-
Notifications
You must be signed in to change notification settings - Fork 858
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Installing caprover on custom ports (not 80,443,3000). Tested on synology nas. Changes for https://github.com/caprover/caprover/issues/776 #2220
base: master
Are you sure you want to change the base?
Conversation
… control the HOST (external) ports: CAPTAIN_HOST_HTTP_PORT (to change from 80), CAPTAIN_HOST_HTTPS_PORT (to change 443), CAPTAIN_HOST_ADMIN_PORT (to change 3000). Also defined CONTAINER PORTS that never needs to change since are the ports inside containers. But is good to have as variables to be explicit that are CONAINER and not HOST ports.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the PR! Just a couple of comments.
Have you tested enabling HTTPS with Let'sEncrypt? I am not sure how it works with ports other than 80/443
From my investigations HTTP-01 challenge will not work on other ports - https://letsencrypt.org/docs/challenge-types/#http-01-challenge. But in a normal/my setup you have a router that is doing port forwarding (from |
@githubsaturn Please let me know if I need to fix something more. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry I missed the previous round. Just a final round of comments. Also if you can fix the build issue. Perhaps just formatting issues?
Looks great! Thanks for getting this together.
Just to confirm, this won't work out of the box with Let'sEncrypt etc, right? This assumes that there is a port forwarder somewhere in front of the server that forwards 80/443 to the custom ports on the server?
{ | ||
protocol: 'udp', | ||
publishMode: 'host', | ||
containerPort: 80, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do we need udp/80?
@@ -87,7 90,7 @@ const data = { | |||
|
|||
isDebug: EnvVars.CAPTAIN_IS_DEBUG, | |||
|
|||
captainServiceExposedPort: 3000, | |||
captainServiceExposedPort: configs.adminPortNumber3000, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this variable is just now a mirror for configs.adminPortNumber3000
- should we remove it completely and replace the callsites with CaptainConstants.configs.adminPortNumber3000
?
return DockerApi.get().pullImage(imageName, undefined) | ||
return DockerApi.get().pullImage(imageName, undefined).catch(function (onrejected) { | ||
console.log(`Continnuing failed pull, maybe image already exists: ${imageName}.`, onrejected) | ||
return Promise.resolve() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This check was added to early exit in cases where images cannot be fetched from Dockerhub due to firewall restrictions. I understand it was needed for debugging, but let's revert it for prod.
Maybe as a separate change, we can actually check if the image exists already and only then let go of the error.
Added some env variables to control the HOST ports (external ports): CAPTAIN_HOST_HTTP_PORT (to change from 80), CAPTAIN_HOST_HTTPS_PORT (to change 443), CAPTAIN_HOST_ADMIN_PORT (to change 3000).
Also defined CONTAINER PORTS that never needs to change since are the ports inside containers. But is good to have as variables to be explicit that are CONTAINER and not HOST ports.
Changes for:
I was able to run caprover on synology that doesn't allow 80 and 443. This is also made possible by being able to get https certificates with dns challange (https://caprover.com/docs/certbot-config.html#customize-certbot-command-to-use-dns-01-challenge)