Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docker-entrypoint for zammad-nginx fails to adapt nginx config properly #346

Closed
moeffju opened this issue Jun 3, 2023 · 3 comments
Closed

docker-entrypoint for zammad-nginx fails to adapt nginx config properly #346

moeffju opened this issue Jun 3, 2023 · 3 comments

Comments

@moeffju
Copy link

moeffju commented Jun 3, 2023

Infos

  • Docker version: Docker version 24.0.1, build 6802122
  • Docker-compose version: Docker Compose version v2.18.1
  • Operating system (Docker host): x86_64 GNU/Linux (Debian 11)

Expected behavior

  • NGINX_SERVER_SCHEME and other settings from .env and compose environment are applied
  • e.g.:
$ grep NGINX_SERVER_SCHEME .env
NGINX_SERVER_SCHEME=https
$ docker compose exec zammad-nginx grep Proto /etc/nginx/sites-available/default
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-Proto https;

Actual behavior

$ grep NGINX_SERVER_SCHEME .env
NGINX_SERVER_SCHEME=https
$ docker compose exec zammad-nginx grep Proto /etc/nginx/sites-available/default
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Proto $scheme;

The entrypoint does not seem to correctly replace the config files. On every container restart, the config gets overwritten with the non-working version (with $scheme) which leads to CSRF issues in many cases.

Steps to reproduce the behavior

git clone https://github.com/zammad/zammad-docker-compose
cd zammad-docker-compose
echo 'NGINX_SERVER_SCHEME=https' >>.env
docker compose up -d
# wait for compose env to finish coming up
sleep 180
docker compose exec zammad-nginx grep Proto /etc/nginx/sites-available/default
@moeffju
Copy link
Author

moeffju commented Jun 3, 2023

It works when setting the setting in docker-compose.override.yml:

$ grep SCHEME docker-compose.override.yml 
      - NGINX_SERVER_SCHEME=override
$ docker compose --file docker-compose.yml --file docker-compose.override.yml up -d
$ docker compose exec zammad-nginx grep Proto /etc/nginx/sites-available/default
        proxy_set_header X-Forwarded-Proto override;
        proxy_set_header X-Forwarded-Proto override;

I guess since the default docker-compose.yml file does not have a reference to NGINX_SERVER_SCHEME, the .env value does not override it. Ultimately this feels like it comes down to a documentation issue. I run a Caddy reverse_proxy on another server and the documentation regarding proxying Zammad in Docker did not appear to apply to that situation.

@bundabrg
Copy link

See my reply here. I got caught out as well and its definitely both a documentation issue plus the docker-compose.yml should probably have the variables all passed in with sensible defaults (Using the ${variablename:-defaultvarifmissing} format) such that people only have to edit .env to make changes.

Good PR option anyway.

@mgruner mgruner mentioned this issue Aug 25, 2023
Merged
mgruner added a commit that referenced this issue Aug 28, 2023
@mgruner
Fixes: #346 - docker-entrypoint for zammad-nginx fails to adapt nginx…
127700a 
… config properly.
@mgruner
Copy link
Collaborator

mgruner commented Aug 29, 2023

With the recent changes in b871301, this problem is solved. It is no longer required to modify .yml files just to pass in env variables to the Zammad containers.

floriankessler pushed a commit to floriankessler/zammad-docker-compose that referenced this issue Jan 5, 2024
@mgruner @floriankessler
Fixes: zammad#346 - docker-entrypoint for zammad-nginx fails to adapt…
69fb085 
… nginx config properly. (zammad#372)

This adds a list of variables that will be forwarded to the containers, but only if they are set via .env file or another mechanism. Otherwise, the containers will not see them.

https://docs.docker.com/compose/compose-file/05-services/#environment

This removes the need to add these variables to docker-compose.override.yml to ensure they get passed to the containers. Now it is enough to specify them via .env.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@moeffju @mgruner @bundabrg