I have moved my kopia server to docker+tailscale (using it as a proxy redirecting port 51515 to 443). I can acces my server through browser to https://kopia.aaa-bbb.ts.net; but when trying to connect kopia client it fails:
Connect Error: INTERNAL: internal server error: connect error: error opening repository: error connecting to API server: unable to establish session for purpose=: error establishing session: unable to initialize session: rpc error: code = Unavailable desc = unexpected HTTP status code received from server: 502 (Bad Gateway); malformed header: missing HTTP content-type: EOF
I think tailscale uses let’s encrypt certificates, I don’t know if it messes up with fingerprints; but I am a little lost with this error. Maybe another port has to be redirected?
services:
kopia-tailscale:
image: tailscale/tailscale:stable
container_name: kopia-tailscale
hostname: kopia
env_file: .ts.env
volumes:
- ./tailscale/state:/var/lib/tailscale
- ./tailscale/config:/config
- /dev/net/tun:/dev/net/tun
cap_add:
- net_admin
- sys_module
restart: unless-stopped
networks:
- kopia
kopia:
image: kopia/kopia:latest
hostname: kopia-server
container_name: kopia-server
restart: unless-stopped
# Setup the server that provides the web gui
command:
- server
- start
- --disable-csrf-token-checks
- --insecure
- --address=0.0.0.0:51515
- --server-username=admin
env_file:
- .env
environment:
USER: "User"
volumes:
# Mount local folders needed by kopia
- ./config:/app/config
- /root/.cache/kopia-docker/cache:/app/cache
- ./logs:/app/logs
# Mount local folders to snapshot
- ./data:/data:ro
# Mount repository location
- ./repository/dir:/repository
# Mount path for browsing mounted snapshots
- ./mounted:/tmp:shared
- ./sftp:/root/.ssh
networks:
- kopia
networks:
kopia:
driver: bridge
proxy:
{
"TCP": {
"443": {
"HTTPS": true
}
},
"Web": {
"${TS_CERT_DOMAIN}:443": {
"Handlers": {
"/": {
"Proxy": "http://kopia-server:51515"
}
}
}
},
"AllowFunnel": {
"${TS_CERT_DOMAIN}:443": false
}
}