No access to the web interface

ucm · February 9, 2024, 9:49pm

Hi, I’m desperate.
I have installed teddycloud in a windows docker. Runs without errors.
I have assigned a fixed IP in my network, DNS and so on. But I can’t get up the web interface of the teddycloud. Here is my yaml:

version: '3'
services:
  teddycloud:
    container_name: teddycloud
    mac_address: 66-66-66-00-00-01
    hostname: teddycloud
    image: ghcr.io/toniebox-reverse-engineering/teddycloud:latest
    ports:
    #- 80:80 #optional
    - 443:443 #Port is needed for the connection for the box
    dns: 8.8.8.8
    networks:
      web_net:
        ipv4_address: 192.168.2.230
      
    volumes:
      - certs:/teddycloud/certs
      - config:/teddycloud/config
      - content:/teddycloud/data/content
      - library:/teddycloud/data/library
      - firmware:/teddycloud/data/firmware
    restart: unless-stopped
    
volumes:
  certs:
  config:
  content:
  library:
  firmware:
  
networks:
  web_net:
    driver: macvlan
    driver_opts:
      parent: eth0
      com.docker.network.enable_ipv6: "false"
    ipam:
      driver: default
      config:
      - subnet: 255.255.255.0
        gateway: 192.168.2.1

If I go to “192.168.2.230” in any browser → “The website is not accessible”
What am I doing wrong?

baumeisterde · February 10, 2024, 9:03am

Uncomment port 80
The webinterface is accessed via this port

ucm · February 10, 2024, 11:15am

That’s a problem.
When I want to share port 80 - I get the following error:
Error response from daemon: Ports are not available: exposing port TCP 0.0.0.0:80 → 0.0.0.0:0: listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.

baumeisterde · February 10, 2024, 11:53am

Just for reference, this is my compose file:

version: '3'
services:
  teddycloud:
    logging:
      options:
        max-size: "1M"
        max-file: "1"
    container_name: teddycloud
    hostname: teddycloud
    image: ghcr.io/toniebox-reverse-engineering/teddycloud:latest
    environment:
      - TZ=Europe/Berlin
    security_opt:
      - seccomp=unconfined
    networks:
      macvlan:
        ipv4_address: 192.168.178.249
    ports:
      - 80:80
      - 443:443
    volumes:
      - certs:/teddycloud/certs
      - config:/teddycloud/config
      - content:/teddycloud/data/content
      - library:/teddycloud/data/library
      - firmware:/teddycloud/data/firmware
    restart: unless-stopped

networks:
  macvlan:
    driver: macvlan
    driver_opts:
      parent: eth0
    ipam:
      config:
        - subnet: 192.168.178.0/24
          ip_range: 192.168.178.249/29
          gateway: 192.168.178.1
          aux_addresses:
            pihole: 192.168.178.250
volumes:
  certs:
  config:
  content:
  library:

environment and security_opt were set, because I had trouble with unix time

freedancer_bongo · February 10, 2024, 1:55pm

I see two possible reasons
a) the docker user does not have sufficient permissions to grab port 80 from the host system
b) there is already an application running on the host (possibly via docker) listening on port 80. As port usage is exclusive, this might block any other application from listening on it. The application would most likely be a webserver like apache or nginx. If you enter 127.0.0.1 in your browser an do see some webpage this is the case. If your technically more proficient, this random link form the internet might help: https://linuxize.com/post/check-listening-ports-linux/

Solution
a) it might be wise to get someone to help you with that
b) check which application is listening on port 80 and kill it

A solution for both would most likely be to bind the docker port to a different port (above 1024 to some problem a) ) like 8080, which is a common subsitute. Only downside: in the browser you would need to access the server via 127.0.0.1:8080 instead of 127.0.0.1 (port 80 is the standard for HTTP. Instead of “80:80” you would need to configure “8080:80” (“:”; it might me wise to include the " in the config)

Edit: If the service listening on port 443 does start up properly, problem a) might not be your problem

baumeisterde · February 11, 2024, 8:09pm

Since he’s using macvlan, there shouldn’t be another application blocking the port, I think

ucm · February 12, 2024, 8:58pm

Thanks, I changed the port forwarding to 81:80 and the web interface works.