Why does IMMICH_HOST have no effect?
I want to bind Immich to 10.149.216.4, which is an IP of my WireGuard interface
wg0.
I have in my .env (the second variable should be superluous, I know):
IMMICH_HOST=10.149.216.4
HOST=10.149.216.4
And I updated the image doing:
# docker compose up -d --force-recreate
However, Immich still listens on 0.0.0.0:
# netstat -tulpn | grep 2283
tcp 0 0 0.0.0.0:2283 0.0.0.0:* LISTEN 212763/docker-proxy
tcp6 0 0 :::2283 :::* LISTEN 212770/docker-proxy
(I'm a Docker n00b.)11 Replies
:wave: Hey @feklee,
Thanks for reaching out to us. Please carefully read this message and follow the recommended actions. This will help us be more effective in our support effort and leave more time for building Immich :immich:.
References
- Container Logs:
docker compose logs docs
- Container Status: docker ps -a docs
- Reverse Proxy: https://immich.app/docs/administration/reverse-proxy
- Code Formatting https://support.discord.com/hc/en-us/articles/210298617-Markdown-Text-101-Chat-Formatting-Bold-Italic-Underline#h_01GY0DAKGXDEHE263BCAYEGFJA
Checklist
I have...
1. :blue_square: verified I'm on the latest release(note that mobile app releases may take some time).
2. :blue_square: read applicable release notes.
3. :blue_square: reviewed the FAQs for known issues.
4. :blue_square: reviewed Github for known issues.
5. :blue_square: tried accessing Immich via local ip (without a custom reverse proxy).
6. :blue_square: uploaded the relevant information (see below).
7. :blue_square: tried an incognito window, disabled extensions, cleared mobile app cache, logged out and back in, different browsers, etc. as applicable
(an item can be marked as "complete" by reacting with the appropriate number)
Information
In order to be able to effectively help you, we need you to provide clear information to show what the problem is. The exact details needed vary per case, but here is a list of things to consider:
- Your docker-compose.yml and .env files.
- Logs from all the containers and their status (see above).
- All the troubleshooting steps you've tried so far.
- Any recent changes you've made to Immich or your system.
- Details about your system (both software/OS and hardware).
- Details about your storage (filesystems, type of disks, output of commands like fdisk -l and df -h).
- The version of the Immich server, mobile app, and other relevant pieces.
- Any other information that you think might be relevant.
Please paste files and logs with proper code formatting, and especially avoid blurry screenshots.
Without the right information we can't work out what the problem is. Help us help you ;)
If this ticket can be closed you can use the /close command, and re-open it later if needed.This is because it's running inside of a container
You probably want to use whatever invocation docker needs to bind to a particular interface, and keep the bind inside of the container at the default
Thanks. Looks like it needs to be edited in the
docker-compose.yml: https://github.com/compose-spec/compose-spec/blob/main/spec.md#ports
I now have in my docker-compose.yml:
Indeed it is listening on that IP now:
However, I cannot connect to 10.149.216.4:2283, neither locally on the server (lynx) nor via a remote client. There is just no response.Do you still have immich host etc defined in your env vars?
I tried with and without
IMMICH_HOST / HOST. Neither works.That's what I mean, don't do that
You don't need those vars, they serve a different purpose
Well, I tried with and without.
But now it's without.
And I can curl the homepage:
curl 10.149.216.4:2283
However, in the browser nothing shows up. Weird.tried private mode?
Does the browser work with the old docker config?
It worked the very first time I tried it on my server's main address. But I want to have it behind WireGuard.
Now I can curl locally, but not remotely. For testing, I just moved the address to: http://10.149.216.3:2283/
So, locally, on the server, I can to:
curl http://10.149.216.3:2283/
However, from a remote client, connected via WireGuard, I cannot do that.
But I can see another service (not Immich) on the same IP, locally and remotely: http://10.149.216.3:8080/
So WireGuard doesn't seem to be the issue. Must be something with Docker.
It could be my nftables config, checking...
It is nftables now. (but the initial problem was unrelated)
Thanks for all the suggestions!
As for nftables, I solved that too now. I had a chain forward, which blocked connections into the Immich Docker container:
Allowing connections to all Docker bridges solved the issue, i.e. I added:
Anyhow, Immich is now scanning the photos on my disk, and I'm already blown away! Just bought a server license to support the project.Thanks for posting your solution, I'm sure it will come in handy to someone. 🙂
Double thanks for the buy, I don't get paid from it but it keeps the project running. 😄