docker icon indicating copy to clipboard operation
docker copied to clipboard

Published 20 hours ago verified publisher icon bigbluebutton

Using a reverse proxy

Open leon1995 opened this issue 4 years ago • 5 comments

I am using a reverse proxy. which containers do I have to put behind it, because they may be called via port 80 or 443?

leon1995 avatar May 03 '21 08:05 leon1995

Hey,

i'm using traefik with this docker-compose.override.yml:

services:
  nginx:
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.bbb.entrypoints=http"
      - "traefik.http.routers.bbb.rule=Host(`bbb.example.com`)" # ADJUST DOMAIN HERE
      - "traefik.http.middlewares.bbb-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.routers.bbb.middlewares=bbb-https-redirect"
      - "traefik.http.routers.bbb-secure.entrypoints=https"
      - "traefik.http.routers.bbb-secure.rule=Host(`bbb.example.com`)" # ADJUST DOMAIN HERE
      - "traefik.http.routers.bbb-secure.tls=true"
      - "traefik.http.routers.bbb-secure.tls.certresolver=http"
      - "traefik.http.routers.bbb-secure.service=bbb"
      - "traefik.http.services.bbb.loadbalancer.server.port=8080"
      - "traefik.docker.network=proxy"
    networks:
      - proxy
      - bbb-net

networks:
  proxy:
    external: true

additionaly in docker-compose.yml I hat do remove in the nginx-service the line

network_mode: host

(I can't figure it out, how to ignore the netork_mode settings with the docker-compose.override.yml...)

dsjiern avatar May 07 '21 15:05 dsjiern

ok thanks! I will look into it :)

leon1995 avatar May 08 '21 05:05 leon1995

did this work for you? Here, some services can't be connected, and the logging shows that 8888 / kurento wants to be connected via the outside interface (as opposed to the docker internal interface). Which additional setup / changes did you apply? Which addresses did you enter during the setup process? The external or the internal addresses?

joergmschulz avatar Jun 02 '21 22:06 joergmschulz

Yes, this works perfectly for me on 4 servers!

I just added the above docker-compose.override.yml and deleted the network_mode: host from the docker-compose.yml in the nginx-section. Nothing else!

I entered the external IP of course.

An additional, external TURN-server is specified but not used (about:webrtc in Firefox shows a direct connection to the BBB-Server)

dsjiern avatar Jun 02 '21 22:06 dsjiern

Confirm - you are a hero. The reason for my issues has been the firewall setup. Have yet to figure out the correct ufw settings / a search in this issue list helped: ufw allow from 10.7.7.0/24

joergmschulz avatar Jun 04 '21 19:06 joergmschulz