I am quite new to this Docker universe. What I am trying to do is creating a RTMP server which I can stream to from my phone and then use VLC media player to playback the network stream.
I installed this container tiangolo/nginx-rtmp and ran it. My first problem was finding the right IP, but I found out it being the WSL ethernet IP). From my own PC where I have docker, I am able to stream (via OBS) to the RTMP server and pickup the networkstream with VLC. However, when I try to stream from my phone, the URL or network connection can not connect to the server. It must be a network or portforward problem. I've attached my /etc/nginx/nginx.conf file that I have tried to add a some things to hopefully make it accessible from my phone as well. I've found the commands from this list of commands for nginx.
worker_processes auto;
rtmp_auto_push on;
events {}
rtmp {
server {
listen 1935;
listen [::]:1935 ipv6only=on;
application webcam {
live on;
record off;
allow publish 127.0.0.1;
pull rtmp://172.24.160.1/webcam;
allow play all;
allow publish all;
}
}
}
I've not done anything else but to install docker, install the image and edited the conf without luck.
I've tried to change the configuration file of nginx to have the right network settings, but I am still not able to connect to the RTMP from my phone.
Related
recently I'm trying to set up a litte Home Server with a buildin DNS.
The DNS Service is given by lancacheDNS and set up in combination with a Monolithic-Cache (Port 1234) in two docker containers on 192.168.178.11 (Host machine) in my local network.
Since I want to serve a Website(Port 8080) along with some independent APIs (Ports 8081, 8082 or whatsoever) I decided to use Nginx as a reverse Proxy.
The DNS does the following:
getr.me --> 192.168.178.11
The routing works completely fine and getr.me:8080 gives me my website as expected.
Now the tricky part (for me);
Set up Nginx such that:
website.getr.me --> serving website
api1.getr.me --> serving the API1
api2.getr.me --> serving the API2
For that I created a Newtwork "default_dash_nginx".
I edited the nginx to connect to that via:
networks: default: name: default_dash_nginx external: true
Also I connected my website serving container (dashboard) to the network via --network default_dash_nginx.
The serving website gets the IP 172.20.0.4 (received via docker inspect default_dash_nginx) and also the nginx server is connected to the network.
Nginx works and I can edit the admin page.
But unfortunaly event though I edited the proxyHost to the IP + Port of my website receiced from the network, the site is not available. Here the output of my network inspection: https://pastebin.com/jsuPZpqQ
I hope you have another Idea,
thanks in advance,
Maxi
Edit:
The nginx container is actually a NginxReverseProxyManager Container (I don´t know of it was unclear above or simply not important)
The Nginx container can actually Ping the website container ang also get the HTML files from Port 80 from it.
So it seems like the nginx itself isn´t working like it should.
The first answer got no results( I tried to save it as every of the mentioned files
here
Do I have missed something or am I just not smart enough?
nginx config, try and understand
server {
listen 80;
server_name api1.getr.me;
location / {
proxy_pass http://localhost:8081;
}
}
server {
listen 80;
server_name api2.getr.me;
location / {
proxy_pass http://localhost:8082;
}
}
server {
listen 80;
server_name some.getr.me;
location / {
proxy_pass http://localhost:XXXX;
}
}
this is my following setup
raspberry pi as (home) server
port-forwording 443 from rooter to my pi
reverse-nginx on the pi and listen to 443 and forward the requests to my services (docker-applications)
using noip for a ddns-name for my public-ip so i can access my pi/reverse-proxy over the ddns-name
I have 3 docker-images nginx(reverse-proxy), owncloud and nexus.
I will access my owncloud over the internet via the ddns-name/owncloud and my nexus via ddns-name/nexus.
I have two *.conf-files for my reverse-nginx one for owncloud and one for nexus.
See the folowing files
owncloud config
upstream owncloud {
server 192.168.0.155:8080;
}
server {
listen 443 ssl http2;
include /etc/nginx/ssl.conf;
location /owncloud {
proxy_pass http://owncloud;
include common_location.conf;
}
}
nexus config
upstream nexus {
server 192.168.0.155:8081;
}
server {
listen 443 ssl http2;
include /etc/nginx/ssl.conf;
location /nexus {
proxy_pass http://nexus;
include common_location.conf;
}
}
If i only activate the owncloud-config without the nexus-config, all working correct. I can access my owncloud on the pi over the internet with ddns-name/owncloud over https.
If both configs are active (owncloud and nexus) only nexus works over ddns-name/nexus. If I try to accessing ddns-name/owncloud I get an 404 not found.
I have no idea why this is not working. I'm not so familiar with nginx and try out much tutorials but nothing helps.
I think I missed something :)
Hope anyone can help me.
Thanks
I am running multi services app orchestrated by docker-compose and for testing purposes I want to run it on localhost (MacOS).
With this NGINX configuration:
upstream fe {
server fe:3000;
}
upstream be {
server be:4000;
}
server {
server_name localhost;
listen 80;
location / {
proxy_pass http://fe;
}
location /api/ {
proxy_pass http://be;
}
}
I am able to get FE in browser from http://localhost/ and BE from http://localhost/api/ as expected.
Issue is that FE refusing communicate with BE with this error:
Error: Network error: request to http://localhost/api/graphql failed, reason: connect ECONNREFUSED 127.0.0.1:80
(It's NEXT.JS FE with NODE/EXPRESS/APOLLO-GQL BE)
Note: I need to upstream BE, because I need to download files from email directly with URL.
Am I missing some NGINX headers, DNS configuration etc.?
Thanks in an advance!
Initial call to Apollo is from Next.js (FE container) 'server side', that means BE needs to be addressed to docker network (it cannot be localhost, because for this call is localhost FE container itself). In my case is that call to process.env.BE that is set to http://be:4000.
However for other calls (sending login request from browser) is docker network unknown (calling it from localhost that has no access to docker network) that mean you have to address localhost/api/graphql.
I am able to achieve that functionality just with a small change in my FE httpLink - apollo connecting function:
uri: isBrowser ? `/api/graphql` : `${process.env.BE}/api/graphql`
NGINX config is the same as above.
NOTE: This needs to be handle only on local environment, on remote server it work fine without this 'hack' and address is always domain.com/api/graphql.
I have a server that runs 2 docker containers, a Node.js API container, and an NGINX-RTMP container. The server itself also uses NGINX as a reverse proxy to sort traffic between these two containers based on port.
The NGINX-RTMP server accesses the API server via it's network alias like so:
on_publish http://api-server:3000/authorize
Which works great to communicate container-to-container. I can also go the other way by using urls like
http://nginx-server:8080/some-endpoint
Now I have a route on the NGINX server that I would like to restrict to just local traffic (i.e. only the API server should be able to hit this location). Now normally I can do this with a simple
# nginx conf file
location /restricted {
allow 127.0.0.1;
deny all;
}
What I would like to do is something like this:
# nginx conf file
location /restricted {
allow api-server;
deny all;
}
But I need to use the actual IP of the container. Now I can get the IP of the container by inspecting it, and I see the IP is 172.17.0.1. However when I look at other instances of this server I see some servers are 172.18.0.1 and 17.14.0.2 so it's not 100% consistent across servers. Now I could just write out all 256 variations of 172.*.0.0/24 but I imagine there must be a 'proper' way to wildcard this in nginx, or even a better way of specifying the container IP in my NGINX conf file. The only information I have found so far is to modify the type of network I'm using for my containers, but I don't want to do that.
How do I properly handle this?
# nginx conf file
location /restricted {
allow 172.*.0.0/24;
deny all;
}
I might have solved this one on my own actually.
Originally I thought I could 172.0.0.1/8 the block to allow all the IPs I thought possible for the local network, but this is wrong.
After reading this article: https://www.arin.net/reference/research/statistics/address_filters/ (archive mirror)
According to standards set forth in Internet Engineering Task Force (IETF) document RFC-1918 , the following IPv4 address ranges are reserved by the IANA for private internets
10.0.0.0/8 IP addresses: 10.0.0.0 – 10.255.255.255
172.16.0.0/12 IP addresses: 172.16.0.0 – 172.31.255.255
192.168.0.0/16 IP addresses: 192.168.0.0 – 192.168.255.255
Notice that the 172 net is a /12 and not /8.
Which is explained as
In August 2012, ARIN began allocating “172” address space to internet service, wireless, and content providers.
So I believe the correct method is:
# nginx conf file
location /restricted {
allow 172.16.0.0/12;
deny all;
}
I am following a tutorial and have compiled a .net standalone app and sent it to my Ubuntu 16.10 server. Now I am running the app and everything seems to work correctly
$ ./MvcMovie
Hosting environment: Production
Content root path: /home/nnkuu/CEPublished/publish
Now listening on: http://localhost:5000
Application started. Press Ctrl+C to shut down.
But when I try to access the server through my web browser on http:// SERVER_IP:5000, the browser cannot establish the connection. What am I doing wrong?
The problem is that the server is listening on http://localhost:5000. That means that if you access the app from the same machine as http://localhost:5000, it will work, but it won't work if you access it from another machine.
What you need to do is to change the URL the app is listening on. The simplest way is to add the following line to the WebHostBuilder setup in your main method:
.UseUrls("http://*:5000")
I solved the problem by making nginx function as a proxy that forwards traffic from port 80 on the external interface to port 5000 on the internal interface where the .net application is listening. This was done by running nginx with the following configuration file:
# Default server configuration
#
server {
listen 80;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name <server_name or IP address>;
location / {
proxy_pass http://127.0.0.1:5000;
}
}