Self-hosted Anytype over openziti

rand · December 10, 2025, 8:29pm

Hello community!

I’ve successfully installed openziti network and it’s working great with web-services. Recently I’ve tried to install self-hosted Anytype server and it also works fine in my local network. But it doesn’t work over openziti network.

Here is what was used:

original docker-compose of any-sync any-sync-dockercompose/docker-compose.yml at main · anyproto/any-sync-dockercompose · GitHub
openziti service for anytype - intercept and host tcp/udp 1001-1006 and 1011-1016

when I start anytype it says connection is working fine. but it fails few minutes later to sync notices. debug network returns perfect log:

system info: GoOS:linux,Kernel:Linux,Core:6.8.0-88-generic,Platform:x86_64,OS:GNU/Linux,Hostname:tt-IdeaPad-Slim-3,CPUs:8
open TCP conn, addr: at.mydomain.net:1004
TCP conn established, ip:100.64.0.3:1004, dur: 108.411891ms
start handshake
handshake success, dur: 395.769125ms, total: 504.203089ms
open yamux session
yamux session success, dur: 33.877µs, total: 504.255547ms
open sub connection
open sub conn success, dur: 83.681µs, total: 504.35683ms
start proto handshake
proto handshake success, dur: 137.746777ms, total: 642.11164ms
start configuration request
configuration request success, dur: 109.395655ms, total: 751.521894ms, nid: N5N8qc24kecLAbiYgmBbhvvaCXNc2ZFbzhf6njxhpdiWKF7g
success, dur: 751.549974ms
open QUIC conn, addr: at.mydomain.net:1014
QUIC conn established, ip:quic://100.64.0.3:1014, dur: 629.486798ms
open sub connection
open sub conn success, dur: 28.569µs, total: 629.539395ms
start proto handshake
proto handshake success, dur: 189.908981ms, total: 819.461508ms
start configuration request
configuration request success, dur: 68.160138ms, total: 887.646793ms, nid: N5N8qc24kecLAbiYgmBbhvvaCXNc2ZFbzhf6njxhpdiWKF7g
success, dur: 887.661182ms

But, I see in device log error

Dec 10 23:16:56 tt-IdeaPad-Slim-3 ziti-edge-tunnel[906145]: (906145)[ 1991.934] ERROR tunnel-sdk:tunnel_tcp.c:191 on_tcp_client_err() client=tcp:100.64.0.1:60112 err=-14, terminating connection
Dec 10 23:16:56 tt-IdeaPad-Slim-3 ziti-edge-tunnel[906145]: (906145)[ 1991.964] WARN ziti-sdk:channel.c:574 dispatch_message() ch[0] received message without conn_id or for unknown connection ct[DataType] conn_id[16]

and in openziti controller logsr:

Dec 10 23:16:59 openziti-controller ziti[7525]: {"file":"github.com/openziti/ziti/controller/network/fault.go:32","func":"github.com/openziti/ziti/controller/network.(*Network).fault","level":"info","msg":"network fault processing for [1] circuits","time":"2025-12-10T23:16:59.929Z"}
Dec 10 23:16:59 openziti-controller ziti[7525]: {"circuitId":"6mO4wBeqethellXN3hZgrT","file":"github.com/openziti/ziti/controller/network/fault.go:49","func":"github.com/openziti/ziti/controller/network.(*Network).fault","level":"info","msg":"sent unroute for circuit to router in response to forwarding fault","routerId":"bkkm5uS80S","time":"2025-12-10T23:16:59.929Z"}
Dec 10 23:17:29 openziti-controller ziti[7525]: {"file":"github.com/openziti/ziti/controller/network/fault.go:32","func":"github.com/openziti/ziti/controller/network.(*Network).fault","level":"info","msg":"network fault processing for [1] circuits","time":"2025-12-10T23:17:29.930Z"}
Dec 10 23:17:29 openziti-controller ziti[7525]: {"circuitId":"5k2ugOZ4mFsvabcLCxvtzc","file":"github.com/openziti/ziti/controller/network/fault.go:49","func":"github.com/openziti/ziti/controller/network.(*Network).fault","level":"info","msg":"sent unroute for circuit to router in response to forwarding fault","routerId":"bkkm5uS80S","time":"2025-12-10T23:17:29.930Z"}
Dec 10 23:18:39 openziti-controller ziti[7525]: {"file":"github.com/openziti/ziti/controller/handler_edge_ctrl/subscribe_to_data_model.go:54","func":"github.com/openziti/ziti/controller/handler_edge_ctrl.(*subscribeToDataModelHandler).HandleReceive","index":103,"level":"info","msg":"data model subscription request received","routerId":"bkkm5uS80S","time":"2025-12-10T23:18:39.149Z","timelineId":"jVbDeEkDg"}
Dec 10 23:18:39 openziti-controller ziti[7525]: {"currentIndex":103,"file":"github.com/openziti/ziti/controller/sync_strats/rtx.go:189","func":"github.com/openziti/ziti/controller/sync_strats.(*RouterSender).handleSyncRequest","level":"info","msg":"data model subscription started","renew":true,"requestedIndex":103,"routerId":"bkkm5uS80S","routerName":"er1","subscriptionDuration":"2025-12-10 23:23:39.149384495 +0300 MSK m=+197354.313819323","time":"2025-12-10T23:18:39.149Z","timelineId":"jVbDeEkDg"}
Dec 10 23:24:09 openziti-controller ziti[7525]: {"file":"github.com/openziti/ziti/controller/handler_edge_ctrl/subscribe_to_data_model.go:54","func":"github.com/openziti/ziti/controller/handler_edge_ctrl.(*subscribeToDataModelHandler).HandleReceive","index":103,"level":"info","msg":"data model subscription request received","routerId":"bkkm5uS80S","time":"2025-12-10T23:24:09.148Z","timelineId":"jVbDeEkDg"}

Two questions

is there anyone who successfully running self-hosted anytype?
any ideas what went wrong?

openziti v1.6.12
anytype 0.51.2

TheLumberjack · December 11, 2025, 5:59pm

Hi @rand, welcome to the community and to OpenZiti!

Could you possibly give me the exact steps you used along with your .env files (redacted as necessary) I could try it out at some point. I don't/haven't used AnyType yet but I'd be happy to take a look maybe this weekend if I can.

rand · December 12, 2025, 7:24pm

Greatings, @TheLumberjack !

anytype .env is default

.env.override
EXTERNAL_LISTEN_HOSTS="192.168.1.132"

openziti anytype-host-config

{
  "name": "anytype-host-config",
  "configTypeId": "NH5p4FpGR",
  "data": {
    "address": "192.168.1.132",
    "forwardProtocol": true,
    "forwardPort": true,
    "allowedPortRanges": [
      {
        "low": 1001,
        "high": 1006
      },
      {
        "low": 1011,
        "high": 1016
      }
    ],
    "allowedProtocols": [
      "tcp",
      "udp"
    ],
    "httpChecks": [],
    "portChecks": []
  },
  "tags": {}
}

and it didn't work. But
I have great news @TheLumberjack and I'll save your weekend!
Your question helped me to find a solution. I just added extra ips in EXTERNAL_LISTEN_HOSTS, I don't know for sure which one is worked. First IP I got from logs of laptop with openziti tunnel (anytype ip) and another IP was my public IP of controller and edge router openziti.
Now both of my devices are syncing remotely. Thank you @TheLumberjack !

TheLumberjack · December 13, 2025, 4:42pm

sweet - i was gonna check this out today but you indeed saved me from doing so! cheers

Topic		Replies	Views
Help designing OpenZiti network	21	97	November 26, 2024
How to for self hosting behind NAT? General Questions	24	211	October 30, 2025
Where to begin with openziti? Building/Development	49	2319	May 2, 2022
So I'm really trying to embrace OpenZiti Support	6	70	January 20, 2025
How do I tell if the deployment "worked"? General Questions	34	625	January 19, 2023

Self-hosted Anytype over openziti

Related topics