Constant timeouts when conecting from LAN to services behind a reverse proxy [closed]
years after my first home server died, i've decided to have one again. This time for the sake of learning and having more flexibility i'm doing it with docker containers. The thing is, i've set up a reverse proxy with nginx and the let's ecnrypt companion, to provide SSL encription & to avoid forwarding more ports on my router.
This works pretty much flawlessly, from my phone with mobile data or from a completely different network i can access my services without any issue. The problem comes when I try to acccess fro within the same LAN, i can access 1/10 times nad I get timeouts the other 9/10.
There's no difference in the way i'm trying to connect; in both cases is vía a web browser using <subdomain>.<domain>
as a URL
This are my current containers:
As for my current docker-compose file, it's like this:
version: '3'
services:
reverse-proxy:
image: jwilder/nginx-proxy
ports:
- '80:80'
- '443:443'
container_name: reverse-proxy
networks:
service_network: null
volumes:
- '/var/run/docker.sock:/tmp/docker.sock:ro'
- '.\nginx\certs:/etc/nginx/certs'
- '.\nginx\vhosts:/etc/nginx/vhost.d'
- '.\nginx\html:/usr/share/nginx/html'
ACME-SSL:
image: jrcs/letsencrypt-nginx-proxy-companion
depends_on:
- reverse-proxy
environment:
NGINX_PROXY_CONTAINER: reverse-proxy
networks:
service_network: null
volumes:
- '/var/run/docker.sock:/var/run/docker.sock:ro'
- '.\nginx\certs:/etc/nginx/certs'
- '.\nginx\vhosts:/etc/nginx/vhost.d'
- '.\nginx\html:/usr/share/nginx/html'
nginx:
image: nginx
depends_on:
- reverse-proxy
ports:
- '8080:80'
expose:
- 8080
environment:
- NGINX_HOST=<DOMAIN>
- NGINX_PORT=80
- HTTP_PORT=8080
- VIRTUAL_HOST=<DOMAIN>
- LETSENCRYPT_HOST=<DOMAIN>
- LETSENCRYPT_EMAIL=<EMAIL>
networks:
service_network: null
volumes:
- '.\<DIRECTORY>:/usr/share/nginx/html'
koel:
image: hyzual/koel
depends_on:
- reverse-proxy
- database
ports:
- '8000:80'
expose:
- 8000
environment:
- HTTP_PORT=8000
- VIRTUAL_HOST=<SUBDOMAIN>.<DOMAIN>
- LETSENCRYPT_HOST=<SUBDOMAIN>.<DOMAIN>
- LETSENCRYPT_EMAIL=<EMAIL>
- DB_CONNECTION=mysql
- DB_HOST=database
- DB_USERNAME=koel
- DB_PASSWORD=<PASS>
- DB_DATABASE=koel
- FORCE_HTTPS=true
- LASTFM_API_KEY=<API_SECRET>
- LASTFM_API_SECRET=<API_KEY>
networks:
service_network: null
db_network: null
volumes:
- '/e/musica:/music'
- '.\koel\covers:/var/www/html/public/img/covers'
- '.\koel\search_index:/var/www/html/storage/search-indexes'
database:
image: 'mysql/mysql-server:5.7'
volumes:
- '.\mysql:/var/lib/mysql'
environment:
- MYSQL_ROOT_PASSWORD=<PASS>
- MYSQL_DATABASE=koel
- MYSQL_USER=koel
- MYSQL_PASSWORD=<PASS>
networks:
db_network: null
networks:
service_network:
driver: bridge
db_network:
driver: bridge
*I've changed some values to descriptions between < >
as they contain private information.
If your domain is mapped to the WAN IP of your router, it could be that the router refuses to send traffic from inside the network back into it.
If that's the case you can rule it out by writing your domain name and the IP of your reverse proxy to /etc/hosts and then testing the connection.
A permanent fix would require you to either run a split DNS or maintaining this hostname to IP mapping in the DNS overrides of your router, if it has such an option.