Enable firewall and open ports from ignition, how?

Good,
I am trying to start Fedora CoreOS v.40 server, I took the Ignition file that has the documentation and set the public key for the installation, I installed HTOP to observe the resource consumption and also installed docker-compose. I did a test installation (Nginx Proxy Manager), using a YAML file that I uploaded through Filezilla. The container started, however, when trying to access through the local network (Port 81), it did not let me enter, I guess it is the firewall.
I have looked for information in the documentation on the web and fedora site so that, through the ignition installer file I can open the firewall ports, but I have not found anything.
If someone has a .ign or .yaml file with this complete configuration, I would appreciate it and if possible pass it to me.

I forgot, the installation is on a minipc, I downloaded the ISO and moved it to a USB stick and I boot from it.

Greetings.

First of all, are you sure that the service is actually listening on that port?

1 Like

Hello @ssantis and welcome to :fedora: !

As an addition to the previous question, when you run the nginx container, did you expose the port to the network?

version: '3.8'
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    ports:
      # These ports are in format <host-port>:<container-port>
      - '80:80' # Public HTTP Port
      - '443:443' # Public HTTPS Port
      - '81:81' # Admin Web Port
      # Add any other Stream port you want to expose
      # - '21:21' # FTP

    # Uncomment the next line if you uncomment anything in the section
    # environment:
      # Uncomment this if you want to change the location of
      # the SQLite DB file within the container
      # DB_SQLITE_FILE: "/data/database.sqlite"

      # Uncomment this if IPv6 is not enabled on your host
      # DISABLE_IPV6: 'true'

    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt

Yes, it is the management port.

My idea is to have 3 or maximum 4 containers in a limited hardware level equipment, the use is low, since it is for a home lab. I just need to initially access from LAN and have the container volumes persist, just that the CoreOS documentation is a bit confusing for me.

There is no firewall set up in Fedora CoreOS by default.

1 Like

The instructions from the guide should to be modified for SELinux. See Bind mounts | Docker Docs.

    volumes:
      - ./data:/data:z
      - ./letsencrypt:/etc/letsencrypt:z

Please note that I am not familiar with the Nginx Proxy Manager image and if it will even work, but you should at least have access to the admin UI.