No internet connection
  1. Home
  2. Support

Unable to use port 433

By Ayla Fernandes @fernandes.ayla
    2020-01-31 18:33:37.255Z2020-01-31 18:44:16.187Z

    Hi!

    I work in a very closed intranet enviroment and I have just a one server avaliable to use I don't use AWS or anything like and unfortally I can't ask for more server to just only one small aplicattion. :(

    So here I use Nginx with multi applications and It already has a certificate (asign by my own company) and I configure a reverse proxy to the aplications.

    My best example how I do is the way I configure the Ghost

    docker-compose.yml >>

    image: ghost:latest
    
    restart: always
    
    ports:
      - 2370:2368  #port  without ssl
    
    volumes:
      - ./content:/var/lib/ghost/content
    
    environment:
      - NODE_ENV=production
      - url=https://xxxxx.intranet.com.br/blog1 #that is important the subdir alow to have multiples blogs on the same server
    

    nginx >>

    	location /blog1 {
    		proxy_set_header X-Forwarded-Proto $scheme;
    		proxy_set_header X-Real-IP $remote_addr;
    	       proxy_pass http://172.29.15.163:2370; 
    

    }

    So I would like being able something like that, maybe theres a easy and better way.

    Thanks

    Solved in post #3, click to view
    • 2 replies
    1. I have in mind to reply tomorrow. Sorry I was short of time. Brifely, you'd edit Talkyard's docker-compose.yml and change the external port numbers from 80 and 443, to e.g. 8080 and 8443. And then you add a server { .. } block in your Nginx server that forwards the traffic to Talkyard, plus, you generate LetsEncrypt cert for this Nginx server block.

      1. In reply tofernandes.ayla:
        KajMagnus @KajMagnus2020-02-04 14:48:50.705Z2020-03-31 07:54:29.622Z

        Ok, so in Talkyard's docker-compose.yml ( https://github.com/debiki/talkyard-prod-one/blob/master/docker-compose.yml ),
        there's a Talkyard container named Web that by default listens to 80 and 443. Since those ports are not available, you need to reconfigure Web's external ports, so it listens to, say, 8080 and 8443 instead:

          web:
            image: ${DOCKER_REPOSITORY}/talkyard-web:${VERSION_TAG}
            ...
            ports:
              - '8080:80'    # instead of 80:80
              - '8443:443'   # instead of 443:443
        

        Then, in the Nginx server, this works for me:

        events { }
        
        http {
          server {
            server_name your-talkyard-server-hostname;
            # or maybe just localhost, for testing?
        
        
            # TLS config
            # ...
        
        
            location / {
              # I'm not 100% sure about this line. I tested this in a docker-compose network,
              # and in that case, http://web:80 was what I had to use. In your case though,
              # I think this should work — assuming Talkyard runs on the same server (localhost)
              # on port 8080.
              #
              proxy_pass http://127.0.0.1:8080/;
              #
              # Or maybe this? looking at your Ghost config, if Talkyard is installed on the same
              # IP address but port 8080 instead:
              # proxy_pass http://172.29.15.163:8080;
        
              proxy_http_version 1.1;
        
              # $host = the first servername, no port number.
              # $http_host = the Host header, if any.
              proxy_set_header Host  $http_host;
        
              proxy_set_header X-Real-IP          $remote_addr;
              proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
              proxy_set_header X-Forwarded-Proto  $scheme;
            }
          }
        }
        
        Reply1 LikeSolution