Not clear how to configure hashmail when unable to bind to external IP

[echennells]

As explained here https://docs.lightning.engineering/lightning-network-tools/aperture/mailbox#docs-internal-guid-6f5d734c-7fff-7276-2045-8790bdb8ac96 , it is not possible to bind to the external IP used in many VPS setups. This is because it's behind NAT and the external IP doesn't terminate on the VM.

My question is, is it possible to use the hashmail feature of aperture with this networking setup? Part of the solution is to set listenaddr: "0.0.0.0:443" to bind to an externally accessible interface, but when I do this I get the following error when trying to connect via lnc:

[DBG] PRXY: No backend service matched request [lightning.brodie.rocks:443/hashmailrpc.HashMail/RecvStream].

I'm guessing the problem is no service is defined for that FQDN because it is bound to 0.0.0.0 ? I looked through how to configure services but it all seems geared towards LSAT configuration, where in this case I'm only interested in setting up a hashmail proxy.

aperture.yaml used:
listenaddr: "0.0.0.0:443" debuglevel: "trace" autocert: false servername: lightning.brodie.rocks authenticator: disable: true hashmail: enabled: true messagerate: 1ms messageburstallowance: 99999999 prometheus: enabled: false

Thanks for any tips/suggestions.

[guggero]

You're doing everything correctly. I think this might just be a red herring because of the DBG message being logged?
I'm running aperture locally on localhost:11110 and can connect no problem.
I do see the same message, but then followed immediately by "Dispatching request ... to local service" which is what the Hashmail service is:

2024-03-25 09:26:04.518 [DBG] PRXY: No backend service matched request [localhost:11110/v1/lightning-node-connect/hashmail/send].
2024-03-25 09:26:04.518 [DBG] PRXY: 127.0.0.1 Dispatching request /v1/lightning-node-connect/hashmail/send to local service.

I tested it with REST but the same should be true for the gRPC interface. So maybe things work?
If not, can you share more of the log please?

[echennells]

I am unable to connect to from my zeus wallet via LNC using my hashmail install, it just says "failed to connect from LNC client to the proxy server".

I have verified with wireshark that the connection from my phone with zeus on it is getting through to my aperture and they are having some sort of a conversation.

I was wondering about "WS: socket closed: read tcp 172.16.0.10:443->:59661: use of closed network connection" , the 172 address is the local interface on the VM, its not the external interface. Not sure if that is relevant.

2024-03-27 17:42:49.461 [DBG] PRXY: No backend service matched request [lightning.brodie.rocks:443/v1/lightning-node-connect/hashmail/receive].
2024-03-27 17:42:49.462 [DBG] PRXY: <phone ip> Dispatching request /v1/lightning-node-connect/hashmail/receive to local service.
2024-03-27 17:42:49.540 [DBG] PRXY: No backend service matched request [0.0.0.0:443/hashmailrpc.HashMail/RecvStream].
2024-03-27 17:42:49.540 [DBG] PRXY: 127.0.0.1 Dispatching request /hashmailrpc.HashMail/RecvStream to local service.
2024-03-27 17:42:49.541 [TRC] APER: HashMailStream(fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57): requesting read stream
2024-03-27 17:42:49.541 [DBG] APER: New HashMail read stream: id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:49.541 [TRC] APER: Read 2 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:49.615 [TRC] APER: Sending msg_len=1 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:49.615 [TRC] APER: Read 1 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:49.757 [TRC] APER: Sending msg_len=59 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:49.757 [TRC] APER: Read 59 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:49.815 [TRC] APER: Sending msg_len=2 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:49.815 [TRC] APER: Read 2 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:49.889 [TRC] APER: WS: socket closed: read tcp 172.16.0.10:443-><phone ip>:59656: use of closed network connection
2024-03-27 17:42:49.889 [INF] PRXY: <phone ip> - - "GET /v1/lightning-node-connect/hashmail/send?method=POST HTTP/1.1" "" "Go-http-client/1.1"
2024-03-27 17:42:50.032 [DBG] PRXY: No backend service matched request [lightning.brodie.rocks:443/v1/lightning-node-connect/hashmail/receive].
2024-03-27 17:42:50.032 [DBG] PRXY: <phone ip> Dispatching request /v1/lightning-node-connect/hashmail/receive to local service.
2024-03-27 17:42:50.092 [TRC] APER: Sending msg_len=1878 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.092 [TRC] APER: Read 1878 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.095 [DBG] PRXY: No backend service matched request [0.0.0.0:443/hashmailrpc.HashMail/RecvStream].
2024-03-27 17:42:50.095 [DBG] PRXY: 127.0.0.1 Dispatching request /hashmailrpc.HashMail/RecvStream to local service.
2024-03-27 17:42:50.096 [TRC] APER: HashMailStream(fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57): requesting read stream
2024-03-27 17:42:50.096 [INF] PRXY: 127.0.0.1 - - "POST /hashmailrpc.HashMail/RecvStream HTTP/2.0" "" "grpc-go/1.59.0"
2024-03-27 17:42:50.097 [TRC] APER: WS: socket closed: read tcp 172.16.0.10:443-><phone ip>:59661: use of closed network connection
2024-03-27 17:42:50.097 [INF] PRXY: <phone ip> - - "GET /v1/lightning-node-connect/hashmail/receive?method=POST HTTP/1.1" "" "Go-http-client/1.1"
2024-03-27 17:42:50.164 [TRC] APER: Sending msg_len=2 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.165 [TRC] APER: Read 2 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.169 [TRC] APER: Sending msg_len=75 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.170 [TRC] APER: Read 75 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.172 [TRC] APER: Sending msg_len=2 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.173 [TRC] APER: Read 2 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.173 [TRC] APER: Sending msg_len=27 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.174 [TRC] APER: Read 27 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.174 [TRC] APER: Sending msg_len=40 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.175 [TRC] APER: Read 40 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.175 [TRC] APER: Sending msg_len=27 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.176 [TRC] APER: Read 27 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.176 [TRC] APER: Sending msg_len=49 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.178 [TRC] APER: Read 49 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.177 [TRC] APER: Sending msg_len=2 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.179 [TRC] APER: Read 2 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.178 [TRC] APER: Sending msg_len=27 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.179 [TRC] APER: Sending msg_len=2 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.180 [TRC] APER: Read 2 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.180 [TRC] APER: Read 27 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.180 [TRC] APER: Sending msg_len=34 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.182 [TRC] APER: Read 34 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.181 [TRC] APER: Sending msg_len=2 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.183 [TRC] APER: Read 2 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.183 [TRC] APER: Sending msg_len=2 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.184 [TRC] APER: Read 2 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.184 [TRC] APER: Sending msg_len=27 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.185 [TRC] APER: Read 27 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.185 [TRC] APER: Sending msg_len=34 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.185 [TRC] APER: Read 34 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.249 [TRC] APER: Sending msg_len=2 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.249 [TRC] APER: Read 2 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.250 [TRC] APER: Sending msg_len=2 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.251 [TRC] APER: Read 2 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.251 [TRC] APER: Sending msg_len=27 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.252 [TRC] APER: Read 27 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.252 [TRC] APER: Sending msg_len=34 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.253 [TRC] APER: Read 34 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.253 [TRC] APER: Sending msg_len=2 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.254 [TRC] APER: Read 2 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.255 [TRC] APER: Sending msg_len=2 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.255 [TRC] APER: Read 2 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c57
2024-03-27 17:42:50.258 [TRC] APER: Sending msg_len=2 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.259 [TRC] APER: Read 2 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.259 [TRC] APER: Sending msg_len=2 to stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:50.260 [TRC] APER: Read 2 bytes for HashMail stream_id=fa917fa040250ef946fc0ecc09f28c28e61a8e96a9fc786cca30ce027d52c2d137e548ca3ea80098dedcf936c5cc9d8d22d9007f665aecb441c1f7d731ff3c56
2024-03-27 17:42:51.922 [DBG] PRXY: No backend service matched request [lightning.brodie.rocks:443/v1/lightning-node-connect/hashmail/send].

[echennells]

I realized that in a browser session in which I'm signed into my nodes lightning terminal, I can use my hashmail proxy to connect my node with terminal.lightning.engineering. So it seems like the proxy is working for that use case. But still no luck from my zeus wallet.

[guggero]

Are you using a self-signed certificate? Maybe Zeus doesn't like that while in the browser you can add an exception and connect anyway?