Hi
I recently installed AIO to try this out.
I use firewalld with Strict Filtering of Docker Containers | firewalld nextcloud-aio-mastercontainer got a different IP address.
In order to access the AIO interface, port 8080 must be accessible, which can be granted with the following command:
firewall-cmd --policy dockerFwdPort --add-forward-port port=8080:proto=tcp:toport=8080:toaddr=172.18.0.8 --permanent
which is specific to the containers ip toaddr=172.18.0.8.
Is it possible to use a fixed IP address instead. Perhaps in the docker compose file just for nextcloud_aio_mastercontainer?
Thanks
wwe
March 18, 2025, 7:48am
2
Docker containers are expected to change ip address often. there is a way to configure static IP address for the containers but this definitely not a best practice. I would recommend you ask firewalls how it’s expected to work.
for AiO one usually expose ports on the hosts interface
sudo docker run \
--init \
--sig-proxy=false \
--name nextcloud-aio-mastercontainer \
--restart always \
--publish 80:80 \
--publish 8080:8080 \
--publish 8443:8443 \
then there is no need anymore to know the container IP and firewalld seems to allow this:
When firewalld is running these published ports are honored and a hole is opened in firewalld.
2 Likes
Thanks.
That means like redis, clamav, etc. ports are not --publish ? And therefore not open to the public anyway?
there is a way to configure static IP address for the containers but this definitely not a best practice
Why is it not best practice?
wwe
March 19, 2025, 8:50pm
4
yes they are isolated inside of docker network. familiarize yourself with docker networking concepts.
because Docker manages DNS and dynamic IPs itself… no need for the admin to take care of it.
2 Likes
Thank you for your time and your explanations.
system
March 27, 2025, 9:02pm
6
This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.