this post was submitted on 18 Apr 2025
22 points (100.0% liked)

Selfhosted

52506 readers
2079 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

Hey all. I'm hosting a Docmost server for myself and some friends. Now, before everyone shouts "VPN!" at me, I specifically want help with this problem. Think of it as a learning experience.

The problem I have is that the Docmost server is accessible over internet and everyone can log on and use it, it's working fine. But when I try to access over LAN, it won't let me log in and I am 99% sure it's related to SSL certs over LAN from what I've read.

Here's the point I've gotten to with my own reading on this and I'm just stumped now:

I've got an UNRAID server hosted at 192.186.1.80 - on this server, there's a number of services running in docker containers. One of these services is Nginx Proxy Manager and it handles all my reverse proxying. This is all working correctly.

I could not for the life of me get Docmost working as a docker container on UNRAID, so instead I spun up a VM and installed it on there. That's hosted at 192.168.1.85 and NPM points to it when you try to access from docmost.example.com - that's all dandy.

Then, I installed Adguard Home in a docker container on my UNRAID server. I pointed my router at Adguard as a DNS server, and it seems to me that it's working fine. Internet's not broken and Adguard Home is reporting queries and blocks and all that good stuff. So that's all still working as it should, as far as I'm aware.

So, in Adguard Home I make a DNS Rewrite entry. I tell it to point docmost.example.com to 192.168.1.80, where NPM should be listening for traffic and reverse proxy me to the Docmost server... at least I thought that's what should happen, but actually nothing happens. I get a connection timed out error.

I'm still pretty new to a lot of this stuff and have tried to figure out a lot of things on my own, but at this point I feel stuck. Does anyone have advice or tips on how I can get this domain to resolve locally with certs?

I can provide more info if needed.

Cheers all!

Edited 19 April 2025 to add: Thanks for all the tips and suggestions everyone. I'm not 100% sure I fully wrap my head around what was going on here, but I did end up getting something working. I am going to continue looking into alternative solutions if only for educational purposes.

For anyone in future land who stumbles on this looking for help with a similar issue...

I'm not 100% sure what did end up fixing the issue, but I'll remark on some things I did here. Check my comments in threads below to see troubleshooting steps and advice from others.

This bit is specific to Docmost itself, but I ended up switching the APP_URL variable from https to http. This change allowed me to login to Docmost over LAN using the IP:Port of the service itself, though my browser was of course warning me that the connection was not secure.

It may be just because I restarted my PC between tries, but upon trying it again tonight, the domain resolved when I entered it into my browser... but the issue now was that it was just going to the UNRAID login page rather than getting proxied by Nginx (which as a reminder, runs in a container on UNRAID system).

So I decided to spin up a different Nginx Proxy Manager container running in a VM on a different local IP, and pointed my Adguard Home DNS rewrite entry to that IP instead of the UNRAID system. Once I configured the NPM at that IP to proxy the address to Docmost's IP:Port, voila! It worked! My friends were able to access Docmost at docmost.example.com and I was also able to access it at the same URL on my local network, and we were using the service simultaneously without issue.

you are viewing a single comment's thread
view the rest of the comments
[–] Zwuzelmaus@feddit.org 5 points 6 months ago (1 children)

I tell it to point docmost.example.com to 192.168.1.80, [...] but actually nothing happens. I get a connection timed out error.

I suggest to collect more info about this "nothing".

ping from your PC on the inside to the name docmost.example.com

ping from your PC on the inside to the number 192.168.1.80

traceroute from your PC on the inside to the name docmost.example.com

traceroute from your PC on the inside to the number 192.168.1.80

Then do the same in the reverse direction: from that docker container to your PC.

Maybe traceroute shows you some stations on the route. Then do the same from this station.

Write down the results thoroughly.

[–] iAmTheTot@sh.itjust.works 3 points 6 months ago (1 children)

Thanks for the suggestions.

Ping from PC to docmost.example.com: Pings fine, packet loss.

Ping from PC to 192.168.1.80: Pings fine, no packet loss.

Traceroute from PC to docmost.example.com: 1 hop, all <1 ms, to 192.168.1.80

Traceroute from PC to 192.168.1.80: 1 hop, all <1 ms

Ping from Nginx container to PC: Pings fine, no packet loss.

Traceroute from Nginx container to PC: Hops to 172.18.0.1 in <1ms, and then it times out on subsequent hops.

I decided to try to traceroute from my PC to 172.18.0.1 and 172.18.0.9 which is the actual IP of the Nginx container according to UNRAID, and in both cases they hop to 192.168.1.254 which is my router, and then all subsequent hops time out.

Do you know why pings would go through without any loss but traceroutes would fail? Any idea what's going on here?

[–] Zwuzelmaus@feddit.org 3 points 6 months ago

Now you know that the problem is not your DNS.

It is either your routing or firewalling.