Issues opening NodeBB via canonical URL in docker-compose network

Rektalizer

I created a docker-compose network for NodeBB which consists of Mongo, Nginx and NodeBB images. After I docker-compose up, everything starts up (There is additional issue of installation page looking weirdly and does not work if I use CMD command like "./nodebb start" from the dockerfile, however it works normally if I go to NodeBB image bash and do it manually).

But the problem is different. When I install NodeBB and launch it, it only operates from 0.0.0.0:4567 URL, and not from what I specify as my canonical URL (https://irrisuite.ru or https://forum.irrisuite.ru or anything else). I guess there might be an issue with NGinx upstream/redirecting or something else. Here is my app.conf for NGinx:

server {
    listen 80;
    server_name irrisuite.ru;    location / {
        return 301 https://$host$request_uri;
    }

    location /.well-known/acme-challenge/ {
        root /var/www/certbot;
    }
}

server {
    listen 443 ssl;
    server_name irrisuite.ru;

     location / {
           proxy_set_header X-Real-IP $remote_addr;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header X-Forwarded-Proto $scheme;
           proxy_set_header Host $http_host;
           proxy_set_header X-NginX-Proxy true;

           proxy_pass http://127.0.0.1:4567;
           proxy_redirect off;

           # Socket.IO Support
           proxy_http_version 1.1;
           proxy_set_header Upgrade $http_upgrade;
           proxy_set_header Connection "upgrade";
       }

    ssl_certificate /etc/letsencrypt/live/irrisuite.ru/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/irrisuite.ru/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}

Here is my docker-compose.yml if needed:

version: '3.1'
services:
  mongo:
    container_name: container-mongo-club
    image: mongo:4.4.14-focal
    restart: always
    command:
      - --auth
    ports:
      - "27017:27017"
    volumes:
      - ./mongo-docker/docker-entrypoint-initdb.d/mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
      - "~/${MONGO_DB_FOLDER:-mongo}/${MONGO_DB_NAME:-nodebb}:/data/db"
  irrisclub:
      container_name: irrisclub
      build: .
      ports:
        - "4567:4567"
      depends_on:
        - mongo
      links:
        - mongo
#      stdin_open: true # docker run -i
#      tty: true        # docker run -t
  nginx:
    image: nginx:1.15-alpine
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./data/nginx:/etc/nginx/conf.d
      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/certbot/www:/var/www/certbot
  certbot:
    image: certbot/certbot
    volumes:
      - ./data/certbot/conf:/etc/letsencrypt
      - ./data/certbot/www:/var/www/certbot

Where irrisclub being the nodeBB container. Also here are my NodeBB logs:

2022-10-04T14:47:49.587Z [4567/269] - warn: [helpers.setupAdminPageRoute(/admin/plugins/mentions)] passing `middleware` as the third param is deprecated, it can now be safely removed
2022-10-04T14:47:49.599Z [4567/269] - warn: [helpers.setupAdminPageRoute(/admin/plugins/emoji)] passing `middleware` as the third param is deprecated, it can now be safely removed
2022-10-04T14:47:49.640Z [4567/269] - info: [api] Adding 0 route(s) to `api/v3/plugins`
2022-10-04T14:47:49.651Z [4567/269] - info: [router] Routes added
2022-10-04T14:47:49.653Z [4567/269] - info: 🎉 NodeBB Ready
2022-10-04T14:47:49.654Z [4567/269] - info: 🤝 Enabling 'trust proxy'
2022-10-04T14:47:49.656Z [4567/269] - info: 📡 NodeBB is now listening on: 0.0.0.0:4567
2022-10-04T14:47:49.656Z [4567/269] - info: 🔗 Canonical URL: http://forum.irrisuite.ru

gotwf

@Rektalizer I am not a docker fan but it seems to me that your nginx config should contain a server_name parameter somewhere w/in your server {... } stanza. Is it set?

I also suggest setting your bind_address directive to 127.0.0.1 in your nodebb config.json.

Have fun!

PitaJ

@Rektalizer said in Issues opening NodeBB via canonical URL in docker-compose network:

When I install NodeBB and launch it, it only operates from 0.0.0.0:4567 URL, and not from what I specify as my canonical URL (https://irrisuite.ru or https://forum.irrisuite.ru or anything else).

What do you mean "only operates"? What happens when you try the other URLs? Is the DNS set up?

gotwf

@PitaJ said in Issues opening NodeBB via canonical URL in docker-compose network:

Is the DNS set up?

Yes. Below is the quickie check I did yesterday prior to my post.

% drill irrisuite.ru
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 15337
;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; irrisuite.ru.	IN	A

;; ANSWER SECTION:
irrisuite.ru.	9359	IN	A	95.31.35.62

And No. I neglected to check the subdomain. Which of course is essential given their NodeBB instance's canonical URL.

% drill forum.irrisuite.ru  
;; ->>HEADER<<- opcode: QUERY, rcode: NXDOMAIN, id: 58304
;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 
;; QUESTION SECTION:
;; forum.irrisuite.ru.	IN	A

;; ANSWER SECTION:

;; AUTHORITY SECTION:
irrisuite.ru.	3600	IN	SOA	ns1.reg.ru. hostmaster.ns1.reg.ru. 1657192234 14400 3600 604800 10800

@Rektalizer You NEED at least an "A" record for the forum subdomain (CNAME record pointing to irrisuite.ru could also work, depending on your set up.).

It would also behoove you to create PTR entry whilst you are at it:

% drill -x 95.31.35.62    
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 2132
;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; 62.35.31.95.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
62.35.31.95.in-addr.arpa.	3243	IN	PTR	95-31-35-62.broadband.corbina.ru.

Although this may not be feasible if you are on a shared host w/other "virtual hosts" using that IP address. But, if so, you still have a pretty good chance of claiming it since nobody else has as of yet.

This seems to be broadband. Which may be indicative of a "residential" internet connection. Which may NOT be a static IP address. Perchance are you using dynamic dns config? If not, you may want to investigate that since you may not get the same IP address the next time something gets rebooted.

Edit: To be "pendantic": Of course OP could also change their config.json URL to irrisuite.ru but I get the sense they're utilizing the subdomain for a reason.

Rektalizer

@gotwf Thanks for the response. I also forgot to mention that my nginx logs showing me this all the time:

nginx_1      | 192.168.1.1 - - [05/Oct/2022:16:12:50 +0000] "GET /admin HTTP/1.1" 301 170 "http://0.0.0.0:4567/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:105.0) Gecko/20100101 Firefox/105.0" "-"

And when I try to open the irrisuite.ru page it shows me 502 BAD GATEWAY with such response in nginx logs:

nginx_1      | 2022/10/05 16:12:37 [error] 7#7: *6 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.1.1, server: irrisuite.ru, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:4567/", host: "www.irrisuite.ru"

gotwf

@Rektalizer Evidently you have a mish mash of "names" here:

irrisuite.ru - as noted above, this one resolves to IP address 95.31.35.62
www.irrisuite.ru -- this one also resolves to IP address 95.31.35.62
forum.irrisuite.ru -- this one resolves to ... same as before.

Which are you actually using? If you intend to use more than one of the above then which will be your nodebb forums URL?

Or is it your intention to have ALL of the above point to your nodebb forums? Note that this can create issues on down the road if, for e.g., you decide to "spin off" www for e.g. a blog or other purposes.

As for your nginx logs immediately up post, have you adjusted your nginx server_name config to jive with your nodebb config.json yet?