Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to install with Caddy? #82

Open
ja49619 opened this issue Oct 21, 2024 · 7 comments
Open

How to install with Caddy? #82

ja49619 opened this issue Oct 21, 2024 · 7 comments

Comments

@ja49619
Copy link
Contributor

ja49619 commented Oct 21, 2024

Hello,
First of all, I'd like to say thanks for your app, it's truly the best I've seen lately🚀.

I saw that you have installation scripts using nginx and traeffik, but I already have Caddy installed and configured, so I would like to use it further.

I tried to install your app and configure the reverse proxy in the same way as all other applications that are running on my server, i.e I receive an external port from the app's container and set up something like this:

example.com {
	reverse_proxy localhost:8087
}

I ran the application but on client got an error: Unknown Error: Failed to Fetch, in the developer console there was
GET http://localhost:3000/providers net::ERR_CONNECTION_REFUSED

I found a comment, that says that you need to set the environment variables correctly.
I tried to adapt the nginx configuration files for caddy using its directives like rewrite, handle_path and header, tried set variables,
but unfortunately I was never able to configure the application,

THEREFORE

if anyone was able to set up this with reverse proxy Caddy on a host please show how to do it ✍️👀

Commands for reproduce

presettings: install docker, check A-record from domain DNS

# install Huly
$ git clone https://github.com/hcengineering/huly-selfhost.git
$ cd huly-selfhost
$ ./setup.sh localhost
$ docker-compose up -d

# install and setup Caddy
$ apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
$ curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
$ curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | tee /etc/apt/sources.list.d/caddy-stable.list
$ apt update
$ apt install caddy
$ read -p "domain: " domain && echo -e "$domain {\n\treverse_proxy localhost:8087\n}" | tee /etc/caddy/Caddyfile
$ systemctl restart caddy

open $domain and check DevTools

@Pukimaa
Copy link

Pukimaa commented Oct 21, 2024

This is what I'm using. However be sure to update your ACCOUNTS_URL, ... env variables (everywhere where the services down below are listed)

YOUR_DOMAIN:80 {
  reverse_proxy localhost:8087
  handle_path /account* {
    reverse_proxy localhost:3005
  }
  handle_path /transactor* {
    reverse_proxy localhost:3333
  }
  handle_path /rekoni* {
    reverse_proxy localhost:4004
  }
  
  # If you have the love container (livekit/office calls), use this too
  #handle_path /_love* {
  #  reverse_proxy localhost:8096
  #}
}

@ja49619
Copy link
Contributor Author

ja49619 commented Oct 22, 2024

This is what I'm using.

@Pukimaa thanks for reply, can u show your docker-compose.yml file here in < details >< /details > block?

@gptlang
Copy link

gptlang commented Nov 3, 2024
edited
Loading

I just set mine up today.

version: "3"
services:
  mongodb:
    image: "mongo:7-jammy"
    container_name: mongodb
    environment:
      - PUID=1000
      - PGID=1000
    volumes:
      - db:/data/db
    ports:
      - 27017:27017
    restart: unless-stopped
  minio:
    image: "minio/minio"
    command: server /data --address ":9000" --console-address ":9001"
    ports:
      - 9000:9000
      - 9001:9001
    volumes:
      - files:/data
    restart: unless-stopped
  elastic:
    image: "elasticsearch:7.14.2"
    command: |
      /bin/sh -c "./bin/elasticsearch-plugin list | grep -q ingest-attachment || yes | ./bin/elasticsearch-plugin install --silent ingest-attachment;
      /usr/local/bin/docker-entrypoint.sh eswrapper"
    volumes:
      - elastic:/usr/share/elasticsearch/data
    ports:
      - 9200:9200
    environment:
      - ELASTICSEARCH_PORT_NUMBER=9200
      - BITNAMI_DEBUG=true
      - discovery.type=single-node
      - ES_JAVA_OPTS=-Xms1024m -Xmx1024m
      - http.cors.enabled=true
      - http.cors.allow-origin=http://localhost:8082
    healthcheck:
      interval: 20s
      retries: 10
      test: curl -s http://localhost:9200/_cluster/health | grep -vq '"status":"red"'
    restart: unless-stopped
  account:
    image: hardcoreeng/account:v0.6.333
    ports:
      - 3001:3001
    environment:
      - SERVER_PORT=3001
      - SERVER_SECRET=NotMyActualSecretObviously
      - DB_URL=mongodb://mongodb:27017
      - TRANSACTOR_URL=ws://transactor:3333;wss://transact.huly.duti.dev
      - STORAGE_CONFIG=minio|minio?accessKey=minioadmin&secretKey=minioadmin
      - FRONT_URL=http://front:8080
      - MODEL_ENABLED=*
      - ACCOUNTS_URL=https://accounts.huly.duti.dev
      - ACCOUNT_PORT=3001
      - DISABLE_SIGNUP=true
    restart: unless-stopped
  workspace:
    image: hardcoreeng/workspace:v0.6.333
    environment:
      - SERVER_SECRET=NotMyActualSecretObviously
      - DB_URL=mongodb://mongodb:27017
      - MONGO_URL=mongodb://mongodb:27017
      - TRANSACTOR_URL=ws://transactor:3333;wss://transact.huly.duti.dev
      - STORAGE_CONFIG=minio|minio?accessKey=minioadmin&secretKey=minioadmin
      - MODEL_ENABLED=*
      - ACCOUNTS_URL=http://account:3001
      - NOTIFY_INBOX_ONLY=true
    restart: unless-stopped
  front:
    image: hardcoreeng/front:v0.6.333
    ports:
      - 8087:8080
    environment:
      - SERVER_PORT=8080
      - SERVER_SECRET=NotMyActualSecretObviously
      - ACCOUNTS_URL=https://accounts.huly.duti.dev
      - REKONI_URL=https://rekoni.huly.duti.dev
      - CALENDAR_URL=https://calendar.huly.duti.dev
      - GMAIL_URL=https://gmail.huly.duti.dev
      - TELEGRAM_URL=https://telegram.huly.duti.dev
      - UPLOAD_URL=/files
      - ELASTIC_URL=http://elastic:9200
      - COLLABORATOR_URL=wss://collab.huly.duti.dev
      - STORAGE_CONFIG=minio|minio?accessKey=minioadmin&secretKey=minioadmin
      - MONGO_URL=mongodb://mongodb:27017
      - TITLE=Huly Self Hosted
      - DEFAULT_LANGUAGE=en
      - LAST_NAME_FIRST=true
      - DISABLE_SIGNUP=true
    restart: unless-stopped
  collaborator:
    image: hardcoreeng/collaborator:v0.6.333
    ports:
      - 3078:3078
    environment:
      - COLLABORATOR_PORT=3078
      - SECRET=secret
      - ACCOUNTS_URL=http://account:3001
      - MONGO_URL=mongodb://mongodb:27017
      - STORAGE_CONFIG=minio|minio?accessKey=minioadmin&secretKey=minioadmin
    restart: unless-stopped
  transactor:
    image: hardcoreeng/transactor:v0.6.333
    ports:
      - 3333:3333
    environment:
      - SERVER_PORT=3333
      - SERVER_SECRET=NotMyActualSecretObviously
      - SERVER_CURSOR_MAXTIMEMS=30000
      - ELASTIC_URL=http://elastic:9200
      - ELASTIC_INDEX_NAME=huly_storage_index
      - DB_URL=mongodb://mongodb:27017
      - MONGO_URL=mongodb://mongodb:27017
      - METRICS_CONSOLE=false
      - METRICS_FILE=metrics.txt
      - STORAGE_CONFIG=minio|minio?accessKey=minioadmin&secretKey=minioadmin
      - REKONI_URL=http://rekoni:4004
      - FRONT_URL=https://huly.duti.dev
      - ACCOUNTS_URL=http://account:3001
      - LAST_NAME_FIRST=true
    restart: unless-stopped
  rekoni:
    image: hardcoreeng/rekoni-service:v0.6.333
    ports:
      - 4004:4004
    environment:
      - SECRET=NotMyActualSecretObviously
    deploy:
      resources:
        limits:
          memory: 500M
    restart: unless-stopped
volumes:
  db:
  files:
  elastic:
  etcd:
huly.duti.dev {
        log
        reverse_proxy 100.64.0.6:8087
}

(hulyoptions) {
        handle_path /* {
                @options {
                        method OPTIONS
                }
                header @options {
                        Access-Control-Allow-Origin "https://huly.duti.dev"
                        Access-Control-Allow-Methods "*"
                        Access-Control-Allow-Headers "*"
                        Access-Control-Allow-Credentials "true"
                }
                respond @options 204
        }
}

accounts.huly.duti.dev {
        log
        import hulyoptions
        reverse_proxy 100.64.0.6:3001
}

transact.huly.duti.dev {
        log
        import hulyoptions
        reverse_proxy 100.64.0.6:3333
}

rekoni.huly.duti.dev {
        log
        import hulyoptions
        reverse_proxy 100.64.0.6:4004
}
calendar.huly.duti.dev {
        log
        import hulyoptions
        reverse_proxy 100.64.0.6:8095
}

gmail.huly.duti.dev {
        log
        import hulyoptions
        reverse_proxy 100.64.0.6:8088
}
telegram.huly.duti.dev {
        log
        import hulyoptions
        reverse_proxy 100.64.0.6:8086
}
collab.huly.duti.dev {
        log
        import hulyoptions
        reverse_proxy 100.64.0.6:3078
}

Works nicely for the most part (some bugs with documents though)

@ja49619
Copy link
Contributor Author

ja49619 commented Nov 4, 2024

I just set mine up today.

@gptlang Thanks for reply. Your method looks a little strange. You need to create 7 new subdomains and forward 7 ports through the router. Is it safe? I think all microservices should be on localhost and proxied via the handle_path directive. Correct me if I'm wrong

@gptlang
Copy link

gptlang commented Nov 5, 2024

I think all microservices should be on localhost

I have a weird setup where the machine running the containers is not directly exposed to the internet. I route them through headscale/tailscale to a tiny VPS to expose things.

Is it safe?

It is equivalent to routing them through a single handle_path. However with handle_path, you also need to change the URL environment variables to prefix them such that things don't conflict.

e.g.

- ACCOUNTS_URL=https://accounts.huly.duti.dev

would become

- ACCOUNTS_URL=https://huly.duti.dev/_accounts

@Trevo525
Copy link

Trevo525 commented Dec 8, 2024

I just set mine up today.

version: "3"
services:
  mongodb:
    image: "mongo:7-jammy"
    container_name: mongodb
    environment:
      - PUID=1000
      - PGID=1000
    volumes:
      - db:/data/db
    ports:
      - 27017:27017
    restart: unless-stopped
  minio:
    image: "minio/minio"
    command: server /data --address ":9000" --console-address ":9001"
    ports:
      - 9000:9000
      - 9001:9001
    volumes:
      - files:/data
    restart: unless-stopped
  elastic:
    image: "elasticsearch:7.14.2"
    command: |
      /bin/sh -c "./bin/elasticsearch-plugin list | grep -q ingest-attachment || yes | ./bin/elasticsearch-plugin install --silent ingest-attachment;
      /usr/local/bin/docker-entrypoint.sh eswrapper"
    volumes:
      - elastic:/usr/share/elasticsearch/data
    ports:
      - 9200:9200
    environment:
      - ELASTICSEARCH_PORT_NUMBER=9200
      - BITNAMI_DEBUG=true
      - discovery.type=single-node
      - ES_JAVA_OPTS=-Xms1024m -Xmx1024m
      - http.cors.enabled=true
      - http.cors.allow-origin=http://localhost:8082
    healthcheck:
      interval: 20s
      retries: 10
      test: curl -s http://localhost:9200/_cluster/health | grep -vq '"status":"red"'
    restart: unless-stopped
  account:
    image: hardcoreeng/account:v0.6.333
    ports:
      - 3001:3001
    environment:
      - SERVER_PORT=3001
      - SERVER_SECRET=NotMyActualSecretObviously
      - DB_URL=mongodb://mongodb:27017
      - TRANSACTOR_URL=ws://transactor:3333;wss://transact.huly.duti.dev
      - STORAGE_CONFIG=minio|minio?accessKey=minioadmin&secretKey=minioadmin
      - FRONT_URL=http://front:8080
      - MODEL_ENABLED=*
      - ACCOUNTS_URL=https://accounts.huly.duti.dev
      - ACCOUNT_PORT=3001
      - DISABLE_SIGNUP=true
    restart: unless-stopped
  workspace:
    image: hardcoreeng/workspace:v0.6.333
    environment:
      - SERVER_SECRET=NotMyActualSecretObviously
      - DB_URL=mongodb://mongodb:27017
      - MONGO_URL=mongodb://mongodb:27017
      - TRANSACTOR_URL=ws://transactor:3333;wss://transact.huly.duti.dev
      - STORAGE_CONFIG=minio|minio?accessKey=minioadmin&secretKey=minioadmin
      - MODEL_ENABLED=*
      - ACCOUNTS_URL=http://account:3001
      - NOTIFY_INBOX_ONLY=true
    restart: unless-stopped
  front:
    image: hardcoreeng/front:v0.6.333
    ports:
      - 8087:8080
    environment:
      - SERVER_PORT=8080
      - SERVER_SECRET=NotMyActualSecretObviously
      - ACCOUNTS_URL=https://accounts.huly.duti.dev
      - REKONI_URL=https://rekoni.huly.duti.dev
      - CALENDAR_URL=https://calendar.huly.duti.dev
      - GMAIL_URL=https://gmail.huly.duti.dev
      - TELEGRAM_URL=https://telegram.huly.duti.dev
      - UPLOAD_URL=/files
      - ELASTIC_URL=http://elastic:9200
      - COLLABORATOR_URL=wss://collab.huly.duti.dev
      - STORAGE_CONFIG=minio|minio?accessKey=minioadmin&secretKey=minioadmin
      - MONGO_URL=mongodb://mongodb:27017
      - TITLE=Huly Self Hosted
      - DEFAULT_LANGUAGE=en
      - LAST_NAME_FIRST=true
      - DISABLE_SIGNUP=true
    restart: unless-stopped
  collaborator:
    image: hardcoreeng/collaborator:v0.6.333
    ports:
      - 3078:3078
    environment:
      - COLLABORATOR_PORT=3078
      - SECRET=secret
      - ACCOUNTS_URL=http://account:3001
      - MONGO_URL=mongodb://mongodb:27017
      - STORAGE_CONFIG=minio|minio?accessKey=minioadmin&secretKey=minioadmin
    restart: unless-stopped
  transactor:
    image: hardcoreeng/transactor:v0.6.333
    ports:
      - 3333:3333
    environment:
      - SERVER_PORT=3333
      - SERVER_SECRET=NotMyActualSecretObviously
      - SERVER_CURSOR_MAXTIMEMS=30000
      - ELASTIC_URL=http://elastic:9200
      - ELASTIC_INDEX_NAME=huly_storage_index
      - DB_URL=mongodb://mongodb:27017
      - MONGO_URL=mongodb://mongodb:27017
      - METRICS_CONSOLE=false
      - METRICS_FILE=metrics.txt
      - STORAGE_CONFIG=minio|minio?accessKey=minioadmin&secretKey=minioadmin
      - REKONI_URL=http://rekoni:4004
      - FRONT_URL=https://huly.duti.dev
      - ACCOUNTS_URL=http://account:3001
      - LAST_NAME_FIRST=true
    restart: unless-stopped
  rekoni:
    image: hardcoreeng/rekoni-service:v0.6.333
    ports:
      - 4004:4004
    environment:
      - SECRET=NotMyActualSecretObviously
    deploy:
      resources:
        limits:
          memory: 500M
    restart: unless-stopped
volumes:
  db:
  files:
  elastic:
  etcd:
huly.duti.dev {
        log
        reverse_proxy 100.64.0.6:8087
}

(hulyoptions) {
        handle_path /* {
                @options {
                        method OPTIONS
                }
                header @options {
                        Access-Control-Allow-Origin "https://huly.duti.dev"
                        Access-Control-Allow-Methods "*"
                        Access-Control-Allow-Headers "*"
                        Access-Control-Allow-Credentials "true"
                }
                respond @options 204
        }
}

accounts.huly.duti.dev {
        log
        import hulyoptions
        reverse_proxy 100.64.0.6:3001
}

transact.huly.duti.dev {
        log
        import hulyoptions
        reverse_proxy 100.64.0.6:3333
}

rekoni.huly.duti.dev {
        log
        import hulyoptions
        reverse_proxy 100.64.0.6:4004
}
calendar.huly.duti.dev {
        log
        import hulyoptions
        reverse_proxy 100.64.0.6:8095
}

gmail.huly.duti.dev {
        log
        import hulyoptions
        reverse_proxy 100.64.0.6:8088
}
telegram.huly.duti.dev {
        log
        import hulyoptions
        reverse_proxy 100.64.0.6:8086
}
collab.huly.duti.dev {
        log
        import hulyoptions
        reverse_proxy 100.64.0.6:3078
}

Works nicely for the most part (some bugs with documents though)

Do you still run this application? Are the bugs with documents still an issue? I am interested in spinning this up and I don't want to run nginx if possible as I already run caddy. But, I want to give huly the benefit of the doubt and not add unnecessary bugs.

@gptlang
Copy link

gptlang commented Dec 9, 2024

It's still running. Documents have been fixed with an update.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Trevo525 @Pukimaa @ja49619 @gptlang