hailin
/
gcx
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(admin-service): use extra_hosts to route MinIO via gateway Nginx 

Container maps oss.gogenex.com → 192.168.1.200 (LAN IP) so it
connects to Nginx:443 which proxies to localhost:9100 (MinIO).
Port 443 is already open in UFW; avoids hairpin NAT and raw iptables
drop rules that block direct access to 192.168.1.200:9100.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
hailin 2026-03-07 02:20:16 -08:00
parent fa64e1863a
commit 75ef11ec22
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
backend/docker-compose.yml
View File

@ -353,14 +353,16 @@ services:
- DB_USERNAME=genex
- DB_PASSWORD=${DB_PASSWORD}
- DB_NAME=genex
- MINIO_ENDPOINT=192.168.1.200 # MinIO on gateway server — internal IP (hairpin NAT: public IP unreachable from LAN)
- MINIO_PORT=9100
- MINIO_USE_SSL=false
- MINIO_ENDPOINT=oss.gogenex.com # Use domain; extra_hosts maps it to 192.168.1.200 (gateway LAN IP) inside container
- MINIO_PORT=443
- MINIO_USE_SSL=true
- MINIO_ACCESS_KEY=genex-admin
- MINIO_SECRET_KEY=genex-minio-secret
- MINIO_BUCKET=app-releases
- OSS_BASE_URL=https://oss.gogenex.com # Public download base URL for app packages
- JWT_ACCESS_SECRET=dev-access-secret-change-in-production
extra_hosts:
- "oss.gogenex.com:192.168.1.200" # Bypass public DNS; route MinIO via gateway LAN IP (port 443 Nginx → localhost:9100)
depends_on:
postgres:
condition: service_healthy