Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use with reverse proxy? #53

Open
P8ntBal1551 opened this issue Mar 27, 2023 · 4 comments
Open

Use with reverse proxy? #53

P8ntBal1551 opened this issue Mar 27, 2023 · 4 comments

Comments

@P8ntBal1551
Copy link

Hi,

I don't know if this is possible, but does anyone know if I'm able to use WYL with reverse proxy running in docker? I understand that I need to attach this to the host network to use it, and doing so will prevent Traefik from being able to pick it up on the bridge network. Is there any way that anyone knows that I can eat my cake and have it too?

Thank you
@sholder89
Copy link

You should be able to add a router to your config.yml file for traefik and a service that points to wyl

Here's my config if it helps:

http:
  routers:
    watchyourlan:
      entryPoints:
        - "https"
      rule: "Host(`watchyourlan.local.myurl.com`)"
      middlewares:
        - default-headers
        - https-redirectscheme
      tls: {}
      service: watchyourlan

  services:
    watchyourlan:
      loadBalancer:
        servers:
          - url: "http://ip.address.of.wyl:8840"
        passHostHeader: true

  middlewares:
    default-headers:
      headers:
        frameDeny: true
        sslRedirect: true
        browserXssFilter: true
        contentTypeNosniff: true
        forceSTSHeader: true
        stsIncludeSubdomains: true
        stsPreload: true
        stsSeconds: 15552000
        customFrameOptionsValue: SAMEORIGIN
        customRequestHeaders:
          X-Forwarded-Proto: https

    https-redirectscheme:
      redirectScheme:
        scheme: https
        permanent: true

I'm in no way an expert here and figured this all out watching YouTube (credit to https://www.youtube.com/@TechnoTim) and copying and pasting stuff from other people but this is working for me. You should be able to use this to point to anything that's not in your traefik bridge network.

Hope this helps!

@redtripleAAA
Copy link

I am using one instance with NPM (Nginx Proxy Manager)
And another instance with Cloudflared Tunnel

No changes on the WatchYouLan instance, just point to the docker host and it's GUI port and it should work fine.

@SlavikCA
Copy link

SlavikCA commented Oct 2, 2023

Here is my docker-compose with Traefik:

version: "3"
services:
  lan2:
    image: aceberg/node-bootstrap
    restart: unless-stopped
    labels:
      - traefik.enable=true
      - traefik.http.routers.lan2.tls.certresolver=myresolver
      - traefik.http.routers.lan2.tls=true
      - traefik.http.routers.lan2.rule=Host(`lan2.example.com`)

  lan:
    image: aceberg/watchyourlan
    network_mode: "host"
    restart: unless-stopped
    command: "-n https://lan2.example.com"
    depends_on:
      - lan2
    labels:
      - traefik.enable=true
      - traefik.http.routers.lan.tls.certresolver=myresolver
      - traefik.http.routers.lan.tls=true
      - traefik.http.routers.lan.rule=Host(`lan.example.com`)
      - traefik.http.services.lan.loadbalancer.server.port=8840
    environment:
      GUIPORT: "8840"                   # optional, default: 8840
      TZ: America/New_York              # required: needs your TZ for correct time
      IFACE: "ovs_eth1"                 # required: 1 or more interface
      #GUIIP: "0.0.0.0"                 # optional, default: localhost
      TIMEOUT: "300"                    # optional, time in seconds, default: 60
      SHOUTRRR_URL: ""                  # optional, set url to notify
      THEME: "darkly"                   # optional
      IGNOREIP: "no"                    # optional
      AUTH: true
      AUTH_USER: "*****"
      AUTH_PASSWORD: "$$2y*****"
        # Note: when used in docker-compose.yml all dollar signs in the hash need to be doubled for escaping.
        # To create user:password pair, it's possible to use this command:
        # echo $(htpasswd -nB user) | sed -e s/\\$/\\$\\$/g
    volumes:
    - ./data:/data

@drewgcolemancwg
Copy link

Good morning! I am trying to get mine to run behind Nginx (not using NPM), and I am having issues figuring out what settings I need. The redirect works, and the page loads, but the GUI is very basic - no styling. Any suggestions on what I am missing with my nginx settings?

Location entry below:

add_header X-Served-By $host;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass $forward_scheme://$server:$port$request_uri;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@sholder89 @redtripleAAA @SlavikCA @P8ntBal1551 @drewgcolemancwg