[GeoNode-users] cloudflare tunnel geonode
Henning Bredel
h.bredel at 52north.org
Thu Jan 11 06:39:48 PST 2024
Hey Jan Willem,
a 502 means that the nginx proxy cannot reach the underlying service you
want to request. Therefore, you should check, if geonode is up and
running. On a first start GeoNode takes some time to initialize (DB
migrations, etc ..). Please run
docker-compose logs
to find out if there's some other problem.
Hope this helps
Henning
On 11.01.24 12:59, Jan Willem van der Lichte wrote:
> Hi Henning, list
> First of all, thank for your response.
>
> I try to describe what i have done.
>
> I created an Ubuntu server in my home network with ip 192.168.178.69
> Installed docker and geonode following these instructions
> https://docs.geonode.org/en/4.1.x/install/advanced/core/index.html#install-the-docker-and-docker-compose-packages-on-a-ubuntu-host <https://docs.geonode.org/en/4.1.x/install/advanced/core/index.html#install-the-docker-and-docker-compose-packages-on-a-ubuntu-host>
> In the .env file i replaced all localhost with 192.168.178.69
> I can enter the geonode site on http://192.168.178.69
> <http://192.168.178.69>
>
> so far so good
>
> Now I want to expose this site to the internet.
> Therefor I use cloudflare-docker
>
> First of all I created a docker network:
> docker network create -d bridge tunnel
>
> Next I created the cloudflare docker with this docker-compose.yml file.
>
> docker-compose.yml for cloudflare
> ####################
> version: '3.9'
>
> networks:
> tunnel:
> external: true
>
> services:
> cloudflaretunnel:
> container_name: cloudflaretunnel
> image: cloudflare/cloudflared:latest
> restart: unless-stopped
> environment:
> - TUNNEL_TOKEN=$TUNNEL_TOKEN
> command: tunnel --no-autoupdate run
> networks:
> - tunnel
> ########################
>
> The tunneltoken is an environment variable.
>
>
> To test if my cloudflare tunnel works, i created an rstudio docker to
> expose to the interval
> The compose file I used was:
>
> docker-compose.yml for rstudio
> ##########################
> version: '3'
> networks:
> tunnel:
> external: true
>
>
> services:
> geocompx:
> image: ghcr.io/geocompx/docker:qgis
> <http://ghcr.io/geocompx/docker:qgis>
> container_name: rstudio
> restart: always
> environment:
> - USER=rstudio
> - PASSWORD=blablabla
> - ROOT=TRUE
> ports:
> - 8786:8787
> volumes:
> - geocompxdata:/home/rstudio/data
> networks:
> - tunnel
> volumes:
> share:
> external: true
> geocompxdata:
> driver: local
> driver_opts:
> o: bind
> type: none
> device: /home/geonode/docker/rstudio/data
>
> #########################
>
> I can connect my homeserver to a publichostname now. The tunnel
> declaration in the yml file is needed.
>
>
> After this I tried to modify the geonode docker-compose.yml as
> downloaded from their github
> I added the networks at the top and in every service
>
> #########################
> version: '3.9'
>
> networks:
> tunnel:
> external: true
>
> # Common Django template for GeoNode and Celery services below
> x-common-django:
> &default-common-django
> image: geonode/geonode:4.0
> restart: on-failure
> env_file:
> - .env
> volumes:
> # - '.:/usr/src/geonode'
> - statics:/mnt/volumes/statics
> - geoserver-data-dir:/geoserver_data/data
> - backup-restore:/backup_restore
> - data:/data
> - tmp:/tmp
> depends_on:
> db:
> condition: service_healthy
> geoserver:
> condition: service_healthy
> networks:
> - tunnel
>
> services:
>
> # Our custom django application. It includes Geonode.
> django:
> << : *default-common-django
> build:
> context: ./
> dockerfile: Dockerfile
> container_name: django4${COMPOSE_PROJECT_NAME}
> healthcheck:
> test: "curl --fail --silent --write-out 'HTTP CODE :
> %{http_code}\n' --output /dev/null http://127.0.0.1:8001/
> <http://127.0.0.1:8001/>"
> start_period: 60s
> interval: 60s
> timeout: 10s
> retries: 10
> environment:
> - IS_CELERY=False
> entrypoint: ["/usr/src/geonode/entrypoint.sh"]
> command: "uwsgi --ini /usr/src/geonode/uwsgi.ini"
> networks:
> - tunnel
>
> # Celery worker that executes celery tasks created by Django.
> celery:
> << : *default-common-django
> image: geonode/geonode:4.0
> container_name: celery4${COMPOSE_PROJECT_NAME}
> depends_on:
> - django
> environment:
> - IS_CELERY=True
> entrypoint: ["/usr/src/geonode/entrypoint.sh"]
> command: "celery-cmd"
> networks:
> - tunnel
>
> # Nginx is serving django static and media files and proxies to
> django and geonode
> geonode:
> image: geonode/nginx:4.0
> build: ./scripts/docker/nginx/
> container_name: nginx4${COMPOSE_PROJECT_NAME}
> environment:
> - HTTPS_HOST=${HTTPS_HOST}
> - HTTP_HOST=${HTTP_HOST}
> - HTTPS_PORT=${HTTPS_PORT}
> - HTTP_PORT=${HTTP_PORT}
> - LETSENCRYPT_MODE=${LETSENCRYPT_MODE}
> - RESOLVER=127.0.0.11
> ports:
> - "${HTTP_PORT}:80"
> - "${HTTPS_PORT}:443"
> volumes:
> - nginx-confd:/etc/nginx
> - nginx-certificates:/geonode-certificates
> - statics:/mnt/volumes/statics
> restart: on-failure
> networks:
> - tunnel
>
> # Gets and installs letsencrypt certificates
> letsencrypt:
> image: geonode/letsencrypt:4.0
> build: ./scripts/docker/letsencrypt/
> container_name: letsencrypt4${COMPOSE_PROJECT_NAME}
> environment:
> - HTTPS_HOST=${HTTPS_HOST}
> - HTTP_HOST=${HTTP_HOST}
> - ADMIN_EMAIL=${ADMIN_EMAIL}
> - LETSENCRYPT_MODE=${LETSENCRYPT_MODE}
> volumes:
> - nginx-certificates:/geonode-certificates
> restart: on-failure
> networks:
> - tunnel
>
> # Geoserver backend
> geoserver:
> image: geonode/geoserver:2.23.0
> container_name: geoserver4${COMPOSE_PROJECT_NAME}
> healthcheck:
> test: "curl --fail --silent --write-out 'HTTP CODE :
> %{http_code}\n' --output /dev/null http://127.0.0.1:8080/geoserver/ows
> <http://127.0.0.1:8080/geoserver/ows>"
> start_period: 60s
> interval: 60s
> timeout: 10s
> retries: 10
> env_file:
> - .env
> volumes:
> - statics:/mnt/volumes/statics
> - geoserver-data-dir:/geoserver_data/data
> - backup-restore:/backup_restore
> - data:/data
> - tmp:/tmp
> restart: on-failure
> depends_on:
> db:
> condition: service_healthy
> data-dir-conf:
> condition: service_healthy
> networks:
> - tunnel
>
> data-dir-conf:
> image: geonode/geoserver_data:2.23.0
> container_name: gsconf4${COMPOSE_PROJECT_NAME}
> entrypoint: sleep infinity
> volumes:
> - geoserver-data-dir:/geoserver_data/data
> restart: on-failure
> healthcheck:
> test: "ls -A '/geoserver_data/data' | wc -l"
> networks:
> - tunnel
>
> # PostGIS database.
> db:
> # use geonode official postgis 13 image
> image: geonode/postgis:13
> command: postgres -c "max_connections=${POSTGRESQL_MAX_CONNECTIONS}"
> container_name: db4${COMPOSE_PROJECT_NAME}
> env_file:
> - .env
> volumes:
> - dbdata:/var/lib/postgresql/data
> - dbbackups:/pg_backups
> restart: on-failure
> healthcheck:
> test: "pg_isready -d postgres -U postgres"
> networks:
> - tunnel
> # uncomment to enable remote connections to postgres
> #ports:
> # - "5432:5432"
>
> # Vanilla RabbitMQ service. This is needed by celery
> rabbitmq:
> image: rabbitmq:3.7-alpine
> container_name: rabbitmq4${COMPOSE_PROJECT_NAME}
> volumes:
> - rabbitmq:/var/lib/rabbitmq
> restart: on-failure
> networks:
> - tunnel
>
> volumes:
> statics:
> name: ${COMPOSE_PROJECT_NAME}-statics
> nginx-confd:
> name: ${COMPOSE_PROJECT_NAME}-nginxconfd
> nginx-certificates:
> name: ${COMPOSE_PROJECT_NAME}-nginxcerts
> geoserver-data-dir:
> name: ${COMPOSE_PROJECT_NAME}-gsdatadir
> dbdata:
> name: ${COMPOSE_PROJECT_NAME}-dbdata
> dbbackups:
> name: ${COMPOSE_PROJECT_NAME}-dbbackups
> backup-restore:
> name: ${COMPOSE_PROJECT_NAME}-backup-restore
> data:
> name: ${COMPOSE_PROJECT_NAME}-data
> tmp:
> name: ${COMPOSE_PROJECT_NAME}-tmp
> rabbitmq:
> name: ${COMPOSE_PROJECT_NAME}-rabbitmq
> #################
>
>
> After this all conainers are connected with the tunnel network, but i
> get a 502 bad request
> When i connect all containers also to the geonode_default network, there
> are no changes: 502 bad request.
>
> I hope this clarifies the problem a bit.
>
> Thanks
> Jan Willem
>
> Op di 9 jan 2024 om 09:45 schreef Henning Bredel via geonode-users
> <geonode-users at lists.osgeo.org <mailto:geonode-users at lists.osgeo.org>>:
>
> Hey,
>
> I cannot give any advice on cloudflare, but it would be good to see the
> actual error you get and the whole docker-compose file you came up with
> after changing the network.
>
> Best
>
> Henning
>
> On 08.01.24 16:13, Jan Willem van der Lichte via geonode-users wrote:
> > Dear list,
> >
> > I've got a geonode 4 in docker running on my local network, and
> it is
> > working fine.
> > I would like to use a cloudflare tunnel to get it online.
> > But somehow i can't get it to work. Has anyone tried this with
> succes?
> >
> > If I (for example) use rstudioserver to get it tunneled to the
> internet
> > it works fine.
> > In this rstudio docker-compose.yml I add the networks option
> referring
> > to a created bridge network called tunnel.
> > In the services I refer to this, see below
> >
> > version: '3'
> > networks:
> > tunnel:
> > external: true
> >
> > services:
> > geocompx:
> > image: ghcr.io/geocompx/docker:qgis
> <http://ghcr.io/geocompx/docker:qgis>
> > <http://ghcr.io/geocompx/docker:qgis
> <http://ghcr.io/geocompx/docker:qgis>>
> > container_name: rstudio
> > restart: always
> > environment:
> > - USER=rstudio
> > - PASSWORD=blablabla
> > - ROOT=TRUE
> > ports:
> > - 8786:8787
> > volumes:
> > - geocompxdata:/home/rstudio/data
> > networks:
> > - tunnel
> >
> > If I do the same in the geonode docker-compose.yml, it gives errors.
> > and geonode fails to start.
> >
> > I'm a novice at this so probably I miss something, but I haven't
> got a
> > clue at the moment
> > Any advice is welcome :-)
> >
> > Thanks,
> >
> > Met groet,
> > Jan Willem
> >
> >
> > _______________________________________________
> > geonode-users mailing list
> > geonode-users at lists.osgeo.org <mailto:geonode-users at lists.osgeo.org>
> > https://lists.osgeo.org/mailman/listinfo/geonode-users
> <https://lists.osgeo.org/mailman/listinfo/geonode-users>
>
> --
> Henning Bredel
> 52°North Spatial Information Research GmbH
> Martin-Luther-King-Weg 24
> 48155 Münster, Germany
> E-Mail: h.bredel at 52north.org <mailto:h.bredel at 52north.org>
> http://52north.org/ <http://52north.org/>
> Twitter: @FiveTwoN
> Managing Directors:
> Dr. Benedikt Gräler, Dr. Simon Jirka, Matthes Rieke
> Local Court Muenster HRB 10849
> _______________________________________________
> geonode-users mailing list
> geonode-users at lists.osgeo.org <mailto:geonode-users at lists.osgeo.org>
> https://lists.osgeo.org/mailman/listinfo/geonode-users
> <https://lists.osgeo.org/mailman/listinfo/geonode-users>
>
>
>
> --
> Met groet,
> Jan Willem
>
--
Henning Bredel
52°North Spatial Information Research GmbH
Martin-Luther-King-Weg 24
48155 Münster, Germany
E-Mail: h.bredel at 52north.org
http://52north.org/
Twitter: @FiveTwoN
Managing Directors:
Dr. Benedikt Gräler, Dr. Simon Jirka, Matthes Rieke
Local Court Muenster HRB 10849
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: OpenPGP digital signature
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20240111/1dc19035/attachment-0001.sig>
More information about the geonode-users
mailing list