pretendo-docker icon indicating copy to clipboard operation
pretendo-docker copied to clipboard
verified publisher icon MatthewL246

need help bind to specific IP address (ip2:80)

Open pokewiz opened this issue 1 year ago • 4 comments

Hi, I'm not good at using Linux. My server has two separate IPs, and one of them has already been bound to IP1:80 in Docker. After running install.sh, I encountered an error: Setting up Pretendo account servers database... Error response from daemon: driver failed programming external connectivity on endpoint pretendo-network-nginx-1 (afa0ae5b27ecade72ad0bcfafefb805cd8511ebbe364d416ef3cf44a82adbbe): Error starting userland proxy: listen tcp4 0.0.0.0:80: bind: address already in use. My 0.0.0.0:80 is not occupied; my other Nginx setup only listens on ip1:80. Can your project be configured to listen only on ip2:80? What steps do I need to take? Thank you!

pokewiz avatar Dec 06 '24 00:12 pokewiz

Hi, I don't think this should be too difficult. You'll just need to change the ports configuration in compose.yml.

There are basically 2 options for forwarding ports:

ports:
  # Forward port on all interfaces (0.0.0.0)
  - 80:80
  # Forward port on one interface/IP (such as localhost)
  - 127.0.0.1:80:80

So, if you want to bind the pretendo-docker services to only one IP, you will need to modify any line inside any service's ports: block that is forwarding the port on all interfaces.

For example, change this line

https://github.com/MatthewL246/pretendo-docker/blob/1e324bfe8781f14ffefdd1fefaa27c0da72ff657/compose.yml#L82

to

  - ip2:80:80

MatthewL246 avatar Dec 06 '24 01:12 MatthewL246

Thank you for your reply. I would also like to know should I need to change the “listen” in /config/nginx/conf from listen 80 to listen ip2:80?

pokewiz avatar Dec 06 '24 08:12 pokewiz

When I tried to access pretendo through my proxy, I got an error: 502 Bad Gateway [Errno -2] Name or service not known. I wonder if it's because my mitmproxy is also pointing to 0.0.0.0:80?

I changed pretendo_host: nginx to pretendo_host: ip2 in config-local.yaml, but I still can't access the pretendo website (both 3DS and PC browser) ; other websites are running fine without SSL. I hope you can provide some suggestions for me, thank you very much!

pokewiz avatar Dec 06 '24 10:12 pokewiz

I would also like to know should I need to change the “listen” in /config/nginx/conf from listen 80 to listen ip2:80?

Nope, there's no need to change that. Nginx can't directly bind to the host system's interface itself because it's running inside the container - that's why Docker's port forwarding is necessary.

I changed pretendo_host: nginx to pretendo_host: ip2 in config-local.yaml

You should keep it as nginx. Once traffic enters mitmproxy, it is inside the containers' internal network and can be sent directly to the nginx container.

When I tried to access pretendo through my proxy, I got an error: 502 Bad Gateway [Errno -2] Name or service not known.

Would you mind testing a few things so we can narrow down what's going wrong?

$ curl ip1:80
# Should show whatever your other Nginx server is running

$ curl ip2:80
# Should show an Nginx 404 Not Found page

$ curl ip2:8080
# Should show an error 502 Bad Gateway page the message "Connection killed: Request destination unknown. Unable to figure out where this request should be forwarded to." from mitmproxy

$ curl mitm.it --proxy ip2:8080
# Should show an HTML page from mitmproxy containing the text "This page is served by your local mitmproxy instance." near the end

$ curl account.pretendo.cc --proxy ip2:8080
# Should show an XML page with the error code 0004 with the message "API application invalid or incorrect application credentials."

$ docker compose logs account | tail
# Should show logs ending with a "GET / 200 0.xxx ms - 173", confirming that you connected to your own local account server during the previous test

MatthewL246 avatar Dec 06 '24 22:12 MatthewL246