Proxy non-docker services

[rototom]

I installed npm and really like this aproach of proxying to my serives. I have several docker and non-docker services on my server, the docker ones are simple to use via docker-compose and the "network" entry in the docker-compose.yml. How can I use my non-docker services, funkwhale and mastodon f.e.?

[lieven121]

You could easily convert them to docker containers (there are 101 tutorials online) Or you should be able to refer to the "host" you are running the proxy on to them. Your First guess might be localhost but this would actually refer to the container itself.

There are several ways to fix this src 1 use --network="host" this would allow you to use localhost but has other side effect you might not want

2 find the ip of the host. is explained in the src but is kinda a workaround and can change with new deployments

3 (my favorite) host.docker.internal this shoud point to the host. here just add the port of the service

(unless its running on a other server ofc, then its just serverip:port)

[Robin-Sch]

    extra_hosts:
      - "host.docker.internal:127.17.0.1"

I've added that to proxy manager, and in a different compose project one service is listening on 0.0.0.0:8080. Going to publicIP:8080 works.

docker exec -it proxymanager bash
curl host.docker.internal:8080 -L
curl: (7) Failed to connect to host.docker.internal port 8080: No route to host

I can't put them in the same network because the other compose project requires it's own network

[adrianbienias]

extra_hosts:
    - "host.docker.internal:host-gateway"

Inside the container in /etc/hosts, it maps IP 172.17.0.1 to host.docker.internal.

So host.docker.internal is quite irrelevant, what it matters is the IP.

I have an app running on the host on port 3000 (it's not dockerized). I'd like to ultimately proxy that app to a domain.

I'm trying to debug it first, running bash inside the Nginx Proxy Manager container.

So, inside the container, I run curl 172.17.0.1:80. It shows default Nginx Proxy Manager "Congratulations!" page.

But when I try (inside the container) curl 172.17.0.1:3000 it just times out or refuse to connect.

So Nginx Proxy Manager container clearly doesn't have access to the host.

Any ideas what could be the case?

[ycsin]

Hey @adrianbienias, I'm also having the same question, did you manage to find a fix for this?

[adrianbienias]

@ycsin I ended up using the following docker compose configuration:

version: '3.8'
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    network_mode: "host"
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt

allowing nginx proxy manager running inside docker container to access the host network, so all apps that run directly on the host machine on different ports are accessible.

It has some additional benefits comparing to the default configuration

    ports:
      - '80:80'
      - '81:81'
      - '443:443'

Using ufw firewall on Ubuntu (not sure if it's also a flaw with other distros/firewalls), docker bypasses ufw configuration, opening listed ports, so port 81 is open too, even if in ufw you don't see it as open port.

It's a docker issue better described e.g. here: What is the best practice of docker + ufw under Ubuntu - Stack Overflow

but by using

    network_mode: "host"

instead of opening certain ports, you also mitigate that problem with ufw.

[ycsin]

@ycsin I ended up using the following docker compose configuration:

version: '3.8'
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    network_mode: "host"
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt

allowing nginx proxy manager running inside docker container to access host network, so all apps that run directly on the host machine on different ports are accessible.

Thanks for sharing the file!

[github-actions[bot]]

Issue is now considered stale. If you want to keep it open, please comment :+1: