Getting OH LogViewer working inside docker

• Platform information:
  • Hardware: Rpi4
  • OS: Raspian
  • openHAB version: 5.1.3

I switched from using Openhabian to using a docker container on Raspbian to make it easier to keep up to date and to backup.

I have nginx working, and can access OpenHAB from anywhere, but the Log Viewer doesn’t work under the developer tools. It says it uses web sockets, so I’m assuming I need to open a port, but what port? I see people using frontail on port 9001, but I’m not trying to setup a separate log viewer, just the built in one.

Here is my docker-compose.yml:

services:
  openhab:
    image: "openhab/openhab:5.1.3"
    restart: always
    container_name: openhab
    volumes:
      - "/etc/localtime:/etc/localtime"
      - "/etc/timezone:/etc/timezone"
      - "/opt/openhab/addons:/openhab/addons"
      - "/opt/openhab/conf:/openhab/conf"
      - "/opt/openhab/userdata:/openhab/userdata"
    environment:
      USER_ID: 999
      GROUP_ID: 983
      CRYPTO_POLICY: "unlimited"
      OPENHAB_HTTP_PORT: "8080"
      OPENHAB_HTTPS_PORT: "8443"
      TZ: "America/Detroit"
    networks:
      - oh-network

  nginx:
    image: "nginx:stable-alpine"
    container_name: nginx_proxy
    restart: always
    ports:
      - "80:80"
      - "443:443"
    volumes:
      # Mount your custom NGINX configuration file
      - "./nginx/:/etc/nginx/:ro"
    depends_on:
      - openhab
    networks:
      - oh-network

networks:
  oh-network:
    driver: bridge

Here’s the nginx.conf:

http {
server {
	listen 80;
	server_name MY PUBLIC HOSTNAME;

	# Cross-Origin Resource Sharing
        add_header 'Access-Control-Allow-Origin' '*' always;
        add_header 'Access-Control-Allow_Credentials' 'true' always;
        add_header 'Access-Control-Allow-Headers' 'Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range' always;
        add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH' always;
        add_header Set-Cookie X-OPENHAB-AUTH-HEADER=1;

	location / {
	  proxy_http_version                    1.1;
          proxy_pass                            http://openhab:8080/;
          proxy_set_header Host                 $http_host;
          proxy_set_header X-Real-IP            $remote_addr;
          proxy_set_header X-Forwarded-For      $proxy_add_x_forwarded_for;
          proxy_set_header X-Forwarded-Proto    $scheme;
          proxy_read_timeout                    3600;
          proxy_set_header Authorization        "";
          auth_basic                            "Username and Password Required";
          auth_basic_user_file                  /etc/nginx/.htpasswd;
	}
}
}

WebSockets use the HTTP ports, so it will be 80, 443, 8080 etc. depending on your setup. Nothing special should be needed.

That said, I don’t know anything about configuring nginx, but I’d guess that there’s something there that goes wrong. A WebSocket starts life as a regular HTTP connection, which is then “upgraded” to a WebSocket. If nginx is a proxy and doesn’t play ball during the upgrade process, it could fail.

What are the errors logged in your OH log?

Unfortunately there are no errors in userdata/logs/openhab.log Should I enable more detailed logging for one of the openhab components? I tried setting “org.openhab” to TRACE level, but didn’t see anything about the log viewer.

The chrome developer console shows

index-Buyt_kkZ.js:23370 WebSocket connection to ‘ws://MY PUBLIC ADDRESS:8080/ws/logs’ failed

Maybe because nginx would be requesting authentication?

If the error occurs before this reaches OH at all, there might not be anything in the OH log.

The dev console message indicates that something along the way blocks this, so I would perhaps try to inspect or enable nginx logging. I would also try to access OH directly, without nginx, to verify that nginx is in fact the problem.

It works!

Your hint about websockets being upgraded was very helpful.

I found this: WebSocket proxying

And then update my nginx.conf:

events {
	worker_connections 1024;
}

http {
	map $http_upgrade $connection_upgrade {
	  default upgrade;
	  ''      close;
	}
        error_log /var/log/nginx/error.log debug;
server {
	listen 80;
	server_name MY PUBLIC HOSTNAME;

	# Cross-Origin Resource Sharing
        add_header 'Access-Control-Allow-Origin' '*' always;
        add_header 'Access-Control-Allow_Credentials' 'true' always;
        add_header 'Access-Control-Allow-Headers' 'Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range' always;
        add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH' always;
        add_header Set-Cookie X-OPENHAB-AUTH-HEADER=1;

	location / {
	  proxy_http_version                    1.1;
          proxy_pass                            http://openhab:8080/;
          proxy_set_header Host                 $http_host;
          proxy_set_header X-Real-IP            $remote_addr;
          proxy_set_header X-Forwarded-For      $proxy_add_x_forwarded_for;
          proxy_set_header X-Forwarded-Proto    $scheme;
          proxy_read_timeout                    3600;
          proxy_set_header Authorization        "";
          auth_basic                            "Username and Password Required";
          auth_basic_user_file                  /etc/nginx/.htpasswd;
	  proxy_set_header Upgrade              $http_upgrade;
	  proxy_set_header Connection		$connection_upgrade;	
}

}
}

The new addtions are:

map $http_upgrade $connection_upgrade {
  default upgrade;
  ''      close;
}

and

  proxy_set_header Upgrade              $http_upgrade;
  proxy_set_header Connection		$connection_upgrade;	

Note that a working ngnx reverse porch config is in the docs at Running openHAB Behind a Reverse Proxy | openHAB. You should compare what you have now to that just in case there is some other header or something missing that you haven’t discovered yet.