From 489fec44ba01533a23c424bdd71a7b07f10fd3ad Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Thu, 25 Aug 2022 14:44:32 +0900 Subject: [PATCH] update readme --- README.md | 13 +++++++++++++ TODO.md | 1 + 2 files changed, 14 insertions(+) diff --git a/README.md b/README.md index 2d84cd5..686e515 100644 --- a/README.md +++ b/README.md @@ -242,6 +242,19 @@ openssl pkcs8 -topk8 -nocrypt \ -outform PEM ``` +### (Work Around) Deployment on Ubuntu 22.04LTS using docker behind `ufw` + +Basically, docker automatically manage your iptables if you use the port-mapping option, i.e., `--publish` for `docker run` or `ports` in `docker-compose.yml`. This means you do not need to manually expose your port, e.g., 443 TCP/UDP for HTTPS, using `ufw`-like management command. + +However, we found that if you want to use the brand-new UDP-based protocol, HTTP/3, on `rpxy`, you need to explicitly expose your HTTPS port by using `ufw`-like command. + +``` +% sudo ufw allow 443 +% sudo ufw enable +``` + +Your docker container can receive only TCP-based connection, i.e., HTTP/2 or before, unless you manually manage the port. We see that this is weird and expect that it is a kind of bug (of docker? ubuntu? or something else?). But at least for Ubuntu 22.04LTS, you need to handle it as above. + ### Other TIPS todo! diff --git a/TODO.md b/TODO.md index 907aba2..06300be 100644 --- a/TODO.md +++ b/TODO.md @@ -6,4 +6,5 @@ - Refactoring - Options to serve custom http_error page. - Prometheus metrics +- Documentation - etc.