Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Localhost for Webhook Target URL #6892

Closed
ASAADASKAR opened this issue Sep 22, 2023 · 4 comments
Closed

Localhost for Webhook Target URL #6892

ASAADASKAR opened this issue Sep 22, 2023 · 4 comments

Comments

@ASAADASKAR
Copy link

ASAADASKAR commented Sep 22, 2023
edited
Loading

#My actions before raising this issue

I made a web server to get the data from CVAT-webhook. I don't want to use an external API like Zapier.

But somehow when I set up the localhost for the web server for tragelt_url in Webhook in CVAT, I get nothing.

image

In Database of webhooks_webhookdelivery is so the error:
id | event | status_code | redelivery | response 323 | ping | 407 | f | Egress proxying is denied to host '....................': The destination address (127.0.0.1) was denied by rule 'Deny: Not Global Unicast'. destination address was denied by rule, see error.\n

I think my localhost was not known in CVAT, but the docker and all works with my localhost.

Does anyone know what the problem is and can help me?
Thanks
@zhiltsov-max
Copy link
Contributor

zhiltsov-max commented Oct 4, 2023
edited
Loading

Hi, please try to follow the advice from the discussion in #6760, specifically the local bridge network in docker and smokescreen options. CVAT server needs the webhook address to be reachable from the container, and the host's localhost is not reachable. This can be fixed by adding the localhost to the container network (e.g. via the bridge network), or by starting the webhook server at another address (so that it's visible at the container DNS - e.g. via DNS config on your router etc).

@ASAADASKAR
Copy link
Author

ASAADASKAR commented Oct 9, 2023
edited
Loading

@zhiltsov-max
Thank you for the answer.
I no longer have problem 407 (407 Egress proxying is denied to host), but I now have a different problem 501 ("inbound_remote_addr": "127.0.0.1:40504", "level": "error", "msg": "Connection to remote host failed: dial tcp 175.20.0.19:8080:)

I have a new docker container for webhooks_receiver and this container and the other one have the same network, so the same gateway.

IP address for Webhooks_receiver e.g. : IP = 175.20.0.19
The URL should be like this: http://75.20.0.19:8080/api/receive

- Receiver Container

cvat_worker_webhooks_receiver: container_name: cvat_worker_webhooks_receiver image: cvat/server:${CVAT_VERSION:-dev} restart: always init: true depends_on: - cvat_redis - cvat_db - cvat_opa environment: CVAT_REDIS_HOST: 'cvat_redis' CVAT_POSTGRES_HOST: 'cvat_db' DJANGO_LOG_SERVER_HOST: vector DJANGO_LOG_SERVER_PORT: 80 no_proxy: clickhouse,grafana,vector,nuclio,opa,${no_proxy:-} NUMPROCS: 1 SMOKESCREEN_OPTS: ${SMOKESCREEN_OPTS:-} command: -c supervisord/worker.webhooks_receiver.conf volumes: - cvat_data:/home/django/data - cvat_keys:/home/django/keys - cvat_logs:/home/django/logs - .:/cvat/apps/webhooks_receiver networks: cvat:

- netowrk

networks: cvat: name: cvat-local-bridge external: true driver_opts: com.docker.network.bridge.enable_icc: "true" com.docker.network.driver.mtu: "1500" com.docker.network.bridge.enable_ip_masquerade: "true"

- supervisord

`[unix_http_server]
file = /tmp/supervisord/supervisor.sock

[supervisorctl]
serverurl = unix:///tmp/supervisord/supervisor.sock

[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface

[supervisord]
nodaemon=true
logfile=%(ENV_HOME)s/logs/supervisord.log ; supervisord log file
logfile_maxbytes=50MB ; maximum size of logfile before rotation
logfile_backups=10 ; number of backed up logfiles
loglevel=debug ; info, debug, warn, trace
pidfile=/tmp/supervisord/supervisord.pid ; pidfile location
childlogdir=%(ENV_HOME)s/logs/ ; where child log files will live

[program:rqworker_webhook_receiver]
command=%(ENV_HOME)s/wait-for-it.sh %(ENV_CVAT_REDIS_HOST)s:6379 -t 0 -- bash -ic
"exec python3 %(ENV_HOME)s/manage.py rqworker -v 3 webhooks_receiver
--worker-class cvat.rqworker.DefaultWorker
"
environment=SSH_AUTH_SOCK="/tmp/ssh-agent.sock",VECTOR_EVENT_HANDLER="SynchronousLogstashHandler"
numprocs=%(ENV_NUMPROCS)s

[program:smokescreen]
command =smokescreen --listen-ip=127.0.0.1%(ENV_SMOKESCREEN_OPTS)s --allow-range=175.20.0.0/16 --allow-address=175.20.0.19:8080 --resolver-address=175.20.0.19:8080 --statsd-address=175.20.0.19:8080`

- Error 502

2023-10-10 09:26:48,853 DEBG 'smokescreen' stderr output: {"id":"ckihhm154vmil08du0ag","inbound_remote_addr":"175.20.0.1940504","level":"error","msg":"Failed to connect to remote host: dial tcp 175.20.0.19:8080: connect: connection refused","proxy_type":"http","requested_host":"175.20.0.19:8080","start_time":"2023-10-10T09:26:48.852935357Z","time":"2023-10-10T09:26:48Z","trace_id":""}

@bsekachev
Copy link
Member

Unfortunately we can't help with your custom configuration.

@ASAADASKAR
Copy link
Author

ASAADASKAR commented Nov 13, 2023
edited
Loading

@bsekachev
Thank you.
It worked in the end, but I only had to change the port 8080 and the configuration of smokescreen remains as above

@zhiltsov-max zhiltsov-max mentioned this issue Nov 20, 2024
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@zhiltsov-max @bsekachev @ASAADASKAR