I have a debian linux host with docker installed on it. I followed the guide here: https://join-lemmy.org/docs/en/administration/install_docker.html

Changes that I made:

  • I used a sub folder called lemmy in my containers area rather than /lemmy
  • I copied the nginx.conf file from https://github.com/LemmyNet/lemmy/blob/main/docker/nginx.conf to my lemmy folder and ran a docker-compose up.
  • I changed the proxy service ports to 17008 (other service runs on 80) and 17003 (instead of 443).

I changed absolutely nothing else. No hostnames, no passwords. Nothing. The docker logs show it up and running.

Docker ps shows the instance fine too:

I’ve tried accessing http://<hostname>:17008, https://<hostname>:18003. I’ve tried setting my local hosts file for hostname “lemmy” to that server IP and accessing via http://lemmy:17008 and https://lemmy:18003

Is there something obvious that I’m missing?

      • DessalinesMA
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        If the pictrs docker logs look fine, it could be more proxy issues. Take another look at the pictrs info docker-compose.yml, lemmy.hjson, and nginx.conf in the lemmy-ansible repo, and make sure it matches your setup.

  • A1kmm@lemmy.amxl.com
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    If you docker inspect lemmy_proxy_1 to find its IP, and connect to 80/443 there from the host, does it work?

    Do you have iptables rules on the host that might be blocking access to the exposed port perhaps?

    • A1kmm@lemmy.amxl.com
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Also the default nginx forward proxy configuration runs nginx on port 1236, not 80, inside the container, and doesn’t have any kind of TLS configuration.

      I think most people likely have another layer of proxy (e.g. on the host) in front of it, instead of directly exposing the forward proxy from Docker Compose - that’s what I do - and that’s where I do TLS with a LetsEncrypt certificate.

      • NotOptionalAnymoreOP
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        1 year ago

        Ya, I have my own reverse proxy in front of all of that. I just wanted to try and get a very basic setup working first. Thanks for the great info, I’ll do some research! No IPTables.