I tried for several days to host lemmy 0.17.4 using the docker install instructions, but I was less than successful. The instructions seemed to be riddled with mistakes and and the docker-compose.yml file had some errors. I eventually mostly got it up and running, but I could never access the site through the nginx container. I had to add the lemmy-ui to the external network and expose 80 and 443, and then I could access the UI. But it seemed that the UI was unable to communicate with the DB. And I had to comment out all of the loggers in docker-compose.yml, because I they were giving me errors.
Anyway, I thought I would give it another shot now that 0.18 has been released and the instructions have been updated. It seems to be much better! I was able to almost get it up and running on my first try. However, there is one error. The nginx container failed to start. There is a file it is trying to mount, but the file doesn’t exist. And the instructions don’t seem to say anything about creating that file or where to download it.
Any help would be much appreciated!
The instructions I am following: https://join-lemmy.org/docs/administration/install_docker.html
The error:
Creating lemmy_proxy_1 ... error
ERROR: for lemmy_proxy_1 Cannot start service proxy: crun: mount `<path>/lemmy/nginx_internal.conf` to `etc/nginx/nginx.conf`: Not a directory: OCI runtime error
ERROR: for proxy Cannot start service proxy: crun: mount `<path>/lemmy/nginx_internal.conf` to `etc/nginx/nginx.conf`: Not a directory: OCI runtime error
ERROR: Encountered errors while bringing up the project.
Edit: I ended up finding the file in the lemmy-ansible github project here: https://raw.githubusercontent.com/LemmyNet/lemmy-ansible/main/templates/nginx_internal.conf
It all comes up now, and I can access it from outside the server. Though, it is http only, even though I have https set to true in docker-compose.yml. And when I try to do the admin sign up, I get the error: SyntaxError: Unexpected token 'O', "Origin is "... is not valid JSON
Do you mind sharing what exactly you changed in order to get it to work? I got
nginx_internal.confinstalled, but did not make any changes to it. I’m not able to get the UI using http://<ipaddress>:1236I’m not a complete newb when it comes to nginx, but I’m having a hard time understanding what all the different parts are here. For instance, what is the
lemmy-uicontainer for? Is that what needs to be exposed for me to access the UI? If so, I don’t see any port mapping the in container definition, so is it hard-coded to use a specific port?Any help you can provide is greatly appreciated!
I got it going… the main problem was that the ports for the proxy container were defined in a confusing way. Rather, the port definition should be symmetrical (e.g.
1236:1236) and not conflated with the lemmy server port (8536). Then, thenginx_internal.confshould be set to listen on1236only.The only thing I changed from the
nginx_internal.confthat is here is that I added ssl. But with no changes (aside from the required changes described in the instructions) to this file ordocker-compose.yml, you should be able to access it usingcurl http://localhost:8536. I am not using a reverse proxy, as I am not hosting anything other webservers on my server at the moment, so I actually changed the exposed port indocker-compose.ymlto map 443 to 8536 so I can serve https on the default port directly from the nginx container. Oh, and I had to add a mounted volume to the nginx container indocker-compose.ymlfor my ssl certificates for https.Here’s what I added:
docker-compose.yml: (under services -> proxy -> volumes)- /path/to/ssl/certs/on/host/:/path/to/ssl/certs/in/container/(under service -> proxy -> ports)- "443:8536"nginx_internal.conf: (under http -> server)ssl_certificate /path/to/ssl/certs/in/container/fullchain.pem; ssl_certificate_key /path/to/ssl/certs/in/container/privkey.pem; ssl_protocols TLSv1.3; ssl_ciphers HIGH:!aNULL:!MD5; # Full disclosure, I'm not 100% if this is the best option to put here # this is the port inside docker, not the public one yet listen 1236; listen 8536 ssl; # I had to add "ssl" here to serve https # change if needed, this is facing the public web server_name yourdomain.tld;If you wanted to skip https for now and just get it up, replace 443 with 80, and don’t make any changes to
nginx_internal.conf.So, from what I have gathered, the lemmy-ui conatiner contains the html/js, and the lemmy container is the backend. Not 100% sure on that, but I believe that’s what it is. When trying to set up 0.17.4, I was able to access the UI by adding the lemmy-ui container to the lemmyexternalproxy network and mapping port 0.0.0.0:80 to lemmy-ui:1234.
Ports aren’t usually exposed from the container directly. All ports are shared between containers on the lemmyinternal network. Only the nginx container is on the lemmyexternalproxy network, which is the one that can map ports to the host. So basically, your lemmy-ui container is exposing port 1234 to the nginx container through the lemmyinternal network, and nginx container is mapping that port on the lemmyinternal network to the lemmyexternalproxy on port 8536, and then docker is mapping port 8536 from the nginx container to 8536 (or whatever port you set it to. In my case, 443) on 0.0.0.0 (the host and the world).
I hope that I worded that last part in a way that makes sense 😅.