Docker Instructions fail to result in usable installation
mattcen opened this issue · comments
Three issues:
- URL rewrite test fails
- DB config is not pre-populated, despite being sent as environment variables
- Trying to log in tries to redirect to HTTPS, which is not forwarded to the host.
URL rewrite fails
When following the Apache docker-compose instructions verbatim, by creating a docker-compose.yml file with the contents specified in the README (the only change being to set MYSQL_PASSWORD), running docker-compose up, and browsing to http://localhost:8080, I receive the following error:
Url rewrite in .htaccess is not working. Make sure you copied .htaccess-dist to .htaccess.Error message from Curl while fetching
http://localhost:8080/install/testrewriteFailed to connect to localhost port 8080: Connection refused
This is due to the mismatch between port 80 on the Docker container being forward to port 8080 on the Docker host; when I change the docker-compose.yml to say 80:80 instead 8080:80, the rewrite test passes and I can continue to logging in.
DB config not pre-populated
I can see from the docker-compose.yml that the DB settings are stored in environment variables in the app container. These are not pre-populated during the DB setup stage. Is this expected?
Failed HTTPS redirect
When creating an account (which understandably fails to send a confirmation email but shows a password via a toast notification), I try to log in with the username and password created, and the form tries to redirect the browser to submit via HTTPS, which is obviously the safe option, but fails because there's no forwarded port for HTTPS. I can confirm that if I use my browser's inspector and change the form's submit destination from https to http, I can log in successfully.
I'm not sure of the best ways to fix each of these issues unfortunately (but with some guidance I could give it a shot), but wanted to report them nonetheless.
thank you for your report. I must confess I didn't try the out-of-the-box installation for a while.
At least the "URL rewrite" seems like the same problem as #124 which I'm not able to solve (yet). Any support will be awesome :-)
I'll have a look at the other two problems. I think I can resolve both of them!
Thank you! :)
OK, so regarding (1), this is initially going to sound super ugly, and will require a bit of a rewrite of the install page, but let's try it on for size anyway.
What if, rather than running a curl behind the scenes on the Docker container, the install page started by doing a 301 redirect to the testrewrite page (or something more helpfully named), and that was the one that showed the statuses of all the tests? If you get to that page, obviously the rewrite is working.
Obviously, if you don't get to that page, everything is awful and the user doesn't know what's going on, so perhaps giving the user a warning in advance that if the next step fails, it'll likely be because of a broken rewrite config?
I don't love the idea, but maybe it's a step in the right direction to a better idea?
(Another idea could be to do an AJAX request from the install page to the testrewrite page, so it comes from the client, but that requires Javascript to be working to get the install happening)
I came accros this today, first time installing friendica.
We could add a Internal port or internal address environment variable when using docker or use ajax like @mattcen suggested.
Or at the very least provide a "Continue anyway" button. I cannot stop the service running on port 80 so I'll need to find a way to work around this to install it.
any updates on this issue at all?
@kiddhustle , @Extarys and @mattcen
A little bit late, but with when using the tag rc-apache or rc, you will now see this error optional. This is a current workaround for this issue
Concerning the other problems from @mattcen
DB config is not pre-populated, despite being sent as environment variables
Yes this is the expected behavior, because the Friendica code upstream doesn't use environment variables for populate the input fields automatically. I think this is a good feature request! I'll place it
Trying to log in tries to redirect to HTTPS, which is not forwarded to the host.
Did you use the setting "enforce SSL" during the installation? Because that would explain this behavior.
Thanks for following this one up, @nupplaphil.
I can confirm that when switching to the rc image tag, I can now skip past the rewrite check.
Yes this is the expected behavior, because the Friendica code upstream doesn't use environment variables
I guess I was confused because I couldn't see why the variables were specified at https://github.com/friendica/docker#base-version---apache under the app environment section if they're not actually used by the installer?
Did you use the setting "enforce SSL" during the installation? Because that would explain this behavior.
No, I just tested this now, and made sure to select the "No SSL policy, links will track page SSL state" option, and it still tries to redirect me to the SSL when I try to log in.
Steps to reproduce the above:
- Create the following
docker-compose.yml:
version: '2'
services:
db:
image: mariadb
restart: always
volumes:
- db:/var/lib/mysql
environment:
- MYSQL_USER=friendica
- MYSQL_PASSWORD=secretpassword
- MYSQL_DATABASE=friendica
- MYSQL_RANDOM_ROOT_PASSWORD=yes
app:
image: friendica:rc-apache
restart: always
volumes:
- friendica:/var/www/html
ports:
- "8080:80"
environment:
- MYSQL_HOST=db
- MYSQL_USER=friendica
- MYSQL_PASSWORD=secretpassword
- MYSQL_DATABASE=friendica
- FRIENDICA_ADMIN_MAIL=root@friendica.local
depends_on:
- db
volumes:
db:
friendica:- Run
docker-compose upand wait for containers to be ready. - Browse to http://localhost:8080
- Select "Next"
- For "SSL link policy", select "No SSL policy, links will track page SSL state"
- Select "Submit"
- Fill out database details as per MYSQL_ variables in above docker-compose.yml
- Select "Submit"
- Set "Site administrator email address" to value specified in FRIENDICA_ADMIN_MAIL environment variable above
- Select "Submit"
- Select "registration page"
- Fill out full name, email address, repeat email address, and nickname fields
- Select "Sign up now >>"
- Copy password from pop-up in top-right corner
- Browse to http://localhost:8080
- Fill out credentials just created
- Select "Login"
- See that you're redirected to "https://localhost:8080/login" (note the "httpS")
I can confirm the SSL issue (redirection to https at login) is still an issue as of 15 November 2021, with FRIENDICA_VERSION = 2021.09
In addition to the above issues, the IP address of the database container is not automatically pupulated. You have to search for it (for instance using portainer).
In addition to the above issues, the IP address of the database container is not automatically pupulated. You have to search for it (for instance using portainer).
You don't need an IP address at docker environments, just use the name of the container for it (in that case db). Docker itself is responsible with it's internal DNS to get the right IP for it :-)
I can confirm the SSL issue (redirection to https at login) is still an issue as of 15 November 2021, with FRIENDICA_VERSION = 2021.09
I believe it's an upstream code bug during the install process and not an issue inside docker, I'm currently verifying it