Access to web-ui with swag and dperson-vpn
xamyp opened this issue · 9 comments
Hello,
I'm trying to access the web interface from my swag reverse proxy but it doesn't work. I had seen this post but it is not implementable for me: issues-49
I'm using portainer and my stack configuration is as follows:
version: '3.7'
services:
vpn:
container_name: vpn
image: dperson/openvpn-client
restart: always
devices:
- /dev/net/tun
cap_add:
- NET_ADMIN
volumes:
- /home/docker/vpn/openvpn:/vpn:ro
dns:
- "1.1.1.1"
- "8.8.8.8"
- "8.8.4.4"
environment:
- FIREWALL
- PUID=1001
- GUID=1001
- log=DEBUG
ports:
- "8081:8080"
joal:
depends_on:
- vpn
image: anthonyraymond/joal
container_name: joal
restart: unless-stopped
network_mode: "service:vpn"
volumes:
- /home/docker/joal/data:/data
environment:
- PUID=1001
- PGID=1001
- TZ=Europe/Paris
command: ["--joal-conf=/data", "--spring.main.web-environment=true", "--server.port=8081", "--joal.ui.path.prefix=joal", "--joal.ui.secret-token=xxxxxxxxxxxx"]An example of my swag joal.subdomain.conf file :
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name joal.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
location /joal/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app joal;
set $upstream_port 8081;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
# REMOVE THIS LINE BEFORE SUBMITTING: Some proxies require one or more additional location blocks for things like API or RPC endpoints.
# REMOVE THIS LINE BEFORE SUBMITTING: If the proxy you are making a sample for does not require an additional location block please remove the commented out section below.
# location ~ (/<container_name>)?/api {
# include /config/nginx/proxy.conf;
# include /config/nginx/resolver.conf;
# set $upstream_app <container_name>;
# set $upstream_port <port_number>;
# set $upstream_proto <http or https>;
# proxy_pass $upstream_proto://$upstream_app:$upstream_port;
#
# # REMOVE THIS LINE BEFORE SUBMITTING: Additional proxy settings such as headers go below this line, leave the blank line above.
# }
}
Do you have any idea what swag configuration I should use to access Joal's web interface please?
Hello,
I'm gonna need more details about what's not working.
- What do you mean by "it doesn't work" ?
- Have you seen this wiki post: https://github.com/anthonyraymond/joal/wiki/Joal-&-VPN-&-qbittorrent-&-Reverse-proxy-(with-docker)
- I don't see swag in your docker-compose file. How do you share the network between the two stacks?
- Is it the first time that you setup web-ressources exposed behind a reverse proxy or have you done it successfully already?
Hello,
I use swag with the other containers. Swag is in an independent portainer stack and my containers are in other stacks. I use the join network to connect the swag container to my containers, I did this for this Joal stack.
My joal container does not have connected networks because it is linked to the vpn. But the docker network vpn is joined to the swag container.
It works very well with my sonarr, radarr, deluge, ect containers. I use swag default templates for these services. My DNS provider is OVH.
My reverse proxy works perfectly well with the other containers mentioned.
By setting up the swag configuration for Joal I arrive on the default nginx page when I would like to arrive on the Joal web interface.
I read your wiki but it's with Traefik so I can't transpose it for swag :/.
Ok, I changed joal by his ip (dns resolution not working in swag container for joal). And I changed the proxy_pass and location. Now I have a white screen (tested on chrome/ firefox) :
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name joal.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
location / {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app 172.30.0.2;
set $upstream_port 8081;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port/joal/ui/;
}
}
I'm trying to access the web interface by this address https://joal.mydomain.com/mySecretToken but I have a white screen
Ok, now I can access to web-ui with this configuration :
location /joal/ui/ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app 172.30.0.2;
set $upstream_port 8081;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
But Connection settings doesn't work :
I affraid i won't be able to help you out with swag. When it comes to reverse proxy in docker environment i've left other reverse proxy behind in favor of traefik. It's easier to configure and to maintain.
Nginx has wonderfull abilities but it' too much for what we are tying to achieve in this context.
Swag looks a lot like Nginx, so i would advise you to rever to this answer #33 (comment). It is a working nginx configuration i used to have back in the days.
If you plan to migrate to traefik id be glad to provide you help to do so.
I think i'm very close to resolve my issue because I see this output in my chrome :
But I don't know what to do with the nginx conf to allow websocket... I never did :/
I've been strugling a lot with WS and nginx.
The link i've send you is a way to make it work. Read through the entire post you'll find cause for why it does not work and solution to make it work.
It works ! I just deleted the uri in the /location part.
In the end it was simple but I made myself complex for nothing.
For those who want to use joal with nginx swag, here is my configuration:
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name joal.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
location / {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_app 172.30.0.2; #Ip of your container/ local ip of joal or container name
set $upstream_port 8081;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}
Merci pour tes réponses @anthonyraymond