Can't connect to api endpoint after docker-compose setup
I've attempted to set up Immich using the docker-compose setup doc (https://immich.app/docs/installation/recommended-installation, https://immich.app/docs/usage/post-installation). I am unable to log in on the mobile app but am able to use the app from a web browser on desktop.
The only changes I've made to my .env are setting the upload, jwt_secret, and setting the log_level to verbose in an attempt to get more information on anything that I'm seeing:
When I attempt to curl the api endpoint from localhost I get the following:
I've attempted to watch this live while using
docker-compose up instead of with -d, but there doesn't seem to be any errors logging, even with LOG_LEVEL set to verbose. Does anyone have some hints at what to do here to debug this (probably user error)? Of particular interest would be if there are any other curl requests that reflect mine being wrong that I could use to debug.35 Replies
did you append the
/api after your IP?I did in the curl request and mobile app
your server seems to be working
try
curl http://your-up:2283/api/server-info
can you take a screenshot of your mobile app login screen?Ah yeah that gives a correct response
if you replace localhost with the machine IP, what happened?
Can you show the login screen on the mobile app?
or the exact value you have for the server endpoint field
sure it's
http://192.168.0.35/apiit should be
http://192.168.0.35:2283/api
you forgot the portAh yeah good point. I'd also like to have this behind an nginx reverse proxy. Are there any things to look out for there?
Yes you should specific
client_max_body_size so that it can accept large file
then just proxy back to http://192.168.0.35:2283 and you should be good to goAck, thanks. Let me put together a quick config for that
It does work on my mobile browser, but I'm not able to log in with the app. Is there any particular container that would have debug logging for this?
Here is the rough proxy config (I've had issues with other headers before and other apps):
shoudl proxy-pass have to pass back to 192.168.0.35?
usually it shouldn't need to, ideally it would be firewalled off not over https, but for debugging the port was opened
Does the api try to listen for a specific hostname?
Yes it use docker dns for some@communication
Can you help us to provide your whole setup, so we have a clearer picture of where might be the problem?
Sure, I'm using docker-compose to run the apps, it looks like it has a reverse proxy built in (just found that config). In front of that is nginx which redirects a subdomain to localhost2283 on the server. Ideally 2283 will be restricted to localhost connections via the reverse proxy for the subdomain so it may only be accessed via https://photos.domain.tld
What is your current nginx config?
Is there any log location in the app perchance?
I see the logs but they are empty
Yes you can access the server container log
doesn't how anything while trying to log in or use the webapp
Would changing NODE_ENV give more output?
No, then there is no logs on that level
What is the response of the endpoint yourdns/api/server-info?
That's fine
strange
not sure why the mobile app cannot connect to the server
Is the https cert valid?
& is there anything in the mobile app logs?
no
yes
From the second screenshot here it seems like the mobile website can touch the api server-status endpoint (disk usage is available in the bottom left)
@Alex Tran we should add some logging in the login code
Thanks for the help y'all, I am not in any rush to have everything up and running, so if that isn't a large lift I can wait until that to see what issue I undoubtedly have on my end lol. I believe the web app will be enough to start with for a bit playing with my existing pictures folder 🙂
Very cool project, and thanks for the quick replies
Can you try remove these line?
Sure
Same failure
oh wait
I had a type with the first failure, hmm that's super interesting. That check was with the geo_ip module to see if it's certain IPs
cool it seems like it logged in! I'll have to do some debugging on my side, I also downgraded the http version with
proxy_http_version 1.1;, but I didn't kill and clear the data of themmobile appAh
a good step forward then
let us know what you find out, it will be great for the latecomer with the similar issues
Awesome, thanks! I re-enabled the geo_ip filtering (makes sure only certain wg peers can see sites), and the app still works. So it seems like if there is a proxy in front of it there should be a similar clause to that in the immich reverse proxy:
the first line there is what I was lacking
So within my setup if someone has a nginx reverse proxy in front of the app they should include:
in the server block for their subdomain, provided they are running it on the same local IP