I’ve set up Swag with subdomain reverse proxy configs for all my containers, and all but one are working fine. The one I’m having a problem with is the Folding@Home container. It runs a web UI on port 7396 which I can access fine by IP:PORT, but it fails with a 403 error when I try the reverse proxy config with Swag.
I create the Folding@Home container with:
foldingathome:
container_name: foldingathome
environment:
- PGID=${PGID}
- PUID=${PUID}
- TZ=${TZ}
- NVIDIA_VISIBLE_DEVICES=all
image: lscr.io/linuxserver/foldingathome
ports:
- 7396:7396
- 36330:36330 #optional
restart: unless-stopped
runtime: nvidia
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DOCKERCONFDIR}/foldingathome:/config
My reverse proxy config:
## Version 2021/05/18
# make sure that your dns has a cname set for foldingathome
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name foldingathome.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /ldaplogin;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
proxy_buffering off;
include /config/nginx/resolver.conf;
set $upstream_app foldingathome;
set $upstream_port 7396;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
}
}
When I try to visit https://foldingathome.domain.example I get a 403 error. When I visit by IP:PORT everything works fine.
I’m not sure where to start since it’s an anomaly compared to the others. The only thing that jumps out to me as different is that I’m using the Nvidia runtime so Folding@Home can use the GPU. Here’s the result of CURL from the Swag container:
root@swag:/# curl -v http://foldingathome:7396
* Trying 172.18.0.18:7396...
* Connected to foldingathome (172.18.0.18) port 7396 (#0)
> GET / HTTP/1.1
> Host: foldingathome:7396
> User-Agent: curl/7.79.1
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 403 HTTP_FORBIDDEN
< Cache-Control: no-cache
< Connection: close
< Date: Wed, 20 Oct 2021 00:20:53
<
* Closing connection 0