmy_websocket=info"
    volumes:
      - ./lemmy.hjson:/config/config.hjson
    depends_on:
      - postgres
      - pictrs
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.lemmyapi.rule=Host(`example.com`) && ( PathPrefix(`/api`) || PathPrefix(`/pictrs`) || PathPrefix(`/feeds`) || PathPrefix(`/nodeinfo`) || PathPrefix(`/.well-known`))"
      - "traefik.http.routers.lemmyapi.entrypoints=web"
      - "traefik.http.services.lemmyapi.loadbalancer.server.port=8536"
      - "traefik.docker.network=web"
      - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
      - "traefik.http.services.lemmyapi.loadbalancer.sticky=true"
      - "traefik.http.routers.lemmyapi.middlewares=sslheader@docker"

  lemmybb:
    image: lemmynet/lemmybb:0.1.2
    restart: always
    container_name: lemmy-bb
    ports:
      - "127.0.0.1:8701:8701"
    environment:
      - LEMMYBB_BACKEND=http://lemmy:8536
      - LEMMYBB_LISTEN_ADDRESS=0.0.0.0:8701
      - LEMMYBB_INCREASED_RATE_LIMIT=1
    volumes:
      - ./lemmybb_categories.hjson:/app/lemmybb_categories.hjson:ro
    depends_on:
      - lemmy
    links:
      - lemmy:lemmy
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.lemmybb.rule=Host(`forum.example.com`)"
      - "traefik.http.routers.lemmybb.entrypoints=web"
      - "traefik.http.services.lemmybb.loadbalancer.server.port=8701"
      # - "traefik.http.services.lemmybb.loadbalancer.server.port=8010"
      - "traefik.docker.network=web"
      - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
      - "traefik.http.services.lemmybb.loadbalancer.sticky=true"
      - "traefik.http.routers.lemmybb.middlewares=sslheader@docker"
    networks: 
      - lemmyinternal
      - default

  lemmy-ui:
    image: dessalines/lemmy-ui:0.16.7
    container_name: lemmy-ui
    networks:
      - lemmyinternal
      - default
    environment:
      # this needs to match the hostname defined in the lemmy service
      - LEMMY_INTERNAL_HOST=lemmy:8536
      # set the outside hostname here
      - LEMMY_EXTERNAL_HOST=example.com
      - LEMMY_HTTPS=false
      - LEMMY_UI_DISABLE_CSP=true
      - LEMMY_UI_DEBUG=true
    depends_on:
      - lemmy
    restart: always
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.lemmy.rule=Host(`example.com`)"
      - "traefik.http.routers.lemmy.entrypoints=web"
      - "traefik.http.services.lemmy.loadbalancer.server.port=1234"
      - "traefik.docker.network=web"
      - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
      - "traefik.http.services.lemmy.loadbalancer.sticky=true"
      - "traefik.http.routers.lemmy.middlewares=sslheader@docker"