Network 192.168.112.0/255.255.255.240.0
Closed this issue · 3 comments
Hej,
why in the world is the ready to be used docker image using an undocumented network 192.168.112.0 for the communication between nginx and Sabre?
This should be a docker network (nginx front, internal network for communication to database).
I'm not sure what you are talking about:
- the docker images do not impose any kind of network, nor IP mask
- the standard docker image does not have a proxy embedded, and the standalone docker image does not use nginx, only example compose files do
- "communication between nginx and Sabre":
sabre/davis a library used by Davis, there's no "communication" between nginx and "Sabre"
Hej,
this is my docker file:
version: "3.7"
services:
nginx:
image: nginx:1.25-alpine
container_name: nginx
command: /bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done &
nginx -g "daemon off;"'
depends_on:
- davis
volumes:
- davis_www:/var/www/davis
- type: bind
source: ./configurations/nginx.conf
target: /etc/nginx/conf.d/default.conf
ports:
- 8787:80
mysql:
image: mariadb:10.6.10
container_name: mysql
environment:
- MYSQL_ROOT_PASSWORD=${DB_ROOT_PASSWORD}
- MYSQL_DATABASE=${DB_DATABASE}
- MYSQL_USER=${DB_USER}
- MYSQL_PASSWORD=${DB_PASSWORD}
volumes:
- ./mariadb-database:/var/lib/mysql
davis:
image: ghcr.io/tchapi/davis:latest
container_name: davis
environment:
- APP_ENV=prod
- DATABASE_DRIVER=mysql
- DATABASE_URL=mysql://${DB_USER}:${DB_PASSWORD}@mysql:3306/${DB_DATABASE}?serverVersion=mariadb-10.6.10&charset=utf8mb4
- MAILER_DSN=smtp://${MAIL_USERNAME}:${MAIL_PASSWORD}@${MAIL_HOST}:${MAIL_PORT}
- ADMIN_LOGIN=${ADMIN_LOGIN}
- ADMIN_PASSWORD=${ADMIN_PASSWORD}
- AUTH_REALM=${AUTH_REALM}
- AUTH_METHOD=${AUTH_METHOD}
- CALDAV_ENABLED=${CALDAV_ENABLED}
- CARDDAV_ENABLED=${CARDDAV_ENABLED}
- WEBDAV_ENABLED=${WEBDAV_ENABLED}
- WEBDAV_TMP_DIR=${WEBDAV_TMP_DIR}
- WEBDAV_PUBLIC_DIR=${WEBDAV_PUBLIC_DIR}
- INVITE_FROM_ADDRESS=${INVITE_FROM_ADDRESS}
- APP_TIMEZONE=${TIMEZONE}
depends_on:
- mysql
volumes:
- davis_www:/var/www/davis
volumes:
davis_www:
name: davis_www
which should be standard all-in-one from the project site.
The project is behind a Caddy reverse proxy on my OPNSense. When I open the Dashboard I do get
davis | 127.0.0.1 - 24/Jul/2024:19:56:39 +0000 "GET /status" 200
davis | 192.168.112.4 - 24/Jul/2024:19:56:47 +0000 "GET /index.php" 200
davis | 192.168.112.4 - 24/Jul/2024:19:56:47 +0000 "GET /index.php" 404
I have 20 other docker projects running behind the same Caddy, so it's not a configuration failure.
The network is not visible on my firewall.
But if you login into the Davis container to check the Network you see:
/var/www/davis $ netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.112.1 0.0.0.0 UG 0 0 0 eth0
192.168.112.0 0.0.0.0 255.255.240.0 U 0 0 0 eth0
/var/www/davis $
Ooooops. The Davis container uses something hard coded and not 172.X.X.X docker network. Looks like the nginx container uses the same network - e.g. there is a transfer network between nginx and Davis.
This should be a private docker network.
The docker compose files are provided as example, you're free to use them and/or modify them as you see fit if you have any specific need. Note that these docker compose files do not define any network driver explicitly, as you can notice.
Moreover, the Davis container itself does not "use something hard coded" as it doesn't care about the network it's connected to, nor can it actually affect it in any way. The network interface is attached by the Docker daemon which performs dynamic subnetting and IP address allocation.
If you want a specific network setup, you need to configure a network driver — here is the documentation that can help in this regard.