diun icon indicating copy to clipboard operation
diun copied to clipboard
verified publisher icon crazy-max

SECRETS file error when utilized in NOTIF mail TO option via 'diun.yml'

Open irobot73 opened this issue 1 year ago • 2 comments

Support guidelines

I've found a bug and checked that ...

  • [X] ... the documentation does not mention anything about my problem
  • [X] ... there are no open or closed issues that are related to my problem

Description

Using SECRET file in the TO parameter of the NOTIF for mail generates an error upon init. self-test.

Working:

notif:
  mail:
    host: smtp.domain.com
    port: 587
    ssl: false
    insecureSkipVerify: false
    usernameFile: /run/secrets/smtp_username
    passwordFile: /run/secrets/smtp_password
    from: "[email protected]"
    to:
      - "[email protected]" # matches same that's in the ..secrets/smtp_username file

Either instance below throws error:

notif:
  mail:
    host: smtp.domain.com
    port: 587
    ssl: false
    insecureSkipVerify: false
    usernameFile: /run/secrets/smtp_username
    passwordFile: /run/secrets/smtp_password
    from: "[email protected]"
    to:
      - /run/secrets/smtp_username

or

notif:
  mail:
    host: smtp.domain.com
    port: 587
    ssl: false
    insecureSkipVerify: false
    usernameFile: /run/secrets/smtp_username
    passwordFile: /run/secrets/smtp_password
    from: "[email protected]"
    to: /run/secrets/smtp_username

Expected behaviour

System can re-use the existing SECRET, same as if typed in directly

Actual behaviour

Errors:

docker-compose exec diun diun notif test
diun: error: main.NotifTestCmd.Run(): rpc error: code = Unknown desc = gomail: could not send email 1: gomail: invalid address "/run/secrets/smtp_username": mail: missing '@' or angle-addr

Steps to reproduce

  1. Populate .YML & DIUN.YML config files
  2. Pull & run container
  3. Execute NOTIF test
  4. Note error response when using SECRET file in TO parameter

Diun version

Latest (v4.26.0)

Docker info

docker info
Client: Docker Engine - Community
 Version:    25.0.5
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.13.1
    Path:     /usr/libexec/docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.25.0
    Path:     /usr/libexec/docker/cli-plugins/docker-compose

Server:
 Containers: 14
  Running: 14
  Paused: 0
  Stopped: 0
 Images: 14
 Server Version: 25.0.5
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: systemd
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: ae07eda36dd25f8a1b98dfbf587313b99c0190bb
 runc version: v1.1.12-0-g51d5e94
 init version: de40ad0
 Security Options:
  apparmor
  seccomp
   Profile: builtin
  cgroupns
 Kernel Version: 5.15.0-101-generic
 Operating System: Ubuntu 22.04.4 LTS
 OSType: linux
 Architecture: x86_64
 CPUs: 8
 Total Memory: 78.46GiB
 Name: ubuntu
 ID: 3G7R:QW67:P5P5:3TIW:M5WW:I7FS:34G3:POIU:G6CX:D3TW:ED7T:5S4B
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Username: irobot73
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

Docker Compose config

services:
  diun:
    image: crazymax/diun:latest
    container_name: diun
    volumes:
      - ./data:/data
      - ./diun.yml:/diun.yml:ro
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      - LOG_LEVEL=info
      - LOG_JSON=true
      - LOG_CALLER=true
    secrets:
      - smtp_username
      - smtp_password
    deploy:
      resources:
        limits:
          memory: "2g"
      # https://docs.docker.com/compose/compose-file/compose-file-v3/#restart_policy
      restart_policy:
        condition: on-failure
        delay: 10s
        max_attempts: 3
        #window: 30s
    #restart: always
    labels:
      - "diun.enable=true"

secrets:
  smtp_username:
    file: ./smtp_username.txt
  smtp_password:
    file: ./smtp_password.txt

Logs

$ docker-compose exec diun diun notif test
diun: error: main.NotifTestCmd.Run(): rpc error: code = Unknown desc = gomail: could not send email 1: gomail: invalid address "/run/secrets/smtp_username": mail: missing '@' or angle-addr

Additional info

No response

irobot73 avatar Mar 22 '24 15:03 irobot73

Can you check within the diun container that the secret file exists and is not empty?

docker compose exec diun cat /run/secrets/smtp_username

crazy-max avatar Apr 07 '24 17:04 crazy-max

Can you check within the diun container that the secret file exists and is not empty?

docker compose exec diun cat /run/secrets/smtp_username

Sorry for the response delay. Yes, CAT of both ..username & ..password SECRETS respond w/ the expected values

ddick@ubuntu:/nas/Data/diun$ docker compose exec diun cat /run/secrets/smtp_username
i_{rest_of_expected_email_addy}.comddick@ubdocker compose exec diun cat /run/secrets/smtp_password
p{rest_of_expected_pw}yddick@ubuntu:/nas/Data/diun$

Believe I 'hand-jammed' & utilized PRINTF as per...no /CR or /LF noted in the output

irobot73 avatar Apr 11 '24 23:04 irobot73