Hello.

Pretty sure I’m doing something stupid, but I can’t find it.

I have Caddy and Uptime-kuma installed as Docker containers. They are on the same Docker bridge network. Both work fine (with the below exception).

I’m trying to monitor Caddy virtual hosts from Uptime-kuma and getting a timeout.

If I exec into the Uptime-kuma container, I can ping the host name I want to monitor (and the DNS is resolving correctly to the Docker hosts external IP).

But I can’t reach port 80/443 using telnet or openssl.

Any suggestions for what I might be doing wrong?

Thanks!

    • Outcide@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I am behind cgnat but why would that matter for trying to reach a service on the same box?

      • restlessyet@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        It matters only if “the docker hosts external IP” your dns resolves is a public IP. In that case packets travel to the router which needs to map/send them back to the docker hosts LAN IP (NAT-Reflection). With cgnat this would need to be enabled on the carrier side, where you set up the port forwarding. If that’s not possible, split-DNS may be an alternative.

        If “the docker hosts external IP” is actually your docker hosts LAN IP, all of that is irrelevant. Split-DNS would accomplish that.

  • sneakyninjapants@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    1 year ago

    The way I have my monitoring set up is to poll the containers from behind the proxy layer. Ex. if I’m trying to poll Portainer for example:

    ---
    services:
        portainer:
        ...
    

    with the service name portainer

    from uptime-kuma within the same docker network it would look like this:

    Can confirm this is working correctly to monitor that the service is reachable. This doesn’t however ensure that you can reach it from your computer, because that depends on if your reverse proxy is configured correctly and isn’t down, but that’s what I wanted in my case.

    Edit: If you’re wanting to poll the http endpoint you would add it before like http://whatever_service:whatever_port

    • Outcide@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 year ago

      Thanks. In this case I’m trying to monitor Caddy itself (sites that are just html files that it hosts rather than redirect to other containers). I could point the monitor at caddy:443 but then I’d need to find someway to specify the HOST: for the virtualhosting to work?

      • sneakyninjapants@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        Oh I see, I definitely misunderstood what you were asking. How is your caddy server set up? Is it serving one site per subdomain (site.your.domain) or is it one site per path (your.domain/site/)? I am running traefik so I probably won’t be able to help with specifics, but it’s worth a shot.

        • Outcide@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Caddy is server subdomains and standalone domains, doesn’t seem to make a difference which is which … neither work. For the moment I’m monitoring them from another server but that’s annoying … which I could figure out what I’m doing wrong!