Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Some issues in kopano-konnect set up #6

Open
jesmrec opened this issue Mar 10, 2020 · 8 comments
Open

Some issues in kopano-konnect set up #6

jesmrec opened this issue Mar 10, 2020 · 8 comments
Assignees
Labels
help wanted Extra attention is needed

Comments

@jesmrec
Copy link
Collaborator

jesmrec commented Mar 10, 2020

I started to struggle against kopano infra developed here: #4

I stumbled upon some issues, let me know your ideas and thoughts about them:

1.- In these two lines

- /etc/machine-id:/etc/machine-id

- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id

the folder to map in the local machine is not accesible by docker (system directory). I tried several tricks but not able to map such path (MacOS Mojave 10.14.4 (18E226). Finally, i workarounded it by setting a different (accesible) directory. Any place for improvement here?

2.- A not important one (only documentation or similar):

KOPANO_KONNECT_DOMAIN=konnect.docker-playground.local
OWNCLOUD_DOMAIN=owncloud.docker-playground.local
docker-compose \
    -f owncloud-base.yml \
    -f owncloud-official.yml \
    -f cache/redis.yml \
    -f database/mariadb.yml \
    -f ldap/openldap.yml \
    -f ldap/openldap-mount-ldif.yml \
    -f ldap/openldap-autoconfig-base.yml \
    -f kopano/konnect/docker-compose.yml \
    up

here i'd add the owncloud-exported-ports.yml to switch easily the listening port

3.- By using the docker-compose instruction above the ownCloud instance works, but the connection with the idP, with the following error:

Error in OpenIdConnect:Curl error: Failed to connect to konnect.docker-playground.local port 443: Connection refused

This is because the zokradonh/kopano_ssl and the abiosoft/caddy early exited. These are suspicious traces:

kopano_konnect_1 | /usr/local/bin/wrapper.sh: line 17: can't create /kopano/ssl/konnectd-tokens-signing-key.pem: Permission denied

caddy_1 | 2020/03/10 10:21:03 self-signed: certificate has no names

and the complete log:

trace.log

anything missed?, so i saw in the demo that everything worked fine.

4.- And the last but not the least:

- OWNCLOUD_APPS_ENABLE="openidconnect"

After getting up, the oidc app is not enabled, and i have to go to Settings > Apps etc etc... in the web UI to enable it manually. Maybe are the quotation marks wrong there?

Thanks for your support.

@jnweiger
Copy link
Contributor

jnweiger commented Apr 27, 2020

the folder to map in the local machine is not accesible by docker (system directory). I tried several tricks

Same issue on an Ubuntu 18.04 host.
That is not even a folder for me. On the host I have

$ ls -la /var/lib/dbus/machine-id 
lrwxrwxrwx 1 root root 15 Oct 25  2019 /var/lib/dbus/machine-id -> /etc/machine-id

Within an ubuntu:18.04 docker, /var/lib/dbus does not exist.
Thus we cannot bind mount a file into the non-existing folder.

Within an owncloud/server:10.4 docker, /var/lib/dbus exists, and contains

# ls -la /var/lib/dbus/
total 12
drwxr-xr-x 2 root root 4096 Mar 10 13:01 .
drwxr-xr-x 1 root root 4096 Mar 10 13:00 ..
-rw-r--r-- 1 root root   33 Mar 10 13:01 machine-id

@jnweiger
Copy link
Contributor

jnweiger commented Apr 27, 2020

image

Strange, that it tries mkdir. The volume is a symlink to a file, not a directory.
Suggested fix: #17
@jesmrec does that fix the machine-id issue for you too?

This was referenced Apr 27, 2020
@jnweiger
Copy link
Contributor

jnweiger commented Apr 30, 2020

This blocks openidconnect app release testing for me.

@jnweiger jnweiger added the help wanted Extra attention is needed label Apr 30, 2020
@jnweiger
Copy link
Contributor

@michaelstingl as discussed today, this is the correct way. Please escalate this appropriately to unblock us.

@michaelstingl
Copy link
Contributor

You have a running setup on Hetzner? Could you add my https://github.com/michaelstingl.keys ?

@jesmrec
Copy link
Collaborator Author

jesmrec commented Aug 27, 2020

Latest try, over Hetzner:

Steps:

  1. Clone https://github.com/owncloud-docker/compose-playground
    2) Move to https://github.com/owncloud-docker/compose-playground/pull/17 because it fixes one of the problems mentioned above. Once it is merged, you can skip this step. -- It is merged! (jw)
  2. Open file kopano/konnect/docker-compose.yml:
  • Add correct version to OWNCLOUD_APPS_INSTALL
  • Remove quotation marks in OWNCLOUD_APPS_ENABLE to let the script enabling the app. Otherwise, you will have to do by yourself (reported above)
docker-compose \
    -f owncloud-base.yml \
    -f owncloud-official.yml \
    -f cache/redis.yml \
    -f database/mariadb.yml \
    -f ldap/openldap.yml \
    -f ldap/openldap-mount-ldif.yml \
    -f owncloud-exported-ports.yml \
    -f ldap/openldap-autoconfig-base.yml \
    -f kopano/konnect/docker-compose.yml \
    up

Everything goes up and available in port 9680. After clicking on Alternative logins the following error is displayed:

Error in OpenIdConnect:Curl error: Could not resolve host: konnect.docker-playground.local

probably caused by: compose_kopano_ssl_1 exited with code 0 (got from docker-compose traces)

Looking forward for fixes.

@jesmrec
Copy link
Collaborator Author

jesmrec commented Aug 27, 2020

You have a running setup on Hetzner? Could you add my https://github.com/michaelstingl.keys ?

added

jnweiger added a commit that referenced this issue Aug 27, 2020
@wkloucek
Copy link
Collaborator

Looks solved, you may reopen if not.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
help wanted Extra attention is needed
Projects
None yet
Development

No branches or pull requests

4 participants