When Changing Manager Port Map does not Work anymore

Hi all,

I have installed my first openremote Server. As I have not a log of Internet IP’s I need to change the Manager Port to 8443.
I have set the following in my docker-compose.yml.
ports:
- “80:80”
- “8443:443”
- “8883:8883”

and
KEYCLOAK_FRONTEND_URL: ${KEYCLOAK_FRONTEND_URL:-https://iotserver.securexperts.net:8443/auth}

Everything is working except I cannot see any map.

Any Suggestions?

Many Thanks

Roman

Hi Roman,

This is a nice bug you found :slight_smile: I guess we never tried it before. It seems to be a bug embedded in the openremote/proxy image and I could easily reproduce it. A good news is that it is very easy to fix, simply use a different proxy image instead. I’ve switched it to caddy and now the map is displaying OK. Here is a change in docker-compose.yml:

volumes:
  caddy-data:

services:

  proxy:
#    image: openremote/proxy:${PROXY_VERSION:-2.1.2.2}
    image: caddy
    restart: always
    depends_on:
      manager:
        condition: service_healthy
    ports:
      - "80:80"
      - "8443:443"
      - "8883:8883"
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile
      - caddy-data:/data
    environment:
      DOMAINNAME: ${DOMAINNAME:-localhost}

For this to work you need also Caddyfile in local dir. Here is mine:

{$DOMAINNAME}

reverse_proxy /* manager:8080
reverse_proxy /auth/* keycloak:8080
1 Like

Hi,
Thanks for your quick answer. Good news and I just tried on my installation. Now even my Certificates are OK and Recognized.

I still have a problem. now it’s showing a complete white page, not even the Login comes up…
Here are my two Config files… Somhow I do something wrong

===CaddyFile===

{$DOMAINNAME}

tls /etc/certs/securexperts.net.pem /etc/certs/securexperts.net-key.pem
reverse_proxy /* manager:8443
reverse_proxy /auth/* keycloak:8443

===Docker_compose.yml===

version: '2.4'

volumes:
  temp-data:
  caddy-data:

services:

  proxy:
    image: caddy:latest
    restart: always
    depends_on:
      manager:
        condition: service_healthy
    ports:
      - "80:80"
      - "8443:443"
      - "8883:8883"
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile
      - ./certs:/etc/certs
      - caddy-data:/data 
    environment:
      DOMAINNAME: ${DOMAINNAME:-securexperts.net}

  postgresql:
    restart: always
    image: openremote/postgresql:${POSTGRESQL_VERSION:-9.6.21.0}
    volumes:
      - temp-data:/tmp

  keycloak:
    restart: always
    image: openremote/keycloak:${KEYCLOAK_VERSION:-13.0.1.0}
    depends_on:
      postgresql:
        condition: service_healthy
    environment:
      KEYCLOAK_FRONTEND_URL: ${KEYCLOAK_FRONTEND_URL:-https://iotserver.securexperts.net:8443/auth}
      KEYCLOAK_PASSWORD: ${SETUP_ADMIN_PASSWORD:-secret}

  manager:
    restart: always
    image: openremote/manager:${MANAGER_VERSION:-latest}
    depends_on:
      keycloak:
        condition: service_healthy
    environment:
      DEV_MODE: ${DEV_MODE:-false}
      SETUP_ADMIN_PASSWORD: ${SETUP_ADMIN_PASSWORD:-secret}
    volumes:
      - ./deployment:/deployment

Try to see what is in logs - docker-compose logs

BTW, you don’t need any own certs for caddy as it generates them automatically from let’s encrypt. Moreover, $DOMAINNAME should include also the hostname as in $KEYCLACK_FRONT_URL, so it should be iotserver.securexperts.net in your example. And it should have a valid DNS entry as right now it has not:

 > nslookup iotserver.securexperts.net 8.8.8.8
Server:		8.8.8.8
Address:	8.8.8.8#53

** server can't find iotserver.securexperts.net: NXDOMAIN

Thanks for bringing this to our attention; the problem ultimately was in our manager and not correctly processing the X-Forwarded-Host header which contains the port as well as host, anyway. I’ve resolved this in a recent commit and in the process I’ve cleaned up some environment variable names, see the README for details:

Hi Rich,

Now it works like a charm. The full manager Frontent is working
I tried to add a Weather value like in the documentation but get allways errors like this

Failed to link attribute ‘AttributeRef{id=‘7KY8SvvT2I2WfilZqRxyDD’, name=‘weatherData’}’ to protocol: HTTP Client[https://api.openweathermap.org/data/2.5] – java.lang.ClassCastException: org.openremote.model.asset.agent.AgentLink$Default cannot be cast to org.openremote.agent.protocol.http.HttpClientAgent$HttpClientAgentLink

Could this also be linked to the Port redirection or is it somehow something wrong in my configuration?

My config falls back tfrom HTTPClientAgentLink to Default like in another Post in this forum.

Thanks for a quick reply

Roman

Hi,

Glad to hear you managed to get it working with the updates.

The problem you are referring to is a deserialisation issue and suggests an error in your AgentLink json.

Are you sure you have a type key in your AgentLink json with the correct value:

{
   "type": "HTTPAgentLink",
   ...
}

Case is important.

Hi, Yes This is what I enter:

{
  "type": "HTTPAgentLink",
  "id": "123OskfXwyqm658Ei321",
  "queryParameters": {
"q": [
  "Rotterdam,nl"
],
"units": [
  "metric"
]
  },
  "pollingMillis": 60000,
  "path": "weather"
}

but This wil be desplied, when I reopen it:

{
“type”: “Default”,
“id”: “3kZIOskfXwyqm658EiA1Yj”
}

Sorry would like to upload a Picture but Access is denied for me :frowning:

Hi,

Just tried exactly what you pasted and the AgentLink saved ok and was still there when I reopened it.

Are you sure you have the latest openremote/manager docker image?

Can you try again please? We had misconfigured permissions and you were unfortunately a guinea pig to test it :wink: