problems accessing services

[lucianlazar1983]

Hi all, i am new to Mailu and i cannot figure out what is wrong with my new install.
I have insrtalled everything without issues from the install docs, on the .env files i have put on listen ipv4: 0.0.0.0 and commented ipv6 removing it also from the docker-compose.
Everything is up and apparently without issue but i cannot acces anything on port 80 . Like it is no service listening on it. Any clues?
I am attaching some references:

docker ps:

b00632ea822b        mailu/rspamd:1.5.1      "/bin/sh -c /start.py"   4 minutes ago       Up 4 minutes                                                                                                                                                                                                           mailu_antispam_1
94340712bc39        mailu/dovecot:1.5.1     "/bin/sh -c /start.py"   4 minutes ago       Up 4 minutes                                                                                                                                                                                                           mailu_imap_1
69fe1190dbb6        mailu/postfix:1.5.1     "/bin/sh -c /start.py"   4 minutes ago       Up 4 minutes                                                                                                                                                                                                           mailu_smtp_1
20e141e053d7        mailu/admin:1.5.1       "/start.sh"              4 minutes ago       Up 4 minutes                                                                                                                                                                                                           mailu_admin_1
6b9b24bc90fb        mailu/fetchmail:1.5.1   "/fetchmail.py"          4 minutes ago       Up 4 minutes                                                                                                                                                                                                           mailu_fetchmail_1
b195fc3989b5        mailu/none:1.5.1        "/bin/sh -c 'sleep 1…"   4 minutes ago       Up 4 minutes                                                                                                                                                                                                           mailu_webdav_1
97d1d04b9e26        mailu/nginx:1.5.1       "/bin/sh -c /start.py"   4 minutes ago       Up 4 minutes        0.0.0.0:25->25/tcp, 0.0.0.0:80->80/tcp, 0.0.0.0:110->110/tcp, 0.0.0.0:143->143/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:465->465/tcp, 0.0.0.0:587->587/tcp, 0.0.0.0:993->993/tcp, 0.0.0.0:995->995/tcp   mailu_front_1
a3a628181feb        mailu/clamav:1.5.1      "/start.sh"              4 minutes ago       Up 4 minutes                                                                                                                                                                                                           mailu_antivirus_1
3509a972b60b        mailu/rainloop:1.5.1    "docker-php-entrypoi…"   4 minutes ago       Up 4 minutes        80/tcp                                                                                                                                                                                             mailu_webmail_1
5963df6ba57c        redis:alpine            "docker-entrypoint.s…"   4 minutes ago       Up 4 minutes        6379/tcp                                                                                                                                                                                           mailu_redis_1

iptables -L -n

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy DROP)
target     prot opt source               destination
DOCKER-USER  all  --  0.0.0.0/0            0.0.0.0/0
DOCKER-ISOLATION  all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
DOCKER     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
DOCKER     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain DOCKER (2 references)
target     prot opt source               destination
ACCEPT     tcp  --  0.0.0.0/0            172.18.0.7           tcp dpt:995
ACCEPT     tcp  --  0.0.0.0/0            172.18.0.7           tcp dpt:993
ACCEPT     tcp  --  0.0.0.0/0            172.18.0.7           tcp dpt:587
ACCEPT     tcp  --  0.0.0.0/0            172.18.0.7           tcp dpt:465
ACCEPT     tcp  --  0.0.0.0/0            172.18.0.7           tcp dpt:443
ACCEPT     tcp  --  0.0.0.0/0            172.18.0.7           tcp dpt:143
ACCEPT     tcp  --  0.0.0.0/0            172.18.0.7           tcp dpt:110
ACCEPT     tcp  --  0.0.0.0/0            172.18.0.7           tcp dpt:80
ACCEPT     tcp  --  0.0.0.0/0            172.18.0.7           tcp dpt:25

Chain DOCKER-ISOLATION (1 references)
target     prot opt source               destination
DROP       all  --  0.0.0.0/0            0.0.0.0/0
DROP       all  --  0.0.0.0/0            0.0.0.0/0
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain DOCKER-USER (1 references)
target     prot opt source               destination
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

ifconfig:

br-27ded8ec776a: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.18.0.1  netmask 255.255.0.0  broadcast 172.18.255.255
        inet6 fe80::42:61ff:fe95:1473  prefixlen 64  scopeid 0x20<link>
        ether 02:42:61:95:14:73  txqueuelen 0  (Ethernet)
        RX packets 3  bytes 166 (166.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 22  bytes 1534 (1.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
        ether 02:42:01:b6:18:b3  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 212.4.14.195  netmask 255.255.255.240  broadcast 212.4.14.207
        inet6 fe80::58ed:fcff:fedc:49d5  prefixlen 64  scopeid 0x20<link>
        ether 5a:ed:fc:dc:49:d5  txqueuelen 1000  (Ethernet)
        RX packets 2456222  bytes 1992302021 (1.8 GiB)
        RX errors 0  dropped 273966  overruns 0  frame 0
        TX packets 746255  bytes 55333807 (52.7 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1  (Local Loopback)
        RX packets 76  bytes 6748 (6.5 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 76  bytes 6748 (6.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth1c5e499: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::9854:ccff:fe26:4c7e  prefixlen 64  scopeid 0x20<link>
        ether 9a:54:cc:26:4c:7e  txqueuelen 0  (Ethernet)
        RX packets 28  bytes 2132 (2.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 37  bytes 2663 (2.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth2d571a1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::7833:c6ff:feb0:ede7  prefixlen 64  scopeid 0x20<link>
        ether 7a:33:c6:b0:ed:e7  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 21  bytes 1434 (1.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth4ab96ec: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::f8dd:8cff:fe3c:19b3  prefixlen 64  scopeid 0x20<link>
        ether fa:dd:8c:3c:19:b3  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 15  bytes 1022 (1022.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth4e51993: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::2069:c9ff:fe6c:bc61  prefixlen 64  scopeid 0x20<link>
        ether 22:69:c9:6c:bc:61  txqueuelen 0  (Ethernet)
        RX packets 36  bytes 1920 (1.8 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 51  bytes 3758 (3.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth905d78b: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::b803:3dff:fe84:9395  prefixlen 64  scopeid 0x20<link>
        ether ba:03:3d:84:93:95  txqueuelen 0  (Ethernet)
        RX packets 490  bytes 46768 (45.6 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 442  bytes 175254 (171.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth9a61913: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::f8af:2bff:fee4:a4f9  prefixlen 64  scopeid 0x20<link>
        ether fa:af:2b:e4:a4:f9  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 20  bytes 1356 (1.3 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vethb781009: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::341a:e4ff:fe3c:57c6  prefixlen 64  scopeid 0x20<link>
        ether 36:1a:e4:3c:57:c6  txqueuelen 0  (Ethernet)
        RX packets 136  bytes 9425 (9.2 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 214  bytes 19894 (19.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vethe4f22be: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::1011:f5ff:fe53:5ee0  prefixlen 64  scopeid 0x20<link>
        ether 12:11:f5:53:5e:e0  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 15  bytes 1022 (1022.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vethf33195a: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::647c:e5ff:fe1c:36e4  prefixlen 64  scopeid 0x20<link>
        ether 66:7c:e5:1c:36:e4  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 19  bytes 1314 (1.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vethfbd95bb: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::2cdf:feff:fe03:fb9b  prefixlen 64  scopeid 0x20<link>
        ether 2e:df:fe:03:fb:9b  txqueuelen 0  (Ethernet)
        RX packets 3  bytes 166 (166.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 22  bytes 1534 (1.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Thank you!

[ofthesun9]

Hi,
Maybe the following could explain your issue:
The front service needs to generate some dhparm keys (unless the keys are already there). It can take a long time (several hours) and the front service won't be running until the keys are available...

You should also use 1.5 and not 1.5.1 (it was a temporary branch, the most up-to-date is 1.5)

[lucianlazar1983]

Thank you, i will wait then a few hours to see if it works. i have downloaded the branch as per documentation, did not select a newer branch or something. it is a safe way to switch back to 1.5?
Thanks again

[lucianlazar1983]

Figured out how to pull from 1.5 branch, now also nginx seamns it has finished but in the browser i see 403 Forbidden on any url (/admin or /webmail).
Anything i should check?
Thanks again

[kaiyou]

It is safe to switch back to 1.5 and I will delete 1.5.1 as it is causing so much confusion.

[kaiyou]

Could you check to front logs if you are indeed seeing a 403 ?

docker-compose logs --tail=100 front

What is you current TLS mode? Did you place the certificate and key correctly in the certs folder if using a manual certificat install?

[lucianlazar1983]

Hi there, thank you for the reply. The problem was not the TLS as i opted for LetsEncrypt. After rebooting all containers it appears to work fine,somehow nginx was not able to to read from the backend before that.

…

-- Lucian Lazar – System Engineer ecoIT Solutions Srl @ lucian.lazar@ecoit.ro Tel +40371783679 www https://www.ecoit.ro

________________________________ From: kaiyou <notifications@github.com> Sent: Monday, April 2, 2018 2:37:54 PM To: Mailu/Mailu Cc: Lucian Lazar; Author Subject: Re: [Mailu/Mailu] problems accessing services (#426) Could you check to front logs if you are indeed seeing a 403 ? docker-compose logs --tail=100 front What is you current TLS mode? Did you place the certificate and key correctly in the certs folder if using a manual certificat install? — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub<#426 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/ADjiGCQXxCmJ5Mrnhu6mSp4zCT27NFXaks5tkg2SgaJpZM4S7Ftd>.

[Harti]

For future reference, I had the same issue - in my case it was related to letsencrypt, though. My DNS records (A/AAAA) had not been processed yet, and therefore, letsencrypt could not verify the IP address of the server. Hence, the container caused the 403.