I’ve been using openHAB for around 2 years now, and I am very happy with it.
Currently, I am running into a problem which I cannot get sorted out myself, but maybe one of you can give me a hint.
I am running openHAB as a docker container.
I am running that container connected to a macvlan docker network. This assigns a distinct mac address (and IP) to the container and in turn I can assign that container a distinct name through my router.
So far so good: I can access
http://openhab.local.net:8080 from my browser.
Now the tricky bit: I want to get rid of the port number.
I can control the port numbers by the environment variables of the
docker run command:
docker run \ --name=openhabTESTBED \ --net=mymacvlan \ --ip=192.168.2.197 \ -e OPENHAB_HTTP_PORT=80 \ -e OPENHAB_HTTPS_PORT=8444 \ -v /etc/localtime:/etc/localtime:ro \ -v /etc/timezone:/etc/timezone:ro \ -d \ openhab/openhab:2.4.0-amd64-debian
This works, but only as long as I don’t assign port number below 1024:
For the example above, I can open
https://openhab.local.net:8444in my browser, but
http://openhab.local.net just gives no connection.
I believe, this due to the fact, that these ports are considered “priviledged” and the executable trying to open such a port, needs special rights.
In order to give these rights, I tried two approaches. Both are based on building a new docker image from the official one, which allows me to run extra commands in the dockerfile.
- using “setcap”
FROM openhab/openhab:2.4.0-amd64-debian RUN apt-get update && \ apt-get install -y libcap2-bin && \ setcap CAP_NET_BIND_SERVICE=+ep /openhab/runtime/bin/karaf && \ apt-get clean
- using “authbind”
FROM openhab/openhab:2.4.0-amd64-debian RUN apt-get update && \ apt-get install -y authbind && \ touch /etc/authbind/byport/80 /etc/authbind/byport/443 && \ chmod 777 /etc/authbind/byport/80 /etc/authbind/byport/443 && \ apt-get clean
Both approaches failed. When I run my individual image, I cannot connect to the server on port 80 (which is what I configured via the environment variable).
With approach 1., I presume that maybe
karaf is not the executable, which needs to bind to the port - but which executable is it?
With approach 2., I have no clue why it is not working.