Non-Local Version #1

@dextmorgn commented on GitHub (Oct 24, 2025):

Hey Matt,
It should be suitable for a non-local manner, but for now only a local config is provided. The app is designed so that multiple users can be part of multiple investigations and thus share sketches and analysis with other "local" contributors.

You might want to look at origins array here https://github.com/reconurge/flowsint/blob/main/flowsint-api/app/main.py and update it accordingly:

origins = [
    "http://my-ip-1:3000",
    "http://my-ip-2:3000",
    "http://my-ip-3:3000",
]

This list indicates the allowed origins to make requests to the api.

Making a non-local deployment config is definetly on the whishlist, so let me know if you make any progress !

@dextmorgn commented on GitHub (Oct 24, 2025): Hey Matt, It should be suitable for a non-local manner, but for now only a local config is provided. The app is designed so that multiple users can be part of multiple investigations and thus share sketches and analysis with other "local" contributors. You might want to look at `origins` array here [https://github.com/reconurge/flowsint/blob/main/flowsint-api/app/main.py](https://github.com/reconurge/flowsint/blob/main/flowsint-api/app/main.py) and update it accordingly: ```python origins = [ "http://my-ip-1:3000", "http://my-ip-2:3000", "http://my-ip-3:3000", ] ``` This list indicates the allowed origins to make requests to the api. Making a non-local deployment config is definetly on the whishlist, so let me know if you make any progress !

GiteaMirror commented

@PhineusPogo commented on GitHub (Oct 27, 2025):

Hello,

I have tried adding IPs on origins but it's not working. It seems that it also miss the 5001 opening port on docker-compose.
Even if i add 5001 port on docker-compose, i have error "failed to fetch" when i try to create an account or login.

Do you have any ideas about what needs to be changed ?

@PhineusPogo commented on GitHub (Oct 27, 2025): Hello, I have tried adding IPs on origins but it's not working. It seems that it also miss the 5001 opening port on docker-compose. Even if i add 5001 port on docker-compose, i have error "failed to fetch" when i try to create an account or login. Do you have any ideas about what needs to be changed ?

GiteaMirror commented

@dextmorgn commented on GitHub (Oct 27, 2025):

Hey @PhineusPogo,

What exactly are you trying to achieve ? Did you manage to make it run locally first ?

@dextmorgn commented on GitHub (Oct 27, 2025): Hey @PhineusPogo, What exactly are you trying to achieve ? Did you manage to make it run locally first ?

GiteaMirror commented

@PhineusPogo commented on GitHub (Oct 27, 2025):

I try to install it on local server and exposed it to other device on same network.
Yes locally it works well when i join it on localhost.

@PhineusPogo commented on GitHub (Oct 27, 2025): I try to install it on local server and exposed it to other device on same network. Yes locally it works well when i join it on localhost.

GiteaMirror commented

@dextmorgn commented on GitHub (Oct 27, 2025):

Hosting should need a dedicated documentation, but to give you an idea, you would probably need to update a few components.

if you try to reach the server with curl from your other device:

curl -w " %{http_code}\n" http://<your-server-ip>:5001/api/keys
#> {"detail":"Not authenticated"} 401

If your server is reachable, you should get a 401, otherwise you would get a connection error.

curl: (7) Failed to connect to <your-server-ip> port 5001 after 59 ms: Couldn't connect to server

Let's check that your server responds first, as the docker-compose should normally expose port 5001.

@dextmorgn commented on GitHub (Oct 27, 2025): Hosting should need a dedicated documentation, but to give you an idea, you would probably need to update a few components. if you try to reach the server with curl from your other device: ```bash curl -w " %{http_code}\n" http://<your-server-ip>:5001/api/keys #> {"detail":"Not authenticated"} 401 ``` If your server is reachable, you should get a 401, otherwise you would get a connection error. ```bash curl: (7) Failed to connect to <your-server-ip> port 5001 after 59 ms: Couldn't connect to server ``` Let's check that your server responds first, as the docker-compose should normally expose port 5001.

GiteaMirror commented

2025-11-11 11:49:16 -06:00

@PhineusPogo commented on GitHub (Oct 27, 2025):

Please find the result below (both commands are launched on hosting server) :
192.168.X.X as IP of hosting server

curl http://192.168.X.X:5001/docs
curl: (7) Failed to connect to 192.168.X.X port 5001 after 0 ms: Couldn't connect to server

curl http://127.0.0.1:5001/docs
RESULT OK

@PhineusPogo commented on GitHub (Oct 27, 2025): Please find the result below (both commands are launched on hosting server) : 192.168.X.X as IP of hosting server curl http://192.168.X.X:5001/docs curl: (7) Failed to connect to 192.168.X.X port 5001 after 0 ms: Couldn't connect to server curl http://127.0.0.1:5001/docs RESULT OK

GiteaMirror commented

@dextmorgn commented on GitHub (Oct 28, 2025):

If you ran it with make prod or make dev, it should work fine as it's using --host 0.0.0.0, making the service accessible on all network interfaces including the local IP.

So if you still cannot access it, we could investigate more. Could you check that it's not a docker issue and make sure the container is correctly exposing the port:

docker ps | grep 5001

#> c7d71dd8965f   flowsint-prod-api   "/app/flowsint-api/e…"   23 hours ago   Up 20 hours   0.0.0.0:5001->5001/tcp       flowsint-api-prod
#>  b701859de201   flowsint-prod-celery   "/app/flowsint-api/e…"   23 hours ago   Up 23 hours   5001/tcp      flowsint-celery-prod

If you see 0.0.0.0:5001->5001/tcp the port is exposed and is likely another issue that we could start working on : network, device, etc.

@dextmorgn commented on GitHub (Oct 28, 2025): If you ran it with `make prod` or `make dev`, it should work fine as it's using `--host 0.0.0.0`, making the service accessible on all network interfaces including the local IP. So if you still cannot access it, we could investigate more. Could you check that it's not a docker issue and make sure the container is correctly exposing the port: ```bash docker ps | grep 5001 #> c7d71dd8965f flowsint-prod-api "/app/flowsint-api/e…" 23 hours ago Up 20 hours 0.0.0.0:5001->5001/tcp flowsint-api-prod #> b701859de201 flowsint-prod-celery "/app/flowsint-api/e…" 23 hours ago Up 23 hours 5001/tcp flowsint-celery-prod ``` If you see `0.0.0.0:5001->5001/tcp` the port is exposed and is likely another issue that we could start working on : network, device, etc.

GiteaMirror commented

2025-11-11 11:49:16 -06:00

@PhineusPogo commented on GitHub (Oct 28, 2025):

Hi,
The port is well exposed with command make prod

docker ps | grep 5001
36dc6ade3bba   flowsint-prod-celery                "/app/flowsint-api/e…"   17 hours ago   Up 17 hours             5001/tcp                                                                                         flowsint-celery-prod
d2e5300c382b   flowsint-prod-api                   "/app/flowsint-api/e…"   17 hours ago   Up 17 hours             0.0.0.0:5001->5001/tcp, :::5001->5001/tcp                                                        flowsint-api-prod

@PhineusPogo commented on GitHub (Oct 28, 2025): Hi, The port is well exposed with command make prod ``` docker ps | grep 5001 36dc6ade3bba flowsint-prod-celery "/app/flowsint-api/e…" 17 hours ago Up 17 hours 5001/tcp flowsint-celery-prod d2e5300c382b flowsint-prod-api "/app/flowsint-api/e…" 17 hours ago Up 17 hours 0.0.0.0:5001->5001/tcp, :::5001->5001/tcp flowsint-api-prod ```

GiteaMirror commented

2025-11-11 11:49:16 -06:00

@dextmorgn commented on GitHub (Oct 28, 2025):

What type of OS are you exposing the service from ? Is it a linux machine, MacOS ?

@dextmorgn commented on GitHub (Oct 28, 2025): What type of OS are you exposing the service from ? Is it a linux machine, MacOS ?

GiteaMirror commented

@PhineusPogo commented on GitHub (Oct 28, 2025):

It's a Debian 12

@PhineusPogo commented on GitHub (Oct 28, 2025): It's a Debian 12

GiteaMirror commented

@dextmorgn commented on GitHub (Oct 28, 2025):

Great, the port is exposed, so it's maybe a network issue.

run:

sudo ss -tulnp | grep 5001

You should see something like LISTEN 0 128 0.0.0.0:5001 or LISTEN 0 128 [::]:5001.

Then check your firewall:

sudo ufw status

If it's active, try allowing the port:

sudo ufw allow 5001/tcp

@dextmorgn commented on GitHub (Oct 28, 2025): Great, the port is exposed, so it's maybe a network issue. run: ```bash sudo ss -tulnp | grep 5001 ``` You should see something like `LISTEN 0 128 0.0.0.0:5001` or `LISTEN 0 128 [::]:5001`. Then check your firewall: ```bash sudo ufw status ``` If it's active, try allowing the port: ```bash sudo ufw allow 5001/tcp ```

GiteaMirror commented

@PhineusPogo commented on GitHub (Oct 28, 2025):

ss -tulnp | grep 5001
tcp   LISTEN 0      4096         0.0.0.0:5001       0.0.0.0:*    users:(("docker-proxy",pid=112271,fd=4))
tcp   LISTEN 0      4096            [::]:5001          [::]:*    users:(("docker-proxy",pid=112277,fd=4))

Ufw is inactive.

@PhineusPogo commented on GitHub (Oct 28, 2025): ```shell ss -tulnp | grep 5001 tcp LISTEN 0 4096 0.0.0.0:5001 0.0.0.0:* users:(("docker-proxy",pid=112271,fd=4)) tcp LISTEN 0 4096 [::]:5001 [::]:* users:(("docker-proxy",pid=112277,fd=4)) ``` Ufw is inactive.

GiteaMirror commented

@dextmorgn commented on GitHub (Oct 29, 2025):

@PhineusPogo,

Your request is not left behind, I'll try to reproduce your issue on my side. It's likely a network issue, unrelated to the services themselves, at least for now.

Once we know services can be reached, we'll focus on updating the allowed origins part.

If you make any progress on this, please keep in touch here ! 🙂

@dextmorgn commented on GitHub (Oct 29, 2025): @PhineusPogo, Your request is not left behind, I'll try to reproduce your issue on my side. It's likely a network issue, unrelated to the services themselves, at least for now. Once we know services can be reached, we'll focus on updating the allowed origins part. If you make any progress on this, please keep in touch here ! 🙂

GiteaMirror commented

@rboxem commented on GitHub (Oct 31, 2025):

Im having the same issue. After changing the Vite config to allow connections from non local host I can reach the webpage from other clients on my network, but when I try to sign in it says: "Failed to fetch".
Localhost works fine, but normally I run all my docker apps on a headless server.

@rboxem commented on GitHub (Oct 31, 2025): Im having the same issue. After changing the Vite config to allow connections from non local host I can reach the webpage from other clients on my network, but when I try to sign in it says: "Failed to fetch". Localhost works fine, but normally I run all my docker apps on a headless server. <img width="581" height="532" alt="Image" src="https://github.com/user-attachments/assets/8e1ddcf0-b1a9-490f-84de-71653469971c" />

GiteaMirror commented

@dextmorgn commented on GitHub (Oct 31, 2025):

Hey @rboxem,

Have you modified allow list in flowsint/flowsint-api/app/main.py too ?

Try changing the origins array to accept requests from any location:

# flowsint/flowsint-api/app/main.py
# Before
origins = [
    "http://localhost:5174",
        ...
]

# Change to
origins = ["*"]

Then re-launch the container and see if the problem persists.

@dextmorgn commented on GitHub (Oct 31, 2025): Hey @rboxem, Have you modified allow list in `flowsint/flowsint-api/app/main.py` too ? Try changing the `origins` array to accept requests from any location: ```python # flowsint/flowsint-api/app/main.py # Before origins = [ "http://localhost:5174", ... ] # Change to origins = ["*"] ``` Then re-launch the container and see if the problem persists.

GiteaMirror commented

@rboxem commented on GitHub (Oct 31, 2025):

@EliottElek Yeah I already added my 'debian' host with ports to the main.py. I now commented it out and changed it to allow all like you propose, but still 'Failed to fetch'. Let me know if you need any logfile or something in which you might expect more information. btw (just FYI) after any changes i'm deleting the containers and 'make prod' again.

@rboxem commented on GitHub (Oct 31, 2025): @EliottElek Yeah I already added my 'debian' host with ports to the main.py. I now commented it out and changed it to allow all like you propose, but still 'Failed to fetch'. Let me know if you need any logfile or something in which you might expect more information. btw (just FYI) after any changes i'm deleting the containers and 'make prod' again.

GiteaMirror commented

@dextmorgn commented on GitHub (Oct 31, 2025):

@rboxem I'll try to reproduce it on my side and come back to you, I'll let you know ! Very likely, your problem and @PhineusPogo's are related.

@dextmorgn commented on GitHub (Oct 31, 2025): @rboxem I'll try to reproduce it on my side and come back to you, I'll let you know ! Very likely, your problem and @PhineusPogo's are related.

GiteaMirror commented

@dextmorgn commented on GitHub (Oct 31, 2025):

@rboxem if you curl http://<your-server-ip>:5001 from your one of your clients, what do you get ?

@dextmorgn commented on GitHub (Oct 31, 2025): @rboxem if you `curl http://<your-server-ip>:5001` from your one of your clients, what do you get ?

GiteaMirror commented

@rboxem commented on GitHub (Oct 31, 2025):

@rboxem if you curl http://<your-server-ip>:5001 from your one of your clients, what do you get ?

{"detail":"Not Found"}%

Thats from 2 different clients, same result

@rboxem commented on GitHub (Oct 31, 2025): > [@rboxem](https://github.com/rboxem) if you `curl http://<your-server-ip>:5001` from your one of your clients, what do you get ? `{"detail":"Not Found"}%` Thats from 2 different clients, same result

GiteaMirror commented

@dextmorgn commented on GitHub (Oct 31, 2025):

Great, your service is indeed reachable, so we can exclude the network issue.

I manage to make it work on my network, with a couple of changes that I just pushed :

I changed the docker-compose files + vite.config.ts api values to use only the VITE_API_URL fro the .env.
I changed origins to ["*"] in flowsint-api/app/main.py (you can leave like that or adapt to your setup for safety reasons)

Also :

btw (just FYI) after any changes i'm deleting the containers and 'make prod' again.

Good thing you mentionned it, as deleting the containers it not enough to see changes, running make prod will only recreate and re-run the containers if the images are already created. But in your case the images are unchanged, so you need to also re-create the images. I would suggest running :

stop the containers and delete images:

make stop
docker image rm flowsint-prod-app flowsint-prod-api

Then pull latest fixes:

cd flowsint
git pull --rebase # fetch latest fixes and rebase

Then remove the .env files:

rm .env ./flowsint-app/.env ./flowsint-api/.env ./flowsint-core/.env

Update env.example:

...
VITE_API_URL=http://127.0.0.1:5001 ⚠️ # Update to your IP
...

Finally, run make prod again, and let me know !

@dextmorgn commented on GitHub (Oct 31, 2025): Great, your service is indeed reachable, so we can exclude the network issue. I manage to make it work on my network, with a couple of changes that I just pushed : - I changed the `docker-compose` files + `vite.config.ts` api values to use only the `VITE_API_URL` fro the `.env`. - I changed `origins` to `["*"]` `in flowsint-api/app/main.py` (you can leave like that or adapt to your setup for safety reasons) Also : > btw (just FYI) after any changes i'm deleting the containers and 'make prod' again. Good thing you mentionned it, as deleting the containers it not enough to see changes, running `make prod` will only recreate and re-run the containers if the images are already created. But in your case the images are unchanged, so you need to also re-create the images. I would suggest running : stop the containers and delete images: ```bash make stop docker image rm flowsint-prod-app flowsint-prod-api ``` Then pull latest fixes: ```bash cd flowsint git pull --rebase # fetch latest fixes and rebase ``` Then remove the `.env` files: ```bash rm .env ./flowsint-app/.env ./flowsint-api/.env ./flowsint-core/.env ``` Update `env.example`: ```bash ... VITE_API_URL=http://127.0.0.1:5001 ⚠️ # Update to your IP ... ``` Finally, run `make prod` again, and let me know !

GiteaMirror commented

@rboxem commented on GitHub (Oct 31, 2025):

Its working! Only minor detail now is that it doesnt resolve based on hostname, but it does with the IP adress in the browser.

@rboxem commented on GitHub (Oct 31, 2025): Its working! Only minor detail now is that it doesnt resolve based on hostname, but it does with the IP adress in the browser.

GiteaMirror commented

@dextmorgn commented on GitHub (Oct 31, 2025):

Great to hear !

Do you have a local DNS ? Do you use it behind a proxy ?

@dextmorgn commented on GitHub (Oct 31, 2025): Great to hear ! Do you have a local DNS ? Do you use it behind a proxy ?

GiteaMirror commented

@rboxem commented on GitHub (Oct 31, 2025):

Great to hear !

Do you have a local DNS ? Do you use it behind a proxy ?

No and no, but its time to set one up I guess ;).

! Before closing this issue. I'm testing differences for the local host and the client.. the client can not add any items. The localhost can.

Error on client:

@rboxem commented on GitHub (Oct 31, 2025): > Great to hear ! > > Do you have a local DNS ? Do you use it behind a proxy ? No and no, but its time to set one up I guess ;). ! Before closing this issue. I'm testing differences for the local host and the client.. the client can not add any items. The localhost can. Error on client: <img width="375" height="68" alt="Image" src="https://github.com/user-attachments/assets/bcd58849-b68a-4161-8488-3fcf06193be6" />

GiteaMirror commented

@dextmorgn commented on GitHub (Oct 31, 2025):

Yep, I just found out too and just fixed it a couple minutes ago (issue https://github.com/reconurge/flowsint/issues/24).

just like before, rebase and rerun and you'll be good to go !

make stop
docker image rm flowsint-prod-app
make prod

Thanks for pointing it out.

@dextmorgn commented on GitHub (Oct 31, 2025): Yep, I just found out too and just fixed it a couple minutes ago (issue https://github.com/reconurge/flowsint/issues/24). just like before, rebase and rerun and you'll be good to go ! ```bash make stop docker image rm flowsint-prod-app make prod ``` Thanks for pointing it out.

GiteaMirror commented

@rboxem commented on GitHub (Oct 31, 2025):

Working for me as well. Thanks!

@rboxem commented on GitHub (Oct 31, 2025): Working for me as well. Thanks!

GiteaMirror commented