I use docker-swag as it should be, to reverse-proxy my container, I like it because my ISP only allow me secure port like 443 and 587…
I use it with few mods like, autoreload and cloudflare-realip, but my goal is to pass to the next level and use the auto-proxy mod.
my containers swag, dockerproxy and qbittorrent are running in the same network called frontend
even if I’m not sure dockerproxy should be there
the first issue I encounter is swag don’t see dockerproxy
**** /var/run/docker.sock is not mapped, therefore, docker client will only work with a remote docker service ****
and of course if I bind /var/run/docker.sock:/var/run/docker.sock:ro directly to swag that message disappear, but it still doesn’t detect if I spin a turn container in the network frontend with the label swag:enable
so I was wondering if it is possible to have a complete example of a docker-compose.yml, something like:
---
version: "3.3"
services:
swag:
image: ghcr.io/tecnativa/docker-socket-proxy
container_name: dockerproxy
cap_add:
- NET_ADMIN
environment:
- CONTAINERS=1
- POST=0
networks:
- frontend
volumes:
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
restart: unless-stopped
swag:
cap_add:
- NET_ADMIN
container_name: swag
environment:
- DOCKER_MODS=linuxserver/mods:universal-docker|linuxserver/docker-mods/tree/swag-auto-proxy|linuxserver/mods:swag-auto-reload|linuxserver/mods:swag-cloudflare-real-ip
- DOCKER_HOST=dockerproxy
- PUID=1000
- PGID=100
- URL=domain.tld
- VALIDATION=dns
- SUBDOMAINS=wildcard
- DNSPLUGIN=cloudflare
- ONLY_SUBDOMAINS=true
image: lscr.io/linuxserver/swag
networks:
- frontend
ports:
- 443:443/tcp
restart: unless-stopped
volumes:
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
- swag:/config
qbittorrent:
container_name: qbittorrent
environment:
- PGID=1000
- PUID=100
labels:
- swag=enable
networks:
- frontend
image: lscr.io/linuxserver/qbittorrent
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
- qbittorrent:/config
- /srv/Downloads:/downloads
networks:
frontend:
driver: bridge
volumes:
swag:
qbittorrent:
not sure I have all the log because when I docker logs swag > swag.log these lines appear
tar: invalid magic
tar: short read
/docker-mods: line 117: /linuxserver.docker-mods/tree/swag-auto-proxy.latest: No such file or directory
otherwise this is the content of my swag.log
[mod-init] Curl/JQ was not found on this system for Docker mods installing fetch
(1/1) Installing jq (1.6-r1) Executing busybox-1.33.1-r3.trigger OK: 257 MiB in 228 packages [mod-init] Attempting to run Docker Modification Logic [mod-init] Applying linuxserver/mods:universal-docker files to container [mod-init] Applying linuxserver/docker-mods/tree/swag-auto-proxy files to container [mod-init] Applying linuxserver/mods:swag-auto-reload files to container [mod-init] Applying linuxserver/mods:swag-cloudflare-real-ip files to container [s6-init] making user provided files available at /var/run/s6/etc…exited 0. [s6-init] ensuring user provided files have correct perms…exited 0. [fix-attrs.d] applying ownership & permissions fixes… [fix-attrs.d] done. [cont-init.d] executing container initialization scripts… [cont-init.d] 01-envfile: executing… [cont-init.d] 01-envfile: exited 0. [cont-init.d] 10-adduser: executing… ------------------------------------- _ () | | ___ _ __ | | / | | | / \ | | _ \ | | | () | || |/ || __/ Brought to you by linuxserver.io ------------------------------------- To support the app dev(s) visit: Certbot:
To support LSIO projects visit: ------------------------------------- GID/UID ------------------------------------- User uid: 1000 User gid: 100 ------------------------------------- [cont-init.d] 10-adduser: exited 0. [cont-init.d] 20-config: executing… [cont-init.d] 20-config: exited 0. [cont-init.d] 30-keygen: executing… using keys found in /config/keys [cont-init.d] 30-keygen: exited 0. [cont-init.d] 50-config: executing… Variables set: PUID=1000 PGID=100 TZ=Asia/Bangkok URL=mydomain.tld SUBDOMAINS=wildcard EXTRA_DOMAINS= ONLY_SUBDOMAINS=yes VALIDATION=dns CERTPROVIDER= DNSPLUGIN=cloudflare EMAIL= STAGING= Using Let’s Encrypt as the cert provider SUBDOMAINS entered, processing Wildcard cert for mydomain.tld will be requested No e-mail address entered or address invalid
dns validation via cloudflare plugin is selected
Certificate exists; parameters unchanged; starting nginx
Downloading GeoIP2 City database.
[cont-init.d] 50-config: exited 0.
[cont-init.d] 60-renew: executing…
The cert does not expire within the next day. Letting the cron script handle the renewal attempts overnight (2:08am).
[cont-init.d] 60-renew: exited 0.
[cont-init.d] 70-templates: executing…
[cont-init.d] 70-templates: exited 0.
[cont-init.d] 90-custom-folders: executing…
[cont-init.d] 90-custom-folders: exited 0.
[cont-init.d] 95-docker: executing…
**** installing docker and docker compose ****
Copying over docker and docker-compose binaries
**** /var/run/docker.sock is not mapped, therefore, docker client will only work with a remote docker service ****
[cont-init.d] 95-docker: exited 0.
[cont-init.d] 98-cloudflare-real-ip: executing…
[cont-init.d] 98-cloudflare-real-ip: exited 0.
[cont-init.d] 98-inotify: executing…
fetch
fetch
(1/1) Installing inotify-tools (3.20.11.0-r0)
Executing busybox-1.33.1-r3.trigger
OK: 257 MiB in 229 packages
[cont-init.d] 98-inotify: exited 0.
[cont-init.d] 99-custom-files: executing…
[custom-init] no custom files found exiting…
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
MOD Auto-reload: Watching the following files/folders for changes
/config/nginx/authelia-location.conf
/config/nginx/authelia-server.conf
/config/nginx/geoip2.conf
/config/nginx/ldap.conf
/config/nginx/nginx.conf
/config/nginx/proxy-confs
/config/nginx/proxy.conf
/config/nginx/site-confs
/config/nginx/ssl.conf
[services.d] done.
Server ready
(END)
Recreate the container, let it start fully, then post the output of docker logs swag