Question 80677 in Docker Question posted in
The official documentation can be found here.

Access IP (available only in VPN) within ddev container – Docker

I need to connect to a VPN (with Forticlient, but I don’t think it matters) to access a web service on a specific ip, lets say http://1.2.3.4:8090/rest/endpoint.
I can access the URL from the browser and everything works.

Now I need to access that URL from my Drupal website. On my local machine I use ddev for local development, but it cannot reach it.

I’m not a network expert, but is there a way to access that IP from the drupal site within the ddev container?

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    In the end it was way more fast building my own proxy instead of involving the "VPN guys", I did it in nodejs just because I had it installed on my host and didn't want to install apache/php/other on it, but for sure it can be done in any way, as long you don't conflict with ddev ports.

    I'm a Drupal guy, not a Nodejs guy (actually I almost don't know it.. ), but I found this example and based my own on this https://www.geeksforgeeks.org/how-to-build-a-node-js-proxy-server/
    It's pretty straightforward (no logic on the proxy apart a simple url rewrite, not only because it was in the example but in my case it's also very useful as I actually have to proxy 2 different IPs for 2 different services, so in this way I use "one proxy to rule them all").
    Here's how i wrote my own app.js:

    const express = require("express");
const morgan = require("morgan");
const { createProxyMiddleware } = require("http-proxy-middleware");
require("dotenv").config();

// Create Express Server
const app = express();

// Configuration
const { PORT } = process.env;
const { HOST } = process.env;
const { API_SEARCH_BASE_URL } = process.env;
const { API_INDEX_BASE_URL } = process.env;

// Logging the requests
app.use(morgan("dev"));

// Proxy Logic : Proxy endpoints

// Searcher endpoint.
app.use(
  "/search",
  createProxyMiddleware({
    target: API_SEARCH_BASE_URL,
    changeOrigin: true,
    pathRewrite: {
      "^/search/(.*)": "$1",
    },
  })
);

// Index endpoint.
app.use(
    "/index",
    createProxyMiddleware({
      target: API_INDEX_BASE_URL,
      changeOrigin: true,
      pathRewrite: {
        "^/index/(.*)": "$1",
      },
    })
);

// Starting our Proxy server
app.listen(PORT, HOST, () => {
  console.log(`Starting Proxy at ${HOST}:${PORT}`);
});

    in my .env I have this:

    HOST = 'myproxy.local'
PORT = 3000
API_SEARCH_BASE_URL = "http://1.2.3.4:8090"
API_INDEX_BASE_URL = "http://5.6.7.8:8080"

    As said by rfay i then changed the nodejs port from 3000 to something else (I used 8666, i felt a bit evil-ish in the end), as there's a lot of competition on that 3000 port (and probably was causing some of the initial problems).
    Also it doesn't really matter what the HOST is (myproxy.local in the example .env) as in the end one has to use host.docker.internal as rfay stated, and the HOST is used only to test it on the browser, but not usable inside ddev.
    It works fine, and it forwards any query parameter i need to pass to the webservice, I'll need to test it a bit more, but seems to work like a charm.
    Thanks again to rfay for the inputs!


  2. 0

    Remember that the DDEV web container is a little computer on its own, so it will probably need the VPN software installed in it. This depends a lot on the VPN software you’re using and how it works with Docker networking.

    Start by using curl inside the web container to test your URL, for example, curl -I http://1.2.3.4:8090/rest/endpoint and see if it can connect. Then you’ll have to make sure it’s a VPN issue vs just regular connectivity, since you’re using a specific IP. If you can’t connect, you’ll want to check with your VPN vendor for how to install a VPN client inside the web container, or enable connectivity within the host VPN to Docker networking.

    Many VPNs don’t give trouble about this… Make sure you’ve done the normal troubleshooting things first, turning off your firewall, so you know that’s not the trouble.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search