Comments (5)
You said the binary is missing.. you mentioned armv7
and we previously discussed #9
IIRC not found errors can also arise when trying to run binaries for non-compatible architectures. Seeing as the image with tag 20210312_0738_8f5e8775
is the first with ARM support, did you try to run the correct image? You also mention :latest
, but the :latest
tag also doesn't exist (I don't currently use that tag).
Anyways, seems like this issue is resolved. I'll close it for now but we can continue discussion and reopen if there's still an issue..
from holepunch-server.
This should work with a reverse proxy in front of it. In fact, that's been my exact use case also (though I'm not using Traefik).
I'd check:
- that Traefik uses port 80 to talk to holepunch-server.
- try checking if you can curl https://holepunch-server-hostname/_ssh , you should get some error relating to your request not asking for websocket
- then repeat that same for directly talking to holepunch-server (without reverse proxy in front of it)
- if that does not work, try checking for Traefik logs
from holepunch-server.
Which Proxy do you use? can you provide me your docker-compose as an example?
from holepunch-server.
My docker-compose
file wouldn't help because I'm using Edgerouter which is a loadbalancer I built myself (yes, I know how crazy it sounds). Edgerouter is probably not usable for anyone else than me right now, but it started with Traefik-compatible annotations.
I'm confident holepunch-server works with Traefik, because that's what I used with holepunch-server before building Edgerouter. Basically my loadbalancer layer is using traefik.frontend.rule
with value of HostRegexp:{[^.]+}.punch.example.com
. This is what would be in your docker-compose
file in some form or another.
Then if you have an SSH client (OpenSSH or holepunch-client) providing reverse tunnel in the container port 8080, then https://8080.punch.example.com/ should be accessible from internet, provided that your loadbalancer is redirecting *.punch.example.com
traffic to right container IP's port 80. The holepunch-server container itself reverse proxies TCP traffic (on top of WebSocket) from HTTP 80 to the port 8080 based on the subdomain match.
Have you assigned wildcard certificate to *.holepunch.something.com
?
Make sure your loadbalancer is not stripping away the Host:
header. Traefik seems to do the right thing by default.
Did all the checks pass that I asked about? What exactly are you trying to do? Specifically, you haven't mentioned any error messages or troubleshooting steps that have failed? Is plain HTTP working but HTTPS not? Does it work without loadbalancer, or is the trouble present only when behind a loadbalancer?
from holepunch-server.
seems like I had some issues with docker on armv7.
finally i solved it by: (running traefik in another docker-compose instance)
version: "3.5"
services:
holepunch:
image: holepunch-server:latest
environment:
SSH_HOSTKEY: "somthing"
CLIENT_PUBKEY: "something else"
restart: always
ports:
- "5050:5050"
- "2222:2222"
labels:
- "traefik.enable=true"
- "traefik.http.routers.hp.rule=Host(`home.host.com`)"
- "traefik.http.routers.hp.entrypoints=http"
- "traefik.http.routers.hp.tls.certResolver=le"
- "traefik.http.routers.api.rule=Host(`api.home.host.com`)"
- "traefik.http.routers.api.service=api"
- "traefik.http.routers.api.entrypoints=https"
- "traefik.http.routers.api.tls.certResolver=le"
- "traefik.http.services.api.loadbalancer.server.port=5050"
- "traefik.http.routers.api.tls=true"
networks:
- backend
- frontend
networks:
frontend:
name: frontend
external: true
backend:
name: backend
driver: bridge
Somehow i could not use your docker image on dockerhub as the binary is missing. I just did some workaround by
(latest alpine got some issues with armv7....)
FROM alpine:3.12
RUN apk update
RUN apk add openssh wget
RUN wget https://github.com/function61/holepunch-server/releases/download/20210312_0738_8f5e8775/holepunch-server_linux-arm
RUN mv holepunch-server_linux-arm holepunch-server
RUN chmod +x holepunch-server
ENTRYPOINT ["./holepunch-server", "server", "--http-reverse-proxy", "--sshd-websocket","--sshd-tcp","0.0.0.0:2222"]
from holepunch-server.
Related Issues (10)
- Unable to authenticate using the release binary ([ERROR] Failed to handshake ([ssh: no auth passed yet, unknown username])) HOT 2
- Use TCP keepalive from gokit
- Add logging to ignored reply errors?
- docs: Add advice about WireGuard/Tailscale
- Remove unnecessary code, also TCP keepalives
- docs: wsconnadapter package comment
- Use newer conventions from gokit
- Create ENV parameters for users HOT 1
- Include multiarch buld into Docker HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from holepunch-server.