Hi,
I’ve been using openHAB for around 2 years now, and I am very happy with it.
Currently, I am running into a problem which I cannot get sorted out myself, but maybe one of you can give me a hint.
I am running openHAB as a docker container.
I am running that container connected to a macvlan docker network. This assigns a distinct mac address (and IP) to the container and in turn I can assign that container a distinct name through my router.
So far so good: I can access http://openhab.local.net:8080
from my browser.
Now the tricky bit: I want to get rid of the port number.
I can control the port numbers by the environment variables of the docker run
command:
docker run \
--name=openhabTESTBED \
--net=mymacvlan \
--ip=192.168.2.197 \
-e OPENHAB_HTTP_PORT=80 \
-e OPENHAB_HTTPS_PORT=8444 \
-v /etc/localtime:/etc/localtime:ro \
-v /etc/timezone:/etc/timezone:ro \
-d \
openhab/openhab:2.4.0-amd64-debian
This works, but only as long as I don’t assign port number below 1024:
For the example above, I can open https://openhab.local.net:8444
in my browser, but http://openhab.local.net
just gives no connection.
I believe, this due to the fact, that these ports are considered “priviledged” and the executable trying to open such a port, needs special rights.
In order to give these rights, I tried two approaches. Both are based on building a new docker image from the official one, which allows me to run extra commands in the dockerfile.
- using “setcap”
FROM openhab/openhab:2.4.0-amd64-debian
RUN apt-get update && \
apt-get install -y libcap2-bin && \
setcap CAP_NET_BIND_SERVICE=+ep /openhab/runtime/bin/karaf && \
apt-get clean
- using “authbind”
FROM openhab/openhab:2.4.0-amd64-debian
RUN apt-get update && \
apt-get install -y authbind && \
touch /etc/authbind/byport/80 /etc/authbind/byport/443 && \
chmod 777 /etc/authbind/byport/80 /etc/authbind/byport/443 && \
apt-get clean
Both approaches failed. When I run my individual image, I cannot connect to the server on port 80 (which is what I configured via the environment variable).
With approach 1., I presume that maybe karaf
is not the executable, which needs to bind to the port - but which executable is it?
With approach 2., I have no clue why it is not working.