Socket closed - Container Terminal is unavailable

Currently reading
Socket closed - Container Terminal is unavailable

jeyare

Subscriber
1,586
537
@Rusty - how to solve "Socket closed" message from DSM Docker Terminal console, when the DSM is behind Reverse proxy.
 

Rusty

Moderator
NAS Support
2,282
684
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
@Rusty - how to solve "Socket closed" message from DSM Docker Terminal console, when the DSM is behind Reverse proxy.
Good question. Haven't had time to tacket that... Personally, I use Portainer for all my docker needs, but always locally, so it always works. I am aware of the situation that you are talking about but just didn't have time to get into it. VPN back into lan and case closed for me.
 

Rusty

Moderator
NAS Support
2,282
684
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Well accessing ssh on a container via the internet (even if its via revers) its a security problem, just like having 22 open on your router (that's a major security issue). So, reverse ssh is the same deal. This can be done, but I don't recommend it.
 
125
33
NAS
DS918+, DS1815+
Operating system
  1. Linux
  2. macOS
Mobile operating system
  1. Android
Today, I have noticed that I have the same problem 'socket closed' on all my containers. Have been searching the internet for a solution but the given solutions are not working for me. One of the solutions is in the link: Websocket docker . Does someone have another workaround for this ?
 
125
33
NAS
DS918+, DS1815+
Operating system
  1. Linux
  2. macOS
Mobile operating system
  1. Android
Today, I have noticed that I have the same problem 'socket closed' on all my containers. Have been searching the internet for a solution but the given solutions are not working for me. One of the solutions is in the link: Websocket docker . Does someone have another workaround for this ?
Does anyone have the same problem? I have already did a test with different browsers on my mac. Even a test with MS edge on a windows pc but still the same error. Then did a test on a digital ocean vps with docker installed and there I have again this but then within portainer.

Screenshot 2020-04-08 at 17.44.40.png
 

Rusty

Moderator
NAS Support
2,282
684
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Haven’t looked into it but as far as I recall this will not work out of the box via internet and/or revers proxy. My suggestion is tunnel back into that LAN and use it via local ip address
 
125
33
NAS
DS918+, DS1815+
Operating system
  1. Linux
  2. macOS
Mobile operating system
  1. Android
Haven’t looked into it but as far as I recall this will not work out of the box via internet and/or revers proxy. My suggestion is tunnel back into that LAN and use it via local ip address
That's working. Then I have to connect via vpn if I want to do something when I am not home. Thanks anyway.
 
16
3
NAS
DS1815+ DS918+
Operating system
  1. Windows
Mobile operating system
  1. iOS
As i was creating this post to ask if anyone solved it, i think i solved it.

What's interesting is even when inside the LAN by default when you are accessing docker DSM app over default DSM HTTP or HTTPS ports we are going through a nginx reverse proxy.

So I took a look at the default nginx settings for the docker app in [email protected]:/etc/nginx/conf.d/dsm.pkg-static.Docker-70163528.conf

Code:
location ~ ^/docker/ws {
        proxy_set_header X-Server-IP $server_addr;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Real-HTTPS $https;
        proxy_set_header X-Server-Port $server_port;
        proxy_set_header X-Real-Port $remote_port;
        proxy_set_header Host $http_host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Forwarded-Host $http_host;
        proxy_http_version 1.1;
        proxy_read_timeout 3600s;
        proxy_pass http://127.0.0.1:512;

the only thing different from my existing nginx server location config were:
1) my location is for the whole server, not the /docker/ws location
2) proxy_read_timeout was set to 60s on my machine
3) my proxy_pass is set to the internal docker IP address of the synology host DSM HTTPS port

so I changed just the timeout in my server location in my personal nginx server config like follows:

Code:
location /  {
        proxy_set_header Host $http_host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_http_version 1.1;
        proxy_read_timeout 3600s;
        proxy_pass  https://172.17.0.1:5101;
    }

Now the timeout is 1 hour.

If you are using the built-in application portal instead of your own nginx you will need to add the websocket in the reverse proxy rules dialog on the custom header tab (it will add it for you if you click the drop down arrow on create) and on the advanced settings tab you will need to change the 'proxy read time out' to 3600s (aka an hour, or whatever you need it to be).

To be clear I am not advocating anyone should be accessing this externally, I actually use an nginx server inside my network to normalize a bunch of web sites down to all operate on 443 and individual host names per web service, including DSM so i don't have to cack about with port numbers (sledge hammer to crack a wallnut, i know!)

I guess if you want different proxy_read_timeouts you could use normal 60s for the main location and 3600 just for /docker/ws

YMMV
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Similar threads

Similar threads

Top