jlesage
Change nginx http/https ports to 80/443 (for IPv6)
Hi,
As there is no NAT for IPv6 I'd like to be able to change the ports nginx listens on.
Example: A docker container with it's own IP eg (private) 192.1.1.1 and (public) ipv6::1 In router -> publicIPv4:80 -> 192.1.1.1:8080 However if "domain.com" also has an AAAA record to ipv6::1 then the browser tries to access ipv6::1:80 and unfortunately the container does not listen on that port.
Semi-workaround A docker container sharing the host network (with port mapping) basically has the same issue as listed above with the exception of using HOST port 80/443 (so a port mapping of 80:8080 and 443:4443). However I don't like this, this forces me to use specific hosts ports and I don't like that.
Did you have a certain way for this to function? Imo the best solution would be to listen on 80/443 (or allow the user to change those ports)
In case someone else is looking for this: I have forked this repo and changed the ports to 80/443 not sure if that is the way to go but for now it works. If we can get some solution in this repo I will gladly use this one again!
https://hub.docker.com/r/mattie112/docker-nginx-proxy-manager
I'm working on the ability to change the ports used inside the container.
Note that if you want to use ports 80/443, you can use the Docker image from the original project: https://github.com/jc21/nginx-proxy-manager
I tried different ways to make this work, but I I've not found a definitive solution yet. The fact that NPM is using multiple config files, static ones and auto-generated ones, add a lot of complexity to the solution...
Perhaps you could simply build 2 containers? One with what (probaly) most people would use (just the version as-is) and then with a 2nd build you can do something I did in my fork. Simply not changing the ports and setting a few permissions. https://github.com/jlesage/docker-nginx-proxy-manager/compare/master...Mattie112:default-ports
Then anybody can choose what to use. You can even use tags like privileged or something for this one.
A bit late, but one solution that works for me:
I've allowed the container to bind to the IANA reserved ports (as non-root) as stated in the official documentation by docker, by appending the following line anywhere into /etc/sysctl.conf and applying the config with sudo sysctl --system:
...
net.ipv4.ip_unprivileged_port_start=0
...
Then modifying a Dockerfile like this allowed to revert the port changes and build the container successfully with network_mode: host option, using ports 80, 443, 81.
FROM jlesage/nginx-proxy-manager:latest
# Repatch Ports
RUN sed-patch 's|8080;|80;|' /etc/nginx/conf.d/default.conf && \
sed-patch 's|"8080";|"80";|' /etc/nginx/conf.d/default.conf && \
sed-patch 's|listen 8080;|listen 80;|' /opt/nginx-proxy-manager/templates/letsencrypt-request.conf && \
sed-patch 's|:8080;|:80;|' /opt/nginx-proxy-manager/templates/letsencrypt-request.conf && \
sed-patch 's|listen 8080;|listen 80;|' /opt/nginx-proxy-manager/templates/_listen.conf && \
sed-patch 's|:8080;|:80;|' /opt/nginx-proxy-manager/templates/_listen.conf && \
sed-patch 's|listen 8080 |listen 80 |' /opt/nginx-proxy-manager/templates/default.conf && \
sed-patch 's|:8080;|:80;|' /opt/nginx-proxy-manager/templates/default.conf && \
\
sed-patch 's|4443 |443 |' /etc/nginx/conf.d/default.conf && \
sed-patch 's|"4443";|"443";|' /etc/nginx/conf.d/default.conf && \
sed-patch 's|listen 4443 |listen 443 |' /opt/nginx-proxy-manager/templates/_listen.conf && \
sed-patch 's|:4443;|:443;|' /opt/nginx-proxy-manager/templates/_listen.conf && \
\
sed-patch 's|8181 default|81 default|' /etc/nginx/conf.d/production.conf
EXPOSE 80 443 81
Greetings ~SimTechLP
Thanks for the suggestion, that is kinda what I do however I have it running as root You can also simply remove the sed statements from the docker compose as it is changed from 80/443 to 8080/8443 in these see (i just commented them for reference):
https://github.com/jlesage/docker-nginx-proxy-manager/compare/master...Mattie112:default-ports https://hub.docker.com/r/mattie112/docker-nginx-proxy-manager
I like your suggestion but that also requires the user to know how to set and change this. If it was just a setting for this container ok but making a system change hm. But I might look into it for fun :)
Just a small update: this is still an open request as I need this. I do have a fork and I build my own version so that works but I thought to just drop a small message as a reminder that this is still wanted :)
(and keep up the good work!)
@tungmeister I suggest you wait a moment, it doesn't want to start (and gives no error). So I will have to take a look tonight what is changed. Or perhaps first build a version that is less new to see if that upgrades better. I'll let you know if it works.
@tungmeister building on Linux (instead on Windows) resolved the issue, did not really debug it but I pushed what works for me now :)
https://hub.docker.com/layers/120220916/mattie112/docker-nginx-proxy-manager/latest/images/sha256-dfbc8f23938b6f19b61e3834db8c32c9748ab535fdc1dbbb21c1c5995a6a4ef5?context=repo
@tungmeister building on Linux (instead on Windows) resolved the issue, did not really debug it but I pushed what works for me now :)
https://hub.docker.com/layers/120220916/mattie112/docker-nginx-proxy-manager/latest/images/sha256-dfbc8f23938b6f19b61e3834db8c32c9748ab535fdc1dbbb21c1c5995a6a4ef5?context=repo
Thanks, working perfectly.