[Question] How can I make app's listen port fixed?

[yankee14]

Describe the issue

I am trying to host Invoice Ninja from a server which is already hosting several other web apps, with a reverse proxy sitting in front. I modified the docker-compose.yml file somewhat to suit my needs, including commenting out the included nginx webserver.

I got the Invoice Ninja app to connect to the database, and it apparently setup everything correctly. But I am unable to connect through my proxy, or with bypassing the proxy and going directly to the listen port. No messages are being generated in the logs, so the connection isn't ever even getting through to Invoice Ninja.

Upon running docker exec --user root invoiceninja_app /bin/netstat -tln, I see that the listen port is random every time the container is started. Just wondering if there is a way to stop it from being random?

$ docker exec --user root invoiceninja_app /bin/netstat -tln
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       
tcp        0      0 127.0.0.11:37163        0.0.0.0:*               LISTEN      
tcp        0      0 :::9000                 :::*                    LISTEN

Now that I think about it, the original nginx entry in the dockerfile might be needed to serve the app. I think some magic is being done with the hosts file and extra_hosts entries that I don't understand. Please let me know if you can point me in the right direction.

Setup information

Invoice Ninja docker-compose.yml

version: "3.8"

services:
  #  server:
  #    image: nginx
  #    restart: always
  #    env_file: env
  #    volumes:
  #      # Vhost configuration
  #      #- ./config/caddy/Caddyfile:/etc/caddy/Caddyfiledocker-com
  #      - ./config/nginx/in-vhost.conf:/etc/nginx/conf.d/in-vhost.conf:ro
  #      - ./docker/app/public:/var/www/app/public:ro
  #    depends_on:
  #      - app
  #    # Run webserver nginx on port 80
  #    # Feel free to modify depending what port is already occupied
  #    ports:
  #      - "80:80"
  #      #- "443:443"
  #    networks:
  #      - invoiceninja
  #    extra_hosts:
  #      - "in5.localhost:192.168.0.124 " #host and ip

  invoiceninja_app:
    container_name: "invoiceninja_app"
    image: "invoiceninja/invoiceninja:5"
    env_file: "./env"
    restart: "unless-stopped"
    depends_on:
      - "invoiceninja_database"
    extra_hosts:
      - "host.docker.internal:host-gateway"
    networks:
      - "reverse_proxy"
        #    extra_hosts:
        #      - "in5.localhost:192.168.0.124 " #host and ip
    ports:
      - "14080:80"
    volumes:
      #      - ./config/hosts:/etc/hosts:ro
      - "invoiceninja_public:/var/www/app/public:rw,delegated"
      - "invoiceninja_storage:/var/www/app/storage:rw,delegated"

  invoiceninja_database:
    container_name: "invoiceninja_database"
    image: "mysql:5"
#    When running on ARM64 use MariaDB instead of MySQL
#    image: mariadb:10.4
#    For auto DB backups comment out image and use the build block below
#    build:
#      context: ./config/mysql
    ports:
      - "14306:3306"
        #    restart: "unless-stopped"
    env_file: "./env"
    volumes:
      - "invoiceninja_database:/var/lib/mysql:rw,delegated"

      # remove comments for next 4 lines if you want auto sql backups
      #- ./docker/mysql/bak:/backups:rw
      #- ./config/mysql/backup-script:/etc/cron.daily/daily:ro
      #- ./config/mysql/backup-script:/etc/cron.weekly/weekly:ro
      #- ./config/mysql/backup-script:/etc/cron.monthly/monthly:ro
    networks:
      - "reverse_proxy"
        #    extra_hosts:
        #      - "in5.localhost:192.168.0.124 " #host and ip

networks:
  reverse_proxy:
    name: "reverse_proxy"

volumes:
  invoiceninja_public:
    name: "invoiceninja_public"
    driver: "local"
    driver_opts:
      device: "./invoiceninja_public"
      type: "none"
      o: "bind"

  invoiceninja_storage:
    name: "invoiceninja_storage"
    driver: "local"
    driver_opts:
      device: "./invoiceninja_storage"
      type: "none"
      o: "bind"

  invoiceninja_database:
    name: "invoiceninja_database"
    driver: "local"
    driver_opts:
      device: "./invoiceninja_database"
      type: "none"
      o: "bind"

Invoice Ninja ./env file

# IN application vars
APP_URL=host.docker.internal:14080
APP_KEY=base64:REDACTED=
APP_DEBUG=true
REQUIRE_HTTPS=false
PHANTOMJS_PDF_GENERATION=false
PDF_GENERATOR=snappdf

QUEUE_CONNECTION=database

# DB connection
DB_HOST=host.docker.internal
DB_PORT=14306
DB_DATABASE=ninja
DB_USERNAME=ninja
DB_PASSWORD=ninja

# Create initial user
# Default to these values if empty
# IN_USER_EMAIL=admin@example.com
# IN_PASSWORD=changeme!
IN_USER_EMAIL=admin@example.com
IN_PASSWORD=changeme!

# Mail options
MAIL_MAILER=log
MAIL_HOST=smtp.mailtrap.io
MAIL_PORT=2525
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
MAIL_FROM_ADDRESS='user@example.com'
MAIL_FROM_NAME='Self Hosted User'

# MySQL
MYSQL_ROOT_PASSWORD=ninjaAdm1nPassword
MYSQL_USER=ninja
MYSQL_PASSWORD=ninja
MYSQL_DATABASE=ninja

# V4 env vars
# DB_STRICT=false
# APP_CIPHER=AES-256-CBC

Reverse proxy conf:

upstream upstream_invoiceninja {
    server host.docker.internal:14080;
}

server {
    listen              80;
    listen              443 ssl;
    server_name         REDACTED.com;
    ssl_certificate     /etc/nginx/ssl/certs/REDACTED.com.crt.pem;
    ssl_certificate_key /etc/nginx/ssl/certs/REDACTED.com.key.pem;
    ssl_protocols       TLSv1.3;
    ssl_ciphers         HIGH:!aNULL:!MD5;

####
# INVOICE NINJA
####

    location /invoiceninja/ {
        proxy_pass          http://upstream_invoiceninja/;
    }
}

To reproduce

Steps to reproduce the behavior: Use config described above

Expected behavior

Invoice Ninja is accessible through reverse proxy.

Screenshots/logs

If applicable, add screenshots to help explain your problem. N/A

Any Error that sucks

Docker/Kubernetes/Helm:

• Output of docker version:

  
  $ docker version
  Client: Docker Engine - Community
  Version:           20.10.12
  API version:       1.41
  Go version:        go1.16.12
  Git commit:        e91ed57
  Built:             Mon Dec 13 11:45:48 2021
  OS/Arch:           linux/amd64
  Context:           default
  Experimental:      true

Server: Docker Engine - Community Engine: Version: 20.10.12 API version: 1.41 (minimum version 1.12) Go version: go1.16.12 Git commit: 459d0df Built: Mon Dec 13 11:43:56 2021 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.4.12 GitCommit: 7b11cfaabd73bb80907dd23182b9347b4245eb5d runc: Version: 1.0.2 GitCommit: v1.0.2-0-g52b36a2 docker-init: Version: 0.19.0 GitCommit: de40ad0

<!-- Additional info if using helm on k8s, add the info below -->
<!-- Delete this block if not applicable -->
- Output of `helm version`:

$ helm version -bash: helm: command not found

- Output of `kubectl version`:

$ kubectl version -bash: kubectl: command not found

<!-- End Additional info if using helm on k8s -->

[yankee14]

It works with the nginx service enabled, but I'm still not sure how it works.