Docker compose "expose"-ports breaking when UFW enabled
BE-CH opened this issue · 3 comments
Hi!
I have had massive issues with getting UFW and docker to play together! Finally, I almost got it working with the use of the described solution in this repo.
I am now successfully able to allow or deny ports with ufw.
My problem is, when I enable UFW and start my docker-compose files that has services using expose: running on the same docker network. The docker containers (on the same network) are no longer able to reach each other.
The docker network custom_external_network is in bridge mode.
Its basically container to container communication that breaks when UFW is enabled.
The example below, and with UFW enabled, the api service can't connect to the database, even tho they are on the same docker network.
# docker-compose.yml
version: '3.9'
services:
api:
container_name: api
image: image_url
expose:
- '3001'
env_file: api/.env
volumes:
- ./api/userAttachments:/app/userAttachments
restart: always
networks:
- custom_external_network
depends_on:
- database
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.api-router.entrypoints=web,websecure'
- 'traefik.http.routers.api-router.rule=Host(`api.localhost`)'
database:
container_name: database
image: mongo:5-focal
expose:
- '27017'
volumes:
- database_volume:/data/db
env_file: .env.database
deploy:
mode: global
networks:
- custom_external_network
networks:
custom_external_network:
external: true
volumes:
database_volume:Anyone has an idea about what I should do?
Have you found any solution for this problem?
Have you found any solution for this problem?
Sadly not - I ended up disabling UFW and just using Docker to only expose the ports to the host machine that were necessary.
I am having this same problem, I noticed whenever I use ufw docker the ssl certificate fetching from traefik doesn't work anymore
Please help anyone