Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docker lethean node fails if using EASY_FQDN variable #19

Open
bodane opened this issue Mar 20, 2024 · 0 comments
Open

docker lethean node fails if using EASY_FQDN variable #19

bodane opened this issue Mar 20, 2024 · 0 comments

Comments

@bodane
Copy link

bodane commented Mar 20, 2024

Defaults work great for a lethean node using #17 workaround #17 (comment) shared.

One exception is using the EASY_FQDN variable. my.nodes.domain.name being a fake sanitised domain to describe the issue:

docker run -d \
  --rm --name letheannode \
  -v ~/lvpn:/home/lvpn \
  --sysctl net.ipv6.conf.all.disable_ipv6=0 \
  --cap-add=NET_ADMIN \
  -p 8880:8880 \
  -p 8881:8881 \
  -p 127.0.0.1:8123:8123 \
  -p 127.0.0.1:8124:8124 \
  -p 127.0.0.1:8080:8080 \
  -e EASY_FQDN=my.nodes.domain.name \
  limosek/lvpn:dev node

All looks ok until the below errors occur:

lthn@node-01:~$ docker logs -f letheannode
... 
other output omitted
...
Waiting for Wallet process to finish
Do not forget to save /home/lvpn/easy directory!
cat: '/home/lvpn/server/etc/ca/certs/localhost/*.pem': No such file or directory
cat: '/home/lvpn/server/etc/ca/certs/localhost/*.crt': No such file or directory
Running client wallet
Running server wallet
Waiting for client wallet.
OK
Waiting for server wallet.
.
.
.
.
.
.
.
OK
Running server
Running haproxy
[NOTICE]   (15262) : haproxy version is 2.6.12-1+deb12u1
[NOTICE]   (15262) : path to executable is /usr/sbin/haproxy
[ALERT]    (15262) : config : parsing [/home/lvpn/server/etc/haproxy.cfg:20] : 'bind 0.0.0.0:8880' in section 'frontend' : unable to load certificate from file '/home/lvpn/server/etc/ca-combined.pem'.
[ALERT]    (15262) : config : parsing [/home/lvpn/server/etc/haproxy.cfg:24] : 'bind 0.0.0.0:8881' in section 'frontend' : unable to load certificate from file '/home/lvpn/server/etc/ca-combined.pem'.
[ALERT]    (15262) : config : Error(s) found in configuration file : /home/lvpn/server/etc/haproxy.cfg
[ALERT]    (15262) : config : Fatal errors found in configuration.
Running tinyproxy
Sharing files disabled
Everythig UP! Great!
... 
other output omitted
...

Path /home/lvpn/server/etc/ca/certs/localhost I see doesn't exist but noticed EASY_FQDN does update the default localhost folder name where the path and certificates exist. Looks like just a path and filename update to look at the correct name if the variable is used. Making an assumption that will address the haproxy binding issue seen further on.

lthn@node-01:~/lvpn$ docker exec letheannode ls -l /home/lvpn/server/etc/ca/certs/localhost/
ls: cannot access '/home/lvpn/server/etc/ca/certs/localhost/': No such file or directory
lthn@node-01:~/lvpn$ docker exec letheannode ls -l /home/lvpn/server/etc/ca/certs/

lthn@node-01:~/lvpn$ docker exec letheannode ls -l /home/lvpn/server/etc/ca/certs/my.nodes.domain.name
total 16
-rw-r--r-- 1 lvpn lvpn 1619 Mar 20 15:33 my.nodes.domain.name.crt
-rw-r--r-- 1 lvpn lvpn 1716 Mar 20 15:33 my.nodes.domain.name.csr
-rw------- 1 lvpn lvpn 3268 Mar 20 15:33 my.nodes.domain.name.pem
-rw-r--r-- 1 lvpn lvpn  724 Mar 20 15:33 my.nodes.domain.name.pub
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bodane