Need help setting up swag with duckdns

I come from no place of authority on the matter but maybe SWAG does not like the port redirects? [450:443].

Also, out of curiosity, what are you trying to access? Did you add /modify the .conf file? (nextcloud.subdomain.conf) for example?

I wonder though, doesn't the/a config file redirect it? I mean yeah SWAG is a redirect etc..

For fun, edit a config file and try to load it, see if the SWAG menu come sup, or the correct link. Also, I would use IP instead of app name.

My point being.

If I type in a WORKING config, I get redirected to it

If I type in a WORKING BUT DOWN config, it redirects me to the SWAG page

If I make up a name, that has no config, and I try to go to it [x.duckdns.org] I do not see SWAG page, I get page could not be displayed, which makes me thing SWAG depends on a config?

Again, I am just throwing idears out there.

Zitat von dragonpuff

changed the ports, still no change

I didnt modify the conf file yet.
I dont even get the swag page when typing in my domain, so I thought I should fix this first

Are trying to access from your LAN? If you trying to check your domain redirections from your lan, it will not work. Domain access relies on dns to redirect to your wan IP, which your router then answers and directs to the reverse proxy, which in turn directs to the hosted web page. ISPs do not allow for this kind of “hairpin” connection.

You have to check from the internet via a computer somewhere else or from the cel phone network.

The only way checking domain access can work from your lan is by employing a local dns server or doing a hosts file edit on a computer, as this will bypass an internet dns server and your router, but the ultimate test is from the afore mentioned cel network or computer in another place.

Zitat von dragonpuff

Alright, so I managed to get the SWAG instance page (I edited the config files like fbeye said and then rebooted)
but still no response from the domain (tried using my phone on my cel network)..

log files seem to be fine though

Can you post said .config file and then verify those ports are the correct ports associated with the host/docker?

Well, now that BernH has come, I will end my assistance cause I am not as familiar with this stuff as these guys.

What container are you trying to access? Is the container name correct for the domain name?

ie. if the container is jellyfin, you would use jellyfin.[your_domain].duckdns.org (note the container name and the subdomain have to match)

The other point to make is that this all relies on swag and the hosted containers all being on the same docker network.

I don't see any network declarations on your swag compose, so it would be on it's own swag-default network, likewise if your other services were created the same way they will all be on their own network. In order to place them on the same network you have to add a network declaration to them or build them all in one stack.

the network declaration looks like this and can be added to the end of a stack, where the #... portion is the existing stack:

services:
  # ...
networks:
  network1:
    name: my-pre-existing-network
    external: true

If you build them all in the same stack, it would look like this:

services:

  swag:
    # swag stack ...
  
  jellyfin:
    # jellyfin stack ...

What are you using to deply these? If you are using portainer, you can also easily join an existing network from the portainer UI.

I personally prefer building larger multi-container stacks myself just so I don't have to think about the network assignments but either method works.

Here is a link to the docker compose network reference page:

Networking in Compose

Have you either copied the config files to the enabled folder or made a symlink in that folder pointing to the edited file? Only things in the enabled folder are hosted, and a swag restart is required after making the changes in order for it to see them.

Zitat von fbeye

Can you post said .config file and then verify those ports are the correct ports associated with the host/docker?

Well, now that BernH has come, I will end my assistance cause I am not as familiar with this stuff as these guys.

No need to go away.

I don't use swag myself as you know. I use ngnx-proxy-manager because of the docker/vm/lxc/other physical system mixed environment I have, but the basic principals of docker are the same.

Zitat von dragonpuff

i added them all onto the same stack, but still doesnt work (restarted afterwards0

I dont really know what that means... (again im new to all of this)

Sorry,

I think I may have been mistaken on that. I was thinking straight up nginx or apache. Swag just requires renaming or copying them to remove the .sample from the end to activate them. It has been years since I looked at swag and had forgotten about that change. So I guess the question is, did you rename it to remove the .sample?

Also, I just had another look at the stack you posted aboive and noticed this:

volumes:
- /srv/dev-disk-by-uuid-01D961689E58E7E0/configuration/swag:/config

That doesn't look like the UUID of a linux file system. What is the drive formatted as? If it isn't a native linux file system, you may be having permissions issues that are keeping things from working. Non-linux file systems can't handle linux permissions and ownership

A normal linux type of file system UUID looks like this:

/srv/dev-disk-by-uuid-4d26adbd-029a-4d74-a81f-c69bf193a099

You will likely have a lot more problems on ntfs because it does not handle linux permissions and ownership, which is something that linux needs to operate correctly.

Your qbittorrent and jellyfin were probably not working before because you had not set appropriate puid and pgid in the dockers, so they were trying to operate as an incorrect user.

It is very likely you will not be able to make anything work correctly if you are not on a linux native filesystem such as ext4 or xfs

Zitat von dragonpuff

Well I managed to get Nextcloud to work localy (typing my-ipaddress/nextcloud) but domain doesn't work...
Could that be because of the file system?

If it works by IP it works, but permissions could still be an issue if you are still using an ntfs drive. Nextcloud is a linux application and requires linux permissions for proper control of files.

The domain access requires router port forwarding, a domain updater, and if you want a proper setup, reverse proxy and encryption. You can't access using a domain from inside you house unless you have a local dns server/forwarder or edit your hosts file on your computer (not the server) to hard do that domain level access to it never leaves your lan. That is just how dns and domains work. Domain access has to come from the internet normally if there is no local dns or hosts edit.

There are guides posted in the forum on how to do all of this internet domain access with swag. Look in the guides section. If you don't want to use swag, I posted nginx proxy manager instructions here:

Beitrag

RE: My OMV got hacked, I need help

[…]

I use nginx-proxy-manager. I have no problems helping you or anyone else with the setup if I can, by supplying some info. I have no idea about using authelia with it though. I have never tried it.

The basic setup is fairly simple though.

Put it in the same docker network as your docker service that you want to expose.
The host is then set up using HTTP [container name] port.
I recommend enabling the block common exploits option.
The cache assets is optional, but this allows npm to cache static…

BernH

29. März 2023

local dns can be done with some routers, or using something like dnsmasq or pihole, but that is a whole other setup requiring some custom configuration on your router and/or your computers and other devices.