kenjim/www.kenjim.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix contact form: use host networking to reach Proton Bridge SMTP

Browse Source 
Both containers now run in network_mode: host so the API can connect
directly to Proton Bridge on 127.0.0.1:1025. The pfSense search domain
(home.arpa) was leaking into Docker DNS and causing NXDOMAIN failures
for inter-container hostnames. Host networking bypasses this entirely.

- docker-compose: both services use network_mode: host
- nginx: listen on 8080 (was 80), proxy /api/ to 127.0.0.1:3001
- server.js: allow self-signed TLS cert from Proton Bridge

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Kenji M
2026-06-19 16:12:14 +00:00
parent f8997a6199
commit 4bd31b0728
3 changed files with 7 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
backend/server.js
View File

@@ -14,6 +14,7 @@ const transporter = nodemailer.createTransport({
user: process.env.SMTP_USER, user: process.env.SMTP_USER,
pass: process.env.SMTP_PASS, pass: process.env.SMTP_PASS,
}, },
tls: { rejectUnauthorized: false },
}) })
app.post('/contact', async (req, res) => { app.post('/contact', async (req, res) => {

4
docker-compose.yml
View File

@@ -2,8 +2,7 @@ services:
frontend: frontend:
build: ./frontend build: ./frontend
container_name: www-kenjim-frontend container_name: www-kenjim-frontend
ports: network_mode: host
- "8080:80"
depends_on: depends_on:
- api - api
restart: always restart: always
@@ -11,5 +10,6 @@ services:
api: api:
build: ./backend build: ./backend
container_name: www-kenjim-api container_name: www-kenjim-api
network_mode: host
env_file: .env env_file: .env
restart: always restart: always

11
frontend/nginx.conf
View File

@@ -1,19 +1,16 @@
server { server {
listen 80; listen 8080;
root /usr/share/nginx/html; root /usr/share/nginx/html;
index index.html; index index.html;
# SPA routing — return index.html for all non-file routes
location / { location / {
try_files $uri $uri/ /index.html; try_files $uri $uri/ /index.html;
} }
# Proxy API calls to the backend container # Both containers share host network; api is on localhost:3001.
# Use Docker's internal DNS resolver so upstream resolves at request time # Trailing slash strips the /api/ prefix before forwarding.
resolver 127.0.0.11 valid=10s;
set $api http://api:3001;
location /api/ { location /api/ {
proxy_pass $api/; proxy_pass http://127.0.0.1:3001/;
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;