Not available for use on multiple networks simultaneously(SOLVED) #5226

New Issue

OVERLORD · 2026-02-05T09:50:13+03:00

OVERLORD commented

2026-02-05 09:50:13 +03:00

Originally created by @gryph-soul on GitHub (Mar 18, 2025).

Attempted Debugging

I have read the debugging page

Searched GitHub Issues

I have searched GitHub for the issue.

Describe the Scenario

Hello.
I use this inside the docker container.
BookStack has a hard link to APP_URL, there can only be one IP address.
Accordingly, access is allowed only for one subnet.
But I need to have access for another subnet.
For example, now it is APP_URL=208.123.xxx.xxx
But I need to add APP_URL=172.10.xxx.xxx to be able to open BookStack at 172.10.xxx.xxx.
I tried different configuration methods, including routing rules and iptables, but BookStack stubbornly works only on one APP_URL.

I did a lot of analysis and attempts, but I still couldn’t make BookStack accessible from two networks at the same time, this is disappointing because I can't access bookstack from network 172.10.xx.xx where I don't have access to 208.123.xxx.xxx.

How can I make it available for multiple networks?

Exact BookStack Version

v24.10-ls167

Log Content

No response

Hosting Environment

host Debian 12
Docker engine 28.0.1

Originally created by @gryph-soul on GitHub (Mar 18, 2025). ### Attempted Debugging - [x] I have read the debugging page ### Searched GitHub Issues - [x] I have searched GitHub for the issue. ### Describe the Scenario Hello. I use this inside the docker container. BookStack has a hard link to APP_URL, there can only be one IP address. Accordingly, access is allowed only for one subnet. But I need to have access for another subnet. For example, now it is APP_URL=208.123.xxx.xxx But I need to add APP_URL=172.10.xxx.xxx to be able to open BookStack at 172.10.xxx.xxx. I tried different configuration methods, including routing rules and iptables, but BookStack stubbornly works only on one APP_URL. I did a lot of analysis and attempts, but I still couldn’t make BookStack accessible from two networks at the same time, this is disappointing because I can't access bookstack from network 172.10.xx.xx where I don't have access to 208.123.xxx.xxx. How can I make it available for multiple networks? ### Exact BookStack Version v24.10-ls167 ### Log Content _No response_ ### Hosting Environment host Debian 12 Docker engine 28.0.1

OVERLORD added the 🐕 Support label 2026-02-05 09:50:13 +03:00

OVERLORD closed this issue

2026-02-05 09:50:14 +03:00

OVERLORD commented

2026-02-05 09:50:17 +03:00

@ssddanbrown commented on GitHub (Mar 18, 2025):

BookStack only supports being used on one hostname/origin at a time, so using it across multiple hosts is not currently supported or advised. If possible, you may have luck in using a domain name which points to the expected IP depending on location/access-route.

@ssddanbrown commented on GitHub (Mar 18, 2025): BookStack only supports being used on one hostname/origin at a time, so using it across multiple hosts is not currently supported or advised. If possible, you may have luck in using a domain name which points to the expected IP depending on location/access-route.

OVERLORD commented

2026-02-05 09:50:20 +03:00

@gryph-soul commented on GitHub (Mar 18, 2025):

BookStack only supports being used on one hostname/origin at a time, so using it across multiple hosts is not currently supported or advised. If possible, you may have luck in using a domain name which points to the expected IP depending on location/access-route.

Is this possible ?
For Docker, two services are initially created, one is a web interface, and the other is a database.
What if I make two web interface services, one will simply specify one subnet, and the other will specify another subnet.
And these two service instances will access the same database?

@gryph-soul commented on GitHub (Mar 18, 2025): > BookStack only supports being used on one hostname/origin at a time, so using it across multiple hosts is not currently supported or advised. If possible, you may have luck in using a domain name which points to the expected IP depending on location/access-route. Is this possible ? For Docker, two services are initially created, one is a web interface, and the other is a database. What if I make two web interface services, one will simply specify one subnet, and the other will specify another subnet. And these two service instances will access the same database?

OVERLORD commented

2026-02-05 09:50:22 +03:00

@ssddanbrown commented on GitHub (Mar 18, 2025):

It would function, but you'll run into issues since references are retained in content in various locations, since the system has been designed to just use one host address at a time.

@ssddanbrown commented on GitHub (Mar 18, 2025): It would function, but you'll run into issues since references are retained in content in various locations, since the system has been designed to just use one host address at a time.

OVERLORD commented

2026-02-05 09:50:22 +03:00

@gryph-soul commented on GitHub (Mar 18, 2025):

It would function, but you'll run into issues since references are retained in content in various locations, since the system has been designed to just use one host address at a time.

Got it, thanks for explaining.
It's a pity that there is no such functionality, logically I get access to containers from different networks, but BookStack tells me that it is not possible)))
I understand, maybe you have non-standard ideas on how else to solve this issue?
except for another proxy of course...

@gryph-soul commented on GitHub (Mar 18, 2025): > It would function, but you'll run into issues since references are retained in content in various locations, since the system has been designed to just use one host address at a time. Got it, thanks for explaining. It's a pity that there is no such functionality, logically I get access to containers from different networks, but BookStack tells me that it is not possible))) I understand, maybe you have non-standard ideas on how else to solve this issue? except for another proxy of course...

OVERLORD commented

2026-02-05 09:50:25 +03:00

@ssddanbrown commented on GitHub (Mar 18, 2025):

I understand, maybe you have non-standard ideas on how else to solve this issue?

As above, align to use a common domain name, which then points at the desired location where possible.
Using a domain usually provides a lot of extra flexibility, since the IP a domain is pointing to can often be configured a various levels.

@ssddanbrown commented on GitHub (Mar 18, 2025): > I understand, maybe you have non-standard ideas on how else to solve this issue? As above, align to use a common domain name, which then points at the desired location where possible. Using a domain usually provides a lot of extra flexibility, since the IP a domain is pointing to can often be configured a various levels.

OVERLORD commented

2026-02-05 09:50:26 +03:00

@gryph-soul commented on GitHub (Mar 19, 2025):

Maybe I was tired and did something wrong, but this morning I was able to figure it out.
I'll leave this comment for those who encounter the same problem.
Data such as IP addresses and ports in the context of the example are fictitious.

My case implies that I use a WireGuard container and a BookStack container on the same VPS host.
BookStack opens via the public address of the VPS, but with WireGuard connected, there was no access to BookStack when trying to access it via the public address.

Let's assume that your public address is 233.123.43.23 and you use port 666 for the BookStack container.

You must fulfill two conditions:

WireGuard and BookStack containers must use the same local docker network.
Inside the Wireguard container, create rules:
iptables -t nat -A PREROUTING -p tcp --dport 666 -j DNAT --to-destination 120.10.0.10:666
iptables -t nat -A POSTROUTING -p tcp -d 120.10.0.10 --dport 666 -j MASQUERADE

where 120.10.0.10 is the local address of the BookStack container inside the local docker network.

Now when you connect to WireGuard, you can open BookStack using the public address and your port, namely 233.123.43.23:666

@gryph-soul commented on GitHub (Mar 19, 2025): Maybe I was tired and did something wrong, but this morning I was able to figure it out. I'll leave this comment for those who encounter the same problem. Data such as IP addresses and ports in the context of the example are fictitious. My case implies that I use a WireGuard container and a BookStack container on the same VPS host. BookStack opens via the public address of the VPS, but with WireGuard connected, there was no access to BookStack when trying to access it via the public address. Let's assume that your public address is 233.123.43.23 and you use port 666 for the BookStack container. You must fulfill two conditions: 1) WireGuard and BookStack containers must use the same local docker network. 2) Inside the Wireguard container, create rules: iptables -t nat -A PREROUTING -p tcp --dport 666 -j DNAT --to-destination 120.10.0.10:666 iptables -t nat -A POSTROUTING -p tcp -d 120.10.0.10 --dport 666 -j MASQUERADE where 120.10.0.10 is the local address of the BookStack container inside the local docker network. Now when you connect to WireGuard, you can open BookStack using the public address and your port, namely 233.123.43.23:666

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#5226