hollie / tailscale-caddy-proxy

Tailscale and Caddy proxy to expose docker containers over Tailscale with HTTPS access
MIT License
83 stars 10 forks source link

Issues trying to get already created application acccesible #12

Closed nyakojiru closed 1 month ago

nyakojiru commented 5 months ago

Hello! first thank you for this work, it is perfect for people that has all container apps running in one or more hosts without reverse proxy or even certificates (all inside taislcale network). I have used the example compose on the repo, i just removed the whoami things and added the info from my app (this example, immich) host+port. if not specified the network "tailscale-caddy_default" is created which i have linked all immich containers to it.

version: '3'

volumes:
  tailscale-immich-state:

services:

  immich-proxy:
    image: hollie/tailscale-caddy-proxy:latest
    volumes:
      - tailscale-immich-state:/var/lib/tailscale # Persist tailscale state
    environment:
      - TS_HOSTNAME=immich # Hostname on the tailscale network
      - TS_TAILNET=tailxxxxxx       # Your tailnet name without the .ts.net suffix!
      - CADDY_TARGET=debian-vm:2283        # Target service and port
#      - TS_EXTRA_ARGS=<optional extra arguments> # When starting tailscale in the container, e.g. to allow exit node or override the DNS settings.
    restart: on-failure
    init: true

Everything goes ok, tailscale gets conected, no errors. But im getting failed to connect when accessing https://immich And i can see the below in the tailscale_caddy container console :

immich-proxy-1  | 2024/06/02 22:11:16 Accept: TCP{100.xx.xx.36:53291 > 100.xx.xx.122:443} 52 tcp ok
immich-proxy-1  | 2024/06/02 22:11:16 Accept: TCP{100.xx.xx.36:53291 > 100.xx.xx.122:443} 40 tcp non-syn
immich-proxy-1  | 2024/06/02 22:11:16 Accept: TCP{100.xx.xx.36:53291 > 100.xx.xx.122:443} 694 tcp non-syn
immich-proxy-1  | 2024/06/02 22:11:41 Accept: TCP{100.xx.xx.36:53291 > 100.xx.xx.122:443} 52 tcp ok
immich-proxy-1  | 2024/06/02 22:11:41 Accept: TCP{100.xx.xx.36:53291 > 100.xx.xx.122:443} 40 tcp non-syn

And as a side comment, i saw in the console the below :

immich-proxy-1  | 2024/06/02 22:27:15 using tailnet default auto-update setting: true
immich-proxy-1  | 2024/06/02 22:27:15 EditPrefs check error: Auto-updates are not supported on this platform.
immich-proxy-1  | 2024/06/02 22:27:15 failed to apply tailnet-wide default for auto-updates (true): Auto-updates are not supported on this platform.
hollie commented 5 months ago

Hey @nyakojiru

thanks for the kind words.

Can you please confirm that if you use the docker compose example you can reach the whoami example? The reason I made the example is because it is a super basic example with no external dependencies. If that works then we should get your custom implementation working too!

If the whoami exmaple works and your implementation with immich does not then please provide the full docker compose so that I can see if I can help you troubleshooting.

Regarding the notification about Auto-updates are not supported on this platform : yes this is expected. When using docker you should update the container if a new version is available. There are tools that can help you in doing that (e.g. Portainer).

hollie commented 1 month ago

Closing this as no response received from @nyakojiru