From 05b41f8946eeb9e299953d7725afdff2ed904b40 Mon Sep 17 00:00:00 2001 From: archipelago Date: Thu, 23 Apr 2026 15:42:49 -0400 Subject: [PATCH] fix(lnd-ui): align container port across all specs The LND UI container was unreachable on .228 after the v1.7.43-alpha deploy because three sources of truth disagreed on which port nginx listens on inside the container: - docker/lnd-ui/nginx.conf listen 8081 - docker/lnd-ui/Dockerfile EXPOSE 8080 - apps/lnd-ui/manifest.yml host networking, ports: [] - scripts/first-boot-containers.sh -p 8081:8080 - scripts/deploy-to-target.sh -p 8081:80 (de-facto) - scripts/deploy-tailscale.sh -p 8081:80 - scripts/container-specs.sh SPEC_PORTS=8081:80 Result: podman published host 8081 to container port 80, but no one was listening on 80 inside, so connections were reset. Canonicalize on container:80 with host:8081 publish, matching the three deploy paths already in agreement. Changes: - docker/lnd-ui/nginx.conf: listen 8081 -> listen 80 - docker/lnd-ui/Dockerfile: EXPOSE 8080 -> EXPOSE 80 - apps/lnd-ui/manifest.yml: replace host-network (never true) with bridge networking and explicit 8081:80 port mapping, correcting a documentation-vs-reality mismatch - scripts/first-boot-containers.sh: -p 8081:8080 -> -p 8081:80, and fix the internal-port comment Verified on .228 after rebuild: curl http://127.0.0.1:8081/ returns HTTP 200 and the /app/lnd/ host-nginx proxy resolves cleanly. --- apps/lnd-ui/manifest.yml | 10 +++++++--- docker/lnd-ui/Dockerfile | 2 +- docker/lnd-ui/nginx.conf | 2 +- scripts/first-boot-containers.sh | 4 ++-- 4 files changed, 11 insertions(+), 7 deletions(-) diff --git a/apps/lnd-ui/manifest.yml b/apps/lnd-ui/manifest.yml index ff17aa77..e15bb0ad 100644 --- a/apps/lnd-ui/manifest.yml +++ b/apps/lnd-ui/manifest.yml @@ -22,10 +22,14 @@ app: security: readonly_root: false - network_policy: host + network_policy: bridge - # Host networking: nginx listens on 8081 directly on the host IP. - ports: [] + # Bridge networking via archy-net. Container nginx listens on 80; + # host nginx proxies /app/lnd/ -> 127.0.0.1:8081 -> container:80. + ports: + - host: 8081 + container: 80 + protocol: tcp volumes: [] diff --git a/docker/lnd-ui/Dockerfile b/docker/lnd-ui/Dockerfile index da31def2..d38f5e8c 100644 --- a/docker/lnd-ui/Dockerfile +++ b/docker/lnd-ui/Dockerfile @@ -22,6 +22,6 @@ RUN sed -i 's/^user nginx;/user root;/' /etc/nginx/nginx.conf && \ mkdir -p /var/cache/nginx/client_temp /var/cache/nginx/proxy_temp \ /var/cache/nginx/fastcgi_temp /var/cache/nginx/uwsgi_temp \ /var/cache/nginx/scgi_temp -EXPOSE 8080 +EXPOSE 80 ENTRYPOINT [] CMD ["nginx", "-g", "daemon off;"] diff --git a/docker/lnd-ui/nginx.conf b/docker/lnd-ui/nginx.conf index 5d6f0c17..1664890f 100644 --- a/docker/lnd-ui/nginx.conf +++ b/docker/lnd-ui/nginx.conf @@ -1,5 +1,5 @@ server { - listen 8081; + listen 80; server_name _; root /usr/share/nginx/html; diff --git a/scripts/first-boot-containers.sh b/scripts/first-boot-containers.sh index a604b6c8..a26d2bf2 100644 --- a/scripts/first-boot-containers.sh +++ b/scripts/first-boot-containers.sh @@ -1242,9 +1242,9 @@ for ui in bitcoin-ui lnd-ui electrs-ui; do fi case $ui in # UI containers use --network host so they can proxy to localhost services - # Internal nginx ports: bitcoin-ui=8334, electrs-ui=50002, lnd-ui=8080 (host 8081) + # Internal nginx ports: bitcoin-ui=8334, electrs-ui=50002, lnd-ui=80 (host 8081) bitcoin-ui) PORT_ARG=""; NET_ARG="--network host"; REG_IMG="${BITCOIN_UI_IMAGE}" ;; - lnd-ui) PORT_ARG="-p 8081:8080"; NET_ARG=""; REG_IMG="${LND_UI_IMAGE}" ;; + lnd-ui) PORT_ARG="-p 8081:80"; NET_ARG=""; REG_IMG="${LND_UI_IMAGE}" ;; electrs-ui) PORT_ARG=""; NET_ARG="--network host"; REG_IMG="${ELECTRS_UI_IMAGE}" ;; esac CONTAINER_NAME="archy-$ui"