- Fix docker config to not expose ports to the host unnecessarily

- Use the hostname instead of localhost to interact with the API for the initial setup

compose/docker-compose.contained.yml

@@ -38,7 +38,6 @@ services:
       MANAGE_IPTABLES: "off"
     ports:
       - "51821-51830:51821-51830/udp"
-      - "8081:8081"
   netmaker-ui:
     container_name: netmaker-ui
     depends_on:
@@ -46,8 +45,6 @@ services:
     image: gravitl/netmaker-ui:v0.13.1
     links:
       - "netmaker:api"
-    ports:
-      - "8082:80"
     environment:
       BACKEND_URL: "https://api.NETMAKER_BASE_DOMAIN"
     restart: always
@@ -64,7 +61,9 @@ services:
     image: caddy:latest
     container_name: caddy
     restart: unless-stopped
-    network_mode: host # Wants ports 80 and 443!
+    ports:
+      - "80:80"
+      - "443:443"
     volumes:
       - /root/Caddyfile:/etc/caddy/Caddyfile
       # - $PWD/site:/srv # you could also serve a static site in site folder
@@ -77,7 +76,6 @@ services:
     container_name: mq
     restart: unless-stopped
     ports:
-      - "127.0.0.1:1883:1883"
       - "8883:8883"
     volumes:
       - /root/mosquitto.conf:/mosquitto/config/mosquitto.conf

docker/Caddyfile

@@ -21,11 +21,10 @@ https://dashboard.NETMAKER_BASE_DOMAIN {
                 -Server
         }
 
-        reverse_proxy http://127.0.0.1:8082
+        reverse_proxy http://netmaker-ui
 }
 
 # API
 https://api.NETMAKER_BASE_DOMAIN {
-        reverse_proxy http://127.0.0.1:8081
+        reverse_proxy http://netmaker:8081
 }
-

scripts/nm-quick.sh

@@ -176,23 +176,23 @@ sleep 2
 setup_mesh() {
 echo "creating default network (10.101.0.0/16)"
 
-curl -s -o /dev/null -d '{"addressrange":"10.101.0.0/16","netid":"default"}' -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' localhost:8081/api/networks
+curl -s -o /dev/null -d '{"addressrange":"10.101.0.0/16","netid":"default"}' -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' https://api.${NETMAKER_BASE_DOMAIN}/api/networks
 
 sleep 2
 
 echo "creating default key"
 
-curlresponse=$(curl -s -d '{"uses":99999,"name":"defaultkey"}' -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' localhost:8081/api/networks/default/keys)
+curlresponse=$(curl -s -d '{"uses":99999,"name":"defaultkey"}' -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' https://api.${NETMAKER_BASE_DOMAIN}/api/networks/default/keys)
 ACCESS_TOKEN=$(jq -r '.accessstring' <<< ${curlresponse})
 
 sleep 2
 
 echo "configuring netmaker server as ingress gateway"
 
-curlresponse=$(curl -s -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' localhost:8081/api/nodes/default)
+curlresponse=$(curl -s -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' https://api.${NETMAKER_BASE_DOMAIN}/api/nodes/default)
 SERVER_ID=$(jq -r '.[0].id' <<< ${curlresponse})
 
-curl -o /dev/null -s -X POST -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' localhost:8081/api/nodes/default/$SERVER_ID/createingress
+curl -o /dev/null -s -X POST -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' https://api.${NETMAKER_BASE_DOMAIN}/api/nodes/default/$SERVER_ID/createingress
 
 echo "finished configuring server and network. You can now add clients."
 echo ""
@@ -217,16 +217,16 @@ echo "Netmaker setup is now complete. You are ready to begin using Netmaker."
 setup_vpn() {
 echo "creating vpn network (10.201.0.0/16)"
 
-curl -s -o /dev/null -d '{"addressrange":"10.201.0.0/16","netid":"vpn","defaultextclientdns":"8.8.8.8"}' -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' localhost:8081/api/networks
+curl -s -o /dev/null -d '{"addressrange":"10.201.0.0/16","netid":"vpn","defaultextclientdns":"8.8.8.8"}' -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' https://api.${NETMAKER_BASE_DOMAIN}/api/networks
 
 sleep 2
 
 echo "configuring netmaker server as vpn inlet..."
 
-curlresponse=$(curl -s -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' localhost:8081/api/nodes/vpn)
+curlresponse=$(curl -s -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' https://api.${NETMAKER_BASE_DOMAIN}/api/nodes/vpn)
 SERVER_ID=$(jq -r '.[0].id' <<< ${curlresponse})
 
-curl -s -o /dev/null -X POST -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' localhost:8081/api/nodes/vpn/$SERVER_ID/createingress
+curl -s -o /dev/null -X POST -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' https://api.${NETMAKER_BASE_DOMAIN}/api/nodes/vpn/$SERVER_ID/createingress
 
 echo "waiting 10 seconds for server to apply configuration..."
 
@@ -239,7 +239,7 @@ echo "configuring netmaker server vpn gateway..."
 
 echo "gateway iface: $GATEWAY_IFACE"
 
-curlresponse=$(curl -s -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' localhost:8081/api/nodes/vpn)
+curlresponse=$(curl -s -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' https://api.${NETMAKER_BASE_DOMAIN}/api/nodes/vpn)
 SERVER_ID=$(jq -r '.[0].id' <<< ${curlresponse})
 
 EGRESS_JSON=$( jq -n \
@@ -248,7 +248,7 @@ EGRESS_JSON=$( jq -n \
 
 
 echo "egress json: $EGRESS_JSON"
-curl -s -o /dev/null -X POST -d "$EGRESS_JSON" -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' localhost:8081/api/nodes/vpn/$SERVER_ID/creategateway
+curl -s -o /dev/null -X POST -d "$EGRESS_JSON" -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' https://api.${NETMAKER_BASE_DOMAIN}/api/nodes/vpn/$SERVER_ID/creategateway
 
 echo "creating client configs..."
 
@@ -258,7 +258,7 @@ do
                   --arg clientid "vpnclient-$a" \
                   '{clientid: $clientid}' )
 
-        curl -s -o /dev/null -d "$CLIENT_JSON" -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' localhost:8081/api/extclients/vpn/$SERVER_ID
+        curl -s -o /dev/null -d "$CLIENT_JSON" -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' https://api.${NETMAKER_BASE_DOMAIN}/api/extclients/vpn/$SERVER_ID
 done
 
 echo "finished configuring vpn server."