iroh icon indicating copy to clipboard operation
iroh copied to clipboard
verified publisher icon n0-computer

Feature request: support reverse proxy on direct address

Open eldereal opened this issue 1 year ago • 4 comments

I searched many issues, but not found a solution.

~~Currently I can set bind port in builder. And it will auto bind to all interfaces. But it will be better if i can manually set one/some interfaces to bind. For example, I will run this service on a machine connected to 2 networks, one is public and one is private. I don't want to expose the port to public network.~~ (This is original post. This feature request is moved to #2565 due to discussion.

And another useful feature is to set my local address. It's useful when I want to run it inside a docker container and expose the port. In this case peers can only connected with host IP addresses, but inside docker I can only got docker internal addresses. I tried use node.add_node_addr(NodeAddr::new(node_id).with_direct_addresses(addrs)) to add the host address. But it failed with message saying I cannot add an address for myself. It will be great to allow add/modify node addresses.

eldereal avatar Jul 26 '24 05:07 eldereal

@eldereal would you mind splitting this issue in two? one for the bind and one for better support for running inside docker? thanks

flub avatar Jul 26 '24 07:07 flub

We are publishing Dockerfiles now and have support for exposing docker, you can see it here: https://github.com/n0-computer/iroh/blob/main/docker/Dockerfile this currently works well in all cases I have seen, can you explain where this fails?

dignifiedquire avatar Jul 26 '24 09:07 dignifiedquire

@eldereal would you mind splitting this issue in two? one for the bind and one for better support for running inside docker? thanks

Sure. I will separate [[set bind address]] feature to a new issue (see #2565) and keep this track for [[support reverse proxy]]

eldereal avatar Jul 30 '24 05:07 eldereal

We are publishing Dockerfiles now and have support for exposing docker, you can see it here: https://github.com/n0-computer/iroh/blob/main/docker/Dockerfile this currently works well in all cases I have seen, can you explain where this fails?

@dignifiedquire Thank you for reply. I will explain this. Firstly in my target environment there is no internet access. So setup a centralized relay node is not available. In this environment I want to deploy iroh on multiple machines with docker container. And I want to use LocalSwarmDiscovery to discover nodes in a local network.

I can expose service ports from docker container. But they cannot discover each other. LocalSwarmDiscovery is keep announce node address with DNS. But it comes with docker internal IP addresses. This IP is not accessible outside the container. So I think it needs some way to specify a public accessible address. And the LocalSwarmDiscovery should announce this address to make other ones discover it.

eldereal avatar Jul 30 '24 06:07 eldereal