Proxying a container with multiple ports (502 errors) #327
Description
Hey folks! I'm looking for some guidance. I have a bit of a layered system here, but I know that I have tsdProxy setup properly for simple containers.
trueNas baremetal (on my tailnet)-> Dockge App -> separate docker containers including tsdProxy (in it's own container). My goal is to have a separate node for each service I run.
I have a DumbAssets container with the enable and name labels and I can see it on the dashboard and can access it with DumbAssets.funTailscaleName.ts.net. Its working perfectly! (A side question I have here is how does tsdProxy know that port 3000 is the right port to proxy?)
My real issue is with a CraftyController4 container that has a port open on 8443 (https) for Web UI and a Minecraft server listening on port 25565 (along with a wide range of other ports defined in the compose.yaml). I am able to access these ports using my trueNas tailnet IP:port. For the proxy I can always see it in the dashboard, but can't get to the Web UI with the new node (502 error). I tried different labels like autodetect false, scheme as https, tlsvalidate false and even container_port: 8443, but I can neither access the web UI nor the server. I thought for sure I might access the web UI when specifying the port, but I might be missing something?
What has (kind of) worked is using a list. When the url is set to https trueNas tailnet IP:8443 AND tlsvalidate is false, I can see the Web UI with the webUI.funTailscaleName.ts.net just fine. I assume I can't access the 25565 port with that since only the 8443 port was proxied (right?)
In the same list.yaml, I set another proxy name url to https truNas tailnet IP: 25565 and tlsvalidate false, but I cannot access the server with server.funTailscaleName.ts.net
If I'm understanding correctly, the list should be my way to go so that each port can be its own tailscale node (which is ideal), but I don't understand why I can't access the minecraft server.
A theory I have is that my Minecraft console is trying to access server.funTailscaleName.ts.net:25565 even though that link is already the 25565 port. If that's the case, is there a workaround for me? I could try to make the url to the docker container's IP?
Sorry for the long post! Please let me know if anything needs clarification! Any suggestions would be greatly appreciated!