OpenHAB Docker not exposing 8443

I’m in progress of moving my OH3 instance from an old PC to new hardware. My old instance was running via a manual instance. For my new installation I’m attempting to use the Docker implementation.

Everything has worked perfectly. All my devices are online and up and running. The only issue is that port 8443 is not listening.

If I create a completely fresh install, the port is listening and I can connect; however, if I restore from my backup script, the container no longer exposes 8443.

Here’s the docker-compose.yml file I’m using:

version: '2.2'

    image: "openhab/openhab:3.0.1"
    command: "bash -c 'if [ -e /openhab/backups/ ]; then echo y |/openhab/runtime/bin/restore /openhab/backups/ ; fi; exec tini -s ./ server'"
    network_mode: host
    restart: always
      - "/etc/localtime:/etc/localtime:ro"
      - "/etc/timezone:/etc/timezone:ro"
      - "/opt/openhab_test/conf:/openhab/conf"
      - "/opt/openhab_test/userdata:/openhab/userdata"
      - "/opt/openhab_test/addons:/openhab/addons"
      - "/opt/openhab_test/backups:/openhab/backups"
      OPENHAB_HTTP_PORT: "8080"
      OPENHAB_HTTPS_PORT: "8443"
      EXTRA_JAVA_OPTS: "-Duser.timezone=America/New_York"
      - "/dev/ttyACM0:/dev/ttyACM0:rwm"

I can attach the the shell of the container and confirm the environment variables are set. However, my output from ss -tulpn has nothing listening for 8443.

Netid            State             Recv-Q            Send-Q                               Local Address:Port                        Peer Address:Port                                                              
udp              UNCONN            0                 0                                                   *               users:(("avahi-daemon",pid=598,fd=12))            
udp              UNCONN            0                 0                                                  *               users:(("avahi-daemon",pid=598,fd=14))            
udp              UNCONN            0                 0                                                *:1900                                   *:*               users:(("java",pid=16562,fd=141))                 
udp              UNCONN            0                 0                                             [::]:51492                               [::]:*               users:(("avahi-daemon",pid=598,fd=15))            
udp              UNCONN            0                 0                                                *:5353                                   *:*               users:(("java",pid=16562,fd=164))                 
udp              UNCONN            0                 0                                             [::]:5353                                [::]:*               users:(("avahi-daemon",pid=598,fd=13))            
udp              UNCONN            0                 0                            [::ffff:]:56260                                  *:*               users:(("java",pid=16562,fd=167))                 
tcp              LISTEN            0                 128                                                   *               users:(("sshd",pid=653,fd=3))                     
tcp              LISTEN            0                 100                                                 *               users:(("mosquitto",pid=1034,fd=5))               
tcp              LISTEN            0                 80                                                *               users:(("mysqld",pid=722,fd=19))                  
tcp              LISTEN            0                 128                                           [::]:22                                  [::]:*               users:(("sshd",pid=653,fd=4))                     
tcp              LISTEN            0                 100                                           [::]:1883                                [::]:*               users:(("mosquitto",pid=1034,fd=6))               
tcp              LISTEN            0                 50                              [::ffff:]:8101                                   *:*               users:(("java",pid=16562,fd=257))                 
tcp              LISTEN            0                 1                               [::ffff:]:34985                                  *:*               users:(("java",pid=16562,fd=39))                  
tcp              LISTEN            0                 50                                               *:5007                                   *:*               users:(("java",pid=16562,fd=272))                 
tcp              LISTEN            0                 50                                               *:8080                                   *:*               users:(("java",pid=16562,fd=259))            

The port works fine on my previous install.

Is there somewhere I can check the running configuration verify it isn’t being disabled? I’m at a lost as to why after my backup is restored, the port is no longer exposed. I get no errors during the restore process.

This is running on a Debian 10. My old install was CentOS 7.

Is this on Windows or MacOS? the docker Hub docs show you need to explicitly map the ports.

Here is their example/

version: '2.2'

    image: "openhab/openhab:3.0.1"
    restart: always
      - "8080:8080"
      - "8443:8443"
      - "./openhab_addons:/openhab/addons"
      - "./openhab_conf:/openhab/conf"
      - "./openhab_userdata:/openhab/userdata"
      OPENHAB_HTTP_PORT: "8080"
      OPENHAB_HTTPS_PORT: "8443"
      EXTRA_JAVA_OPTS: "-Duser.timezone=Europe/Berlin"

OP is using --net=host so all open ports should be available as the container is using the host’s networking stack, not Docker’s stack. In essence the container looks like it’s running on that host from a networking perspective. The docs recommend this because so many bindings require the ability to send broadcast packets for automatic discovery and those packets do not usually pass across subnets.

Also, port 8080 is working without the mapping so something else must be going on.

It’s worth noting that all the other openHAB ports are also open based on that netstat output. Every port opened by pid 16562 is openHAB. I don’t have them all memorized but they all seem to be present except for port 8443.

The conclusion is this isn’t a docker issue. There is something else, maybe an openHAB or firewall issue or the like.

1 Like

I just tried standing up a fresh install with no restore (which allows me to connect over 8443), then bring the container down and copied my userdata and conf folders from my working instance into the shared volumes. After bring the container back up, 8443 is no longer exposed…

No change whatsoever to the Docker deployment. I agree is rlkoshak it can’t be Docker related. It has to be something in the files from /conf or /userdata - I just don’t know where or why.

I don’t know where the open ports are configured but the first places I’d look are in your conf/services folders, userdata/etc, and userdata/config.

Searching for 8443 in default configuration it shows that this port is mentioned in comments in
where it can be changed.

Just got finished writing up a long, sad follow up of all the other debug steps I’d taken, but still with no solution… but now I got to erase it all and let you know that its working now!

I had already tried a grep search to get all the files that had 8443 which gave me the same list Wolfgang_S posted. After I attempted a handful of other debug steps, I decided to try again with these files, but this time I diffed both versions from my two containers.

In terms of where 8443 was located, they were identical, but there was a difference in org.ops4j.pax.web.cfg.

This was the non-working, restored version:

# location of jetty config
org.ops4j.pax.web.config.file = /opt/openhab2/runtime/etc/jetty.xml

This was the working, fresh version:

# location of jetty config
org.ops4j.pax.web.config.file = ${openhab.runtime}/etc/jetty.xml

Gah! Made the tweak to get rid of the static path, restarted the container and all good!

So strange that nothing showed up in the logs during startup as that openhab2 path wouldn’t have existed in the containerized version.

Thanks to everyone’s responses and assistance!

This topic was automatically closed 41 days after the last reply. New replies are no longer allowed.