how does cloudron do its job?
-
I haven't watched the video that @jdaviescoates linked, but essentially you need to read up on Docker @adison. Cloudron uses Docker to work its magic. HOWEVER, the wonder of Cloudron is how seamless and problem free running Docker is. I've tried running multiple Docker apps on my own laptop, and in the cloud on my own servers, using any number of tools, GUI and CLI, and for the life of me I just could never get it all to interoperate well beyond 3 apps. The fact that I FIFTY such apps all running on my VPS... yeah, it is fascinating all right.
-
Docker is a very versatile platform that allows you to run applications in isolated environments, known as containers. Docker can have multiple apps on port 443 because of its ability to forward the traffic from the host's specific port to the container's port. This is achieved through the use of Docker's networking and port mapping features.
When you run a Docker container, you can specify the mapping of the host's port to the container's port. Essentially, every running container in Docker has its own IP address and it is totally isolated from all other containers.
-
Docker is a very versatile platform that allows you to run applications in isolated environments, known as containers. Docker can have multiple apps on port 443 because of its ability to forward the traffic from the host's specific port to the container's port. This is achieved through the use of Docker's networking and port mapping features.
When you run a Docker container, you can specify the mapping of the host's port to the container's port. Essentially, every running container in Docker has its own IP address and it is totally isolated from all other containers.
@Kubernetes wait really? so wile your machines IP address might be 1.2.3.4, the docker containers IP might be 9.10.11.12?
my website is not available right now
-
@Kubernetes wait really? so wile your machines IP address might be 1.2.3.4, the docker containers IP might be 9.10.11.12?
-
@adison yes, exactly. and the container is not limited to only one network.
@Kubernetes i'd then have to guess even if someone attempted a port scan, they couldn't find the port mapped. for example, even if they mapped it to port 9999, port9999wouldn't come up in any nmap scan, right?
-
@Kubernetes wait really? so wile your machines IP address might be 1.2.3.4, the docker containers IP might be 9.10.11.12?
@adison And this is accomplished typically by using something like nginx on the frontend. Both nginx and apache can do something similar on their own apart from Docker, and the terminology for this is virtual hosts (apache) and server blocks (nginx). I also already run 8+ webapps (wordpress, moodle, etc.) on a LAMP stack (Linux, Apache, MySQL, PHP) using the virtual host ability. I've found the various tutorials on all these topics on Digital Ocean very helpful... go check those out.
Where Docker comes in handy is when the app you want to run is NOT something like PHP (like a node app), or doesn't use MySQL (like PostgreSQL or SQLite) - a simple LAMP stack just doesn't cut it anymore.
How much have you read already? Don't forget the docs for Cloudron itself.
-
@Kubernetes i'd then have to guess even if someone attempted a port scan, they couldn't find the port mapped. for example, even if they mapped it to port 9999, port9999wouldn't come up in any nmap scan, right?
Their are 2 options i
-
list itemf you have a intranet lets say you are hosting on your own premises and you have multiple vms you can use cloudron app proxy with authentication for all or selective or none and your internal app ip will be http://0.0.0.0:9000
-
If its not possible then another is have seperate vm / vps install portainer than install nginx proxy manager and you can do similar even nginx proxy manager offer ip whitelisting but 2fa still missing.
If you have multiple vms you can link them with wireguard vpn and with using nginx proxy manager you can manage hosting.
Portainer is only recommended as its give a visual interface to dark cli of linux.
I hope this explain most of it you can ask if needed more information.
-
-
What you're after is the reverse-proxy configuration magic of nginx that maps app subdomains to internal containers on private IP space and ports.
