Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Supported by

Digital Ocean with Traefik and own Domain Name

Hello!

I'm attempting to manage a study on JATOS with a droplet server on Digital Ocean, and am encountering some difficulty launching the server with proper encryption and my own domain name. I followed all the instructions on https://www.jatos.org/JATOS-on-DigitalOcean.html, using the following code in the initial script of the Droplet:

DOMAIN_NAME="langdevjatos.ca"
EMAIL="my.email@foo.com"

curl https://raw.githubusercontent.com/JATOS/JATOS/master/deploy/docker-compose.yaml > /root/docker-compose.yaml
curl https://raw.githubusercontent.com/JATOS/JATOS/master/deploy/traefik.toml > /root/traefik.toml

sed -i "s/<DOMAIN_NAME>/${DOMAIN_NAME}/g" /root/docker-compose.yaml
sed -i "s/<DOMAIN_NAME>/${DOMAIN_NAME}/g" /root/traefik.toml
sed -i "s/<EMAIL>/${EMAIL}/g" /root/traefik.toml

touch /root/acme.json
chmod 600 /root/acme.json
docker network create proxy
docker-compose -f /root/docker-compose.yaml up -d

I am able to get JATOS running with the basic script

#!/bin/bash

# Run JATOS as docker container
docker run -d --restart=always -p 80:9000 jatos/jatos:latest

But not with any encryption, which is required and expected through ethics. I'm inputting my email between the quotes above.

I continue to get an ERR_CONNECTION_TIMED_OUT message when I try both the iPv4 address (http://159.203.15.124/). My computer appears to successfully ping the ip, and there shouldn't be any difficulty with firewall or proxy so I'm unsure what is going on. The also tried to follow the DNS settings appropriately.

Any help is appreciated!

Thanks, Riss

Comments

  • Hi Riss,

    Not sure what's going on with your server. But for a start it seems like your HTTP(S) ports aren't open:

    kristian@opossum:~/Downloads$ telnet 159.203.15.124 80
    Trying 159.203.15.124...
    ^C
    kristian@opossum:~/Downloads$ telnet 159.203.15.124 443
    Trying 159.203.15.124...
    ^C
    kristian@opossum:~/Downloads$ telnet 159.203.15.124 22
    Trying 159.203.15.124...
    Connected to 159.203.15.124.
    
    
    

    Maybe you have to configure a firewall (usually ufw)?

    Best,

    Kristian

  • Hi Kristian,

    The set-up instructions on JATOS have no mention of best-practice firewall rules. I just set up HTTPS inbound and outbound rules for the droplet and restarted it, but still no luck.

    The console says:

    • To keep this Droplet secure, the UFW firewall is enabled
    • All ports are BLOCKED except 22 (SSH), 2375 (Docker) and 2376 (Docker).

    Any other ideas? I really appreciate the help.

    Thanks, Riss

  • Hi Riss,

    To open the ports for HTTP and HTTPS it should the following commands for ufw:

    sudo ufw allow http
    

    and

    sudo ufw allow https
    

    but if you still use JATOS default port 9000:

    sudo ufw allow 9000
    

    Here is a tutorial for ufw: https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-22-04.

    When I wrote the docs for JATOS on DigitalOcean ufw wasn't activated by default. Maybe they changed this recently.

    Best,

    Kristian

  • Hey Kristian,

    I followed the instructions in the tutorial, and now the error has changed to ERR_CONNECTION_REFUSED. The firewall inbound should be open to HTTP and HTTPS and SSH, but again, no response. I even allowed my own personal IP.

    I cannot ping the server ip address anymore either.

    Not sure what to try next.

    Thanks, Riss

  • krikri
    edited March 2023

    Hi Riss,

    Your JATOS docker is running and port 9000 is exposed? What is the output of docker ps in the terminal? And ufw? What is the output of sudo ufw status verbose?

    Best,

    Kristian

  • edited March 2023

    Hi Kristian,

    Here's the output of ufw status verbose:

    Status: active
    Logging: on (low)
    Default: deny (incoming), allow (outgoing), allow (routed)
    New profiles: skip
    
    To                         Action      From
    --                         ------      ----
    22/tcp                     ALLOW IN    Anywhere
    2375/tcp                   ALLOW IN    Anywhere
    2376/tcp                   ALLOW IN    Anywhere
    80/tcp                     ALLOW IN    Anywhere
    443                        ALLOW IN    Anywhere
    9000                       ALLOW IN    Anywhere
    22                         ALLOW IN    Anywhere
    80                         ALLOW IN    Anywhere
    Anywhere                   ALLOW IN    [MY_IP]
    22/tcp (v6)                ALLOW IN    Anywhere (v6)
    2375/tcp (v6)              ALLOW IN    Anywhere (v6)
    2376/tcp (v6)              ALLOW IN    Anywhere (v6)
    80/tcp (v6)                ALLOW IN    Anywhere (v6)
    443 (v6)                   ALLOW IN    Anywhere (v6)
    9000 (v6)                  ALLOW IN    Anywhere (v6)
    22 (v6)                    ALLOW IN    Anywhere (v6)
    80 (v6)                    ALLOW IN    Anywhere (v6)
    

    And the output for docker ps:

    CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
    

    Edit: I see now that should things be in order, there would be a functioning container, right?

    My Docker is indeed running and I believe 9000 is exposed. I notice now that I have /tcp for ports 22 and 80 (I believe 2375 and 2376 are for docker), but not 443 or 9000. Would that make a difference?

    Thanks, Riss

  • You have no Docker container running. There should be traffic and JATOS running as containers. Let's see what happens when you run the JATOS' docker-compose script:

    docker-compose -f /root/docker-compose.yaml up -d
    

    K.

  • Hi Kristian,

    It works now! I did as you said, only to run into the error that docker-compose was not found. So I installed docker with 'snap install docker':

    root@salve-encrypt:~# docker-compose -f /root/docker-compose.yaml up -d
    Command 'docker-compose' not found, but can be installed with:
    snap install docker          # version 20.10.17, or
    apt  install docker-compose  # version 1.29.2-1
    See 'snap info docker' for additional versions.
    
    root@salve-encrypt:~# snap install docker
    docker 20.10.17 from Canonical✓ installed
    
    root@salve-encrypt:~# docker-compose -f /root/docker-compose.yaml up -d
    /snap/docker/2746/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release ofcryptography (40.0) will be the last to support Python 3.6.
      from cryptography.hazmat.backends import default_backend
    ERROR: Network proxy declared as external, but could not be found. Please create the network manually using `docker network create proxy` and try again.
    

    Then had to redo the final two lines of code from the original script:

    root@salve-encrypt:~# docker network create proxy
    -successful-
    
    root@salve-encrypt:~# docker-compose -f /root/docker-compose.yaml up -d
    /snap/docker/2746/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography (40.0) will be the last to support Python 3.6.
      from cryptography.hazmat.backends import default_backend
    Creating network "root_internal" with the default driver
    Pulling traefik (traefik:v1.7.18)...
    v1.7.18: Pulling from library/traefik
    42e7d26ec378: Pull complete
    8a753f02eeff: Pull complete
    7d881b199386: Pull complete
    Digest: sha256:20fd074599968976f5e06105a99b15de6d74d0b636ae5a8b760d81ee4c98f217
    Status: Downloaded newer image for traefik:v1.7.18
    Pulling jatos (jatos/jatos:latest)...
    latest: Pulling from jatos/jatos
    ba958a445f00: Pull complete
    dc651e6574a9: Pull complete
    aa70f04c8490: Pull complete
    99b22440addc: Pull complete
    b782874e93d4: Pull complete
    3182f1dbf787: Pull complete
    a8032bd4ec5c: Pull complete
    49ea0d82e78c: Pull complete
    4f4fb700ef54: Pull complete
    Digest: sha256:80b82e189dd509d096c108c1b4393a0c2d3cbf9ec1bec435642f13ad92a3019c
    Status: Downloaded newer image for jatos/jatos:latest
    Creating traefik ... done
    Creating jatos   ... done
    

    I can now access JATOS with my domain name.

    Thank you for your help! I wonder if adding 'snap install docker' to the original code would save others the same trouble as I.

    Regards, Riss

  • Hi Riss,

    Nice you got it running!

    I think if you choose the right image in the beginning, extra installing Docker is not necessary. DigitalOcean has those 'Docker x on Ubuntu y' images right to be used.

    Best,

    Kristian

  • 'Docker x on Ubuntu y' is indeed the image I used.

    Regards, Riss.

  • I see. Hm. Maybe it has to do with what I found in their docs (https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-compose-on-ubuntu-22-04):

    Note: Starting with Docker Compose v2, Docker has migrated towards using the compose CLI plugin command, and away from the original docker-compose as documented in our previous Ubuntu 20.04 version of this tutorial. While the installation differs, in general the actual usage involves dropping the hyphen from docker-compose calls to become docker compose. For full compatibility details, check the official Docker documentation on command compatibility between the new compose and the old docker-compose.

    Maybe they do not ship the 'Docker x on Ubuntu y' docker-compose anymore but docker compose?

    Looks like it's deprecated: https://docs.docker.com/compose/release-notes/.

    Looks like the I have to update https://www.jatos.org/JATOS-on-DigitalOcean.html. But apart from the removed hyphen it has the some syntax (https://docs.docker.com/compose/reference/).

    I'll give it a shot with this bash script here:

    #!/bin/bash
    
    DOMAIN_NAME="my.domain.name"
    EMAIL="my.email@foo.com"
    
    curl https://raw.githubusercontent.com/JATOS/JATOS/master/deploy/docker-compose.yaml > /root/docker-compose.yaml
    curl https://raw.githubusercontent.com/JATOS/JATOS/master/deploy/traefik.toml > /root/traefik.toml
    
    sed -i "s/<DOMAIN_NAME>/${DOMAIN_NAME}/g" /root/docker-compose.yaml
    sed -i "s/<DOMAIN_NAME>/${DOMAIN_NAME}/g" /root/traefik.toml
    sed -i "s/<EMAIL>/${EMAIL}/g" /root/traefik.toml
    
    touch /root/acme.json
    chmod 600 /root/acme.json
    docker network create proxy
    docker compose -f /root/docker-compose.yaml up -d
    

    Best,

    K.

  • Okay, I can confirm, it was just removing the hyphen and then it worked again.

    I updated the docs: https://www.jatos.org/JATOS-on-DigitalOcean.html. And since you just used it, can you please have a look at the page and check that it is correct, especially the first section "Setup a simple JATOS server on DigitalOcean"?

  • Hi,

    First of all, thank you for creating JATOS and providing such clear and comprehensive documentation!

    I was following the documentation on how to run JATOS on a Digital Ocean droplet and the updated steps in this post. However, it still does not work for me.

    After the last step `docker-compose -f /root/compose.yaml up -d`, I see that traefik and jatos are running, but when I navigate to the Droplet's IP, I only get a 404 Page Not Found.

    Here are the step:

    1. Create Droplet like described here: https://www.jatos.org/JATOS-on-DigitalOcean.html
    2. Open Firewall for http, https, and port 9000 (as described in this post)
    3. Install Docker with snapd, because it was apparently not install by the initialisation script
    4. Run `docker compose -f /root/compose.yaml up -d`
    5. Navigate with browser to the IP of the droplet

    I'd be extremely grateful for any hints on how to fix this.

    Thank you!

  • Hi!

    Nice you like JATOS (and its documentation) :)

    First I want to say, that it would have been better to open a new thread in this forum, since your issue is only remotely related to the current one. This way other people can easier navigate the forum and find information and solutions for their problems.

    You say, you use Traefik and JATOS with Docker Compose. Please excuse my stupid question: do you have a domain for your server and does the domain point to the IP of your server? If you don't have a domain and don't intend to use one, you don't need a reverse proxy like Traefik and a simple installation is enough.

    And some more comments:

    Install Docker with snapd, because it was apparently not install by the initialisation script

    It is not necessary to install Docker if you chose the proper image with Ubuntu and Docker from DigitalOcean's Marketplace.

    Open Firewall for http, https, and port 9000 (as described in this post)

    Usually it's not necessary to open the firefall (uwf?) since it is not activated on the Ubuntu image with Docker by default. But I might be wrong here and Ubuntu activated it by default recently.

    Run `docker compose -f /root/compose.yaml up -d`

    It shouldn't be necessary to call this manually - the init script should do this after you click on "Create Droplet".

    Best,

    Kristian

  • Hi Kristian,

    Thank you for your help. I think I must have accidentally selected the wrong image. I can confirm that the instructions work with the Image Docker 23.0.6 on Ubuntu 22.04.

    Best,

    Joe


Sign In or Register to comment.

agen judi bola , sportbook, casino, togel, number game, singapore, tangkas, basket, slot, poker, dominoqq, agen bola. Semua permainan bisa dimainkan hanya dengan 1 ID. minimal deposit 50.000 ,- bonus cashback hingga 10% , diskon togel hingga 66% bisa bermain di android dan IOS kapanpun dan dimana pun. poker , bandarq , aduq, domino qq , dominobet. Semua permainan bisa dimainkan hanya dengan 1 ID. minimal deposit 10.000 ,- bonus turnover 0.5% dan bonus referral 20%. Bonus - bonus yang dihadirkan bisa terbilang cukup tinggi dan memuaskan, anda hanya perlu memasang pada situs yang memberikan bursa pasaran terbaik yaitu http://45.77.173.118/ Bola168. Situs penyedia segala jenis permainan poker online kini semakin banyak ditemukan di Internet, salah satunya TahunQQ merupakan situs Agen Judi Domino66 Dan BandarQ Terpercaya yang mampu memberikan banyak provit bagi bettornya. Permainan Yang Di Sediakan Dewi365 Juga sangat banyak Dan menarik dan Peluang untuk memenangkan Taruhan Judi online ini juga sangat mudah . Mainkan Segera Taruhan Sportbook anda bersama Agen Judi Bola Bersama Dewi365 Kemenangan Anda Berapa pun akan Terbayarkan. Tersedia 9 macam permainan seru yang bisa kamu mainkan hanya di dalam 1 ID saja. Permainan seru yang tersedia seperti Poker, Domino QQ Dan juga BandarQ Online. Semuanya tersedia lengkap hanya di ABGQQ. Situs ABGQQ sangat mudah dimenangkan, kamu juga akan mendapatkan mega bonus dan setiap pemain berhak mendapatkan cashback mingguan. ABGQQ juga telah diakui sebagai Bandar Domino Online yang menjamin sistem FAIR PLAY disetiap permainan yang bisa dimainkan dengan deposit minimal hanya Rp.25.000. DEWI365 adalah Bandar Judi Bola Terpercaya & resmi dan terpercaya di indonesia. Situs judi bola ini menyediakan fasilitas bagi anda untuk dapat bermain memainkan permainan judi bola. Didalam situs ini memiliki berbagai permainan taruhan bola terlengkap seperti Sbobet, yang membuat DEWI365 menjadi situs judi bola terbaik dan terpercaya di Indonesia. Tentunya sebagai situs yang bertugas sebagai Bandar Poker Online pastinya akan berusaha untuk menjaga semua informasi dan keamanan yang terdapat di POKERQQ13. Kotakqq adalah situs Judi Poker Online Terpercayayang menyediakan 9 jenis permainan sakong online, dominoqq, domino99, bandarq, bandar ceme, aduq, poker online, bandar poker, balak66, perang baccarat, dan capsa susun. Dengan minimal deposit withdraw 15.000 Anda sudah bisa memainkan semua permaina pkv games di situs kami. Jackpot besar,Win rate tinggi, Fair play, PKV Games