Closed killmasta93 closed 2 years ago
Without knowing more about your setup, all you should have to do is mount your /opt/meshcentral/meshcentral-data folder in the docker container (see the docker-compose example). This should keep all your settings, and if you already have the configs defined you don't even need to set up any environment variables in the compose. If your setup includes a mongodb then i'm not sure what would be the best way to migrate that.
Thanks im going to test it out and see how it goes
Hi again so instead of migrating im going to start from zero, but currently having a bit trouble on the reverse proxy, This is my NGINX trying to point to my docker currently not sure if i need to point on the reverse proxy to port 8087 which the http or the https 8086 i tried pointing to both and i keep getting 502 bad gateway
Thank you
server {
listen 443 ssl;
server_name remoto.domain.com;
ssl_certificate /etc/letsencrypt/live/remoto.domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/remoto.domain.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_stapling on;
ssl_stapling_verify on;
location ~ /.well-known {
root /var/www/letsencrypt;
allow all;
}
location / {
proxy_pass http://127.0.0.1:8087/;
proxy_http_version 1.1;
#Allows websockets over HTTPS.
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Inform MeshCentral about the real host, port and protocol
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
#proxy timeouts
proxy_send_timeout 330s;
proxy_read_timeout 330s;
}
}
and the docker compose file
version: '3'
services:
mongodb:
container_name: meshcentral_db
restart: always
image: mongo:4.4.6
expose:
- 27017
volumes:
- '/sci3/remoto/meshcentral/database:/data/db'
meshcentral:
restart: always
container_name: meshcentral
depends_on:
- 'mongodb'
image: typhonragewind/meshcentral
ports:
- 8086:443
- 8087:800
environment:
- HOSTNAME=remoto.domain.com #your hostname
- REVERSE_PROXY=true #set to your reverse proxy IP if you want to put meshcentral behind a reverse proxy
- REVERSE_PROXY_TLS_PORT=443
- IFRAME=false #set to true if you wish to enable iframe support
- ALLOW_NEW_ACCOUNTS=true #set to false if you want disable self-service creation of new accounts besides the first (admin)
- WEBRTC=false #set to true to enable WebRTC - per documentation it is not officially released with meshcentral, but is solid enough to work with. Use with caution
- NODE_ENV=production
volumes:
- /sci3/remoto/meshcentral/data:/opt/meshcentral/meshcentral-data
- /sci3/remoto/meshcentral/user_files:/opt/meshcentral/meshcentral-files
hi @Typhonragewind i was wondering if you can shed some light been trying to get it working for while but cant seem to get it working
@killmasta93 I was pretty sure i had answered this, but it seems my mind is going, sorry about that.
There are 2 wrong things that i can see at a glance, in your docker-compose:
hi @Typhonragewind thank you so much for the reply, currently this is my config the issue is that the reverse proxy is on the host 192.168.3.190 and the docker container is also on 192.168.3.190 when i try to access remoto.domain.com i redirects 127.0.0.1 and when i try to access only http it keeps going to https
Thank you
version: '3'
services:
mongodb:
container_name: meshcentral_db
restart: always
image: mongo:4.4.6
expose:
- 27017
volumes:
- '/sci3/remoto/meshcentral/database:/data/db'
meshcentral:
restart: always
container_name: meshcentral
depends_on:
- 'mongodb'
image: typhonragewind/meshcentral
ports:
- 8086:443
- 8087:80
environment:
- HOSTNAME=remoto.domain.com #your hostname
- REVERSE_PROXY=192.168.3.190 #set to your reverse proxy IP if you want to put meshcentral behind a reverse proxy
- REVERSE_PROXY_TLS_PORT=443
- IFRAME=false #set to true if you wish to enable iframe support
- ALLOW_NEW_ACCOUNTS=true #set to false if you want disable self-service creation of new accounts besides the first (admin)
- WEBRTC=false #set to true to enable WebRTC - per documentation it is not officially released with meshcentral, but is solid enough to work with. Use with caution
- NODE_ENV=production
volumes:
- /sci3/remoto/meshcentral/data:/opt/meshcentral/meshcentral-data
- /sci3/remoto/meshcentral/user_files:/opt/meshcentral/meshcentral-files
Alright. First of all, did you delete the previous config file after changing the variables in the docker-compose? The way i set it up is that those docker-compose variables are only used to generate the first config file. Second, make sure your reverse proxy port is actually 443 (and you want the container port, not the ouside port)
thank you so much for the reply, correct i deleted the config and the folder which had data, the second part didnt really understand well enough, currently i use NGINX as my reverse proxy running on 443 whats odd is that when i try to access internally the url with 8087 it keeps redirecting to https not sure why
Thank you
I never used meshcentral on plain http, so I don't know exactly what the problem is. However, i know there are many checks in place to keep it secure, so you probably have a default option somewhere forcing https. See if you can find it in the manual
HI I was wondering what would the steps to migrate from a meshcentral VM to a docker?
Thank you