I encountered an error while trying to proxy HTTPS and HTTP services.

rapiz1 / rathole

A lightweight and high-performance reverse proxy for NAT traversal, written in Rust. An alternative to frp and ngrok.

Apache License 2.0

8.82k stars 441 forks source link

I encountered an error while trying to proxy HTTPS and HTTP services. #262

Closed vicnoah closed 1 year ago

vicnoah commented 1 year ago

I keep getting "Permission denied" when trying to use rothole to proxy ports 80 and 443.

2023-06-12T03:22:10.986117Z ERROR connection{addr=xx}:handle{service=1panel-https}:run_tcp_connection_pool: rathole::server: Permission denied (os error 13). Retry in 870.224686ms

docker-compose.yaml

version: '3.3'
services:
    rathole:
        image: rapiz1/rathole:v0.4.8
        restart: always
        cap_add:
          - NET_ADMIN
        command: --server /app/config.toml
        ports:
            - '80:80'
            - '443:443'
            - '33080:33080'
            - '34000:34000'
        volumes:
            - $PWD/config.toml:/app/config.toml

vypxl commented 11 months ago

I have the same issue, how did you solve it?

fernvenue commented 11 months ago

I have the same issue, how did you solve it?

Hi, could you please provide any details or log information?

vypxl commented 11 months ago

Sorry, I ended up using a different solution instead of rathole, I use a wireguard tunnel now.

Skaronator commented 7 months ago

I ran in the same issue. The problem is most likely that the user 1000:1000 (from the Dockerfile) doesn't have permission to open 80 and 443 port.

One (bad) solution to this issue would be to use a user with enough permissions. For example, set user: root in your docker-compose file fixes this.

Skaronator commented 7 months ago

Got it working. Make sure the config file owns 1000:1000 then this will work:

version: '3.8'
services:
  rathole:
    image: rapiz1/rathole:v0.5.0
    container_name: rathole
    volumes:
    - /srv/config/rathole.toml:/app/config.toml
    ports:
    - 80:80
    - 443:443
    - 2333:2333
    command:
    - "--server"
    - "/app/config.toml"
    restart: always

phlplowe9 commented 7 months ago

Hi. I'm trying to learn docker, compose, rathole, azure container instance and azure storage account all at once and I'm having trouble following your post. I was hoping you could help me with the following questions:

Why are we using docker compose? I thought that's more for multi-container apps while rathole is a single app.
How does making sure the config file is owned by 1000:1000 make rathole run with enough permission to bind port 80 and 443?
Do you know how to make a docker contained app run as root using docker cli instead of compose?