<div dir="ltr"><div>Hi Henning, list<br></div><div>First of all, thank for your response.</div><div><br></div><div>I try to describe what i have done. </div><br>I created an Ubuntu server in my home network with ip 192.168.178.69<br>Installed docker and geonode following these instructions<br><a href="https://docs.geonode.org/en/4.1.x/install/advanced/core/index.html#install-the-docker-and-docker-compose-packages-on-a-ubuntu-host">https://docs.geonode.org/en/4.1.x/install/advanced/core/index.html#install-the-docker-and-docker-compose-packages-on-a-ubuntu-host</a><br>In the .env file i replaced all localhost with 192.168.178.69 <br>I can enter the geonode site on <a href="http://192.168.178.69">http://192.168.178.69</a> <br><br>so far so good<br><br>Now I want to expose this site to the internet.<br>Therefor I use cloudflare-docker<br><br>First of all I created a docker network:<br>docker network create -d bridge tunnel<br><br>Next I created the cloudflare docker with this docker-compose.yml file.<br><br>docker-compose.yml for cloudflare<br>####################<br>version: '3.9'<br><br>networks:<br> tunnel:<br> external: true<br><br>services:<br> cloudflaretunnel:<br> container_name: cloudflaretunnel<br> image: cloudflare/cloudflared:latest<br> restart: unless-stopped<br> environment:<br> - TUNNEL_TOKEN=$TUNNEL_TOKEN<br> command: tunnel --no-autoupdate run<br> networks:<br> - tunnel<br>######################## <br><br>The tunneltoken is an environment variable.<br><br><br>To test if my cloudflare tunnel works, i created an rstudio docker to expose to the interval<br>The compose file I used was: <br><br>docker-compose.yml for rstudio<br>##########################<br>version: '3'<br>networks:<br> tunnel:<br> external: true<br><br><br>services:<br> geocompx:<br> image: <a href="http://ghcr.io/geocompx/docker:qgis">ghcr.io/geocompx/docker:qgis</a><br> container_name: rstudio<br> restart: always<br> environment:<br> - USER=rstudio<br> - PASSWORD=blablabla<br> - ROOT=TRUE<br> ports:<br> - 8786:8787<br> volumes:<br> - geocompxdata:/home/rstudio/data<br> networks:<br> - tunnel<br>volumes:<br> share:<br> external: true<br> geocompxdata:<br> driver: local<br> driver_opts:<br> o: bind<br> type: none<br> device: /home/geonode/docker/rstudio/data<br> <br>#########################<br> <br>I can connect my homeserver to a publichostname now. The tunnel declaration in the yml file is needed.<br><br><br>After this I tried to modify the geonode docker-compose.yml as downloaded from their github<br>I added the networks at the top and in every service <br><br>#########################<br>version: '3.9'<br><br>networks:<br> tunnel:<br> external: true<br><br># Common Django template for GeoNode and Celery services below<br>x-common-django:<br> &default-common-django<br> image: geonode/geonode:4.0<br> restart: on-failure<br> env_file:<br> - .env<br> volumes:<br> # - '.:/usr/src/geonode'<br> - statics:/mnt/volumes/statics<br> - geoserver-data-dir:/geoserver_data/data<br> - backup-restore:/backup_restore<br> - data:/data<br> - tmp:/tmp<br> depends_on:<br> db:<br> condition: service_healthy<br> geoserver:<br> condition: service_healthy<br> networks:<br> - tunnel<br><br>services:<br><br> # Our custom django application. It includes Geonode.<br> django:<br> << : *default-common-django<br> build:<br> context: ./<br> dockerfile: Dockerfile<br> container_name: django4${COMPOSE_PROJECT_NAME}<br> healthcheck:<br> test: "curl --fail --silent --write-out 'HTTP CODE : %{http_code}\n' --output /dev/null <a href="http://127.0.0.1:8001/">http://127.0.0.1:8001/</a>"<br> start_period: 60s<br> interval: 60s<br> timeout: 10s<br> retries: 10<br> environment:<br> - IS_CELERY=False<br> entrypoint: ["/usr/src/geonode/entrypoint.sh"]<br> command: "uwsgi --ini /usr/src/geonode/uwsgi.ini"<br> networks:<br> - tunnel<br><br> # Celery worker that executes celery tasks created by Django.<br> celery:<br> << : *default-common-django<br> image: geonode/geonode:4.0<br> container_name: celery4${COMPOSE_PROJECT_NAME}<br> depends_on:<br> - django<br> environment:<br> - IS_CELERY=True<br> entrypoint: ["/usr/src/geonode/entrypoint.sh"]<br> command: "celery-cmd"<br> networks:<br> - tunnel<br><br> # Nginx is serving django static and media files and proxies to django and geonode<br> geonode:<br> image: geonode/nginx:4.0<br> build: ./scripts/docker/nginx/<br> container_name: nginx4${COMPOSE_PROJECT_NAME}<br> environment:<br> - HTTPS_HOST=${HTTPS_HOST}<br> - HTTP_HOST=${HTTP_HOST}<br> - HTTPS_PORT=${HTTPS_PORT}<br> - HTTP_PORT=${HTTP_PORT}<br> - LETSENCRYPT_MODE=${LETSENCRYPT_MODE}<br> - RESOLVER=127.0.0.11<br> ports:<br> - "${HTTP_PORT}:80"<br> - "${HTTPS_PORT}:443"<br> volumes:<br> - nginx-confd:/etc/nginx<br> - nginx-certificates:/geonode-certificates<br> - statics:/mnt/volumes/statics<br> restart: on-failure<br> networks:<br> - tunnel<br><br> # Gets and installs letsencrypt certificates<br> letsencrypt:<br> image: geonode/letsencrypt:4.0<br> build: ./scripts/docker/letsencrypt/<br> container_name: letsencrypt4${COMPOSE_PROJECT_NAME}<br> environment:<br> - HTTPS_HOST=${HTTPS_HOST}<br> - HTTP_HOST=${HTTP_HOST}<br> - ADMIN_EMAIL=${ADMIN_EMAIL}<br> - LETSENCRYPT_MODE=${LETSENCRYPT_MODE}<br> volumes:<br> - nginx-certificates:/geonode-certificates<br> restart: on-failure<br> networks:<br> - tunnel<br><br> # Geoserver backend<br> geoserver:<br> image: geonode/geoserver:2.23.0<br> container_name: geoserver4${COMPOSE_PROJECT_NAME}<br> healthcheck:<br> test: "curl --fail --silent --write-out 'HTTP CODE : %{http_code}\n' --output /dev/null <a href="http://127.0.0.1:8080/geoserver/ows">http://127.0.0.1:8080/geoserver/ows</a>"<br> start_period: 60s<br> interval: 60s<br> timeout: 10s<br> retries: 10<br> env_file:<br> - .env<br> volumes:<br> - statics:/mnt/volumes/statics<br> - geoserver-data-dir:/geoserver_data/data<br> - backup-restore:/backup_restore<br> - data:/data<br> - tmp:/tmp<br> restart: on-failure<br> depends_on:<br> db:<br> condition: service_healthy<br> data-dir-conf:<br> condition: service_healthy<br> networks:<br> - tunnel<br><br> data-dir-conf:<br> image: geonode/geoserver_data:2.23.0<br> container_name: gsconf4${COMPOSE_PROJECT_NAME}<br> entrypoint: sleep infinity<br> volumes:<br> - geoserver-data-dir:/geoserver_data/data<br> restart: on-failure<br> healthcheck:<br> test: "ls -A '/geoserver_data/data' | wc -l"<br> networks:<br> - tunnel<br><br> # PostGIS database.<br> db:<br> # use geonode official postgis 13 image<br> image: geonode/postgis:13<br> command: postgres -c "max_connections=${POSTGRESQL_MAX_CONNECTIONS}"<br> container_name: db4${COMPOSE_PROJECT_NAME}<br> env_file:<br> - .env<br> volumes:<br> - dbdata:/var/lib/postgresql/data<br> - dbbackups:/pg_backups<br> restart: on-failure<br> healthcheck:<br> test: "pg_isready -d postgres -U postgres"<br> networks:<br> - tunnel<br> # uncomment to enable remote connections to postgres<br> #ports:<br> # - "5432:5432"<br><br> # Vanilla RabbitMQ service. This is needed by celery<br> rabbitmq:<br> image: rabbitmq:3.7-alpine<br> container_name: rabbitmq4${COMPOSE_PROJECT_NAME}<br> volumes:<br> - rabbitmq:/var/lib/rabbitmq<br> restart: on-failure<br> networks:<br> - tunnel<br><br>volumes:<br> statics:<br> name: ${COMPOSE_PROJECT_NAME}-statics<br> nginx-confd:<br> name: ${COMPOSE_PROJECT_NAME}-nginxconfd<br> nginx-certificates:<br> name: ${COMPOSE_PROJECT_NAME}-nginxcerts<br> geoserver-data-dir:<br> name: ${COMPOSE_PROJECT_NAME}-gsdatadir<br> dbdata:<br> name: ${COMPOSE_PROJECT_NAME}-dbdata<br> dbbackups:<br> name: ${COMPOSE_PROJECT_NAME}-dbbackups<br> backup-restore:<br> name: ${COMPOSE_PROJECT_NAME}-backup-restore<br> data:<br> name: ${COMPOSE_PROJECT_NAME}-data<br> tmp:<br> name: ${COMPOSE_PROJECT_NAME}-tmp<br> rabbitmq:<br> name: ${COMPOSE_PROJECT_NAME}-rabbitmq<br>#################<br><br><br>After this all conainers are connected with the tunnel network, but i get a 502 bad request<br>When i connect all containers also to the geonode_default network, there are no changes: 502 bad request.<br><br>I hope this clarifies the problem a bit.<br><br>Thanks<br>Jan Willem</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">Op di 9 jan 2024 om 09:45 schreef Henning Bredel via geonode-users <<a href="mailto:geonode-users@lists.osgeo.org">geonode-users@lists.osgeo.org</a>>:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hey,<br>
<br>
I cannot give any advice on cloudflare, but it would be good to see the <br>
actual error you get and the whole docker-compose file you came up with <br>
after changing the network.<br>
<br>
Best<br>
<br>
Henning<br>
<br>
On 08.01.24 16:13, Jan Willem van der Lichte via geonode-users wrote:<br>
> Dear list,<br>
> <br>
> I've got a geonode 4 in docker running on my local network, and it is <br>
> working fine.<br>
> I would like to use a cloudflare tunnel to get it online.<br>
> But somehow i can't get it to work. Has anyone tried this with succes?<br>
> <br>
> If I (for example) use rstudioserver to get it tunneled to the internet <br>
> it works fine.<br>
> In this rstudio docker-compose.yml I add the networks option referring <br>
> to a created bridge network called tunnel.<br>
> In the services I refer to this, see below<br>
> <br>
> version: '3'<br>
> networks:<br>
> tunnel:<br>
> external: true<br>
> <br>
> services:<br>
> geocompx:<br>
> image: <a href="http://ghcr.io/geocompx/docker:qgis" rel="noreferrer" target="_blank">ghcr.io/geocompx/docker:qgis</a> <br>
> <<a href="http://ghcr.io/geocompx/docker:qgis" rel="noreferrer" target="_blank">http://ghcr.io/geocompx/docker:qgis</a>><br>
> container_name: rstudio<br>
> restart: always<br>
> environment:<br>
> - USER=rstudio<br>
> - PASSWORD=blablabla<br>
> - ROOT=TRUE<br>
> ports:<br>
> - 8786:8787<br>
> volumes:<br>
> - geocompxdata:/home/rstudio/data<br>
> networks:<br>
> - tunnel<br>
> <br>
> If I do the same in the geonode docker-compose.yml, it gives errors.<br>
> and geonode fails to start.<br>
> <br>
> I'm a novice at this so probably I miss something, but I haven't got a <br>
> clue at the moment<br>
> Any advice is welcome :-)<br>
> <br>
> Thanks,<br>
> <br>
> Met groet,<br>
> Jan Willem<br>
> <br>
> <br>
> _______________________________________________<br>
> geonode-users mailing list<br>
> <a href="mailto:geonode-users@lists.osgeo.org" target="_blank">geonode-users@lists.osgeo.org</a><br>
> <a href="https://lists.osgeo.org/mailman/listinfo/geonode-users" rel="noreferrer" target="_blank">https://lists.osgeo.org/mailman/listinfo/geonode-users</a><br>
<br>
-- <br>
Henning Bredel<br>
52°North Spatial Information Research GmbH<br>
Martin-Luther-King-Weg 24<br>
48155 Münster, Germany<br>
E-Mail: <a href="mailto:h.bredel@52north.org" target="_blank">h.bredel@52north.org</a><br>
<a href="http://52north.org/" rel="noreferrer" target="_blank">http://52north.org/</a><br>
Twitter: @FiveTwoN<br>
Managing Directors:<br>
Dr. Benedikt Gräler, Dr. Simon Jirka, Matthes Rieke<br>
Local Court Muenster HRB 10849<br>
_______________________________________________<br>
geonode-users mailing list<br>
<a href="mailto:geonode-users@lists.osgeo.org" target="_blank">geonode-users@lists.osgeo.org</a><br>
<a href="https://lists.osgeo.org/mailman/listinfo/geonode-users" rel="noreferrer" target="_blank">https://lists.osgeo.org/mailman/listinfo/geonode-users</a><br>
</blockquote></div><br clear="all"><br><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature"><div dir="ltr">Met groet,<br>Jan Willem<font face="Arial" size="2"><span style="font-family:Arial;font-size:10pt"><br><br></span></font></div></div>