Firewalls and port settings

I am trying to share links for specific tasks that are on this PC. I have read all of the posts on here about port forwarding, opening port 8000, and maybe 20, and 22, and 443 (sigh) but nothing will connect. I have opened the same ports in Windows Defender as well.
Is there some easy to follow setup for this? Is Docker using a different port ?
My end game will be to load another instance of WebODM on another computer on my network and only allow external access to that computer. But I want to make sure I have it working first.

1 Like

I’d check out this comment and general thread for quick note on networking.

Remember that WebODM is mostly just the interface to make task creation easy. There is a NodeODM instance running under the hood to do the actual work.

I would try this:

  1. On your primary computer, run WebODM.
  2. On your second computer, run an instance of NodeODM like
    docker run -p 3000:3000 opendronemap/nodeodm
  3. Back on the primary computer, try to add this new node to WebODM under
    WebODM > Processing Nodes > Add New
    Use the IP of your second machine and port 3000. WebODM will then display the status of the new processing node.

If I am understanding the question properly, you do not need to run WebODM twice (once on each machine). Someone else will have to comment on port availability.

2 Likes

I will flag this info with thanks.
But in the mean time I am just working on getting the thing visible.

1 Like

I want to do all of my processing on my main machine, with no external exposure to the internet. Once I’ve processed a project, I want to download the “all Assets” zip file and transfer that to the secondary machine running webodm. And that will be the machine exposed to the internet, and I would supply links to clients to those projects/tasks.
But first my struggle is getting any version of Webodm visible to the outside world.

Ah I misunderstood “sharing” in this context. Yes, you’d have to run WebODM on a server with a public IP.

It’s still in beta, but I’d check out DroneDB and click on “Hub”.

3 Likes

I notice that the IP address in the sharing link (192.168.99.100:8000) is not an IP that my router recognizes, and not the IP of the machine webodm is running in.
I believe it’s the IP that VM is using.
Do I have to change some setting in Virtual Box to make webodm visible ?
I have been tinkering with port forwarding setting in virtual box but still nuthin.

Well I bit the bullet and launched WebODM on Google Cloud. I must say I’m impressed how easy it is for someone who is more computer literate that ME! But it’s up and running.

It doesn’t seem to be running the latest version though. it’s 1.8.2 and my main machine is running 1.8.4 When I try to run ./webodm.sh update I get an error:

docker-compose -f docker-compose.yml -f docker-compose.nodeodm.yml -f docker-compose.nodemicmac.yml stop
ERROR: Couldn’t connect to Docker daemon at http+docker://localunixsocket - is it running?
If it’s at a non-standard location, specify the URL with the DOCKER_HOST environment variable.

I tried stopping WebODM first and same result.

Thoughts ?

1 Like

Bob, good on you for getting it running! I mean to try that out at some point in the future too.

Is docker compose installed? This is slightly different to docker.

https://docs.docker.com/compose/install/

1 Like

I guess I should show off a bit.

http://35.226.78.116:8000/public/task/b6fc9621-ef77-4d8f-b59c-7d4875d7cb9e/map/

But I still want to be able to host this on my own, so the search for answers continues. It appears that this isn’t done very often.

2 Likes

Bob, I am currently running webodm on a spare machine. It has a web domain pointed at it and is secured with ssl.

I’m sure there’s quite a few people using it this way. However I don’t have a powerful desktop for local processing so would be using Lightning or setting up a NodeODM instance on AWS as and when required.

I was going to comment but saw you discussing VirtualBox meaning you’re running Windows. I have very little experience of running it through Windows and quickly found the memory allocation requirements frustrating and switched to Ubuntu where Docker plays nice and shares system memory.

However it is setup this way…

  • My domain is pointed at the external IP address of my router
  • My router is set to forward http and https ports (80 & 443) to the machine running WebODM.
  • The router is set to issue a fixed IP to that machine so it’s not changing every week
    In Ubuntu…
  • I have installed Nginx natively (as web server)
  • I have installed certbot and used it to both obtain an SSL certificate and to configure Nginx as a reverse proxy (ie it forwards port 80 & 443 to the local host IP of Docker, port 8000)
  • WebODM is started using the standard script and the startup option to tell it the domain address is filled in.
  • Lastly a cron job is setup to reboot the server once weekly to keep everything stable.

Hope that helps in some way, even if it doesn’t directly answer what you’re looking for.

David

1 Like

Brilliant stuff. This is what I want for better customer facing presentation.

Thinking more about what you’re looking for. Would using the machine IP address on another local machine be the trick?

For your processing machine all you really need is NodeODM. If you install it through docker using the NodeODM github read me page then it will also install ODM.

Then you just need to add the machines IP and port to a new node through the WebODM interface.

If I’m missing a detail and you’ve already tried this then my apologies.

1 Like

Hi dsandson,

I used to have same setup with an old laptop but using ./webodm.sh restart --ssl --hostname webodm.myorg.com for the ssl certificate.

Now I’m using port forwarding on openvpn, because of the way internet is provided to this house. It’s slow but do the job.

2 Likes

I have sent all that to my computer wizard son… he seemed to understand it!!

1 Like

HI, I have an iMac running docker and supporting the Webodm interface. I have done the necessary networking to open a port to the internet to allow secure access to the webodm interface. My problem is that it means I have to leave my iMac up and running to service the external webodm requests. I thought a better solution was to do all the major processing on my iMac then create a standalone version of the finished objects on a MacBook and then i can visits clients and display the results. I don’t seem to have the knowledge to do this.
If I can help with the port forwarding and virtual server let me know.

1 Like

I’d love a write up or resource on how you setup your machine to share webodm projects across the internet. Obviously there’s security risk involved, but I wouldn’t even know where to start exploring this especially for a dedicated server.

2 Likes

It looks like dsanderson (above) has the best solution. I haven’t been able to get it to work (yet) on my machine at home. That’s why I went with Google cloud hosting.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Continuing the discussion from Firewalls and port settings:

There would be a few steps to do this and the details of each are somewhat opaque, but I can outline a way to do what you are interested in.

The basic gist of it is that you need to have some way to create a subnet where all nodes can interface with the controller or cluster node. One such way is to have all nodes on a subnet created by an OpenVPN tunnel. The way you would do this is to setup an OpenVPN server, probably the easiest way to do that is to use a router running OpenWRT ()[OpenWrt Wiki] OpenVPN server) or DD-WRT, then to make your ip address static use a DDNS client ([OpenWrt Wiki] DDNS Client DuckDNS). You then configure your node machines as OpenVPN clients that connect to your OpenVPN server, exposing the necessary ports for your docker instance. You should then be able to “see” the nodes from an interface like WebODM.

Each step can be a little finicky to get right but there are existing writeups that you can follow for all of them. I’m sure there are other ways to do what you’re asking about, perhaps using a dedicated machine or a docker instance for the OpenVPN server instead of a router running OpenWRT for example, but I imagine that most methods would use similar concepts.

You could also use docker for everything if you aren’t behind any firewalls that you don’t control (https://gist.github.com/danguita/21e6f9050ef556e5e2177d8407f5a72e).

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.