wip: docker support + NICTOOL_BIND_HOST override#3
Draft
aberoham wants to merge 2 commits intoNicTool:mainfrom
Draft
wip: docker support + NICTOOL_BIND_HOST override#3aberoham wants to merge 2 commits intoNicTool:mainfrom
aberoham wants to merge 2 commits intoNicTool:mainfrom
Conversation
Dockerfile and entrypoint in docker/ for container deployments. The entrypoint generates nictool.toml from env vars (remote API mode) and lets the server auto-generate self-signed TLS on first start. NICTOOL_BIND_HOST env var overrides the listen address so the server can bind 0.0.0.0 inside a container while keeping the TLS cert hostname for display. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
NICTOOL_TLS=false gives you plain HTTP on 8080 -- no more self-signed cert dance in local dev. Left "auto" as the default for production (discovers or generates certs as before). Added a Groups tab to the web UI: list, create, edit, delete, restore, and you can click a group name to navigate into it. Follows the same patterns as the Users/Nameservers tabs. Fixed a few things that were crashing the server: - buildRemoteUrl assumed non-localhost meant https, which blew up with EPROTO when proxying to the plain-HTTP API container. Defaults to http now, configurable via scheme. - forwardToRemote was missing an await so proxy errors bypassed the try/catch entirely - added clientError/tlsClientError/connection handlers plus process-level uncaughtException/unhandledRejection for EPROTO so a stray bad request can't take down the server Dockerfile now exposes both 8080 and 8443. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
WIP, untested beyond local docker compose.
Adds
docker/Dockerfileanddocker/entrypoint.shso the server can run in a container. The entrypoint generatesnictool.tomlfrom env vars (remote API mode) and the server auto-generates self-signed TLS on first start, sodocker compose upshould just work.One small code change in
index.js—NICTOOL_BIND_HOSTenv var overrides the listen address. Without this the server binds to the container hostname (which resolves to a container-internal IP), so port forwarding never reaches it. SettingNICTOOL_BIND_HOST=0.0.0.0in compose fixes that.Related to NicTool/api#19 and NicTool/api#40, which add docker compose support to the API repo including an optional
serverservice that builds from this repo.🤖 Generated with Claude Code