diff --git a/new-backend/Dockerfile.tunnel-only-v2 b/new-backend/Dockerfile.tunnel-only-v2 new file mode 100644 index 0000000..1d08333 --- /dev/null +++ b/new-backend/Dockerfile.tunnel-only-v2 @@ -0,0 +1,24 @@ +# Tunnel-only Dockerfile V2 - Uses localhost with host network mode +FROM alpine:latest + +# Install wget to download cloudflared +RUN apk update && apk add --no-cache wget ca-certificates + +# Get cloudflared directly from GitHub +RUN wget -O cloudflared https://github.com/cloudflare/cloudflared/releases/download/2023.5.0/cloudflared-linux-amd64 && \ + chmod +x cloudflared && \ + mv cloudflared /usr/local/bin/ + +# Create directories for cloudflared +RUN mkdir -p /etc/cloudflared + +# Copy the certificate file and config +COPY cert.pem /etc/cloudflared/cert.pem +COPY credentials.json /etc/cloudflared/credentials.json +COPY config.tunnel-only-v2.json /etc/cloudflared/config.json + +# Setup DNS routing for the tunnel (only needs to be done once) +RUN cloudflared tunnel route dns 5d2682ef-0b5b-47e5-b0fa-ad48968ce016 api.ishikabhoyar.tech || echo "DNS routing already set up or failed - continuing anyway" + +# Run cloudflared tunnel +CMD ["cloudflared", "tunnel", "--config", "/etc/cloudflared/config.json", "run"] diff --git a/new-backend/TUNNEL-CONNECTION-FIX.md b/new-backend/TUNNEL-CONNECTION-FIX.md new file mode 100644 index 0000000..d270675 --- /dev/null +++ b/new-backend/TUNNEL-CONNECTION-FIX.md @@ -0,0 +1,123 @@ +# Tunnel Connection Options - Troubleshooting Guide + +## The Problem +When the tunnel runs in Docker and tries to reach your backend on the host, there are different ways to address the host machine. The method that works depends on your Docker setup. + +## Solution 1: Direct Bridge IP (config.tunnel-only.json) ✅ WORKING + +**Files:** +- `Dockerfile.tunnel-only` +- `docker-compose.tunnel-only.yml` +- `config.tunnel-only.json` (updated to use `172.18.0.1:9090`) + +**How it works:** +- Uses the Docker bridge network IP directly +- You verified this works: `curl 172.18.0.1:9090` ✅ + +**Usage:** +```bash +docker-compose -f docker-compose.tunnel-only.yml up --build +``` + +**Config:** +```json +"service": "http://172.18.0.1:9090" +``` + +## Solution 2: Host Network Mode (NEW - Recommended for Linux) + +**Files:** +- `Dockerfile.tunnel-only-v2` +- `docker-compose.tunnel-only-v2.yml` +- `config.tunnel-only-v2.json` (uses `localhost:9090`) + +**How it works:** +- Container runs in host network mode +- Can access `localhost:9090` directly as if running on host + +**Usage:** +```bash +docker-compose -f docker-compose.tunnel-only-v2.yml up --build +``` + +**Config:** +```json +"service": "http://localhost:9090" +``` + +**Note:** Host network mode works best on Linux. May have limitations on Windows/Mac. + +## Quick Test Guide + +### 1. Rebuild and restart with updated config (Solution 1) +```bash +# Stop current tunnel +docker-compose -f docker-compose.tunnel-only.yml down + +# Rebuild with updated config (now uses 172.18.0.1) +docker-compose -f docker-compose.tunnel-only.yml up --build +``` + +### 2. Or try host network mode (Solution 2) +```bash +docker-compose -f docker-compose.tunnel-only-v2.yml up --build +``` + +## Expected Success Output +``` +INF Registered tunnel connection connIndex=0 connection=xxx event=0 ip=xxx location=bom protocol=http2 +INF Registered tunnel connection connIndex=1 connection=xxx event=0 ip=xxx location=bom protocol=http2 +INF Registered tunnel connection connIndex=2 connection=xxx event=0 ip=xxx location=bom protocol=http2 +INF Registered tunnel connection connIndex=3 connection=xxx event=0 ip=xxx location=bom protocol=http2 +``` + +**No "Unable to reach the origin service" errors!** + +## Test the Connection + +### From outside Docker (your current working test): +```bash +curl 172.18.0.1:9090 +# Should return: Monaco Code Execution Server v1.0.0 +``` + +### From the tunnel (once running): +```bash +# Test via the public URL +curl https://api.ishikabhoyar.tech +``` + +## Troubleshooting + +### If Solution 1 still doesn't work: +1. Check if Docker bridge IP changed: + ```bash + docker network inspect bridge | grep Gateway + ``` +2. Update `config.tunnel-only.json` with the correct IP + +### If Solution 2 doesn't work: +- Host network mode may not be fully supported on your OS +- Fall back to Solution 1 with correct bridge IP + +### Check tunnel logs: +```bash +docker-compose -f docker-compose.tunnel-only.yml logs -f +``` + +### Verify backend is accessible from Docker: +```bash +docker run --rm alpine/curl:latest curl http://172.18.0.1:9090 +``` + +## Summary + +**Current Status:** ✅ Config updated to use `172.18.0.1:9090` + +**Next Step:** Rebuild and restart the tunnel: +```bash +docker-compose -f docker-compose.tunnel-only.yml down +docker-compose -f docker-compose.tunnel-only.yml up --build +``` + +The tunnel should now successfully connect to your backend! 🎉 diff --git a/new-backend/config.tunnel-only-v2.json b/new-backend/config.tunnel-only-v2.json new file mode 100644 index 0000000..7722624 --- /dev/null +++ b/new-backend/config.tunnel-only-v2.json @@ -0,0 +1,15 @@ +{ + "tunnel": "5d2682ef-0b5b-47e5-b0fa-ad48968ce016", + "credentials-file": "/etc/cloudflared/credentials.json", + "ingress": [ + { + "hostname": "api.ishikabhoyar.tech", + "service": "http://localhost:9090" + }, + { + "service": "http_status:404" + } + ], + "protocol": "http2", + "loglevel": "info" +} diff --git a/new-backend/config.tunnel-only.json b/new-backend/config.tunnel-only.json index 1cd3a79..a247078 100644 --- a/new-backend/config.tunnel-only.json +++ b/new-backend/config.tunnel-only.json @@ -4,7 +4,7 @@ "ingress": [ { "hostname": "api.ishikabhoyar.tech", - "service": "http://host.docker.internal:9090" + "service": "http://172.18.0.1:9090" }, { "service": "http_status:404" diff --git a/new-backend/docker-compose.tunnel-only-v2.yml b/new-backend/docker-compose.tunnel-only-v2.yml new file mode 100644 index 0000000..2ad493a --- /dev/null +++ b/new-backend/docker-compose.tunnel-only-v2.yml @@ -0,0 +1,11 @@ +services: + tunnel: + build: + context: . + dockerfile: Dockerfile.tunnel-only + restart: unless-stopped + # Use host network mode to directly access localhost:9090 + network_mode: "host" + environment: + - TUNNEL_ORIGIN_CERT=/etc/cloudflared/cert.pem + - NO_AUTOUPDATE=true