Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docker Secrets not working? #250

Open
STaRDoGG opened this issue Feb 17, 2021 · 8 comments
Open

Docker Secrets not working? #250

STaRDoGG opened this issue Feb 17, 2021 · 8 comments

Comments

@STaRDoGG
Copy link
Contributor

For some reason, the container seems to not be reading from the secret file in my config. Here's my setup:

    wallabag:
        image: wallabag/wallabag:latest
        hostname: wallabag
        environment:
          - TZ=America/Chicago
          - MYSQL_ROOT_PASSWORD__FILE=/run/secrets/MySQL-PW
          - SYMFONY__ENV__DATABASE_DRIVER=pdo_mysql
          - SYMFONY__ENV__DATABASE_HOST=mysql
          - SYMFONY__ENV__DATABASE_PORT=3306
          - SYMFONY__ENV__DATABASE_NAME=wallabagtest
          - SYMFONY__ENV__DATABASE_USER=wallabag
          - SYMFONY__ENV__DATABASE_PASSWORD__FILE=/run/secrets/WallabagDB-PW
          - SYMFONY__ENV__DATABASE_CHARSET=utf8mb4
          - SYMFONY__ENV__TWOFACTOR_AUTH=true
          - [email protected]
          - SYMFONY__ENV__FOSUSER_REGISTRATION=false
          - SYMFONY__ENV__FOSUSER_CONFIRMATION=true
          - [email protected]
          - SYMFONY__ENV__MAILER_PASSWORD_FILE=Wallabag-Mailer-PW
          - [email protected]
          - SYMFONY__ENV__SECRET_FILE=/run/secrets/Wallabag-Secret
          - SYMFONY__ENV__DOMAIN_NAME=https://my.domain.rocks
          - SYMFONY__ENV__SERVER_NAME=Test
        volumes:
          - /mnt/i/Wallabag/Images:/var/www/wallabag/web/assets/images:rw
          - /etc/localtime:/etc/localtime:ro
        secrets:
          - MySQL-PW
          - WallabagDB-PW
          - Wallabag-Secret
          - Wallabag-Mailer-PW
        deploy:
            mode: replicated
            replicas: 1
            placement:
              constraints:
                - node.labels.MainDaemon == true
            resources:
              limits:
                cpus: '1.0'
                memory: 500M
            restart_policy:
              condition: any
        networks:
          - odb

secrets:
  MySQL-PW:
    external: true
  WallabagDB-PW:
    external: true
  Wallabag-Secret:
    external: true
  Wallabag-Mailer-PW:
    external: true

Upon starting the service, it shows this error:

PLAY [localhost] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var TASK [Gathering Facts] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var ok: [localhost] TASK [needed dirs] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var ok: [localhost] => (item=/var/www/wallabag/app) ok: [localhost] => (item=/var/www/wallabag/app/config) ok: [localhost] => (item=/var/www/wallabag/data) changed: [localhost] => (item=/var/www/wallabag/data/assets) ok: [localhost] => (item=/var/www/wallabag/data/db) TASK [write parameters.yml] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var changed: [localhost] TASK [stat] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var skipping: [localhost] TASK [notify install for sqlite] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var skipping: [localhost] TASK [wait for db container] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var ok: [localhost] TASK [add mariadb db] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var fatal: [localhost]: FAILED! => {"changed": false, "msg": "unable to find /root/.my.cnf. Exception message: (1045, "Access denied for user 'root'@'10.0.4.43' (using password: NO)")"} RUNNING HANDLER [chown dir] bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var PLAY RECAP bin dev entrypoint.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var localhost : ok=4 changed=2 unreachable=0 failed=1 skipped=2 rescued=0 ignored=0

Looks like it's not reading the mysql pw from the secret. I've tested the exact same secret on my actual MySQL container itself as well, and it works. I can also see the secrets do exist within the WallaBag container at /run/secrets/.

Any ideas anyone?
@j0k3r
Copy link
Member

j0k3r commented Feb 17, 2021

Dont you need that PR? #248

@STaRDoGG
Copy link
Contributor Author

@j0k3r

Dont you need that PR? #248

Has it not been merged yet? I was going on the info given @https://hub.docker.com/r/wallabag/wallabag

image

@j0k3r
Copy link
Member

j0k3r commented Feb 17, 2021

Uh oh, how can this be in docker hub as we didn't merge it? 🤔

@STaRDoGG
Copy link
Contributor Author

@j0k3r Any reason for it not getting merged?

@j0k3r
Copy link
Member

j0k3r commented Feb 18, 2021

Poke @Kdecherf

@jtagcat
Copy link

jtagcat commented Aug 25, 2021
edited
Loading 

      - /mnt/i/Wallabag/Images:/var/www/wallabag/web/assets/images:rw

You using NFS? NFS might disallow chowning stuff.

Upon starting the service, it shows this error:

Read the error! See #174 (comment)

@DennisGaida
Copy link

Any update on this? This issue seems a bit stale and I'm wondering if a new PR would help?

@cerealconyogurt
Copy link

Hey, any update on this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@j0k3r @STaRDoGG @DennisGaida @jtagcat @cerealconyogurt