Using neko-rooms with nginx

[mwllgr]

Hello, how can I use this project with nginx?
I'm using the neko reverse proxy configuration, however, with neko-rooms I only get a 404 not found.

I started the server using the .http.yml file.

[m1k1o]

Hello,

traefik still needs to be running to forward traffic to rooms. You can put nginx in front of that, but not replace that. Your domain name specified for traefik has to match your proxy's output domain. Currently, there is no support for custom paths (so you cannot host your neko-rooms on example.com/neko-rooms/ but it needs own subdomain e.g. neko-rooms.example.com).

[m1k1o]

Example working configuration. Internal domain name is only traefik, what is also name of the service.

version: "3.7"

networks:
  default:
    attachable: "true"
    name: "neko-rooms-traefik"

services:
  traefik:
    image: "traefik:2.4"
    restart: "unless-stopped"
    environment:
      - "TZ=Europe/Vienna"
    command:
      - "--providers.docker=true"
      - "--providers.docker.watch=true"
      - "--providers.docker.exposedbydefault=false"
      - "--providers.docker.network=neko-rooms-traefik"
      - "--entrypoints.web.address=:8080"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"

  neko-rooms:
    image: "m1k1o/neko-rooms:latest"
    restart: "unless-stopped"
    environment:
      - "TZ=Europe/Vienna"
      - "NEKO_ROOMS_EPR=59000-59049"
      - "NEKO_ROOMS_NAT1TO1=10.8.0.1" # IP address of your server
      - "NEKO_ROOMS_TRAEFIK_DOMAIN=traefik" # traefik domain (name of the service)
      - "NEKO_ROOMS_TRAEFIK_ENTRYPOINT=web"
      - "NEKO_ROOMS_TRAEFIK_NETWORK=neko-rooms-traefik"
      - "NEKO_ROOMS_INSTANCE_URL=https://10.8.0.1:8080/" # external URL
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
    labels:
      - "traefik.enable=true"
      - "traefik.http.services.neko-rooms-frontend.loadbalancer.server.port=8080"
      - "traefik.http.routers.neko-rooms.entrypoints=web"
      - "traefik.http.routers.neko-rooms.rule=Host(`traefik`)" # traefik domain (name of the service)

  #
  # This should be replaced by your own existing nginx instance
  #

  nginx:
    image: "nginx"
    restart: "unless-stopped"
    environment:
      - "TZ=Europe/Vienna"
    ports:
      - "8080:80"
    volumes:
      - "./nginx.conf:/etc/nginx/conf.d/default.conf:ro"

Nginx config:

server {
    listen 80;

    location / {
        proxy_pass http://traefik:8080; # traefik domain (name of the service)
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_read_timeout 86400;
    }
}

Edit: added NEKO_ROOMS_INSTANCE_URL
Edit2: Proper nginx config for WebSockets.

[mwllgr]

Got it, thank you. When creating the room I have another error now:

Error response from daemon: OCI runtime create failed: container_linux.go:367: starting container process caused: process_linux.go:495: container init caused: write sysctl key kernel.domainname: open /proc/sys/kernel/domainname: permission denied: unknown

I suspect LXC (I'm using Proxmox) to be the culprit here. It's weird that all other docker containers work... keyctl and nesting is enabled on the Proxmox host.

[m1k1o]

I'm using Proxmox VM, and it is working fine for me. Let me try it with LXC.

[m1k1o]

I was able to reproduce the issue. As this article suggests, removing custom hostname from container spec indeed solves the issue. Having custom domainname for a container is not an essential feature, so I am removing it in next commit in favor of compatibility.

[mwllgr]

Wow, you're fast! Thank you.