Comment

Comment on Help with 504 Error and UFW+NPM Setup on AlphaVPS

Docker completely ignores UFW rules. If you check your ip tables you’ll see docker rules are put in before UFW. For the 504 though, it sounds like traffic is not getting to NPM. Have you routed ports 80 and 443 to the docker container?

source

Sort:hotnew top

Tiritibambix@lemmy.ml ⁨3⁩ ⁨weeks⁩ ago
Thanks for your answer.

So if Docker completely ignores UFW rules, how am I supposed to protect my VPS ? I’ve never done this before and I’m puzzled.

As for NPM, here’s the “ports” part of my docker-compose

ports: - '80:80' - '81:81' #GUI - '443:443'
source
- tux7350@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
  The rules still apply to the host, just not inside the container. Docker is just ignoring the rules. If you block all ports but then have port 81 open like you do in that section of docker compose, you would think that UFW would block docker but thats not the case. Going to yourip:81 will show then NPM gui, even if you specifically use ufw to block 81. If you only expose port 80 and 443, you should be fine. Your NPM container would have to be compromised then they would have to break out of the container.
  
  Also I think your issue is with your DNS. You should have an A record for the IP pointing to example.com and then a CNAME record pointing to sub.example.com
  
  source