SWAG not working with hostnames

Hi, I am sure I am missing something simple here.

I have had SWAG working on my unraid server for a long time now, with fail2ban and geoblocking working. There is one thing I cannot get to work - my proxy-conf files will work if they refer to an upstream app by IP, but not by hostname.

I will use Searxng as an example.

SWAG and Mealie are both in the same custom docker network. Mealie has hostname “searx” and SWAG is “swag”.

If I open a console in the SWAG container I can “ping searx” and get a response. So SWAG can clearly see that hostname.

In the proxy-conf files, searx.subdomain.conf works/doesn’t work as follows:

WORKS (LAN IP:port):


    location / {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app 192.168.0.10;
        set $upstream_port 8622;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_max_temp_file_size 2048m;
    }

WORKS (container IP:port):

    location / {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app 172.18.0.5;
        set $upstream_port 8080;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_max_temp_file_size 2048m;
    }

502 FAIL (container hostname:port)

    location / {
        include /config/nginx/proxy.conf;
        include /config/nginx/resolver.conf;
        set $upstream_app searx;
        set $upstream_port 8080;
        set $upstream_proto http;
        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
        proxy_max_temp_file_size 2048m;
    }

Pinging “searx” works as follows:

root@bc3a264fd046:/# ping searx
PING searx (172.18.0.5): 56 data bytes
64 bytes from 172.18.0.5: seq=0 ttl=64 time=0.112 ms
64 bytes from 172.18.0.5: seq=1 ttl=64 time=0.052 ms
64 bytes from 172.18.0.5: seq=2 ttl=64 time=0.049 ms
^C
--- searx ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.049/0.071/0.112 ms
root@bc3a264fd046:/# 

When I first set SWAG up, it took some effort, so it is possible I messed with some conf files in ways I don’t remember.

Am I correct that NGINX should be able to just use the hostname “searx” identically to the container IP address?

Post your docker run’s for SWAG and searx, should show the problem.

Thank you.

SWAG:

docker run
  -d
  --name='swag'
  --net='swagnet'
  --pids-limit 2048
  -e TZ="Australia/Sydney"
  -e HOST_OS="Unraid"
  -e HOST_HOSTNAME="Lemur"
  -e HOST_CONTAINERNAME="swag"
  -e 'EMAIL'='*****@******.com'
  -e 'URL'='******.***'
  -e 'SUBDOMAINS'='wildcard'
  -e 'ONLY_SUBDOMAINS'='true'
  -e 'VALIDATION'='dns'
  -e 'DNSPLUGIN'='porkbun'
  -e 'EXTRA_DOMAINS'=''
  -e 'STAGING'='false'
  -e 'PROPAGATION'=''
  -e 'DOCKER_MODS'='linuxserver/mods:swag-dashboard'
  -e 'PUID'='99'
  -e 'PGID'='100'
  -l net.unraid.docker.managed=dockerman
  -l net.unraid.docker.webui='https://[IP]:[PORT:443]'
  -l net.unraid.docker.icon='https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver-ls-logo.png'
  -p '82:81/tcp'
  -p '8213:443/tcp'
  -v '/mnt/cache/appdata/swag':'/config':'rw'
  -v '/mnt/cache/appdata/syslog/':'/log':'rw'
  -v '/mnt/user/appdata/mealiev1':'/log-mealie':'rw'
  -v '/mnt/user/appdata/overseerr/logs':'/log-overseerr':'rw'
  -v '/mnt/user/nextcloud/':'/log-nextcloud':'rw'
  -v '/mnt/user/syslog_server/':'/log-syslog_server':'rw'
  --cap-add=NET_ADMIN 'linuxserver/swag'

SEARX:

docker run
  -d
  --name='searx'
  --net='swagnet'
  --pids-limit 2048
  -e TZ="Australia/Sydney"
  -e HOST_OS="Unraid"
  -e HOST_HOSTNAME="Lemur"
  -e HOST_CONTAINERNAME="searx"
  -e 'INSTANCE_NAME'='Search'
  -l net.unraid.docker.managed=dockerman
  -l net.unraid.docker.webui='http://[IP]:[PORT:8080]/'
  -l net.unraid.docker.icon='https://github.com/kilrah/unraid-docker-templates/raw/main/icons/searxng.png'
  -p '8622:8080/tcp'
  -v '/mnt/user/appdata/searxng/':'/etc/searxng':'rw' 'searxng/searxng'

nb - it’s not just searx, it is all containers. They can see each other (eg authentik can connect to postgres by hostname) except for nginx.

Are you changing the ports in the proxy conf files as well?

wait hang on, what’s the /config/nginx/resolver.conf file look like?

In the proxy-conf files, as in my first post. Lan port for lan ip, container port for container ip and container name.

As for resolver.conf - is this the right one? To my recollection I never altered it from what was automatically generated.

/swag/nginx/resolver.conf

# This file is auto-generated only on first start, based on the container's /etc/resolv.conf file. Feel free to modify it as you wish.

resolver  8.8.8.8 8.8.4.4 198.142.235.14 valid=30s;

Thanks for your time.

Delete that file and let it re-generate. it seems like you must’ve started swag with host networking at some point.

1 Like

Thank you. Yes, you are correct, I am pretty sure I try running host networking at some stage.

resolver.conf has been recreated:

resolver  127.0.0.11 valid=30s;

… and using the container name now appears to be working.

Much appreciated!

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.