Add full monorepo: virtual-banker, backend, frontend, docs, scripts, deployment

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-10 11:32:49 -08:00
parent aafcd913c2
commit 88bc76da91
815 changed files with 125522 additions and 264 deletions
--- a/NPMPLUS_CONNECTION_REFUSED_FIX.md
+++ b/NPMPLUS_CONNECTION_REFUSED_FIX.md
@@ -0,0 +1,195 @@
+# NPMplus Connection Refused - Diagnosis & Fix
+
+**Date**: 2026-01-21  
+**Issue**: 192.168.11.166 refused to connect (ERR_CONNECTION_REFUSED)
+
+---
+
+## Current Status
+
+### ✅ What's Working
+- NPMplus container (VMID 10233) is running
+- Docker container `npmplus` is running and healthy
+- Nginx is running inside Docker container
+- NPMplus is listening on 0.0.0.0:80 and 0.0.0.0:443 (inside container)
+- Container can access localhost:80 (HTTP 200)
+- Container has correct IP: 192.168.11.166/24
+- Ping works to 192.168.11.166
+
+### ❌ What's Not Working
+- **Connection refused** from external hosts to 192.168.11.166:80/443
+- Connection refused even from Proxmox host (r630-01)
+- No connection attempts reaching NPMplus logs
+
+---
+
+## Root Cause Analysis
+
+### Key Findings
+
+1. **Docker Network Mode**: `host` (container uses host network directly)
+2. **Container Network**: Two interfaces configured:
+   - `eth0`: 192.168.11.166/24 (net0)
+   - `eth1`: 192.168.11.167/24 (net1)
+3. **NPMplus Listening**: 0.0.0.0:80/443 (should accept all interfaces)
+4. **Connection Refused**: Even from same host
+
+### Possible Causes
+
+1. **Docker host network mode in LXC container**
+   - Docker `host` network mode may not work correctly in LXC containers
+   - LXC container network namespace may conflict with Docker host network
+
+2. **NPMplus binding to wrong interface**
+   - May be binding to localhost only despite showing 0.0.0.0
+   - May need to explicitly bind to container IP
+
+3. **Firewall rules blocking**
+   - Container firewall may be blocking
+   - Proxmox host firewall may be blocking
+   - UDM Pro firewall may be blocking
+
+4. **Network namespace issue**
+   - Docker host network in LXC may create namespace conflicts
+   - Ports may not be properly exposed to container network
+
+---
+
+## Diagnostic Commands
+
+### Check Container Network
+```bash
+ssh root@r630-01
+pct exec 10233 -- ip addr show
+pct exec 10233 -- ss -tlnp | grep -E ":80 |:443 "
+```
+
+### Test from Container
+```bash
+pct exec 10233 -- curl -I http://localhost:80
+pct exec 10233 -- curl -I http://192.168.11.166:80
+```
+
+### Test from Host
+```bash
+curl -v http://192.168.11.166:80
+curl -v http://192.168.11.167:80
+```
+
+### Check Docker Network
+```bash
+pct exec 10233 -- docker inspect npmplus --format "{{.HostConfig.NetworkMode}}"
+pct exec 10233 -- docker network inspect host
+```
+
+---
+
+## Recommended Fixes
+
+### Fix 1: Change Docker Network Mode (Recommended)
+
+**Problem**: Docker `host` network mode may not work correctly in LXC containers.
+
+**Solution**: Change to bridge network mode and publish ports:
+
+```bash
+ssh root@r630-01
+
+# Stop NPMplus container
+pct exec 10233 -- docker stop npmplus
+
+# Remove old container (keep data volume)
+pct exec 10233 -- docker rm npmplus
+
+# Recreate with bridge network and port mapping
+pct exec 10233 -- docker run -d \
+  --name npmplus \
+  --restart unless-stopped \
+  -p 80:80 \
+  -p 443:443 \
+  -p 81:81 \
+  -v /data/npmplus:/data \
+  -v /data/letsencrypt:/etc/letsencrypt \
+  zoeyvid/npmplus:latest
+
+# Verify
+pct exec 10233 -- docker ps | grep npmplus
+pct exec 10233 -- ss -tlnp | grep -E ":80 |:443 "
+```
+
+**Test**:
+```bash
+curl -I http://192.168.11.166:80
+```
+
+### Fix 2: Check and Fix Firewall Rules
+
+**Check container firewall**:
+```bash
+pct exec 10233 -- iptables -L -n -v
+```
+
+**If blocking, add allow rules**:
+```bash
+pct exec 10233 -- iptables -I INPUT -p tcp --dport 80 -j ACCEPT
+pct exec 10233 -- iptables -I INPUT -p tcp --dport 443 -j ACCEPT
+```
+
+### Fix 3: Verify NPMplus Nginx Configuration
+
+**Check NPMplus nginx config**:
+```bash
+pct exec 10233 -- docker exec npmplus cat /etc/nginx/nginx.conf | grep listen
+```
+
+**If binding to localhost, fix**:
+```bash
+# Access NPMplus dashboard
+# https://192.168.11.166:81
+# Check nginx configuration
+# Ensure it's binding to 0.0.0.0, not 127.0.0.1
+```
+
+### Fix 4: Check Proxmox Host Firewall
+
+**Check host firewall**:
+```bash
+ssh root@r630-01
+iptables -L -n -v | grep 192.168.11.166
+```
+
+**If blocking, add allow rules**:
+```bash
+iptables -I FORWARD -d 192.168.11.166 -p tcp --dport 80 -j ACCEPT
+iptables -I FORWARD -d 192.168.11.166 -p tcp --dport 443 -j ACCEPT
+```
+
+---
+
+## Quick Test After Fix
+
+```bash
+# From any host on network
+curl -I http://192.168.11.166:80
+curl -I https://192.168.11.166:443 -k
+
+# Should return HTTP 200 or 301/302
+```
+
+---
+
+## Most Likely Solution
+
+**Docker host network mode in LXC containers is problematic.**
+
+**Recommended**: Change NPMplus Docker container to use bridge network mode with port mapping (`-p 80:80 -p 443:443`).
+
+This will properly expose ports to the LXC container's network interface, making them accessible from outside the container.
+
+---
+
+## Status
+
+**Current**: Connection refused - NPMplus not accessible  
+**Action**: Change Docker network mode from `host` to `bridge` with port mapping  
+**Priority**: **HIGH** - Blocks all external access to explorer