From 9a251e4e46c753d09c723ce097c407a5b9c83d3a Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 5 Feb 2019 11:11:28 +0200 Subject: [PATCH] Remove some more references to localhost Continuation of 1f0cc92b330b42. As an explanation for the problem: when saying `localhost` on the host, it sometimes gets resolved to `::1` and sometimes to `127.0.0.1`. On the unfortunate occassions that it gets resolved to `::1`, the container won't be able to serve the request, because Docker containers don't have IPv6 enabled by default. To avoid this problem, we simply prevent any lookups from happening and explicitly use `127.0.0.1`. --- examples/apache/matrix-riot-web.conf | 6 +++--- examples/apache/matrix-synapse.conf | 10 +++++----- .../matrix-ssl-lets-encrypt-certificates-renew.j2 | 2 +- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/examples/apache/matrix-riot-web.conf b/examples/apache/matrix-riot-web.conf index 263136ee..6fadd5a8 100644 --- a/examples/apache/matrix-riot-web.conf +++ b/examples/apache/matrix-riot-web.conf @@ -10,7 +10,7 @@ ProxyPreserveHost On ProxyRequests Off ProxyVia On - ProxyPass http://localhost:2402/.well-known/acme-challenge + ProxyPass http://127.0.0.1:2402/.well-known/acme-challenge Redirect permanent / https://riot.DOMAIN/ @@ -33,8 +33,8 @@ ProxyRequests Off ProxyVia On - ProxyPass / http://localhost:8765/ - ProxyPassReverse / http://localhost:8765/ + ProxyPass / http://127.0.0.1:8765/ + ProxyPassReverse / http://127.0.0.1:8765/ ErrorLog ${APACHE_LOG_DIR}/riot.DOMAIN-error.log CustomLog ${APACHE_LOG_DIR}/riot.DOMAIN-access.log combined diff --git a/examples/apache/matrix-synapse.conf b/examples/apache/matrix-synapse.conf index b5e11d04..eae8dde4 100644 --- a/examples/apache/matrix-synapse.conf +++ b/examples/apache/matrix-synapse.conf @@ -9,7 +9,7 @@ ProxyPreserveHost On ProxyRequests Off ProxyVia On - ProxyPass http://localhost:2402/.well-known/acme-challenge + ProxyPass http://127.0.0.1:2402/.well-known/acme-challenge Redirect permanent / https://matrix.DOMAIN/ @@ -38,8 +38,8 @@ ProxyPassMatch ^/_matrix/client/r0/user_directory/search ! # Proxy all remaining traffic to Synapse - ProxyPass / http://localhost:8008/ - ProxyPassReverse / http://localhost:8008/ + ProxyPass / http://127.0.0.1:8008/ + ProxyPassReverse / http://127.0.0.1:8008/ # Map /.well-known/matrix/client for client discovery Alias /.well-known/matrix/client /matrix/static-files/.well-known/matrix/client @@ -60,12 +60,12 @@ # Map /_matrix/identity to the identity server - ProxyPass http://localhost:8090/_matrix/identity + ProxyPass http://127.0.0.1:8090/_matrix/identity # Map /_matrix/client/r0/user_directory/search to the identity server - ProxyPass http://localhost:8090/_matrix/client/r0/user_directory/search + ProxyPass http://127.0.0.1:8090/_matrix/client/r0/user_directory/search ErrorLog ${APACHE_LOG_DIR}/matrix.DOMAIN-error.log diff --git a/roles/matrix-nginx-proxy/templates/usr-local-bin/matrix-ssl-lets-encrypt-certificates-renew.j2 b/roles/matrix-nginx-proxy/templates/usr-local-bin/matrix-ssl-lets-encrypt-certificates-renew.j2 index 7c99ca33..7e561017 100644 --- a/roles/matrix-nginx-proxy/templates/usr-local-bin/matrix-ssl-lets-encrypt-certificates-renew.j2 +++ b/roles/matrix-nginx-proxy/templates/usr-local-bin/matrix-ssl-lets-encrypt-certificates-renew.j2 @@ -4,7 +4,7 @@ # need to forward requests for `/.well-known/acme-challenge` to the certbot container. # # This can happen inside the container network by proxying to `http://matrix-certbot:8080` -# or outside (on the host) by proxying to `http://localhost:{{ matrix_ssl_lets_encrypt_certbot_standalone_http_port }}`. +# or outside (on the host) by proxying to `http://127.0.0.1:{{ matrix_ssl_lets_encrypt_certbot_standalone_http_port }}`. docker run \ --rm \