Failed to access docker based node-solid-server remotely

Following the instructions provided in https://github.com/solid/node-solid-server/blob/master/README.md#use-docker, I’m trying to setup docker based solid-server in my VPS to have a try.

The server is running and I can curl it successfully in localhost. However when I access it remotely I get “404 Not Found”. Meanwhile I can telnet to the remote ip:port.

Not sure what’s the matter with my deployment. Could anybody help?

I guess I need more info to be able to help.

Did you configure the correct (public) serverUri? What port is your server running on? What curl commands did you try? Is there a reverse proxy in between?

I didn’t configure a serverUri. Just access it directly with public ip+port.

It’s running on 8443, and I curl it with curl -k https://localhost:8443.

There is no reverse proxy.

Just noticed that the docker process is listening on tcp6, and curl with curl -k 127.0.0.1:8443 failed like remote access. Maybe that’s the problem?

root@xxx:~# curl -I -k https://localhost:8443
HTTP/1.1 401 Unauthorized
X-Powered-By: solid-server
Vary: Accept, Authorization, Origin
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Authorization, User, Location, Link, Vary, Last-Modified, ETag, Accept-Patch, Accept-Post, Updates-Via, Allow, WAC-Allow, Content-Length, WWW-Authenticate
Allow: OPTIONS, HEAD, GET, PATCH, POST, PUT, DELETE
Link: <.acl>; rel="acl", <.meta>; rel="describedBy", <http://www.w3.org/ns/ldp#Container>; rel="type", <http://www.w3.org/ns/ldp#BasicContainer>; rel="type"
WWW-Authenticate: Bearer realm="https://localhost:8443", scope="openid webid"
Content-Type: text/html; charset=utf-8
Content-Length: 931
ETag: W/"3a3-Vl2/OEszkJiyFXJbo/jVIeUC0"
Date: Thu, 29 Nov 2018 08:42:36 GMT
Connection: keep-alive
root@xxx:~# curl -I -k https://127.0.0.1:8443
HTTP/1.1 404 Not Found
X-Powered-By: solid-server
Vary: Accept, Authorization, Origin
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Authorization, User, Location, Link, Vary, Last-Modified, ETag, Accept-Patch, Accept-Post, Updates-Via, Allow, WAC-Allow, Content-Length, WWW-Authenticate
Allow: OPTIONS, HEAD, GET, PATCH, POST, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Content-Length: 9
ETag: W/"9-0gXL1ngzMISxa6S1zx3F4wtLyg"
Date: Thu, 29 Nov 2018 08:42:44 GMT
Connection: keep-alive

Still not working after binding to IPv4 only.

root@xxx:~/projects/solid-server/tools# netstat -ntpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:20145           0.0.0.0:*               LISTEN      558/sshd
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      460/systemd-resolve
tcp        0      0 <my public ip>:8443      0.0.0.0:*               LISTEN      15340/docker-proxy
root@xxx:~/projects/solid-server/tools# curl -I -k https://<my public ip>:8443
HTTP/1.1 404 Not Found
X-Powered-By: solid-server
Vary: Accept, Authorization, Origin
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Authorization, User, Location, Link, Vary, Last-Modified, ETag, Accept-Patch, Accept-Post, Updates-Via, Allow, WAC-Allow, Content-Length, WWW-Authenticate
Allow: OPTIONS, HEAD, GET, PATCH, POST, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Content-Length: 9
ETag: W/"what's this"
Date: Thu, 29 Nov 2018 08:56:41 GMT
Connection: keep-alive

root@xxx:~# curl -I -k https://localhost:8443
HTTP/1.1 401 Unauthorized

curl -I -k https://127.0.0.1:8443
HTTP/1.1 404 Not Found

So, a request against localhost returns 401 and to the localhost IP it returns 404? both requests from the machine itself? Sounds odd

Could you try

curl -I -k -H "Host: localhost" https://<your-public-ip>:8443/

I think the docker process bind with IPv6 address by default which cause

curl -I -k https://127.0.0.1:8443
HTTP/1.1 404 Not Found
root@xxx:~/projects/solid-server/tools# curl -I -k -H "Host: localhost" https://xxxx:8443/
HTTP/1.1 401 Unauthorized
X-Powered-By: solid-server
Vary: Accept, Authorization, Origin
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Authorization, User, Location, Link, Vary, Last-Modified, ETag, Accept-Patch, Accept-Post, Updates-Via, Allow, WAC-Allow, Content-Length, WWW-Authenticate
Allow: OPTIONS, HEAD, GET, PATCH, POST, PUT, DELETE
Link: <.acl>; rel="acl", <.meta>; rel="describedBy", <http://www.w3.org/ns/ldp#Container>; rel="type", <http://www.w3.org/ns/ldp#BasicContainer>; rel="type"
WWW-Authenticate: Bearer realm="https://localhost:8443", scope="openid webid"
Content-Type: text/html; charset=utf-8
Content-Length: 926
ETag: W/"xxx"
Date: Thu, 29 Nov 2018 12:15:28 GMT
Connection: keep-alive

The docker command I use is
root 15874 1122 0 12:09 ? 00:00:00 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 8443 -container-ip 172.17.0.2 -container-port 8443

You can see it’s bind to tcp6

root@xxx:~/projects/solid-server/tools# netstat -ntpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:8388            0.0.0.0:*               LISTEN      577/python
tcp        0      0 0.0.0.0:20145           0.0.0.0:*               LISTEN      558/sshd
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      460/systemd-resolve
tcp6       0      0 :::20145                :::*                    LISTEN      558/sshd
tcp6       0      0 :::8443                 :::*                    LISTEN      15874/docker-proxy

I do not think it is an IP v4 vs v6 problem, because you do get a HTTP response. I think it is a proxy error because you get 404.

I am not sure what this does exactly, and why you use it, but it seems to be a proxy: :wink:

Ah, ok, I guess this is the process you grepped and not the actual command you run?

Ok, I could reproduce the problem now.

The serverUri in config.json must match the URI you use to access it. So if you curl anything else than localhost:8443 it does not work, because this is what is in your config.json. Change it to your public IP or better domain.

Besides that, I do not get the impression, that the Dockerfile in the solid-node-server project is meant to be used for production. I guess it is for development only.

Perhaps someone of the dev team can say something about that?

Thanks @aveltens!
That’s the problem. I didn’t realize the importance of serverUri so it was kept default as https://localhost:8443. I can access it after modifying localhost to my public IP.
Thank you!

1 Like