Cannot Access Site From External Machine - Windows 10 / WSL2

[palomnik]

This may be a Windows problem rather than a problem with the Container.

I usually start working on a site using localhost:80. It works well on Linux and Windows. At some point I need to give it an external URL for testing eCommerce apps. I usually do this by implementing SSL as I described in a previous issue, and use a DynDns app to provide an External URL.

It works perfectly if I bring up the container on Linux, but I cannot access the site if I bring it up on Windows (I am using docker desktop with the WSL2 interface). I can still access the site via localhost, but not via the external URL. I have tried opening port 80 and 443 on the Windows Firewall, but other than that I have not been able to figure out why I cannot access the site. I'm hoping that if this is a Windows issue, that one of you who use Windows more frequently will have a clue to the problem, as I use Windows as little as possible.

Thanks - John

[jumxxxx]

some probleme

[jopfre]

Anyone have any luck with this. I am trying to access the container from browerstack/lambdatest but it can't connect. is it possible to expose the container for this purpose?

[palomnik]

I posted the question on the docker forum and got NO RESPONSE. Someone must know if it is possible or not. In the meantime, I will just stay away from Windoze, and keep developing on Linux, where it works perfectly.

[PiotrCzapla]

I've made some imporvments on this and wrapped it as devcontainer for use in vscode. Give it a try:
https://github.com/PiotrCzapla/vscode-wordpress/blob/main/.devcontainer/Dockerfile

You should be able to use it in windows.

[palomnik]

How does this solve the problem of making the container visible from another machine?

[PiotrCzapla]

damn, this awful self promotion, I've must have come across as a spammer :)

You have two options, one is complex, second easy but it is different from your usual approach.

Easy - ngrok

Use tunnelling app that was designed for your use case like ngrok. It replaces dyndns and https configuration.

Just run:

ngrok http 80

From a place you see the service on localhost, like your container.
You will get an https address to use. here is an example:

ngrok by @inconshreveable                                                                                 (Ctrl+C to quit)

Session Status                online
Version                       2.3.40
Region                        United States (us)
Web Interface                 http://127.0.0.1:4040
Forwarding                    http://fed2-178-43-130-131.ngrok.io -> http://localhost:80
Forwarding                    https://fed2-178-43-130-131.ngrok.io -> http://localhost:80

Connections                   ttl     opn     rt1     rt5     p50     p90
                              0       0       0.00    0.00    0.00    0.00

The upsides:

• super easy to setup
• reliable
• gives you ssl

The downsides:

• the free version has a domain that changes on each use and some performance limits
• the changing domain needs to be addressed in wp-config.php (see how it is addressed in the devcontainer https://github.com/PiotrCzapla/vscode-wordpress#workaround-on-for-everchanging-ports)

Alternatively you pay them 5 usd / month for fixed reserved domain under ngrok, or 8 usd for your whitelabel domain with fixed ip etc. I would go for that for client presentation.

Installation in container

Installation of ngrok is rather easy, on both windows and in the linux container, on mac M1 all I had to do is:

curl https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-arm64.tgz -o /tmp/ngrok.tgz 
tar xvzf /tmp/ngrok.tgz -C /usr/local/bin

Complex - basically build ngrok yourself

The issue with docker on WSL and macos is that it works in a linux virtual machine that has it's own internal firewall.
and Docker inside of that machine has its own networking.

So you can setup the package forwarding on your docker vm, and on windows , it may or may not work.
Alternatively you simply setup a reverse proxy to leverage that the networking part that exposed the port on your localhost, is already done by the Docker team. Then you have to make sure that the proxy is visible on your windows machine which is easy.

I use HAproxy or Nginx on macos, from what I read only nginx is native on windows, haproxy works in wsl.
But you can give stunnel a short as it has a how to on windows:
https://serverfault.com/questions/727751/free-reverse-proxy-with-ssl-for-windows

I can't test this as I don't have windows at hand at the moment.

[palomnik]

I am familiar with ngrok. This is not the question that the thread is asking. First of all, all of this relates to using the docker-compose script in the repository, so other methods of using docker are not relevant. The question is why I can access the container from another machine on the LAN when it is running on Linux, but not when the script is running on Windows. None of your comments are relevant to the issue. Please delete them.

[PiotrCzapla]

It seems that by making my post long I've manage to hide the answer :(, sorry about that.

If you focus on exposing a port on local network, so that your colleagues can access but noone else, you should follow the "Complex" way and expose your ports with stunnel I've linked an example (last link)

To give you a bit more context.

The question is why I can access the container from another machine on the LAN when it is running on Linux, but not when the script is running on Windows.

Docker-compose (docker in general) on windows and mac, runs in a VM and networking of this VM is not exposed to your host windows /macos. Docker have a custom kernel driver to do the networking so that you can access it on localhost.
Each docker desktop has it own' issues. Here is docs for windows: https://docs.docker.com/desktop/windows/networking/

I know a work around for the issues it is described in the complex way in previous post.

First of all, all of this relates to using the docker-compose script in the repository, so other methods of using docker are not relevant.

Please note docker-compose is just a fancy way to run docker, so when you try to find a solution look for docker not docker-compose. Most of things you can do with docker you can do with docker-compose.

[wgtgithub]

Update ports of wp
from - ${IP}:80:80
to - 80;80