If blocking third party network traffic the Maps on Home Page don't show as expected #4825
Description
@SemoTech Are you accessing it through a proxy? If so, did you redirect
live/websocketas descibed in https://docs.teslamate.org/docs/guides/apache
Originally posted by @DrMichael in #4824
Hello @DrMichael and thanks for trying to help. Unfortunately I was unable to reply to you in the original thread since @JakobLichterfeld locked it to Collaborators only, so I had to create this follow-up thread.
Yes, I am using a proxy, Caddy V2 Proxy to be exact, since it handles Let's Encrypt directly. Below are my sanitized Docker-Compose.yaml and the relevant part of the Caddy configuration for Teslamate files.
Caddy needs WAN access to get and validate the SSL but will only allow access to Teslamate and Grafana on their internal 3000 and 4000 ports to requests from the LAN, and any WAN access is redirected to the FBI :-)
The interesting thing is that I have restarted and pulled the container image countless times and Maps have no issues under Grafana Dashboards. This has been my setup for a very long time.
Only after TM v2.0.0 came out did I notice the Home page Maps stopped working, so it's hard to believe this is a configuration issue on my part, but I am happy to troubleshoot further if you have any suggestions...
Docker-Compose.yaml Code for Teslamate:
`services:
teslamate:
container_name: teslamate
image: teslamate/teslamate:latest
restart: unless-stopped
environment:
- ENCRYPTION_KEY=${TM_ENCRYPTION_KEY}
- DATABASE_USER=${TM_DB_USER}
- DATABASE_PASS=${TM_DB_PASS}
- DATABASE_NAME=${TM_DB_NAME}
- DATABASE_HOST=database
- MQTT_HOST=mosquitto
- VIRTUAL_HOST=${FQDN_TM}
- CHECK_ORIGIN=true
- NTP_SERVERS=${TM_NTP}
- TZ=${TM_TZ}
labels:
- "com.centurylinklabs.watchtower.enable=true"
networks:
tm-net:
caddy-net:
volumes:
- ${DATA_PATH}/import:/opt/app/import
cap_drop:
- all
database:
container_name: teslamate-postgres
image: postgres:16
restart: unless-stopped
environment:
- POSTGRES_USER=${TM_DB_USER}
- POSTGRES_PASSWORD=${TM_DB_PASS}
- POSTGRES_DB=${TM_DB_NAME}
networks:
tm-net:
volumes:
- ${DATA_PATH}/postgres-data:/var/lib/postgresql/data
pgadmin:
container_name: teslamate-pgadmin4
image: dpage/pgadmin4
restart: unless-stopped
environment:
- PGADMIN_DEFAULT_EMAIL=${PG_USER}
- PGADMIN_DEFAULT_PASSWORD=${PG_PASS}
labels:
- "com.centurylinklabs.watchtower.enable=true"
networks:
tm-net:
ports:
- 5050:80
volumes:
- ${DATA_PATH}/pgadmin-data:/var/lib/pgadmin
grafana:
container_name: teslamate-grafana
image: teslamate/grafana:latest
restart: unless-stopped
environment:
- DATABASE_USER=${TM_DB_USER}
- DATABASE_PASS=${TM_DB_PASS}
- DATABASE_NAME=${TM_DB_NAME}
- DATABASE_HOST=database
- GRAFANA_PASSWD=${GRAFANA_PW}
- GF_SECURITY_ADMIN_USER=${GRAFANA_USER}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PW}
- GF_AUTH_BASIC_ENABLED=true
- GF_AUTH_ANONYMOUS_ENABLED=false
- GF_SERVER_DOMAIN=${FQDN_TM}
- GF_SERVER_ROOT_URL=%(protocol)s://%(domain)s/grafana
- GF_SERVER_SERVE_FROM_SUB_PATH=true
- GF_SMTP_ENABLED=true
- GF_SMTP_FROM_NAME=${GF_SMTPNAME}
- GF_SMTP_FROM_ADDRESS=${GF_SMTPSENDER}
- GF_SMTP_HOST=${GF_SMTPHOST}
- GF_SMTP_USER=${GF_SMTPUSER}
- GF_SMTP_PASSWORD=${GF_SMTPPASS}
- GF_SMTP_SKIP_VERIFY=false
networks:
tm-net:
caddy-net:
labels:
- "com.centurylinklabs.watchtower.enable=true"
volumes:
- ${DATA_PATH}/grafana-data:/var/lib/grafana
mosquitto:
container_name: teslamate-mosquitto
image: eclipse-mosquitto
restart: unless-stopped
command: mosquitto -c /mosquitto-no-auth.conf
networks:
tm-net:
labels:
- "com.centurylinklabs.watchtower.enable=true"
volumes:
- ${DATA_PATH}/mosquitto-conf:/mosquitto/config
- ${DATA_PATH}/mosquitto-data:/mosquitto/data
volumes:
teslamate-db:
teslamate-grafana-data:
mosquitto-conf:
mosquitto-data:
networks:
tm-net:
name: teslamate-net
caddy-net:
external: true
name: caddy-net
`
