2·
7 months agoDoesn’t that mean that docker containers use up much more resources since you’re installing numerous instances & versions of each program like mumble and leftpad?
- 3 Posts
- 19 Comments
Joined 1 year ago
Cake day: June 15th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Doesn’t that mean that docker containers use up much more resources since you’re installing numerous instances & versions of each program like PHP?
It seems like docker would be heavy on resources since it installs & runs everything (mysql, nginx, etc.) numerous times (once for each container), instead of once globally. Is that wrong?
Instead of setting up one nginx for multiple sites you run one nginx per site and have the settings for that as part of the site repository.
Doesn’t that require a lot of resources since you’re running (mysql, nginx, etc.) numerous times (once for each container), instead of once globally?
Or, per your comment below:
Since the base image is static, and config is per container, one image can be used to run multiple containers. So if you have a postgres image, you can run many containers on that image. And specify different config for each instance.
You’d only have two instances of postgres, for example, one for all docker containers and one global/server-wide? Still, that doubles the resources used no?
It seems like docker would be heavy on resources since it installs & runs everything (mysql, nginx, etc.) numerous times (once for each container), instead of once globally. Is that wrong?
It was a firewall issue. I disabled my firewall and it works.
Nginx is running in a container
I don’t think it is. On my other machine it’s running in the docker container, but not this one.
Using serverIP:5870 has the same result as using listmonk.mysite.com:5870. It loads a broken page https://i.stack.imgur.com/gIy4A.jpg with broken links. IE: the URLs are
http://localhost:9000/subscription/form.
Thanks, I checked out your link. I think my most recent comment below answers some of your questions. https://lemmy.world/comment/5586470
Are you able to access listmonk directly without the reverse proxy? What is the URL I. The browser when you do that?
Besides the info I put in the OP, I’m not sure what else you’re asking.
LAN IP address of the docker host
No idea what this is, so I looked it up https://www.howtogeek.com/devops/how-to-get-a-docker-containers-ip-address-from-the-host/ and ran
docker psthen put the container ID at the end of thisdocker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' docker-container-ID. It output an IP address which I used forproxy_pass http://docker-IP:5870;, restarted nginx, and nothing seems to have changed.
Thanks! I was using 127.0.0.1 because that’s what other people were successfully using: https://github.com/knadh/listmonk/issues/1590#issuecomment-1812399067. I had tried variations of
proxy_pass http://app:5870;because I’m running listmonk successfully on another server usingproxy_pass http://app:9000;, but that is when nginx is running from inside the docker container:services: db: <<: *db-defaults container_name: listmonk_db volumes: - type: volume source: listmonk-data target: /var/lib/postgresql/data app: <<: *app-defaults container_name: listmonk_app depends_on: - db volumes: - ./config.toml:/listmonk/config.toml - ./listmonk/uploads:/listmonk/uploads nginx: image: nginx:mainline-alpine restart: unless-stopped ports: - "80:80" - "443:443" volumes: - ./data/nginx:/etc/nginx/conf.d - ./data/certbot/conf:/etc/letsencrypt - ./data/certbot/www:/var/www/certbot networks: - listmonk depends_on: - app command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'" certbot: image: certbot/certbot restart: unless-stopped container_name: certbot volumes: - ./data/certbot/conf:/etc/letsencrypt - ./data/certbot/www:/var/www/certbot networks: - listmonk depends_on: - nginx entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"I forgot to try
proxy_pass http://listmonk_app:5870;though. I just tried that and I got the same error that I get withproxy_pass http://app:5870;.Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.systemctl status nginx.service ● nginx.service - Centmin Mod NGINX Server Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled) Drop-In: /etc/systemd/system/nginx.service.d └─failure-restart.conf, openfileslimit.conf Active: failed (Result: start-limit) since Sun 2023-11-26 01:07:52 UTC; 1min 57s ago Process: 34289 ExecStop=/bin/sh -c /bin/kill -s TERM $(/bin/cat /usr/local/nginx/logs/nginx.pid) (code=exited, status=0/SUCCESS) Process: 18426 ExecReload=/bin/sh -c /bin/kill -s HUP $(/bin/cat /usr/local/nginx/logs/nginx.pid) (code=exited, status=0/SUCCESS) Process: 25700 ExecStart=/usr/local/sbin/nginx -c /usr/local/nginx/conf/nginx.conf (code=exited, status=0/SUCCESS) Process: 34339 ExecStartPre=/usr/local/sbin/nginx -t (code=exited, status=1/FAILURE) Main PID: 25702 (code=exited, status=0/SUCCESS) Nov 26 01:07:47 centos7test systemd[1]: nginx.service: control process exited, code=exited status=1 Nov 26 01:07:47 centos7test systemd[1]: Failed to start Centmin Mod NGINX Server. Nov 26 01:07:47 centos7test systemd[1]: Unit nginx.service entered failed state. Nov 26 01:07:47 centos7test systemd[1]: nginx.service failed. Nov 26 01:07:52 centos7test systemd[1]: nginx.service holdoff time over, scheduling restart. Nov 26 01:07:52 centos7test systemd[1]: Stopped Centmin Mod NGINX Server. Nov 26 01:07:52 centos7test systemd[1]: start request repeated too quickly for nginx.service Nov 26 01:07:52 centos7test systemd[1]: Failed to start Centmin Mod NGINX Server. Nov 26 01:07:52 centos7test systemd[1]: Unit nginx.service entered failed state. Nov 26 01:07:52 centos7test systemd[1]: nginx.service failed.journalctl -xe -- -- The result is timeout. Nov 26 01:08:56 centos7test systemd[1]: Dependency failed for /mnt/HC_Volume_33691542. -- Subject: Unit mnt-HC_Volume_33691542.mount has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit mnt-HC_Volume_33691542.mount has failed. -- -- The result is dependency. Nov 26 01:08:56 centos7test systemd[1]: Job mnt-HC_Volume_33691542.mount/start failed with result 'dependency'. Nov 26 01:08:56 centos7test systemd[1]: Job dev-disk-by\x2did-scsi\x2d0HC_Volume_33691542.device/start failed with result 'timeout'. Nov 26 01:09:01 centos7test systemd[1]: Started Session 313 of user root. -- Subject: Unit session-313.scope has finished start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit session-313.scope has finished starting up. -- -- The start-up result is done. Nov 26 01:09:01 centos7test CROND[34567]: (root) CMD (/usr/lib64/sa/sa1 1 1) Nov 26 01:09:10 centos7test kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=85.203.42.26 DST= LEN Nov 26 01:09:35 centos7test kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=205.185.121.3 DST= LE Nov 26 01:09:45 centos7test kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=107.148.82.29 DST= LE Nov 26 01:09:53 centos7test kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=62.204.41.118 DST= LE Nov 26 01:10:01 centos7test systemd[1]: Started Session 314 of user root. -- Subject: Unit session-314.scope has finished start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit session-314.scope has finished starting up. -- -- The start-up result is done. Nov 26 01:10:01 centos7test systemd[1]: Started Session 315 of user root. -- Subject: Unit session-315.scope has finished start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit session-315.scope has finished starting up. -- -- The start-up result is done. Nov 26 01:10:01 centos7test CROND[34680]: (root) CMD (/usr/lib64/sa/sa1 1 1) Nov 26 01:10:01 centos7test CROND[34679]: (root) CMD (/usr/lib64/sa/sa1 1 1) Nov 26 01:10:11 centos7test kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=91.92.246.145 DST= LE Nov 26 01:10:12 centos7test kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=85.203.42.26 DST= LEN Nov 26 01:10:21 centos7test kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=85.209.11.142 DST= LE Nov 26 01:10:22 centos7test sshd[34734]: Received disconnect from 180.101.88.196 port 14758:11: [preauth] Nov 26 01:10:22 centos7test sshd[34734]: Disconnected from 180.101.88.196 port 14758 [preauth] Nov 26 01:10:40 centos7test kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=162.216.150.164 DST= lines 1377-1425/1425 (END)
I tried some of the solutions here https://serverfault.com/questions/351212/nginx-redirects-to-port-8080-when-accessing-url-without-slash
proxy_set_header Host $host:$server_port;didn’t seem to change anything.I also tried
proxy_pass http://listmonk.example.com:5870/; proxy_redirect http://listmonk.example.com:5870/ http://listmonk.example.com/;Maybe this https://stackoverflow.com/questions/30097334/nodejs-on-nginx-not-working-without-a-port-number-in-the-url is the answer, but I don’t understand it.
The main issue is that Lemmy lacks many basic features that are included in Reddit, either by default or via RES and Toolbox addons. I listed some in the OP and the OP link.
I chose Xenforo because it’s been around for a long time, is feature-rich, and the most polished/professional software.
I also wasn’t considering hosting my own Lemmy instance at the time, which I now recognize as a future possibility, if it continues to develop more basic features.
That seems an argument not to start your communities on lemmy.world.
Lemmy.world was the main one targeted, but they all use the same software and have the same vulnerabilities.
you could just start a community on a friendly instance
The problem is knowing how long that instance will be friendly to you. Will they start blocking other instances you want to interact with? Will other instances start blocking them? And so on…
I’d be interested in your reasons why. The Lemmy limitations I listed are pretty important for me.
It is most aimed at community creators, not users. It’s true that users have limited options & autonomy either way.
But from my experience, forums tend to have less of the “mod corruption” issues that Reddit has. Probably because a forum is a monetary investment and they have an incentive to draw people in. Whereas lots of people just mod on reddit for power.
Lemmy only federates Lemmy instances as far as I know. Forums have lots of benefits that Lemmy instances do not. They’re way more polished due to being around for so much longer.
I had lots of important content I posted to reddit, as did other members of the community. The subs I ran weren’t fluff subs.
Forums are different for sure, but I think they’re similar enough. There’s even a phpBB front-end for Lemmy.
I picked Xenforo for my own reasons, but there are plenty of free forum software (which I listed in the link) that can be used.
I think the one thing missing is a way to federate forums.
The pricing changed just last month so it’s no longer effectively free for small users but it’s relatively cheap (for now).
Well it was only free for 1 year. After that, you’d be paying for the EC2 instance. It’s roughly the same now. You can get cheaper hosting than EC2 but you’re paying a bit more for SES.
I looked at the prices you quoted for other services and they seem ridiculously high
Yeah it’s nuts. I think people with zero technical knowledge who want something fast are the ones paying for those services. It’s surprising there’s so many of them, but there is the fact that all the search results are dominated by their SEO blogs so it’s very hard to learn about other options.
But even if you’re not technically knowledgeable you can pay someone a month’s worth of what those other services charge, and they can setup a self-hosted server for you.
For example, even using SES, if you attempt to originate too many emails to one provider in a single call, they may start rejecting everything - I had to put counters into the code to limit how many gmail addresses would be sent with each iteration. SES also rate limits so you need to manage that somehow.
I haven’t had any issues with this. The starting rates are pretty generous and I’ve been approved for the increases I requested.
You’ll also need to be mindful of the bounce rate and complaints
Sure. Same as with any provider.
I ran into a similar problem with snapshots of a forum and email server – if there are scheduled emails when you take the snapshot they get sent out again if you create a new test server from the snapshot. And similarly for the forum.
I’m not sure what the solution is either. The emails are sent via an SMTP so it’s not as simple as disabling email (ports, firewall, etc.) on the new test server.