Hello everyone,
I know there are already one or the other topic about OpenWRT as Docker host and with Internet problems in the container but they are already a little ago and I do not know if it is exactly the same problem with me.
I have the following goal. Install Docker in OpenWRT for exactly one container - Nginx Proxy Manager.
Here's what I've done so far:
Install docker:
opkg install docker dockerd docker-compose
My OpenWRT is 23.5 and my docker version is:
Client:
Version: 24.0.5
API version: 1.43
Go version: go1.21.5
Git commit: ced0996
Built: Mon Jan 29 09:41:19 2024
OS/Arch: linux/arm64
Context: default
Server:
Engine:
Version: 24.0.5
API version: 1.43 (minimum version 1.12)
Go version: go1.21.5
Git commit: a61e2b4
Built: Mon Jan 29 09:41:19 2024
OS/Arch: linux/arm64
Experimental: false
containerd:
Version: 1.7.1
GitCommit:
runc:
Version: 1.1.8
GitCommit:
docker-init:
Version: 0.19.0
GitCommit: de40ad0
Installed Nginx proxy manager with docker-compose as desired:
version: '3'
services:
app:
image: 'jc21/nginx-proxy-manager:latest'
restart: always
ports:
- '8080:80'
- '8081:81'
- '8443:443'
volumes:
- /opt/docker/containers/nginx-proxy/data:/data
- /opt/docker/containers/nginx-proxy/letsencrypt:/etc/letsencrypt
This is working wonderfully so far. I can log in to the Nginx Proxy Manager and also configure the proxy hosts and they are also displayed "green".
If I now want to create a certificate, I get an error:
"myDomainName": Failed to check the reachability due to a communication error with site24x7.com.
I then connected to the container and used e.g. apt update to check whether an Internet connection was available. The connection to the Debian repositories fails. In contrast, this works perfectly with my other Nginx Proxy Manager container that I am currently running on the Synology NAS. So I have no internet connection inside the container. As I know they should be possible a connection about Port 80 and 443 to Let's Encrypt.
I tried a lot. I don't know what exactly. In some point I had a Log error "connection refused" to a Let's Encrypt URL But I don't remember what I have done .....
The command "ip a" in OpenWrt shows 3 new interfaces:
59: br-34811f7f2e69: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 02:42:21:c4:f0:60 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-34811f7f2e69
valid_lft forever preferred_lft forever
inet6 fe80::42:21ff:fec4:f060/64 scope link
valid_lft forever preferred_lft forever
60: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 02:42:68:11:29:8d brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:68ff:fe11:298d/64 scope link
valid_lft forever preferred_lft forever
66: veth930588f@if65: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue master docker0 state UP
link/ether 22:33:9e:f9:91:f9 brd ff:ff:ff:ff:ff:ff
inet6 fe80::2033:9eff:fef9:91f9/64 scope link
valid_lft forever preferred_lft forever
The docker network ls command show this:
NETWORK ID NAME DRIVER SCOPE
16e9bb7de854 bridge bridge local
a31c4d4ccf26 host host local
34811f7f2e69 nginx-proxy_default bridge local
545df365e320 none null local
I also definied in OpenWRT about LUCI some Firewall rules, also Firewall Zones but at the moment nothing for docker.....
What I can see about Luci in the firewall is a new interface called "Docker0" and in "Devices" the 3 new interfaces which shows the command "ip a" in the shell.....
Have anyone an idea what I can do for working the connection für my container?
Many greetings.....