docker-images
docker-images copied to clipboard
glpi-project
Completely broken
I really wanted to try and like GLPI, but there is a TON of Issues just getting to run the Image.
System Configuration
Podman 5.5.2
OS: Fedora 42 AMD64.
glpi-caddy.container Quadlet:
[Unit]
Description=GLPI Caddy Container
[Service]
Restart=always
[Container]
ContainerName=glpi-caddy
Pod=glpi.pod
StartWithPod=true
Environment=CADDY_DOCKER_CADDYFILE_PATH=/etc/caddy/Caddyfile
EnvironmentFile=.env
EnvironmentFile=.env.caddy
Image=docker.MYDOMAIN.TLD/docker.io/library/caddy:latest
Pull=missing
NoNewPrivileges=true
Volume=./Caddyfile:/etc/caddy/Caddyfile:ro,z
Volume=/home/podman/containers/data/glpi/caddy:/data/caddy:z
Volume=/home/podman/containers/log/glpi/caddy:/var/log:z
Volume=/home/podman/containers/config/glpi/caddy:/config/caddy:z
Volume=/home/podman/containers/certificates/letsencrypt:/certificates:ro,z
glpi-server.container Quadlet:
[Unit]
Description=GLPI Server Container
Requires=glpi-mariadb.service glpi-caddy.service
After=glpi-mariadb.service glpi-caddy.service
[Container]
ContainerName=glpi-server
Pod=glpi.pod
StartWithPod=true
Environment=TIMEZONE=Europe/Copenhagen
EnvironmentFile=.env.server
Image=glpi/glpi:latest
Pull=missing
# Entrypoint=/bin/bash
# PodmanArgs=-it
#Label=traefik.enable=true
#Label=traefik.http.routers.glpi-router.rule=Host(`glpi.MYDOMAIN.TLD`)
#Label=traefik.http.services.glpi-service.loadbalancer.server.port=80
#Label=traefik.docker.network=traefik
#Volume=/etc/timezone:/etc/timezone:ro,z
#Volume=./timezone:/etc/timezone:ro,z
#Volume=/etc/localtime:/etc/localtime:ro,z
#Volume=./localtime:/etc/localtime:ro,z
# Old Mountpoint for PHP Source Code ???
#Volume=/home/podman/containers/data/glpi/application/www:/var/www/html/glpi:rw,z
# New Mountpoint for PHP Source Code ??
# Volume=/home/podman/containers/data/glpi/application/www:/var/www/glpi:rw,z
# Volume=/home/podman/containers/data/glpi/application/session:/var/glpi/files/_sessions:rw,z
# New Mountpoint for Data Storage OUTSIDE of PHP Source Code
Volume=/home/podman/containers/data/glpi/application/storage:/var/glpi:rw,z
[Service]
Restart=always
glpi-mariadb.container Quadlet:
[Unit]
Description=GLPI MariaDB Container
Requires=glpi-caddy.service
After=glpi-caddy.service
[Container]
ContainerName=glpi-mariadb
Pod=glpi.pod
StartWithPod=true
Environment=MYSQL_HOST=::
Environment=MARIADB_ROOT_PASSWORD_FILE=/run/secrets/MARIADB_ROOT_PASSWORD
Environment=MARIADB_USER_FILE=/run/secrets/MARIADB_USER
Environment=MARIADB_PASSWORD_FILE=/run/secrets/MARIADB_PASSWORD
Environment=MARIADB_DATABASE_FILE=/run/secrets/MARIADB_DATABASE
HealthCmd=mysqladmin ping -h 127.0.0.1 -u glpi --password=RELybj9oEV4BymwmFTL2yDm7V3RnjGRURB2xkHA3yykmXpXWcsYRQccSL3piG88R
HealthInterval=5s
HealthRetries=10
HealthStartPeriod=5s
HealthTimeout=5s
Image=mirror.gcr.io/library/mariadb:12
Pull=missing
User=root
Volume=/home/podman/containers/db/glpi/mariadb:/var/lib/mysql:rw,z
Volume=/home/podman/containers/secrets/glpi/mariadb/MARIADB_DATABASE:/run/secrets/MARIADB_DATABASE:ro,z
Volume=/home/podman/containers/secrets/glpi/mariadb/MARIADB_USER:/run/secrets/MARIADB_USER:ro,z
Volume=/home/podman/containers/secrets/glpi/mariadb/MARIADB_PASSWORD:/run/secrets/MARIADB_PASSWORD:ro,z
Volume=/home/podman/containers/secrets/glpi/mariadb/MARIADB_ROOT_PASSWORD:/run/secrets/MARIADB_ROOT_PASSWORD:ro,z
[Service]
Restart=always
Caddyfile:
# Example and Guide
# https://caddyserver.com/docs/caddyfile/options
# General Options
{
# (Optional) Debug Mode
debug
# Disable Admin API
admin off
# TLS Options
# (Optional) Disable Certificates Management (only if SSL/TLS Certificates are managed by certbot or other external Tools)
auto_https disable_certs
# (Optional) Default SNI
# default_sni {$APPLICATION_HOSTNAME}
}
localhost {
reverse_proxy /api/* localhost:9001
}
# (Optional) Only if SSL/TLS Certificates are managed by certbot or other external Tools and Custom Logging is required
{$APPLICATION_HOSTNAME} {
tls /certificates/{$APPLICATION_CERTIFICATE_DOMAIN}/{$APPLICATION_CERTIFICATE_CERT_FILE:fullchain.pem} /certificates/{$APPLICATION_CERTIFICATE_DOMAIN}/{$APPLICATION_CERTIFICATE_KEY_FILE:privkey.pem}
log {
output file /var/log/{$APPLICATION_HOSTNAME}/access.json {
roll_size 100MiB
roll_keep 5000
roll_keep_for 720h
roll_uncompressed
}
format json
}
reverse_proxy http://[::1]:{$APPLICATION_PORT}
}
.env.caddy:
############################################################################
## CADDY SETTINGS
# Define Application IPv6 Address
APPLICATION_IPV6_ADDRESS=2XXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:1234
# Define Application Hostname
APPLICATION_HOSTNAME=glpi.MYDOMAIN.TLD
#APPLICATION_HOSTNAME_ALTERNATE=glpi.MYDOMAIN.TLD
# Define Certificate Domain
# In this case: use Wildcard Certificate
APPLICATION_CERTIFICATE_DOMAIN=MYDOMAIN.TLD
APPLICATION_CERTIFICATE_CERT_FILE=fullchain.pem
APPLICATION_CERTIFICATE_KEY_FILE=privkey.pem
# Define Application Port
APPLICATION_PORT=8080
.env.server:
GLPI_DB_HOST=glpi-mariadb
GLPI_DB_PORT=3306
GLPI_DB_NAME=glpi
GLPI_DB_USER=glpi
GLPI_DB_PASSWORD=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Going through the Issues
Out of the Box Experience
The glpi-server Container seems to start quite fast before even MariaDB Database is ready, so the first Error Indication (Access Denied) is misleading. Alright, not much to do there, Podman Quadlets just don't behave the same way as Docker Compose, so just ignore the first start and let it reboot.
After that, you get a Message about Timezones not being enabled and the Container Crashes. After this, it keeps rebooting.
Manual Troubleshooting
Enter Interactive Mode
Since the Container keeps crashing & rebooting, you will need to enter Interactive Mode and override the default Entrypoint.
Extra Arguments in glpi-server.container are Equivalent to running Docker/Podman with -it Flag set:
Entrypoint=/bin/bash
PodmanArgs=-it
Mountpoints Change ?
I seem to have installed it using some Configuration one Year ago, but I had /var/www/html/glpi as the Mountpoint.
Now it seeems that GLPI is using /var/glpi for storing Persistent Files, while /var/www/glpi contains the Source Code that is provided as built-in by the Container.
Create Folder Structure and run a basic Check
There are a lot of missing Folders by default:
root@glpi:/var/www/glpi# php bin/console glpi:migration:timestamps
Uncaught Exception Symfony\Component\Console\Exception\RuntimeException: Cannot write in "/var/glpi/files/_sessions" directory. in /var/www/glpi/src/Console/Application.php at line 384
root@glpi:/var/www/glpi# ls -l /var/glpi/
total 8
drwxr-xr-x. 3 root root 4096 Aug 15 04:38 files
drwxr-xr-x. 2 root root 4096 Aug 15 04:38 logs
root@glpi:/var/www/glpi# ls -l /var/glpi/files/
total 4
drwxr-xr-x. 3 root root 4096 Aug 15 04:38 _cache
root@glpi:/var/www/glpi# mkdir /var/glpi/files/_sessions
root@glpi:/var/www/glpi# php bin/console glpi:migration:timestamps
The GLPI codebase has been updated. The update of the GLPI database is necessary.
Run the "php bin/console database:update" command to process to the update.
root@glpi:/var/www/glpi# php bin/console database:update
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
Some mandatory system requirements are missing. Run the "php bin/console system:check_requirements" command for more details.
root@glpi:/var/www/glpi# php bin/console system:check_requirements
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
PHP Warning (2): mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php at line 1248
PHP Warning: mkdir(): No such file or directory in /var/www/glpi/src/Toolbox.php on line 1248
+-----------------------------------------------------+------------+---------------------------------------------------------------------------------------------+
| Requirement | Status | Messages |
+-----------------------------------------------------+------------+---------------------------------------------------------------------------------------------+
| [REQUIRED] PHP Parser | [OK] | |
| [REQUIRED] Sessions configuration | [OK] | |
| [REQUIRED] Allocated memory | [OK] | |
| [REQUIRED] mysqli extension | [OK] | |
| [REQUIRED] PHP core extensions | [OK] | |
| [REQUIRED] curl extension | [OK] | |
| Required for remote access to resources (inventory | | |
| agent requests, marketplace, RSS feeds, ...). | | |
| [REQUIRED] gd extension | [OK] | |
| Required for images handling. | | |
| [REQUIRED] intl extension | [OK] | |
| Required for internationalization. | | |
| [REQUIRED] zlib extension | [OK] | |
| Required for handling of compressed communication | | |
| with inventory agents, installation of gzip | | |
| packages from marketplace and PDF generation. | | |
| [REQUIRED] Sodium ChaCha20-Poly1305 size constant | [OK] | |
| Enable usage of ChaCha20-Poly1305 encryption | | |
| required by GLPI. This is provided by libsodium | | |
| 1.0.12 and newer. | | |
| [REQUIRED] Previous GLPI version files detection | [SKIPPED] | |
| The presence of source files from previous | | |
| versions of GLPI can lead to security issues or | | |
| bugs. | | |
| [REQUIRED] Permissions for log files | [OK] | |
| [REQUIRED] Permissions for GLPI data directories | [ERROR] | Write access to /var/glpi/files/_cache has been validated. |
| | | The directory could not be created in /var/glpi/files/_cron. |
| | | Write access to /var/glpi/files has been validated. |
| | | The directory could not be created in /var/glpi/files/_dumps. |
| | | The directory could not be created in /var/glpi/files/_graphs. |
| | | The directory could not be created in /var/glpi/files/_lock. |
| | | The directory could not be created in /var/glpi/files/_pictures. |
| | | The directory could not be created in /var/glpi/files/_plugins. |
| | | The directory could not be created in /var/glpi/files/_rss. |
| | | Write access to /var/glpi/files/_sessions has been validated. |
| | | The directory could not be created in /var/glpi/files/_tmp. |
| | | The directory could not be created in /var/glpi/files/_uploads. |
| [SUGGESTED] SELinux configuration | [SKIPPED] | |
| [SECURITY] PHP maintained version | [OK] | |
| A PHP version maintained by the PHP community | | |
| should be used to get the benefits of PHP security | | |
| and bug fixes. | | |
| [SECURITY] Safe configuration of web root directory | [SKIPPED] | Checking web server root directory configuration cannot be done on CLI context. |
| Web server root directory should be | | |
| `/var/www/glpi/public` to ensure non-public files | | |
| cannot be accessed. | | |
| [SECURITY] Safe path for data directories | [INFO] | The following directories do not exist and cannot be tested: |
| GLPI data directories should be placed outside web | | ‣ "/var/glpi/files/_cron" ("GLPI_CRON_DIR") |
| root directory. It can be achieved by redefining | | ‣ "/var/glpi/files/_dumps" ("GLPI_DUMP_DIR") |
| corresponding constants. See installation | | ‣ "/var/glpi/files/_graphs" ("GLPI_GRAPH_DIR") |
| documentation for more details. | | ‣ "/var/glpi/files/_lock" ("GLPI_LOCK_DIR") |
| | | ‣ "/var/glpi/files/_pictures" ("GLPI_PICTURE_DIR") |
| | | ‣ "/var/glpi/files/_plugins" ("GLPI_PLUGIN_DOC_DIR") |
| | | ‣ "/var/glpi/files/_rss" ("GLPI_RSS_DIR") |
| | | ‣ "/var/glpi/files/_tmp" ("GLPI_TMP_DIR") |
| | | ‣ "/var/glpi/files/_uploads" ("GLPI_UPLOAD_DIR") |
| | | You can ignore this suggestion if your web server root directory is "/var/www/glpi/public". |
| [SECURITY] Security configuration for sessions | [SKIPPED] | |
| Ensure security is enforced on session cookies. | | |
| [SUGGESTED] PHP maximal integer size | [OK] | |
| Support of 64 bits integers is required for IP | | |
| addresses related operations (network inventory, | | |
| API clients IP filtering, ...). | | |
| [SUGGESTED] exif extension | [OK] | |
| Enhance security on images validation. | | |
| [SUGGESTED] ldap extension | [OK] | |
| Enable usage of authentication through remote LDAP | | |
| server. | | |
| [SUGGESTED] openssl extension | [OK] | |
| Enable email sending using SSL/TLS. | | |
| [SUGGESTED] PHP extensions for marketplace | [OK] | |
| Enable support of most common packages formats in | | |
| marketplace. | | |
| [SUGGESTED] Zend OPcache extension | [OK] | |
| Enhance PHP engine performances. | | |
| [SUGGESTED] PHP emulated extensions | [OK] | |
| Slightly enhance performances. | | |
| [SUGGESTED] Permissions for marketplace directory | [OK] | |
| Enable installation of plugins from marketplace. | | |
+-----------------------------------------------------+------------+---------------------------------------------------------------------------------------------+
root@glpi:/var/www/glpi# mkdir /var/glpi/files/_cron
root@glpi:/var/www/glpi# mkdir /var/glpi/files/_dumps.
root@glpi:/var/www/glpi# rmdir /var/glpi/files/_dumps.
root@glpi:/var/www/glpi# mkdir /var/glpi/files/_dumps
root@glpi:/var/www/glpi# mkdir /var/glpi/files/_graphs
root@glpi:/var/www/glpi# mkdir /var/glpi/files/_lock
root@glpi:/var/www/glpi# mkdir /var/glpi/files/_pictures
root@glpi:/var/www/glpi# mkdir /var/glpi/files/_plugins
root@glpi:/var/www/glpi# mkdir /var/glpi/files/_rss
root@glpi:/var/www/glpi# mkdir /var/glpi/files/_sessions
mkdir: cannot create directory '/var/glpi/files/_sessions': File exists
root@glpi:/var/www/glpi# mkdir /var/glpi/files/_tmp
root@glpi:/var/www/glpi# mkdir /var/glpi/files/_uploads
Alright, now Finally it's getting sane Result:
root@glpi:/var/www/glpi# php bin/console system:check_requirements
+-----------------------------------------------------+------------+---------------------------------------------------------------------------------+
| Requirement | Status | Messages |
+-----------------------------------------------------+------------+---------------------------------------------------------------------------------+
| [REQUIRED] PHP Parser | [OK] | |
| [REQUIRED] Sessions configuration | [OK] | |
| [REQUIRED] Allocated memory | [OK] | |
| [REQUIRED] mysqli extension | [OK] | |
| [REQUIRED] PHP core extensions | [OK] | |
| [REQUIRED] curl extension | [OK] | |
| Required for remote access to resources (inventory | | |
| agent requests, marketplace, RSS feeds, ...). | | |
| [REQUIRED] gd extension | [OK] | |
| Required for images handling. | | |
| [REQUIRED] intl extension | [OK] | |
| Required for internationalization. | | |
| [REQUIRED] zlib extension | [OK] | |
| Required for handling of compressed communication | | |
| with inventory agents, installation of gzip | | |
| packages from marketplace and PDF generation. | | |
| [REQUIRED] Sodium ChaCha20-Poly1305 size constant | [OK] | |
| Enable usage of ChaCha20-Poly1305 encryption | | |
| required by GLPI. This is provided by libsodium | | |
| 1.0.12 and newer. | | |
| [REQUIRED] Previous GLPI version files detection | [SKIPPED] | |
| The presence of source files from previous | | |
| versions of GLPI can lead to security issues or | | |
| bugs. | | |
| [REQUIRED] Permissions for log files | [OK] | |
| [REQUIRED] Permissions for GLPI data directories | [OK] | |
| [SUGGESTED] SELinux configuration | [SKIPPED] | |
| [SECURITY] PHP maintained version | [OK] | |
| A PHP version maintained by the PHP community | | |
| should be used to get the benefits of PHP security | | |
| and bug fixes. | | |
| [SECURITY] Safe configuration of web root directory | [SKIPPED] | Checking web server root directory configuration cannot be done on CLI context. |
| Web server root directory should be | | |
| `/var/www/glpi/public` to ensure non-public files | | |
| cannot be accessed. | | |
| [SECURITY] Safe path for data directories | [OK] | |
| GLPI data directories should be placed outside web | | |
| root directory. It can be achieved by redefining | | |
| corresponding constants. See installation | | |
| documentation for more details. | | |
| [SECURITY] Security configuration for sessions | [SKIPPED] | |
| Ensure security is enforced on session cookies. | | |
| [SUGGESTED] PHP maximal integer size | [OK] | |
| Support of 64 bits integers is required for IP | | |
| addresses related operations (network inventory, | | |
| API clients IP filtering, ...). | | |
| [SUGGESTED] exif extension | [OK] | |
| Enhance security on images validation. | | |
| [SUGGESTED] ldap extension | [OK] | |
| Enable usage of authentication through remote LDAP | | |
| server. | | |
| [SUGGESTED] openssl extension | [OK] | |
| Enable email sending using SSL/TLS. | | |
| [SUGGESTED] PHP extensions for marketplace | [OK] | |
| Enable support of most common packages formats in | | |
| marketplace. | | |
| [SUGGESTED] Zend OPcache extension | [OK] | |
| Enhance PHP engine performances. | | |
| [SUGGESTED] PHP emulated extensions | [OK] | |
| Slightly enhance performances. | | |
| [SUGGESTED] Permissions for marketplace directory | [OK] | |
| Enable installation of plugins from marketplace. | | |
+-----------------------------------------------------+------------+---------------------------------------------------------------------------------+
Fixing the Database Connection Parameters
Yet another missing Folder btw.
The Environment Variables set in .env.server and passed into the Container (where they can be printed using env) do NOT work, as you keep reading Access Denied in MariaDB Logs:
root@glpi:/var/www/glpi# php bin/console database:update
A temporary write access to the following files is required: `/var/glpi/config/glpicrypt.key`.
Write access to these files can be removed once the operation is finished.
root@glpi:/var/www/glpi# whoami
root
root@glpi:/var/www/glpi# ls -l /var/glpi/config/
ls: cannot access '/var/glpi/config/': No such file or directory
root@glpi:/var/www/glpi# ls -l /var/glpi/
total 8
drwxr-xr-x. 13 root root 4096 Aug 15 04:41 files
drwxr-xr-x. 2 root root 4096 Aug 15 04:38 logs
root@glpi:/var/www/glpi# mkdir /var/glpi/config
root@glpi:/var/www/glpi# php bin/console database:update
Unable to connect to database.
database:update [-u|--allow-unstable] [-s|--skip-db-checks] [-f|--force] [--enable-telemetry] [--no-telemetry]
Go into glpi-server Container to check what's going on:
root@glpi:/var/www/glpi# mysql --host="glpi-mariadb" --database=glpi -P 3306 --user=glpi -p
[enter your password]
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 7
Server version: 12.0.2-MariaDB-ubu2404 mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [glpi]> show tables
-> ;
+-------------------------------------------+
| Tables_in_glpi |
+-------------------------------------------+
| glpi_agents |
| glpi_agenttypes |
| glpi_alerts |
| glpi_apiclients |
| glpi_applianceenvironments |
| glpi_appliances |
| glpi_appliances_items |
| glpi_appliances_items_relations |
| glpi_appliancetypes |
| glpi_authldapreplicates |
| glpi_authldaps |
| glpi_authmails |
| glpi_autoupdatesystems |
| glpi_blacklistedmailcontents |
| glpi_blacklists |
| glpi_budgets |
| glpi_budgettypes |
| glpi_businesscriticities |
| glpi_cables |
| glpi_cablestrands |
| glpi_cabletypes |
| glpi_calendars |
| glpi_calendars_holidays |
| glpi_calendarsegments |
| glpi_cartridgeitems |
| glpi_cartridgeitems_printermodels |
| glpi_cartridgeitemtypes |
| glpi_cartridges |
| glpi_certificates |
| glpi_certificates_items |
| glpi_certificatetypes |
| glpi_changecosts |
| glpi_changes |
| glpi_changes_groups |
| glpi_changes_items |
| glpi_changes_problems |
| glpi_changes_suppliers |
| glpi_changes_tickets |
| glpi_changes_users |
| glpi_changetasks |
| glpi_changetemplatehiddenfields |
| glpi_changetemplatemandatoryfields |
| glpi_changetemplatepredefinedfields |
| glpi_changetemplates |
| glpi_changevalidations |
| glpi_clusters |
| glpi_clustertypes |
| glpi_computerantiviruses |
| glpi_computermodels |
| glpi_computers |
| glpi_computers_items |
| glpi_computertypes |
| glpi_computervirtualmachines |
| glpi_configs |
| glpi_consumableitems |
| glpi_consumableitemtypes |
| glpi_consumables |
| glpi_contacts |
| glpi_contacts_suppliers |
| glpi_contacttypes |
| glpi_contractcosts |
| glpi_contracts |
| glpi_contracts_items |
| glpi_contracts_suppliers |
| glpi_contracttypes |
| glpi_crontasklogs |
| glpi_crontasks |
| glpi_dashboards_dashboards |
| glpi_dashboards_filters |
| glpi_dashboards_items |
| glpi_dashboards_rights |
| glpi_databaseinstancecategories |
| glpi_databaseinstances |
| glpi_databaseinstancetypes |
| glpi_databases |
| glpi_datacenters |
| glpi_dcrooms |
| glpi_devicebatteries |
| glpi_devicebatterymodels |
| glpi_devicebatterytypes |
| glpi_devicecameramodels |
| glpi_devicecameras |
| glpi_devicecasemodels |
| glpi_devicecases |
| glpi_devicecasetypes |
| glpi_devicecontrolmodels |
| glpi_devicecontrols |
| glpi_devicedrivemodels |
| glpi_devicedrives |
| glpi_devicefirmwaremodels |
| glpi_devicefirmwares |
| glpi_devicefirmwaretypes |
| glpi_devicegenericmodels |
| glpi_devicegenerics |
| glpi_devicegenerictypes |
| glpi_devicegraphiccardmodels |
| glpi_devicegraphiccards |
| glpi_deviceharddrivemodels |
| glpi_deviceharddrives |
| glpi_devicememories |
| glpi_devicememorymodels |
| glpi_devicememorytypes |
| glpi_devicemotherboardmodels |
| glpi_devicemotherboards |
| glpi_devicenetworkcardmodels |
| glpi_devicenetworkcards |
| glpi_devicepcimodels |
| glpi_devicepcis |
| glpi_devicepowersupplies |
| glpi_devicepowersupplymodels |
| glpi_deviceprocessormodels |
| glpi_deviceprocessors |
| glpi_devicesensormodels |
| glpi_devicesensors |
| glpi_devicesensortypes |
| glpi_devicesimcards |
| glpi_devicesimcardtypes |
| glpi_devicesoundcardmodels |
| glpi_devicesoundcards |
| glpi_displaypreferences |
| glpi_documentcategories |
| glpi_documents |
| glpi_documents_items |
| glpi_documenttypes |
| glpi_domainrecords |
| glpi_domainrecordtypes |
| glpi_domainrelations |
| glpi_domains |
| glpi_domains_items |
| glpi_domaintypes |
| glpi_dropdowntranslations |
| glpi_enclosuremodels |
| glpi_enclosures |
| glpi_entities |
| glpi_entities_knowbaseitems |
| glpi_entities_reminders |
| glpi_entities_rssfeeds |
| glpi_events |
| glpi_fieldblacklists |
| glpi_fieldunicities |
| glpi_filesystems |
| glpi_fqdns |
| glpi_groups |
| glpi_groups_knowbaseitems |
| glpi_groups_problems |
| glpi_groups_reminders |
| glpi_groups_rssfeeds |
| glpi_groups_tickets |
| glpi_groups_users |
| glpi_holidays |
| glpi_imageformats |
| glpi_imageresolutions |
| glpi_impactcompounds |
| glpi_impactcontexts |
| glpi_impactitems |
| glpi_impactrelations |
| glpi_infocoms |
| glpi_interfacetypes |
| glpi_ipaddresses |
| glpi_ipaddresses_ipnetworks |
| glpi_ipnetworks |
| glpi_ipnetworks_vlans |
| glpi_items_clusters |
| glpi_items_devicebatteries |
| glpi_items_devicecameras |
| glpi_items_devicecameras_imageformats |
| glpi_items_devicecameras_imageresolutions |
| glpi_items_devicecases |
| glpi_items_devicecontrols |
| glpi_items_devicedrives |
| glpi_items_devicefirmwares |
| glpi_items_devicegenerics |
| glpi_items_devicegraphiccards |
| glpi_items_deviceharddrives |
| glpi_items_devicememories |
| glpi_items_devicemotherboards |
| glpi_items_devicenetworkcards |
| glpi_items_devicepcis |
| glpi_items_devicepowersupplies |
| glpi_items_deviceprocessors |
| glpi_items_devicesensors |
| glpi_items_devicesimcards |
| glpi_items_devicesoundcards |
| glpi_items_disks |
| glpi_items_enclosures |
| glpi_items_kanbans |
| glpi_items_operatingsystems |
| glpi_items_problems |
| glpi_items_projects |
| glpi_items_racks |
| glpi_items_remotemanagements |
| glpi_items_softwarelicenses |
| glpi_items_softwareversions |
| glpi_items_tickets |
| glpi_itilcategories |
| glpi_itilfollowups |
| glpi_itilfollowuptemplates |
| glpi_itils_projects |
| glpi_itilsolutions |
| glpi_knowbaseitemcategories |
| glpi_knowbaseitems |
| glpi_knowbaseitems_comments |
| glpi_knowbaseitems_items |
| glpi_knowbaseitems_knowbaseitemcategories |
| glpi_knowbaseitems_profiles |
| glpi_knowbaseitems_revisions |
| glpi_knowbaseitems_users |
| glpi_knowbaseitemtranslations |
| glpi_lineoperators |
| glpi_lines |
| glpi_linetypes |
| glpi_links |
| glpi_links_itemtypes |
| glpi_locations |
| glpi_lockedfields |
| glpi_logs |
| glpi_mailcollectors |
| glpi_manuallinks |
| glpi_manufacturers |
| glpi_monitormodels |
| glpi_monitors |
| glpi_monitortypes |
| glpi_networkaliases |
| glpi_networkequipmentmodels |
| glpi_networkequipments |
| glpi_networkequipmenttypes |
| glpi_networkinterfaces |
| glpi_networknames |
| glpi_networkportaggregates |
| glpi_networkportaliases |
| glpi_networkportconnectionlogs |
| glpi_networkportdialups |
| glpi_networkportethernets |
| glpi_networkportfiberchannels |
| glpi_networkportfiberchanneltypes |
| glpi_networkportlocals |
| glpi_networkportmetrics |
| glpi_networkports |
| glpi_networkports_networkports |
| glpi_networkports_vlans |
| glpi_networkporttypes |
| glpi_networkportwifis |
| glpi_networks |
| glpi_notepads |
| glpi_notifications |
| glpi_notifications_notificationtemplates |
| glpi_notificationtargets |
| glpi_notificationtemplates |
| glpi_notificationtemplatetranslations |
| glpi_notimportedemails |
| glpi_objectlocks |
| glpi_olalevelactions |
| glpi_olalevelcriterias |
| glpi_olalevels |
| glpi_olalevels_tickets |
| glpi_olas |
| glpi_operatingsystemarchitectures |
| glpi_operatingsystemeditions |
| glpi_operatingsystemkernels |
| glpi_operatingsystemkernelversions |
| glpi_operatingsystems |
| glpi_operatingsystemservicepacks |
| glpi_operatingsystemversions |
| glpi_passivedcequipmentmodels |
| glpi_passivedcequipments |
| glpi_passivedcequipmenttypes |
| glpi_pcivendors |
| glpi_pdumodels |
| glpi_pdus |
| glpi_pdus_plugs |
| glpi_pdus_racks |
| glpi_pdutypes |
| glpi_pendingreasons |
| glpi_pendingreasons_items |
| glpi_peripheralmodels |
| glpi_peripherals |
| glpi_peripheraltypes |
| glpi_phonemodels |
| glpi_phonepowersupplies |
| glpi_phones |
| glpi_phonetypes |
| glpi_planningeventcategories |
| glpi_planningexternalevents |
| glpi_planningexternaleventtemplates |
| glpi_planningrecalls |
| glpi_plugins |
| glpi_plugs |
| glpi_printerlogs |
| glpi_printermodels |
| glpi_printers |
| glpi_printers_cartridgeinfos |
| glpi_printertypes |
| glpi_problemcosts |
| glpi_problems |
| glpi_problems_suppliers |
| glpi_problems_tickets |
| glpi_problems_users |
| glpi_problemtasks |
| glpi_problemtemplatehiddenfields |
| glpi_problemtemplatemandatoryfields |
| glpi_problemtemplatepredefinedfields |
| glpi_problemtemplates |
| glpi_profilerights |
| glpi_profiles |
| glpi_profiles_reminders |
| glpi_profiles_rssfeeds |
| glpi_profiles_users |
| glpi_projectcosts |
| glpi_projects |
| glpi_projectstates |
| glpi_projecttasklinks |
| glpi_projecttasks |
| glpi_projecttasks_tickets |
| glpi_projecttaskteams |
| glpi_projecttasktemplates |
| glpi_projecttasktypes |
| glpi_projectteams |
| glpi_projecttypes |
| glpi_queuednotifications |
| glpi_rackmodels |
| glpi_racks |
| glpi_racktypes |
| glpi_recurrentchanges |
| glpi_refusedequipments |
| glpi_registeredids |
| glpi_reminders |
| glpi_reminders_users |
| glpi_remindertranslations |
| glpi_requesttypes |
| glpi_reservationitems |
| glpi_reservations |
| glpi_rssfeeds |
| glpi_rssfeeds_users |
| glpi_ruleactions |
| glpi_rulecriterias |
| glpi_rulematchedlogs |
| glpi_rulerightparameters |
| glpi_rules |
| glpi_savedsearches |
| glpi_savedsearches_alerts |
| glpi_savedsearches_users |
| glpi_slalevelactions |
| glpi_slalevelcriterias |
| glpi_slalevels |
| glpi_slalevels_tickets |
| glpi_slas |
| glpi_slms |
| glpi_snmpcredentials |
| glpi_socketmodels |
| glpi_sockets |
| glpi_softwarecategories |
| glpi_softwarelicenses |
| glpi_softwarelicensetypes |
| glpi_softwares |
| glpi_softwareversions |
| glpi_solutiontemplates |
| glpi_solutiontypes |
| glpi_ssovariables |
| glpi_states |
| glpi_suppliers |
| glpi_suppliers_tickets |
| glpi_suppliertypes |
| glpi_taskcategories |
| glpi_tasktemplates |
| glpi_ticketcosts |
| glpi_ticketrecurrents |
| glpi_tickets |
| glpi_tickets_contracts |
| glpi_tickets_tickets |
| glpi_tickets_users |
| glpi_ticketsatisfactions |
| glpi_tickettasks |
| glpi_tickettemplatehiddenfields |
| glpi_tickettemplatemandatoryfields |
| glpi_tickettemplatepredefinedfields |
| glpi_tickettemplates |
| glpi_ticketvalidations |
| glpi_transfers |
| glpi_unmanageds |
| glpi_usbvendors |
| glpi_usercategories |
| glpi_useremails |
| glpi_users |
| glpi_usertitles |
| glpi_virtualmachinestates |
| glpi_virtualmachinesystems |
| glpi_virtualmachinetypes |
| glpi_vlans |
| glpi_vobjects |
| glpi_wifinetworks |
+-------------------------------------------+
390 rows in set (0.002 sec)
Great so I do have access FROM the glpi-server Container to MariaDB Container.
Then Issueing a:
root@glpi:/var/www/glpi# php bin/console database:update --force
Unable to connect to database.
database:update [-u|--allow-unstable] [-s|--skip-db-checks] [-f|--force] [--enable-telemetry] [--no-telemetry]
What gives ????
Frustrateed, I decided to reconfigure the Database Parameters using:
root@glpi:/var/www/glpi# php bin/console db:configure --reconfigure --db-host=glpi-mariadb --db-name=glpi --db-user=glpi --db-password=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+---------------+--------------+
| Database host | glpi-mariadb |
| Database name | glpi |
| Database user | glpi |
+---------------+--------------+
Do you want to continue? [Yes/no]Yes
Timezones usage cannot be activated due to following errors:
- Access to timezone database (mysql) is not allowed.
OK let's check:
root@glpi:/var/www/glpi# php bin/console database:update --force
Some optional system requirements are missing. Run the "php bin/console system:check_requirements" command for more details.
+-----------------------+--------------+---------+
| | Current | Target |
+-----------------------+--------------+---------+
| Database host | glpi-mariadb | |
| Database name | glpi | |
| Database user | glpi | |
| GLPI version | 10.0.19 | 10.0.19 |
| GLPI database version | 10.0.19 | 10.0.19 |
+-----------------------+--------------+---------+
The key file "/var/glpi/config/glpicrypt.key" used to encrypt/decrypt sensitive data is missing. You should retrieve it from your previous installation or encrypted data will be unreadable.
Checking database schema integrity...
Database schema is OK.
Missing encryption Key
So the Encryption Key is also missing.
WARNING: this is fine for a new Installation, but an existing Installation will lose access to the encrypted Data. Backup everything before proceeding !!!
Regenerate the Encryption Key:
root@glpi:/var/www/glpi# php bin/console glpi:security:change_key
Found 4 field(s) and 5 configuration entries requiring migration.
Do you want to continue? [Yes/no]yes
New security key generated; database updated.
Let's check again:
root@glpi:/var/www/glpi# php bin/console database:update
Some optional system requirements are missing. Run the "php bin/console system:check_requirements" command for more details.
+-----------------------+--------------+---------+
| | Current | Target |
+-----------------------+--------------+---------+
| Database host | glpi-mariadb | |
| Database name | glpi | |
| Database user | glpi | |
| GLPI version | 10.0.19 | 10.0.19 |
| GLPI database version | 10.0.19 | 10.0.19 |
+-----------------------+--------------+---------+
No migration needed.
Alright, now this seems OK.
Missing Timestamps Support
Proceed to do Migrations Timestamps:
root@glpi:/var/www/glpi# php bin/console glpi:migration:timestamps
Found 0 table(s) requiring migration.
No migration needed.
Timezones usage cannot be activated due to missing requirements.
Run the "php bin/console database:enable_timezones" command for more details.
OK, let's enable them:
root@glpi:/var/www/glpi# php bin/console database:enable_timezones
Timezones usage cannot be activated due to following errors:
- Access to timezone database (mysql) is not allowed.
So for this, we need to switch to the MariaDB Container, since we need to use the MariaDB root Account and root Password:
podman@HOST:~/containers/quadlets/glpi$ podman exec -it glpi-mariadb /bin/bash
root@glpi:/# mariadb -u root --password
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 17
Server version: 12.0.2-MariaDB-ubu2404 mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> GRANT SELECT ON `mysql`.`time_zone_name` TO 'glpi'@'localhost';
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> EXIT;
Weird Communication Packets Issue
In MariaDB Logs:
podman@HOST:~/containers/quadlets/glpi$ journalctl --user -xeu glpi-mariadb
░░ The unit UNIT completed and consumed the indicated resources.
Aug 15 06:38:09 HOST systemd[1127]: Starting glpi-mariadb.service - GLPI MariaDB Container...
░░ Subject: A start job for unit UNIT has begun execution
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ A start job for unit UNIT has begun execution.
░░
░░ The job identifier is 1504722.
Aug 15 06:38:09 HOST podman[2693445]: 2025-08-15 06:38:09.189336678 +0200 CEST m=+0.048390947 image pull 300929c28ab758f3322f12273e9e8b0f2233d8af06050bd1b9e17133cc5beb1a mirror.gcr.io/library/mariadb:12
Aug 15 06:38:09 HOST podman[2693445]: 2025-08-15 06:38:09.29133992 +0200 CEST m=+0.150394191 container create 9ca8476c2e9d5432ccdb79a141d71eaebd1e0518ce89c7bf974257d5f8f3159d (image=mirror.gcr.io/library/mariadb:12, name=glpi-mariadb, pod_id=1>
Aug 15 06:38:09 HOST podman[2693445]: 2025-08-15 06:38:09.393445841 +0200 CEST m=+0.252500118 container init 9ca8476c2e9d5432ccdb79a141d71eaebd1e0518ce89c7bf974257d5f8f3159d (image=mirror.gcr.io/library/mariadb:12, name=glpi-mariadb, pod_id=15>
Aug 15 06:38:09 HOST systemd[1127]: Started glpi-mariadb.service - GLPI MariaDB Container.
░░ Subject: A start job for unit UNIT has finished successfully
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ A start job for unit UNIT has finished successfully.
░░
░░ The job identifier is 1504722.
Aug 15 06:38:09 HOST podman[2693445]: 2025-08-15 06:38:09.418908486 +0200 CEST m=+0.277962753 container start 9ca8476c2e9d5432ccdb79a141d71eaebd1e0518ce89c7bf974257d5f8f3159d (image=mirror.gcr.io/library/mariadb:12, name=glpi-mariadb, pod_id=1>
Aug 15 06:38:09 HOST glpi-mariadb[2693445]: 9ca8476c2e9d5432ccdb79a141d71eaebd1e0518ce89c7bf974257d5f8f3159d
Aug 15 06:38:09 HOST glpi-mariadb[2693470]: 2025-08-15 04:38:09+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:12.0.2+maria~ubu2404 started.
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 04:38:10+00:00 [Warn] [Entrypoint]: /sys/fs/cgroup///memory.pressure not writable, functionality unavailable to MariaDB
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 04:38:10+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 04:38:10+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:12.0.2+maria~ubu2404 started.
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 04:38:10+00:00 [Note] [Entrypoint]: MariaDB upgrade not required
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] Starting MariaDB 12.0.2-MariaDB-ubu2404 source revision aab83aecdca15738d114cf5a2f223f1d12e4e6bd server_uid VGWFPwrPBN4iWRqenxUvDVQ9HC8= as process 1
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] InnoDB: Compressed tables use zlib 1.3
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] InnoDB: Number of transaction pools: 1
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] mariadbd: O_TMPFILE is not supported on /tmp (disabling future attempts)
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Warning] mariadbd: io_uring_queue_init() failed with ENOSYS: check seccomp filters, and the kernel version (newer than 5.1 required)
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: create_uring failed: falling back to libaio
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] InnoDB: Using Linux native AIO
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] InnoDB: innodb_buffer_pool_size_max=128m, innodb_buffer_pool_size=128m
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] InnoDB: Completed initialization of buffer pool
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] InnoDB: File system buffers for log disabled (block size=512 bytes)
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] InnoDB: End of log at LSN=6276192
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] InnoDB: Opened 3 undo tablespaces
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] InnoDB: 128 rollback segments in 3 undo tablespaces are active.
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] InnoDB: Setting file './ibtmp1' size to 12.000MiB. Physically writing the file full; Please wait ...
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] InnoDB: File './ibtmp1' size is now 12.000MiB.
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] InnoDB: log sequence number 6276192; transaction id 8538
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] Plugin 'FEEDBACK' is disabled.
Aug 15 06:38:10 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:10 0 [Note] Plugin 'wsrep-provider' is disabled.
Aug 15 06:38:11 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:11 0 [Note] InnoDB: Buffer pool(s) load completed at 250815 4:38:11
Aug 15 06:38:13 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:13 0 [Note] Server socket created on IP: '0.0.0.0', port: '3306'.
Aug 15 06:38:13 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:13 0 [Note] Server socket created on IP: '::', port: '3306'.
Aug 15 06:38:14 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:14 0 [Note] mariadbd: Event Scheduler: Loaded 0 events
Aug 15 06:38:14 HOST glpi-mariadb[2693470]: 2025-08-15 4:38:14 0 [Note] mariadbd: ready for connections.
Aug 15 06:38:14 HOST glpi-mariadb[2693470]: Version: '12.0.2-MariaDB-ubu2404' socket: '/run/mysqld/mysqld.sock' port: 3306 mariadb.org binary distribution
Aug 15 06:43:22 HOST glpi-mariadb[2693470]: 2025-08-15 4:43:22 3 [Warning] Access denied for user 'glpi'@'%' to database 'glpi-mariadb'
Aug 15 06:43:38 HOST glpi-mariadb[2693470]: 2025-08-15 4:43:38 4 [Warning] Access denied for user 'glpi'@'%' to database 'glpi-mariadb'
Aug 15 06:44:15 HOST glpi-mariadb[2693470]: 2025-08-15 4:44:15 5 [Warning] Access denied for user 'glpi'@'%' to database 'glpi-mariadb'
Aug 15 06:44:25 HOST glpi-mariadb[2693470]: 2025-08-15 4:44:25 6 [Warning] Access denied for user 'glpi'@'%' to database 'glpi-mariadb'
Aug 15 06:47:36 HOST glpi-mariadb[2693470]: 2025-08-15 4:47:36 10 [Warning] Aborted connection 10 to db: 'glpi' user: 'glpi' host: '127.0.0.1' (Got an error reading communication packets)
Aug 15 06:47:49 HOST glpi-mariadb[2693470]: 2025-08-15 4:47:49 11 [Warning] Aborted connection 11 to db: 'glpi' user: 'glpi' host: '127.0.0.1' (Got an error reading communication packets)
Aug 15 06:48:56 HOST glpi-mariadb[2693470]: 2025-08-15 4:48:56 12 [Warning] Aborted connection 12 to db: 'glpi' user: 'glpi' host: '127.0.0.1' (Got an error reading communication packets)
Test Timezone Database Access again from glpi
root@glpi:/var/www/glpi# php bin/console database:enable_timezones
Timezones usage cannot be activated due to following errors:
- Access to timezone database (mysql) is not allowed.
What gives ?
Did I forget FLUSH PRIVILEGES ?need to also add IDENTIFIED BY "<GLPI_DB_PASSWORD>" to the GRANT SQL Statement ???
Let's try that:
podman@HOST:~/containers/quadlets/glpi$ podman exec -it glpi-mariadb /bin/bash
root@glpi:/# mariadb -u root --password
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 20
Server version: 12.0.2-MariaDB-ubu2404 mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> GRANT SELECT ON `mysql`.`time_zone_name` TO 'glpi'@'localhost';
Query OK, 0 rows affected (0.004 sec)
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> EXIT;
Then back to glpi:
podman@HOST:~/containers/quadlets/glpi$ podman exec -it glpi-server /bin/bash
root@glpi:/var/www/glpi# php bin/console database:enable_timezones
Timezones usage cannot be activated due to following errors:
- Access to timezone database (mysql) is not allowed.
root@glpi:/var/www/glpi# exit
What is it now ? Did I need to also add IDENTIFIED BY "<GLPI_DB_PASSWORD>" to the GRANT SQL Statement ???
root@glpi:/# mariadb -u root --password
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 23
Server version: 12.0.2-MariaDB-ubu2404 mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> GRANT SELECT ON `mysql`.`time_zone_name` TO 'glpi'@'localhost' IDENTIFIED BY "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
Query OK, 0 rows affected (0.412 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> exit
Bye
Try now:
podman@HOST:~/containers/quadlets/glpi$ podman exec -it glpi-server /bin/bash
root@glpi:/var/www/glpi# php bin/console database:enable_timezones
Timezones usage cannot be activated due to following errors:
- Access to timezone database (mysql) is not allowed.
root@glpi:/var/www/glpi# exit
exit
Aaaaargh 😠 !!!
Let's try by IP Address instead of localhost:
root@glpi:/# mariadb -u root --password
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 25
Server version: 12.0.2-MariaDB-ubu2404 mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> GRANT SELECT ON `mysql`.`time_zone_name` TO 'glpi'@'127.0.0.1' IDENTIFIED BY "RELybj9oEV4BymwmFTL2yDm7V3RnjGRURB2xkHA3yykmXpXWcsYRQccSL3piG88R";
Query OK, 0 rows affected (0.005 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> exit;
Bye
root@glpi:/# exit
exit
Last Attempt:
podman@HOST:~/containers/quadlets/glpi$ podman exec -it glpi-server /bin/bash
root@glpi:/var/www/glpi# php bin/console database:enable_timezones
Timezone usage has been enabled.
Finally after several Hours of Troubleshooting it seems to work !
Restarting in Production Mode
Disable/Remove the Interactive PodmanArgs=-it and EntryPoint=/bin/bash Entries in Quadlet so that glpi can start in Normal Mode:
podman@HOST:~/containers/quadlets/glpi$ systemctl --user daemon-reload
# Make sure to full Stop the Container, otherwise the new Configuration might NOT be applied with a simple restart Command
podman@HOST:~/containers/quadlets/glpi$ systemctl --user stop glpi-pod
podman@HOST:~/containers/quadlets/glpi$ systemctl --user restart glpi-pod
podman@HOST:~/containers/quadlets/glpi$ journalctl --user -xeu glpi-mariadb
░░
░░ The job identifier is 1527404 and the job result is done.
Aug 15 06:58:46 HOST systemd[1127]: glpi-mariadb.service: Consumed 6.474s CPU time, 222.8M memory peak.
░░ Subject: Resources consumed by unit runtime
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ The unit UNIT completed and consumed the indicated resources.
Aug 15 06:58:51 HOST systemd[1127]: Starting glpi-mariadb.service - GLPI MariaDB Container...
░░ Subject: A start job for unit UNIT has begun execution
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ A start job for unit UNIT has begun execution.
░░
░░ The job identifier is 1527701.
Aug 15 06:58:51 HOST podman[2730870]: 2025-08-15 06:58:51.698348309 +0200 CEST m=+0.141746819 container create 15d3e8c3e57fe0cd52df4c569440552425f0cf7f863cda3b72aa9d2847757bfd (image=mirror.gcr.io/library/mariadb:12, name=glpi-mariadb, pod_id=>
Aug 15 06:58:51 HOST podman[2730870]: 2025-08-15 06:58:51.63602916 +0200 CEST m=+0.079427645 image pull 300929c28ab758f3322f12273e9e8b0f2233d8af06050bd1b9e17133cc5beb1a mirror.gcr.io/library/mariadb:12
Aug 15 06:58:51 HOST podman[2730870]: 2025-08-15 06:58:51.948147643 +0200 CEST m=+0.391546112 container init 15d3e8c3e57fe0cd52df4c569440552425f0cf7f863cda3b72aa9d2847757bfd (image=mirror.gcr.io/library/mariadb:12, name=glpi-mariadb, pod_id=bc>
Aug 15 06:58:51 HOST systemd[1127]: Started glpi-mariadb.service - GLPI MariaDB Container.
░░ Subject: A start job for unit UNIT has finished successfully
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ A start job for unit UNIT has finished successfully.
░░
░░ The job identifier is 1527701.
Aug 15 06:58:51 HOST podman[2730870]: 2025-08-15 06:58:51.968759494 +0200 CEST m=+0.412157956 container start 15d3e8c3e57fe0cd52df4c569440552425f0cf7f863cda3b72aa9d2847757bfd (image=mirror.gcr.io/library/mariadb:12, name=glpi-mariadb, pod_id=b>
Aug 15 06:58:51 HOST glpi-mariadb[2730870]: 15d3e8c3e57fe0cd52df4c569440552425f0cf7f863cda3b72aa9d2847757bfd
Aug 15 06:58:52 HOST glpi-mariadb[2730892]: 2025-08-15 04:58:52+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:12.0.2+maria~ubu2404 started.
Aug 15 06:58:52 HOST glpi-mariadb[2730892]: 2025-08-15 04:58:52+00:00 [Warn] [Entrypoint]: /sys/fs/cgroup///memory.pressure not writable, functionality unavailable to MariaDB
Aug 15 06:58:52 HOST glpi-mariadb[2730892]: 2025-08-15 04:58:52+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
Aug 15 06:58:52 HOST glpi-mariadb[2730892]: 2025-08-15 04:58:52+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:12.0.2+maria~ubu2404 started.
Aug 15 06:58:52 HOST glpi-mariadb[2730892]: 2025-08-15 04:58:52+00:00 [Note] [Entrypoint]: MariaDB upgrade not required
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] Starting MariaDB 12.0.2-MariaDB-ubu2404 source revision aab83aecdca15738d114cf5a2f223f1d12e4e6bd server_uid Fxz406I3jSru6uv6lzyknOKuupg= as process 1
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] InnoDB: Compressed tables use zlib 1.3
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] InnoDB: Number of transaction pools: 1
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] mariadbd: O_TMPFILE is not supported on /tmp (disabling future attempts)
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Warning] mariadbd: io_uring_queue_init() failed with ENOSYS: check seccomp filters, and the kernel version (newer than 5.1 required)
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: create_uring failed: falling back to libaio
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] InnoDB: Using Linux native AIO
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] InnoDB: innodb_buffer_pool_size_max=128m, innodb_buffer_pool_size=128m
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] InnoDB: Completed initialization of buffer pool
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] InnoDB: File system buffers for log disabled (block size=512 bytes)
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] InnoDB: End of log at LSN=6278006
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] InnoDB: Opened 3 undo tablespaces
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] InnoDB: 128 rollback segments in 3 undo tablespaces are active.
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] InnoDB: Setting file './ibtmp1' size to 12.000MiB. Physically writing the file full; Please wait ...
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] InnoDB: File './ibtmp1' size is now 12.000MiB.
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] InnoDB: log sequence number 6278006; transaction id 8938
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] Plugin 'FEEDBACK' is disabled.
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] Plugin 'wsrep-provider' is disabled.
Aug 15 06:58:53 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:53 0 [Note] InnoDB: Buffer pool(s) load completed at 250815 4:58:53
Aug 15 06:58:56 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:56 0 [Note] Server socket created on IP: '0.0.0.0', port: '3306'.
Aug 15 06:58:56 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:56 0 [Note] Server socket created on IP: '::', port: '3306'.
Aug 15 06:58:56 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:56 0 [Note] mariadbd: Event Scheduler: Loaded 0 events
Aug 15 06:58:56 HOST glpi-mariadb[2730892]: 2025-08-15 4:58:56 0 [Note] mariadbd: ready for connections.
Aug 15 06:58:56 HOST glpi-mariadb[2730892]: Version: '12.0.2-MariaDB-ubu2404' socket: '/run/mysqld/mysqld.sock' port: 3306 mariadb.org binary distribution
podman@HOST:~/containers/quadlets/glpi$ journalctl --user -xeu glpi-server
░░
░░ The job identifier is 1527697.
Aug 15 06:58:52 HOST podman[2730901]: 2025-08-15 06:58:52.568886384 +0200 CEST m=+0.583933107 container start 92638351a5493beac3444730afb58162d13c179922755745a8cad4d529cf4c1c (image=docker.MYDOMAIN.TLD/glpi/glpi:latest, name=glpi-server, pod_>
Aug 15 06:58:52 HOST glpi-server[2730901]: 92638351a5493beac3444730afb58162d13c179922755745a8cad4d529cf4c1c
Aug 15 06:58:52 HOST glpi-server[2730952]: Setting /var/glpi/config ACLs...
Aug 15 06:58:52 HOST glpi-server[2730952]: Setting /var/glpi/files ACLs...
Aug 15 06:58:52 HOST glpi-server[2730952]: Setting /var/glpi/files/_cache ACLs...
Aug 15 06:58:52 HOST glpi-server[2730952]: Setting /var/glpi/files/_cron ACLs...
Aug 15 06:58:52 HOST glpi-server[2730952]: Setting /var/glpi/files/_dumps ACLs...
Aug 15 06:58:52 HOST glpi-server[2730952]: Setting /var/glpi/files/_graphs ACLs...
Aug 15 06:58:52 HOST glpi-server[2730952]: Creating /var/glpi/files/_locales...
Aug 15 06:58:52 HOST glpi-server[2730952]: Setting /var/glpi/files/_locales ACLs...
Aug 15 06:58:52 HOST glpi-server[2730952]: Setting /var/glpi/files/_lock ACLs...
Aug 15 06:58:52 HOST glpi-server[2730952]: Setting /var/glpi/files/_pictures ACLs...
Aug 15 06:58:52 HOST glpi-server[2730952]: Setting /var/glpi/files/_plugins ACLs...
Aug 15 06:58:52 HOST glpi-server[2730952]: Setting /var/glpi/files/_rss ACLs...
Aug 15 06:58:52 HOST glpi-server[2730952]: Setting /var/glpi/files/_sessions ACLs...
Aug 15 06:58:52 HOST glpi-server[2730952]: Setting /var/glpi/files/_tmp ACLs...
Aug 15 06:58:52 HOST glpi-server[2730952]: Setting /var/glpi/files/_uploads ACLs...
Aug 15 06:58:52 HOST glpi-server[2730952]: Creating /var/glpi/files/_inventories...
Aug 15 06:58:52 HOST glpi-server[2730952]: Setting /var/glpi/files/_inventories ACLs...
Aug 15 06:58:52 HOST glpi-server[2730952]: Setting /var/www/glpi/marketplace ACLs...
Aug 15 06:58:52 HOST glpi-server[2730952]: Setting /var/glpi/logs ACLs...
Aug 15 06:58:53 HOST glpi-server[2730952]: [2025-08-15 04:48:16] glpiphplog.WARNING: Test logger
Aug 15 06:58:53 HOST glpi-server[2730952]: [2025-08-15 04:48:57] glpiphplog.WARNING: Test logger
Aug 15 06:58:53 HOST glpi-server[2730952]: [2025-08-15 04:49:06] glpiphplog.WARNING: Test logger
Aug 15 06:58:53 HOST glpi-server[2730952]: [2025-08-15 04:49:35] glpiphplog.WARNING: Test logger
Aug 15 06:58:53 HOST glpi-server[2730952]: [2025-08-15 04:49:40] glpiphplog.WARNING: Test logger
Aug 15 06:58:53 HOST glpi-server[2730952]: [2025-08-15 04:51:11] glpiphplog.WARNING: Test logger
Aug 15 06:58:53 HOST glpi-server[2730952]: [2025-08-15 04:53:59] glpiphplog.WARNING: Test logger
Aug 15 06:58:53 HOST glpi-server[2730952]: [2025-08-15 04:54:52] glpiphplog.WARNING: Test logger
Aug 15 06:58:53 HOST glpi-server[2730952]: [2025-08-15 04:55:52] glpiphplog.WARNING: Test logger
Aug 15 06:58:53 HOST glpi-server[2730952]: [2025-08-15 04:57:09] glpiphplog.WARNING: Test logger
Aug 15 06:58:53 HOST glpi-server[2730952]: ERROR 2002 (HY000): Can't connect to server on 'glpi-mariadb' (115)
Aug 15 06:58:53 HOST glpi-server[2730952]: GLPI is not installed. but auto-install is enabled. Starting installation.
Aug 15 06:58:53 HOST glpi-server[2730952]: Please wait until you see the greeting, this may take a minute...
Aug 15 06:58:53 HOST glpi-server[2730952]: /opt/glpi/startup/install.sh: line 47: [: -eq: unary operator expected
Aug 15 06:58:53 HOST glpi-server[2730952]: [2025-08-15 04:58:53] glpiphplog.WARNING: Test logger
Aug 15 06:58:53 HOST podman[2731220]: 2025-08-15 06:58:53.494540989 +0200 CEST m=+0.037473064 container died 92638351a5493beac3444730afb58162d13c179922755745a8cad4d529cf4c1c (image=docker.MYDOMAIN.TLD/glpi/glpi:latest, name=glpi-server, PODMA>
Aug 15 06:58:53 HOST podman[2731220]: 2025-08-15 06:58:53.712546973 +0200 CEST m=+0.255479051 container remove 92638351a5493beac3444730afb58162d13c179922755745a8cad4d529cf4c1c (image=docker.MYDOMAIN.TLD/glpi/glpi:latest, name=glpi-server, pod>
Aug 15 06:58:53 HOST systemd[1127]: glpi-server.service: Main process exited, code=exited, status=3/NOTIMPLEMENTED
░░ Subject: Unit process exited
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ An ExecStart= process belonging to unit UNIT has exited.
░░
░░ The process' exit code is 'exited' and its exit status is 3.
Aug 15 06:58:53 HOST systemd[1127]: glpi-server.service: Failed with result 'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ The unit UNIT has entered the 'failed' state with result 'exit-code'.
Aug 15 06:58:53 HOST systemd[1127]: glpi-server.service: Consumed 1.129s CPU time, 80.3M memory peak.
░░ Subject: Resources consumed by unit runtime
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ The unit UNIT completed and consumed the indicated resources.
What is it now ? Even Shell Scripts don't work now 😣 ???
Maybe it's just a timing Issue due to how Podman does NOT support depends_on: service_healthy.
Let's try to restart JUST the glpi-server Container:
Aug 15 07:34:40 HOST glpi-server[2816406]: 65272e01ef09f9e8c22ef77b66395b01bdbcc9e86b97065132393012e076032d
Aug 15 07:34:40 HOST glpi-server[2816422]: Setting /var/glpi/config ACLs...
Aug 15 07:34:40 HOST glpi-server[2816422]: Setting /var/glpi/files ACLs...
Aug 15 07:34:40 HOST glpi-server[2816422]: Setting /var/glpi/files/_cache ACLs...
Aug 15 07:34:41 HOST glpi-server[2816422]: Setting /var/glpi/files/_cron ACLs...
Aug 15 07:34:41 HOST glpi-server[2816422]: Setting /var/glpi/files/_dumps ACLs...
Aug 15 07:34:41 HOST glpi-server[2816422]: Setting /var/glpi/files/_graphs ACLs...
Aug 15 07:34:41 HOST glpi-server[2816422]: Setting /var/glpi/files/_locales ACLs...
Aug 15 07:34:41 HOST glpi-server[2816422]: Setting /var/glpi/files/_lock ACLs...
Aug 15 07:34:41 HOST glpi-server[2816422]: Setting /var/glpi/files/_pictures ACLs...
Aug 15 07:34:41 HOST glpi-server[2816422]: Setting /var/glpi/files/_plugins ACLs...
Aug 15 07:34:41 HOST glpi-server[2816422]: Setting /var/glpi/files/_rss ACLs...
Aug 15 07:34:41 HOST glpi-server[2816422]: Setting /var/glpi/files/_sessions ACLs...
Aug 15 07:34:41 HOST glpi-server[2816422]: Setting /var/glpi/files/_tmp ACLs...
Aug 15 07:34:41 HOST glpi-server[2816422]: Setting /var/glpi/files/_uploads ACLs...
Aug 15 07:34:41 HOST glpi-server[2816422]: Setting /var/glpi/files/_inventories ACLs...
Aug 15 07:34:41 HOST glpi-server[2816422]: Setting /var/www/glpi/marketplace ACLs...
Aug 15 07:34:41 HOST glpi-server[2816422]: Setting /var/glpi/logs ACLs...
Aug 15 07:34:41 HOST glpi-server[2816422]: [2025-08-15 05:28:51] glpiphplog.WARNING: Test logger
Aug 15 07:34:41 HOST glpi-server[2816422]: [2025-08-15 05:29:24] glpiphplog.WARNING: Test logger
Aug 15 07:34:41 HOST glpi-server[2816422]: [2025-08-15 05:30:00] glpiphplog.WARNING: Test logger
Aug 15 07:34:41 HOST glpi-server[2816422]: [2025-08-15 05:30:34] glpiphplog.WARNING: Test logger
Aug 15 07:34:41 HOST glpi-server[2816422]: [2025-08-15 05:31:06] glpiphplog.WARNING: Test logger
Aug 15 07:34:41 HOST glpi-server[2816422]: [2025-08-15 05:31:38] glpiphplog.WARNING: Test logger
Aug 15 07:34:41 HOST glpi-server[2816422]: [2025-08-15 05:32:11] glpiphplog.WARNING: Test logger
Aug 15 07:34:41 HOST glpi-server[2816422]: [2025-08-15 05:32:43] glpiphplog.WARNING: Test logger
Aug 15 07:34:41 HOST glpi-server[2816422]: [2025-08-15 05:33:15] glpiphplog.WARNING: Test logger
Aug 15 07:34:41 HOST glpi-server[2816422]: [2025-08-15 05:34:09] glpiphplog.WARNING: Test logger
Aug 15 07:34:41 HOST glpi-server[2816422]: GLPI is installed, and auto-update is enabled. Starting update...
Aug 15 07:34:42 HOST glpi-server[2816422]: [2025-08-15 05:34:42] glpiphplog.WARNING: Test logger
Aug 15 07:34:42 HOST glpi-server[2816422]:
Aug 15 07:34:42 HOST glpi-server[2816422]:
Aug 15 07:34:42 HOST glpi-server[2816422]: ================================================================
Aug 15 07:34:42 HOST glpi-server[2816422]: Welcome to
Aug 15 07:34:42 HOST glpi-server[2816422]:
Aug 15 07:34:42 HOST glpi-server[2816422]: ██████╗ ██╗ ██████╗ ██╗
Aug 15 07:34:42 HOST glpi-server[2816422]: ██╔════╝ ██║ ██╔══██╗██║
Aug 15 07:34:42 HOST glpi-server[2816422]: ██║ ███╗██║ ██████╔╝██║
Aug 15 07:34:42 HOST glpi-server[2816422]: ██║ ██║██║ ██╔═══╝ ██║
Aug 15 07:34:42 HOST glpi-server[2816422]: ╚██████╔╝███████╗██║ ██║
Aug 15 07:34:42 HOST glpi-server[2816422]: ╚═════╝ ╚══════╝╚═╝ ╚═╝
Aug 15 07:34:42 HOST glpi-server[2816422]:
Aug 15 07:34:42 HOST glpi-server[2816422]: https://glpi-project.org
Aug 15 07:34:42 HOST glpi-server[2816422]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
Aug 15 07:34:42 HOST glpi-server[2816422]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
Aug 15 07:34:42 HOST glpi-server[2816422]: no listening sockets available, shutting down
Aug 15 07:34:42 HOST glpi-server[2816422]: AH00015: Unable to open logs
Aug 15 07:34:42 HOST podman[2816804]: 2025-08-15 07:34:42.361761736 +0200 CEST m=+0.032721791 container died 65272e01ef09f9e8c22ef77b66395b01bdbcc9e86b97065132393012e076032d (image=docker.MYDOMAIN.TLD/glpi/glpi:latest, name=glpi-server, org.opencontainers.image.description=This container contains Apache/PHP and a nightly build of GLPI. It can be used to test latest features and bug fixes., [email protected]:glpi-project/docker-images, org.opencontainers.image.title=GLPI nightly build, org.opencontainers.image.url=https://github.com/glpi-project/docker-images, PODMAN_SYSTEMD_UNIT=glpi-server.service)
Aug 15 07:34:42 HOST podman[2816804]: 2025-08-15 07:34:42.521199473 +0200 CEST m=+0.192159529 container remove 65272e01ef09f9e8c22ef77b66395b01bdbcc9e86b97065132393012e076032d (image=docker.MYDOMAIN.TLD/glpi/glpi:latest, name=glpi-server, pod_id=bcc93a7cbe778146ddd38dcf66916f90af5fa4f397210d62267fa046bb318b4c, [email protected]:glpi-project/docker-images, org.opencontainers.image.title=GLPI nightly build, org.opencontainers.image.url=https://github.com/glpi-project/docker-images, PODMAN_SYSTEMD_UNIT=glpi-server.service, org.opencontainers.image.description=This container contains Apache/PHP and a nightly build of GLPI. It can be used to test latest features and bug fixes.)
Aug 15 07:34:42 HOST systemd[1127]: glpi-server.service: Main process exited, code=exited, status=1/FAILURE
░░ Subject: Unit process exited
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ An ExecStart= process belonging to unit UNIT has exited.
░░
░░ The process' exit code is 'exited' and its exit status is 1.
Aug 15 07:34:42 HOST systemd[1127]: glpi-server.service: Failed with result 'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ The unit UNIT has entered the 'failed' state with result 'exit-code'.
Aug 15 07:34:42 HOST systemd[1127]: glpi-server.service: Consumed 1.590s CPU time, 86.6M memory peak.
░░ Subject: Resources consumed by unit runtime
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ The unit UNIT completed and consumed the indicated resources.
Well ... that's normal, Caddy is already listening on Port 80 and 443.
So ... how do I now change the Port that GLPI is listening to ???
OK ...
Add an Extra Bind-Mount Volume to glpi-server.container:
# Use custom Configuration for Apache2 so that we can change the Listing Port
Volume=/home/podman/containers/config/glpi/application/apache2/sites-available/000-default.conf:/etc/apache2/sites-available/000-default.conf:ro,z
With /home/podman/containers/config/glpi/application/apache2/sites-available/000-default.conf just switching from Port 80 to Port 8080:
<VirtualHost *:8080>
DocumentRoot /var/www/glpi/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/glpi/public>
Require all granted
RewriteEngine On
# Prevent bearer authorization token filtering
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect all requests to GLPI router, unless file exists.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php [QSA,L]
</Directory>
</VirtualHost>
Let's try again:
podman@HOST:~/containers/quadlets/glpi$ systemctl --user daemon-reload
podman@HOST:~/containers/quadlets/glpi$ systemctl --user stop glpi-server
podman@HOST:~/containers/quadlets/glpi$ systemctl --user restart glpi-server
podman@HOST:~/containers/quadlets/glpi$
░░ Subject: A start job for unit UNIT has finished successfully
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ A start job for unit UNIT has finished successfully.
░░
░░ The job identifier is 1579243.
Aug 15 07:43:47 HOST glpi-server[2836415]: ea4247bb8b366b1228df162ad083de08109b263f3823fbc9f0b7aa15eab8f3b1
Aug 15 07:43:47 HOST glpi-server[2836446]: Setting /var/glpi/config ACLs...
Aug 15 07:43:47 HOST glpi-server[2836446]: Setting /var/glpi/files ACLs...
Aug 15 07:43:47 HOST glpi-server[2836446]: Setting /var/glpi/files/_cache ACLs...
Aug 15 07:43:47 HOST glpi-server[2836446]: Setting /var/glpi/files/_cron ACLs...
Aug 15 07:43:47 HOST glpi-server[2836446]: Setting /var/glpi/files/_dumps ACLs...
Aug 15 07:43:47 HOST glpi-server[2836446]: Setting /var/glpi/files/_graphs ACLs...
Aug 15 07:43:47 HOST glpi-server[2836446]: Setting /var/glpi/files/_locales ACLs...
Aug 15 07:43:47 HOST glpi-server[2836446]: Setting /var/glpi/files/_lock ACLs...
Aug 15 07:43:47 HOST glpi-server[2836446]: Setting /var/glpi/files/_pictures ACLs...
Aug 15 07:43:47 HOST glpi-server[2836446]: Setting /var/glpi/files/_plugins ACLs...
Aug 15 07:43:47 HOST glpi-server[2836446]: Setting /var/glpi/files/_rss ACLs...
Aug 15 07:43:47 HOST glpi-server[2836446]: Setting /var/glpi/files/_sessions ACLs...
Aug 15 07:43:47 HOST glpi-server[2836446]: Setting /var/glpi/files/_tmp ACLs...
Aug 15 07:43:47 HOST glpi-server[2836446]: Setting /var/glpi/files/_uploads ACLs...
Aug 15 07:43:47 HOST glpi-server[2836446]: Setting /var/glpi/files/_inventories ACLs...
Aug 15 07:43:47 HOST glpi-server[2836446]: Setting /var/www/glpi/marketplace ACLs...
Aug 15 07:43:47 HOST glpi-server[2836446]: Setting /var/glpi/logs ACLs...
Aug 15 07:43:47 HOST glpi-server[2836446]: [2025-08-15 05:31:38] glpiphplog.WARNING: Test logger
Aug 15 07:43:47 HOST glpi-server[2836446]: [2025-08-15 05:32:11] glpiphplog.WARNING: Test logger
Aug 15 07:43:47 HOST glpi-server[2836446]: [2025-08-15 05:32:43] glpiphplog.WARNING: Test logger
Aug 15 07:43:47 HOST glpi-server[2836446]: [2025-08-15 05:33:15] glpiphplog.WARNING: Test logger
Aug 15 07:43:47 HOST glpi-server[2836446]: [2025-08-15 05:34:09] glpiphplog.WARNING: Test logger
Aug 15 07:43:47 HOST glpi-server[2836446]: [2025-08-15 05:34:42] glpiphplog.WARNING: Test logger
Aug 15 07:43:47 HOST glpi-server[2836446]: [2025-08-15 05:35:14] glpiphplog.WARNING: Test logger
Aug 15 07:43:47 HOST glpi-server[2836446]: [2025-08-15 05:35:49] glpiphplog.WARNING: Test logger
Aug 15 07:43:47 HOST glpi-server[2836446]: [2025-08-15 05:36:21] glpiphplog.WARNING: Test logger
Aug 15 07:43:47 HOST glpi-server[2836446]: [2025-08-15 05:36:53] glpiphplog.WARNING: Test logger
Aug 15 07:43:47 HOST glpi-server[2836446]: GLPI is installed, and auto-update is enabled. Starting update...
Aug 15 07:43:48 HOST glpi-server[2836446]: [2025-08-15 05:43:48] glpiphplog.WARNING: Test logger
Aug 15 07:43:48 HOST glpi-server[2836446]:
Aug 15 07:43:48 HOST glpi-server[2836446]:
Aug 15 07:43:48 HOST glpi-server[2836446]: ================================================================
Aug 15 07:43:48 HOST glpi-server[2836446]: Welcome to
Aug 15 07:43:48 HOST glpi-server[2836446]:
Aug 15 07:43:48 HOST glpi-server[2836446]: ██████╗ ██╗ ██████╗ ██╗
Aug 15 07:43:48 HOST glpi-server[2836446]: ██╔════╝ ██║ ██╔══██╗██║
Aug 15 07:43:48 HOST glpi-server[2836446]: ██║ ███╗██║ ██████╔╝██║
Aug 15 07:43:48 HOST glpi-server[2836446]: ██║ ██║██║ ██╔═══╝ ██║
Aug 15 07:43:48 HOST glpi-server[2836446]: ╚██████╔╝███████╗██║ ██║
Aug 15 07:43:48 HOST glpi-server[2836446]: ╚═════╝ ╚══════╝╚═╝ ╚═╝
Aug 15 07:43:48 HOST glpi-server[2836446]:
Aug 15 07:43:48 HOST glpi-server[2836446]: https://glpi-project.org
Aug 15 07:43:48 HOST glpi-server[2836446]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
Aug 15 07:43:48 HOST glpi-server[2836446]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
Aug 15 07:43:48 HOST glpi-server[2836446]: no listening sockets available, shutting down
Aug 15 07:43:48 HOST glpi-server[2836446]: AH00015: Unable to open logs
Aug 15 07:43:48 HOST podman[2836944]: 2025-08-15 07:43:48.824935387 +0200 CEST m=+0.048890439 container died ea4247bb8b366b1228df162ad083de08109b263f3823fbc9f0b7aa15eab8f3b1 (image=docker.MYDOMAIN.TLD/glpi/glpi:latest, name=glpi-server, PODMAN_SYSTEMD_UNIT=glpi-server.service, org.opencontainers.image.description=This container contains Apache/PHP and a nightly build of GLPI. It can be used to test latest features and bug fixes., [email protected]:glpi-project/docker-images, org.opencontainers.image.title=GLPI nightly build, org.opencontainers.image.url=https://github.com/glpi-project/docker-images)
Aug 15 07:43:48 HOST podman[2836944]: 2025-08-15 07:43:48.976987234 +0200 CEST m=+0.200942285 container remove ea4247bb8b366b1228df162ad083de08109b263f3823fbc9f0b7aa15eab8f3b1 (image=docker.MYDOMAIN.TLD/glpi/glpi:latest, name=glpi-server, pod_id=bcc93a7cbe778146ddd38dcf66916f90af5fa4f397210d62267fa046bb318b4c, org.opencontainers.image.title=GLPI nightly build, org.opencontainers.image.url=https://github.com/glpi-project/docker-images, PODMAN_SYSTEMD_UNIT=glpi-server.service, org.opencontainers.image.description=This container contains Apache/PHP and a nightly build of GLPI. It can be used to test latest features and bug fixes., [email protected]:glpi-project/docker-images)
Aug 15 07:43:48 HOST systemd[1127]: glpi-server.service: Main process exited, code=exited, status=1/FAILURE
░░ Subject: Unit process exited
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ An ExecStart= process belonging to unit UNIT has exited.
░░
░░ The process' exit code is 'exited' and its exit status is 1.
Aug 15 07:43:49 HOST systemd[1127]: glpi-server.service: Failed with result 'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ The unit UNIT has entered the 'failed' state with result 'exit-code'.
Aug 15 07:43:49 HOST systemd[1127]: glpi-server.service: Consumed 1.360s CPU time, 86.5M memory peak.
░░ Subject: Resources consumed by unit runtime
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ The unit UNIT completed and consumed the indicated resources.
Weird:
podman@HOST:~/containers/quadlets/glpi$ podman exec -it glpi-server /bin/bash
root@glpi:/var/www/glpi# cat /etc/apache2/sites-available/000-default.conf
<VirtualHost *:8080>
DocumentRoot /var/www/glpi/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/glpi/public>
Require all granted
RewriteEngine On
# Prevent bearer authorization token filtering
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect all requests to GLPI router, unless file exists.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php [QSA,L]
</Directory>
</VirtualHost>
What gives ????
Now I'm lost ... where is it defined that GLPI uses Port 80 Hardcoded BESIDES /etc/apache2/sites-available/000-default.conf ?
Ah ...
root@glpi:/var/www/glpi# grep -ri "80" /etc/
/etc/mime.types:audio/vnd.nuera.ecelp4800 ecelp4800
/etc/ssl/certs/ca-certificates.crt:HtiP2Ra8EEg2XPBjs5BaXCQ316PWywlxufEBcoSwfdtNgM3802/J+Nq2DoLSRYWo
/etc/ssl/certs/ca-certificates.crt:fZ5nc8OaKveri6E6FO80vFIOiZiaBECEHX5FaZNXzuvO+FB8TxxuBEOb+dY7Ixjp
/etc/ssl/certs/ca-certificates.crt:sbI6GA60XYyzZl2hNPk2LEnb80b8s0RpRBNm/dfF/a82Tc4DTQdxz69qBdKiQ1oK
/etc/ssl/certs/ca-certificates.crt:yGFOtibBTI3/TO80sh9l2Ll49a2pcbnvT1gdpd50IJeh7WhM3pIXS7yr/2WanvtH
/etc/ssl/certs/ca-certificates.crt:QTg06ov80egEFGEtQX6sx3dOy1FU+16SGBsEWmjGycT6txOgmLcRK7fWV8x8nhfR
/etc/ssl/certs/ca-certificates.crt:yCwzk5Iwx06MZTMQZBf9JBeW0Y3COmor6xOLRPIh80oat3df1+2IpHLlOR+Vnb5n
/etc/ssl/certs/ca-certificates.crt:ePb1BHxpE4S80dGnBs8B92jAqFe7OmGtBIyT46388NtEbVncSVmurJqZNjBBe3Yz
/etc/ssl/certs/ca-certificates.crt:UV+rpDKmYYe2bg+G0jACl/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LM
/etc/ssl/certs/ca-certificates.crt:5MTMI9UGfOZR0800McD2RrsLrfw9EAUqO0qRJe6M1ISHgCq8CYyqOhNf6DR5UMEQ
/etc/ssl/certs/ca-certificates.crt:K4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FG
/etc/ssl/certs/ca-certificates.crt:p6tv75/fTM8BuGJqIz3nCU2AG3swpMPdB380vqQmsvZB6Akd4yCYqjdP//fx4ilw
/etc/ssl/certs/ca-certificates.crt:uKZ3AeEPlAwhHbJUKSWJbOUOUlFHdL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXK
/etc/ssl/certs/ca-certificates.crt:77NCR807VRMGsAnb/WP2OogKmW9+4c4bU2pEZiNRCHu8W1Ki/QY3OEBhj0qWuJA3
/etc/ssl/certs/ca-certificates.crt:1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R
/etc/ssl/certs/ca-certificates.crt:MUO+1918oa2u1qsgEu8KwxCMSZY13At1XrFP1U80DhEgB3VDRemjEdqso5nCtnkn
/etc/ssl/certs/ca-certificates.crt:aFvowdlxfv1k7/9nR4hYJS8+hge9+6jlgqispdNpQ80xiEmEU5LAsTkbOYMBMMTy
/etc/ssl/certs/ca-certificates.crt:JPFI/2R80L5cFtHvma3AH/vLrrw4IgYmZNralw4/KBVEqE8AyvCazM90arQ+POuV
/etc/ssl/certs/ca-certificates.crt:ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy
/etc/ssl/certs/ca-certificates.crt:j8GsGsVn82800vpzY4zvFrCopEYq+OsS7HK07/grfoxSwIuEVPkvPuNVqNxmsdnh
/etc/ssl/certs/ca-certificates.crt:7zNKpiMdDg1H2DfHb680f0+BazVP6XKlMeJ45/dOlBhbQH3PayFUhuaVevvGyuqc
/etc/ssl/certs/ca-certificates.crt:bdsHyo+1W/CD80/HLaXIrcuVIKQxKFdYWuSNG5qrng0M8gozOSI5Cpcu81N3uURF
/etc/ssl/certs/ca-certificates.crt:gMNPOsduET/m4xaRhPtthH80dK2Jp86519efhGSSvpWhrQlTM93uCupKUY5vVau6
/etc/ssl/certs/ca-certificates.crt:xpl/j8nWZjEgQRCHLQzWwa80mMpkg/sTV9HB8Dx6jKXB/ZUhoHHBk2dxEuqPiApp
/etc/ssl/certs/ca-certificates.crt:0es+nPxdGoMuK8u180SdOqcXYZaicdNwlhVNt0xz7hlcxVs+Qf6sdWA7G2POAN3a
/etc/ssl/certs/ca-certificates.crt:WWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK+JDSV6IZUaUtl0Ha
/etc/ssl/certs/ca-certificates.crt:ra1AdHkrAj80//ogaX3T7mH1urPnMNA3I4ZyYUUpSFlob3emLoG+B01vr87ERROR
/etc/ssl/certs/ca-certificates.crt:SJ/AwSiItOkcyqex8Va3e0lMWeUgFaiEAin6OJRpmkkGj80feRQXEgyDet4fsZfu
/etc/ssl/certs/ca-certificates.crt:LvKRRFHQV80MNNVIIb/bE/FmJUNS0nAiNs2fxBx1IK1jcmMGDw4nztJqDby1ORrp
/etc/ssl/certs/ca-certificates.crt:OoAGrgYWp421wsTL/0ClXI2lyTrtcoHKXJg80jQDdwj98ClZXSEIx2C/pHF7uNke
/etc/ssl/certs/ca-certificates.crt:DQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/hOsh80QA9z+LqBrWyOrsGS2h60COX
/etc/ssl/certs/ca-certificates.crt:MIIF2jCCA8KgAwIBAgIMBfcOhtpJ80Y1LrqyMA0GCSqGSIb3DQEBCwUAMIGIMQsw
/etc/ssl/certs/ca-certificates.crt:80OzfpgZdNmcc9kYvkHHNHnZ9GLCQ7mzJ7Aiy/k9UscwR7PJPrhq4ufogXBeQotP
/etc/ssl/certs/ca-certificates.crt:eY8fTpkdso8MDhz/yV3A/ZAQprE38806JG60hZC/gLkMjNWb1sjxVj8agIl6qeIb
/etc/ssl/certs/ca-certificates.crt:MK4G9IGzsUJxlTm801Ljr6/58pc1kjZGDoeVjbk5Wum739D+yAdBPLtVb4Ojavti
/etc/ssl/certs/ca-certificates.crt:6ftjk4BAtcZsCjEozgyfz7MjNYBBjWzEN3uBL4ChQEKF6dk4jeihU80Bv2noWgby
/etc/ssl/openssl.cnf:# proxy = # set this as far as needed, e.g., http://192.168.1.1:8080
/etc/environment:PHP_SHA256=04cd331380a8683a5c2503938eb51764d48d507c53ad4208d2c82e0eed779a00
/etc/apt/trusted.gpg.d/debian-archive-bookworm-security-automatic.asc:PtIf805D4nFYk1OSN/KZ3xYr+4+FtyfQ5Gj0blSPhsq7fJzoSDA2wTlx4Q6x7abS
/etc/apt/trusted.gpg.d/debian-archive-bookworm-security-automatic.asc:6rSiKRNxqVbEi5A3+chJ7h0yHoCGYJdi8ciVEvwdbgduQaBrmdIR+Gt180KBWwQl
/etc/apt/trusted.gpg.d/debian-archive-bookworm-security-automatic.asc:l3oTWM/I68hJCmSxd0kExDEN52fdGhx+42zsWlMdRwE4/+GL3lrqhUzpX/806Iib
/etc/apt/trusted.gpg.d/debian-archive-trixie-automatic.asc:JyuEt4RKcxCBbIYm2qwCwtJUAix80qC+K2kExZKC4b+bkqqgul5+Waiaq6eqwATg
/etc/apt/trusted.gpg.d/debian-archive-trixie-automatic.asc:ivrfXV4HEGUcE41BPviGLFxq80iB2vlKZv9/RdGeEOO787H8VVTwYOxVT4DtQ3Ih
/etc/apt/trusted.gpg.d/debian-archive-bullseye-security-automatic.asc:qntw2c2epN4w/H8VZYlv80KBEHx7vaneoVMxQkYDTNA2pJJJvWO1fKnIlpPMu4HW
/etc/apt/trusted.gpg.d/debian-archive-bullseye-security-automatic.asc:80DWge8oMRHQMBr+TnFgGV18HmjYcq14LhchnhYC1eE0IokCTgQfAQoAOBYhBKxT
/etc/apt/trusted.gpg.d/debian-archive-bullseye-stable.asc:vU3YGahEgWWY80xCRarm8RVYgfU4LZfm6D4o1ZO3B2UmK6+TgkTjYWzC/yMrcbK4
/etc/apt/trusted.gpg.d/debian-archive-bookworm-automatic.asc:J7yW9Qhz+ljJnBKkYTjG5OLjsInB80cNFOkZMjsj9gQgAagSwqll/IIXry0zKF/Z
/etc/apt/trusted.gpg.d/debian-archive-bookworm-automatic.asc:H5Uf4V3i7zIhlVKKhV+Ktr5ojuj805U1tocrH68bBn4weLDfPzGp4rZ5aMoKqK+n
/etc/apt/trusted.gpg.d/debian-archive-trixie-security-automatic.asc:PFnEhkp6807NrBcrKdI6RZ9/h8ikxMuzJ9+6nsU2mwZZq4v72kqrOaY5CLaej8bb
/etc/apt/trusted.gpg.d/debian-archive-bullseye-automatic.asc:9jbJyVpEjyUwWHa/DbAWAOLYkuPjujFH80r439kKYvcbwNcA6I3P8nvdYIkgpxT6
/etc/apache2/magic:1080 string M.K. audio/x-mod
/etc/apache2/magic:1080 string M!K! audio/x-mod
/etc/apache2/magic:1080 string FLT4 audio/x-mod
/etc/apache2/magic:1080 string FLT8 audio/x-mod
/etc/apache2/magic:1080 string 4CHN audio/x-mod
/etc/apache2/magic:1080 string 6CHN audio/x-mod
/etc/apache2/magic:1080 string 8CHN audio/x-mod
/etc/apache2/magic:1080 string CD81 audio/x-mod
/etc/apache2/magic:1080 string OKTA audio/x-mod
/etc/apache2/magic:#>1080 string >/0 %.2s-channel Fasttracker "oktalyzer" module sound data
/etc/apache2/magic:1080 string 16CN audio/x-mod
/etc/apache2/magic:1080 string 32CN audio/x-mod
/etc/apache2/magic:0 lelong&0x8080ffff 0x0000081a application/x-arc lzw
/etc/apache2/magic:0 lelong&0x8080ffff 0x0000091a application/x-arc squashed
/etc/apache2/magic:0 lelong&0x8080ffff 0x0000021a application/x-arc uncompressed
/etc/apache2/magic:0 lelong&0x8080ffff 0x0000031a application/x-arc packed
/etc/apache2/magic:0 lelong&0x8080ffff 0x0000041a application/x-arc squeezed
/etc/apache2/magic:0 lelong&0x8080ffff 0x0000061a application/x-arc crunched
/etc/apache2/magic:2080 string Microsoft\ Excel\ 5.0\ Worksheet application/excel
/etc/apache2/magic:2080 string Microsoft\ Word\ 6.0\ Document application/msword
/etc/apache2/magic:2080 string Documento\ Microsoft\ Word\ 6 application/msword
/etc/apache2/magic:0 lelong&0x8080ffff 0x0000081a application/x-arc
/etc/apache2/magic:0 lelong&0x8080ffff 0x0000091a application/x-arc
/etc/apache2/magic:0 lelong&0x8080ffff 0x0000021a application/x-arc
/etc/apache2/magic:0 lelong&0x8080ffff 0x0000031a application/x-arc
/etc/apache2/magic:0 lelong&0x8080ffff 0x0000041a application/x-arc
/etc/apache2/magic:0 lelong&0x8080ffff 0x0000061a application/x-arc
/etc/apache2/magic:# 0x9445366139FA (V 3.80)
/etc/apache2/ports.conf:Listen 80
/etc/apache2/sites-available/000-default.conf:<VirtualHost *:8080>
/etc/security/group.conf:#xsh; tty* ;sword;!Wk0900-1800;sound, play
/etc/security/group.conf:#xsh; tty* ;*;Al0900-1800;floppy
/etc/security/pam_env.conf:#LESS DEFAULT="M q e h15 z23 b80"
/etc/cron.daily/apt-compat: RandomSleep=1800
/etc/login.defs:# See #290803 and #298773 for details about how this could become a security
A bit of a Mess, but you can see one that stands out /etc/apache2/ports.conf:
root@glpi:/var/www/glpi# cat /etc/apache2/ports.conf
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf
Listen 80
<IfModule ssl_module>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
OK so let's create an Extra Entry in glpi-server.container:
Volume=/home/podman/containers/config/glpi/application/apache2/ports.conf:/etc/apache2/ports.conf:ro,z
Create the File /home/podman/containers/config/glpi/application/apache2/ports.conf:
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf
Listen 8080
<IfModule ssl_module>
Listen 8443
</IfModule>
<IfModule mod_gnutls.c>
Listen 8443
</IfModule>
Let's try once more:
podman@HOST:~/containers/quadlets/glpi$ systemctl --user daemon-reload
podman@HOST:~/containers/quadlets/glpi$ systemctl --user stop glpi-server
podman@HOST:~/containers/quadlets/glpi$ systemctl --user restart glpi-server
podman@HOST:~/containers/quadlets/glpi$ journalctl --user -xeu glpi-server
░░ A start job for unit UNIT has begun execution.
░░
░░ The job identifier is 1603578.
Aug 15 08:05:11 HOST podman[2878154]: 2025-08-15 08:05:11.380675449 +0200 CEST m=+0.062302375 image pull 91f7c9fb80a57855622c45b34b7c74b032b31c299189fe6b46eed62b4163c43d glpi/glpi:latest
Aug 15 08:05:11 HOST podman[2878154]: 2025-08-15 08:05:11.502231251 +0200 CEST m=+0.183858160 container create 987588260c3a79ef9b7f5a8cf2777d628440b19ea226dfe75a67ed5f26e78a89 (image=docker.MYDOMAIN.TLD/glpi/glpi:latest, name=glpi-server, pod>
Aug 15 08:05:11 HOST podman[2878154]: 2025-08-15 08:05:11.597147109 +0200 CEST m=+0.278774024 container init 987588260c3a79ef9b7f5a8cf2777d628440b19ea226dfe75a67ed5f26e78a89 (image=docker.MYDOMAIN.TLD/glpi/glpi:latest, name=glpi-server, pod_i>
Aug 15 08:05:11 HOST systemd[1127]: Started glpi-server.service - GLPI Server Container.
░░ Subject: A start job for unit UNIT has finished successfully
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ A start job for unit UNIT has finished successfully.
░░
░░ The job identifier is 1603578.
Aug 15 08:05:11 HOST podman[2878154]: 2025-08-15 08:05:11.603640978 +0200 CEST m=+0.285267911 container start 987588260c3a79ef9b7f5a8cf2777d628440b19ea226dfe75a67ed5f26e78a89 (image=docker.MYDOMAIN.TLD/glpi/glpi:latest, name=glpi-server, pod_>
Aug 15 08:05:11 HOST glpi-server[2878216]: Setting /var/glpi/config ACLs...
Aug 15 08:05:11 HOST glpi-server[2878216]: Setting /var/glpi/files ACLs...
Aug 15 08:05:11 HOST glpi-server[2878216]: Setting /var/glpi/files/_cache ACLs...
Aug 15 08:05:11 HOST glpi-server[2878216]: Setting /var/glpi/files/_cron ACLs...
Aug 15 08:05:11 HOST glpi-server[2878216]: Setting /var/glpi/files/_dumps ACLs...
Aug 15 08:05:11 HOST glpi-server[2878216]: Setting /var/glpi/files/_graphs ACLs...
Aug 15 08:05:11 HOST glpi-server[2878216]: Setting /var/glpi/files/_locales ACLs...
Aug 15 08:05:11 HOST glpi-server[2878216]: Setting /var/glpi/files/_lock ACLs...
Aug 15 08:05:11 HOST glpi-server[2878216]: Setting /var/glpi/files/_pictures ACLs...
Aug 15 08:05:11 HOST glpi-server[2878216]: Setting /var/glpi/files/_plugins ACLs...
Aug 15 08:05:11 HOST glpi-server[2878216]: Setting /var/glpi/files/_rss ACLs...
Aug 15 08:05:11 HOST glpi-server[2878216]: Setting /var/glpi/files/_sessions ACLs...
Aug 15 08:05:11 HOST glpi-server[2878154]: 987588260c3a79ef9b7f5a8cf2777d628440b19ea226dfe75a67ed5f26e78a89
Aug 15 08:05:12 HOST glpi-server[2878216]: Setting /var/glpi/files/_tmp ACLs...
Aug 15 08:05:12 HOST glpi-server[2878216]: Setting /var/glpi/files/_uploads ACLs...
Aug 15 08:05:12 HOST glpi-server[2878216]: Setting /var/glpi/files/_inventories ACLs...
Aug 15 08:05:12 HOST glpi-server[2878216]: Setting /var/www/glpi/marketplace ACLs...
Aug 15 08:05:12 HOST glpi-server[2878216]: Setting /var/glpi/logs ACLs...
Aug 15 08:05:12 HOST glpi-server[2878216]: [2025-08-15 05:34:09] glpiphplog.WARNING: Test logger
Aug 15 08:05:12 HOST glpi-server[2878216]: [2025-08-15 05:34:42] glpiphplog.WARNING: Test logger
Aug 15 08:05:12 HOST glpi-server[2878216]: [2025-08-15 05:35:14] glpiphplog.WARNING: Test logger
Aug 15 08:05:12 HOST glpi-server[2878216]: [2025-08-15 05:35:49] glpiphplog.WARNING: Test logger
Aug 15 08:05:12 HOST glpi-server[2878216]: [2025-08-15 05:36:21] glpiphplog.WARNING: Test logger
Aug 15 08:05:12 HOST glpi-server[2878216]: [2025-08-15 05:36:53] glpiphplog.WARNING: Test logger
Aug 15 08:05:12 HOST glpi-server[2878216]: [2025-08-15 05:43:48] glpiphplog.WARNING: Test logger
Aug 15 08:05:12 HOST glpi-server[2878216]: [2025-08-15 05:44:20] glpiphplog.WARNING: Test logger
Aug 15 08:05:12 HOST glpi-server[2878216]: [2025-08-15 06:01:55] glpiphplog.WARNING: Test logger
Aug 15 08:05:12 HOST glpi-server[2878216]: [2025-08-15 06:02:27] glpiphplog.WARNING: Test logger
Aug 15 08:05:12 HOST glpi-server[2878216]: GLPI is installed, and auto-update is enabled. Starting update...
Aug 15 08:05:12 HOST glpi-server[2878216]: [2025-08-15 06:05:12] glpiphplog.WARNING: Test logger
Aug 15 08:05:12 HOST glpi-server[2878216]:
Aug 15 08:05:12 HOST glpi-server[2878216]:
Aug 15 08:05:12 HOST glpi-server[2878216]: ================================================================
Aug 15 08:05:12 HOST glpi-server[2878216]: Welcome to
Aug 15 08:05:12 HOST glpi-server[2878216]:
Aug 15 08:05:12 HOST glpi-server[2878216]: ██████╗ ██╗ ██████╗ ██╗
Aug 15 08:05:12 HOST glpi-server[2878216]: ██╔════╝ ██║ ██╔══██╗██║
Aug 15 08:05:12 HOST glpi-server[2878216]: ██║ ███╗██║ ██████╔╝██║
Aug 15 08:05:12 HOST glpi-server[2878216]: ██║ ██║██║ ██╔═══╝ ██║
Aug 15 08:05:12 HOST glpi-server[2878216]: ╚██████╔╝███████╗██║ ██║
Aug 15 08:05:12 HOST glpi-server[2878216]: ╚═════╝ ╚══════╝╚═╝ ╚═╝
Aug 15 08:05:12 HOST glpi-server[2878216]:
Aug 15 08:05:12 HOST glpi-server[2878216]: https://glpi-project.org
Aug 15 08:05:13 HOST glpi-server[2878216]: [Fri Aug 15 06:05:13.003780 2025] [mpm_prefork:notice] [pid 355:tid 355] AH00163: Apache/2.4.62 (Debian) configured -- resuming normal operations
Aug 15 08:05:13 HOST glpi-server[2878216]: [Fri Aug 15 06:05:13.003901 2025] [core:notice] [pid 355:tid 355] AH00094: Command line: 'apache2 -D FOREGROUND'
And I can login as User glpi and Password glpi:
Conclusions
But really, this is FAR from User Friendly.
Granted it's not only GLPI's Fault, as MariaDB GRANT Commands and localhost behaving different than 127.0.0.1 (or :: I guess) is not in the Project Scope.
However the Install Script should at the very Least:
- Create the required Folders
- Use the Passwords the Way they are configured as Environment Variables, which is according to the Documentation. I don't understand why I needed to manually run the
php bin/console db:configure --reconfigure --db-host=glpi-mariadb --db-name=glpi --db-user=glpi --db-password=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXCommand - Allow the possibility to use Custom Ports or use a different Port by Default. Port 8080 (HTTP) and 8443 (HTTPs, i.e. SSL/TLS) are pretty standard when it comes to Docker Containers, since most people have a Reverse Proxy (Caddy/Traefik/Nginx/Nginx Proxy Manager/...) sitting in front of all Applications. Alternatively, document that
/etc/apache2/sites-available/000-default.confAND/etc/apache2/ports.confneed to be overridden by a Bind Mount - Better Document the
GRANTCommand on MariaDB Side to enable Timezone Support - Anything else I might have forgotten but described using the Snippets/Logs above
I think I lost around 3 Hours just like this. It should work better out of the Box.
Granted some Users are more Technical than me and might have found the Solution faster.
However I didn't use MySQL/MariaDB for the last 10 Years or so (only been using PostgreSQL with Docker Containers), so a lot of the MySQL/MariaDB Issues was not know to me.
However, on GLPI End, I would expect better Documentation and better install Scripts that create Folders.
Hello
Without judging anything, it seems a lot of your issues are from the way your podman container's files are writen. (I may be wrong, and would be happy to discuss enhancements)
Create the required Folders
it does, but I suppose when you changed the entry point to do a manual check, the scripts were not executed anymore. See the scripts launched in entrypoint:
- https://github.com/glpi-project/docker-images/blob/main/glpi/files/opt/glpi/entrypoint.sh#L4
- https://github.com/glpi-project/docker-images/blob/main/glpi/files/opt/glpi/entrypoint/init-volumes-directories.sh
Use the Passwords the Way they are configured as Environment Variables
it's already the case, see: https://github.com/glpi-project/docker-images/blob/main/glpi/files/opt/glpi/startup/install.sh#L46 This part is normally executed by startup.sh here:
- https://github.com/glpi-project/docker-images/blob/main/glpi/Dockerfile#L168
- https://github.com/glpi-project/docker-images/blob/main/glpi/files/opt/glpi/startup.sh#L4
But checking your logs, I found this line:
Aug 15 06:58:53 HOST glpi-server[2730952]: /opt/glpi/startup/install.sh: line 47: [: -eq: unary operator expected
So the script seems executed but an error happened, and I suspect it's related to missing env variables
In provided docker-compose example file, I need to force the env file to be available to the image, otherwise it doesn't work.
So in your case, I think it's the same issues, env are not passed to the image.
Allow the possibility to use Custom Ports or use a different Port by Default
This one is particular, because usually with docker-compose, you expose the internal port on what you want externally.
We use php:apache as base image and it's their configuration. In the standard usage (aka docker-compose) it's not an issue.
In your case, I guess pushing another conf for Apache or sed existing conf file could do the way.
Maybe official php images provides an env var, but AFAIK there's none.
Better Document the GRANT Command on MariaDB Side to enable Timezone Support
It's noted in the README, and on docker hub (replicated) -> https://github.com/glpi-project/docker-images/tree/main?tab=readme-ov-file#timezones-support
--
A last topic on my side, could you explain why adding another web server, caddy, in front of the provided apache server ? I may miss something, but I don't get the pro of that
Hi @orthagh,
Thank you for your Reply 👍.
Without judging anything, it seems a lot of your issues are from the way your podman container's files are writen. (I may be wrong, and would be happy to discuss enhancements)
Why do you say that ?
Do you mean Podman's Quadlets (.container) Configuration Files or rather the Files written by the Container to Disk (to the Volume Bind Mounts) ?
About Quadlets, that's merely a conversion from a compose.yml Format (used by docker compose and, with many Issues, also podman-compose). You can use podlet to do some/most of the Conversion for you 😉.
About Bind Mounts, it's true that Permission Issues can arise when running podman as rootless User AND the User inside the container is NOT root.
That's why usually I run podman containers with User=root which, since running rootless, translates to using my non-root User when writing Files to Disk, thus avoiding these Permission Issues. Files written to Disk are, unless Container behaves "weirdly" (some Containers do !), will be owned by podman:podman (my non-root User).
Create the required Folders
it does, but I suppose when you changed the entry point to do a manual check, the scripts were not executed anymore.
Sure, they weren't executed anymore, but that's should ONLY when I was doing the manual check.
They should execute BEFORE AND AFTER the Manual Check, but apparently they didn't.
This could be an Issue with Podman Rootless, not sure: https://github.com/glpi-project/docker-images/blob/main/glpi/files/opt/glpi/entrypoint/init-volumes-directories.sh#L33
A peak inside the currently running Container, after all the Manual Fixes I did, not sure if it can provide some useful Information:
root@glpi:/var/www/glpi# ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 3936 1880 ? Ss Aug15 0:00 /bin/bash /opt/glpi/startup.sh
root 331 0.0 0.0 2528 1212 ? S Aug15 0:00 tail -F /var/glpi/logs/event.log
root 332 0.0 0.0 2528 1252 ? S Aug15 0:00 tail -F /var/glpi/logs/cron.log
root 333 0.0 0.0 2528 1160 ? S Aug15 0:00 tail -F /var/glpi/logs/mail.log
root 334 0.0 0.0 2528 1220 ? S Aug15 0:00 tail -F /var/glpi/logs/php-errors.log
root 335 0.0 0.0 2528 1220 ? S Aug15 0:00 tail -F /var/glpi/logs/sql-errors.log
root 336 0.0 0.0 2528 1168 ? S Aug15 0:00 tail -F /var/glpi/logs/mail-errors.log
root 337 0.0 0.0 2528 1220 ? S Aug15 0:00 tail -F /var/glpi/logs/access-errors.log
root 340 0.0 0.0 2528 1316 ? S Aug15 0:13 tail -F /var/log/cron-output.log
root 341 0.0 0.0 2528 1232 ? S Aug15 0:13 tail -F /var/log/cron-errors.log
root 352 0.0 0.0 3936 1692 ? S Aug15 0:00 /bin/bash /opt/glpi/startup/start.sh
root 354 0.0 0.0 3612 1844 ? Ss Aug15 0:02 cron
root 355 0.0 0.1 263652 18356 ? S Aug15 0:08 apache2 -DFOREGROUND
www-data 366 0.0 0.0 264664 11200 ? S Aug15 0:00 apache2 -DFOREGROUND
www-data 368 0.0 0.0 264448 10996 ? S Aug15 0:00 apache2 -DFOREGROUND
www-data 369 0.0 0.0 264440 10960 ? S Aug15 0:00 apache2 -DFOREGROUND
www-data 370 0.0 0.0 264400 10948 ? S Aug15 0:00 apache2 -DFOREGROUND
www-data 376 0.0 0.0 265408 12080 ? S Aug15 0:00 apache2 -DFOREGROUND
www-data 380 0.0 0.0 264432 10920 ? S Aug15 0:00 apache2 -DFOREGROUND
www-data 381 0.0 0.0 264400 10924 ? S Aug15 0:00 apache2 -DFOREGROUND
www-data 388 0.0 0.0 264448 10960 ? S Aug15 0:00 apache2 -DFOREGROUND
www-data 402 0.0 0.0 264444 10920 ? S Aug15 0:00 apache2 -DFOREGROUND
www-data 403 0.0 0.0 265344 11884 ? S Aug15 0:00 apache2 -DFOREGROUND
root 20012 0.0 0.0 4200 3496 pts/0 Ss 13:26 0:00 /bin/bash
root 20016 0.0 0.0 8100 4224 pts/0 R+ 13:26 0:00 ps aux
As well as Files Permissions from inside the Container:
root@glpi:/var/www/glpi# ls -l /var/www/glpi/
total 364
-rw-r--r--. 1 www-data www-data 46329 Jul 16 08:54 CHANGELOG.md
-rw-r--r--. 1 www-data www-data 2060 Jul 16 08:54 CONTRIBUTING.md
-rw-r--r--. 1 www-data www-data 682 Jul 16 08:54 INSTALL.md
-rw-r--r--. 1 www-data www-data 35148 Jul 16 08:54 LICENSE
-rw-r--r--. 1 www-data www-data 6255 Jul 16 08:54 Makefile
-rw-r--r--. 1 www-data www-data 8705 Jul 16 08:54 README.md
-rw-r--r--. 1 www-data www-data 1308 Jul 16 08:54 SECURITY.md
-rw-r--r--. 1 www-data www-data 481 Jul 16 08:54 SUPPORT.md
drwxr-xr-x. 2 www-data www-data 4096 Jul 16 08:54 ajax
-rw-r--r--. 1 www-data www-data 64195 Jul 16 08:54 apirest.md
-rw-r--r--. 1 www-data www-data 1594 Jul 16 08:54 apirest.php
-rw-r--r--. 1 www-data www-data 1561 Jul 16 08:54 apixmlrpc.php
drwxr-xr-x. 2 www-data www-data 4096 Jul 16 08:54 bin
-rw-r--r--. 1 www-data www-data 1460 Jul 16 08:54 caldav.php
drwxr-xr-x. 2 www-data www-data 4096 Jul 16 08:54 config
drwxr-xr-x. 7 www-data www-data 4096 Aug 7 09:20 css
drwxr-xr-x. 2 www-data www-data 4096 Aug 7 09:23 css_compiled
drwxr-xr-x. 16 www-data www-data 4096 Jul 16 08:54 files
drwxr-xr-x. 4 www-data www-data 36864 Jul 16 08:54 front
drwxr-xr-x. 2 www-data www-data 4096 Jul 16 08:54 inc
-rw-r--r--. 1 www-data www-data 6371 Jul 16 08:54 index.php
drwxr-xr-x. 4 www-data www-data 4096 Jul 16 08:54 install
drwxr-xr-x. 5 www-data www-data 4096 Aug 7 09:20 js
drwxr-xr-x. 4 www-data www-data 4096 Jul 16 08:54 lib
drwxr-xr-x. 2 www-data www-data 4096 Aug 7 09:23 locales
drwxr-xr-x. 2 www-data www-data 4096 Aug 7 09:23 marketplace
drwxr-xr-x. 10 www-data www-data 4096 Jul 16 08:54 pics
drwxr-xr-x. 2 www-data www-data 4096 Aug 7 09:23 plugins
drwxr-xr-x. 3 www-data www-data 4096 Aug 7 09:20 public
drwxr-xr-x. 3 www-data www-data 4096 Jul 16 08:54 resources
drwxr-xr-x. 2 www-data www-data 4096 Jul 16 08:54 sound
drwxr-xr-x. 25 www-data www-data 36864 Jul 16 08:54 src
-rw-r--r--. 1 www-data www-data 2476 Jul 16 08:54 status.php
drwxr-xr-x. 8 www-data www-data 4096 Jul 16 08:54 templates
drwxr-xr-x. 38 www-data www-data 4096 Aug 7 09:23 vendor
drwxr-xr-x. 2 www-data www-data 4096 Jul 16 08:54 version
root@glpi:/var/www/glpi# ls -l /var/glpi/
total 12
drwxr-xr-x. 2 www-data www-data 4096 Aug 15 04:49 config
drwxr-xr-x. 15 www-data www-data 4096 Aug 15 06:05 files
drwxr-xr-x. 2 www-data www-data 4096 Aug 15 04:58 logs
root@glpi:/var/www/glpi# ls -l /var/glpi/config/
total 8
-rw-r--r--. 1 www-data www-data 392 Aug 15 04:57 config_db.php
-rw-r--r--. 1 www-data www-data 32 Aug 15 04:49 glpicrypt.key
root@glpi:/var/www/glpi# ls -l /var/glpi/files
total 144
drwxr-xr-x. 6 www-data www-data 4096 Aug 15 06:06 _cache
drwxr-xr-x. 2 www-data www-data 4096 Aug 15 06:05 _cron
drwxr-xr-x. 2 www-data www-data 4096 Aug 15 06:05 _dumps
drwxr-xr-x. 2 www-data www-data 4096 Aug 15 06:05 _graphs
drwxr-xr-x. 2 www-data www-data 4096 Aug 15 04:58 _inventories
drwxr-xr-x. 2 www-data www-data 4096 Aug 15 04:58 _locales
drwxr-xr-x. 2 www-data www-data 4096 Aug 15 06:05 _lock
drwxr-xr-x. 2 www-data www-data 4096 Aug 15 06:05 _pictures
drwxr-xr-x. 2 www-data www-data 4096 Aug 15 06:05 _plugins
drwxr-xr-x. 2 www-data www-data 4096 Aug 15 06:05 _rss
drwxr-xr-x. 2 www-data www-data 94208 Aug 18 13:28 _sessions
drwxr-xr-x. 2 www-data www-data 4096 Aug 15 06:05 _tmp
drwxr-xr-x. 2 www-data www-data 4096 Aug 15 06:05 _uploads
root@glpi:/var/www/glpi# ls -l /var/glpi/logs
total 324
-rw-r--r--. 1 www-data www-data 0 Aug 15 04:58 access-errors.log
-rw-r--r--. 1 www-data www-data 285263 Aug 18 13:28 cron.log
-rw-r--r--. 1 www-data www-data 200 Aug 15 06:07 event.log
-rw-r--r--. 1 www-data www-data 0 Aug 15 04:58 mail-errors.log
-rw-r--r--. 1 www-data www-data 0 Aug 15 04:58 mail.log
-rw-r--r--. 1 www-data www-data 33556 Aug 15 06:05 php-errors.log
-rw-r--r--. 1 www-data www-data 0 Aug 15 04:58 sql-errors.log
See the scripts launched in entrypoint:
* https://github.com/glpi-project/docker-images/blob/main/glpi/files/opt/glpi/entrypoint.sh#L4 * https://github.com/glpi-project/docker-images/blob/main/glpi/files/opt/glpi/entrypoint/init-volumes-directories.sh
Yeah, it should work, but clearly it did not. I'm also not sure why ...
Use the Passwords the Way they are configured as Environment Variables
it's already the case, see: https://github.com/glpi-project/docker-images/blob/main/glpi/files/opt/glpi/startup/install.sh#L46 This part is normally executed by startup.sh here:
* https://github.com/glpi-project/docker-images/blob/main/glpi/Dockerfile#L168 * https://github.com/glpi-project/docker-images/blob/main/glpi/files/opt/glpi/startup.sh#L4But checking your logs, I found this line:
Aug 15 06:58:53 HOST glpi-server[2730952]: /opt/glpi/startup/install.sh: line 47: [: -eq: unary operator expectedSo the script seems executed but an error happened, and I suspect it's related to missing env variables In provided docker-compose example file, I need to force the env file to be available to the image, otherwise it doesn't work.
So in your case, I think it's the same issues, env are not passed to the image.
Not really, that's what this Line does in glpi-server.container:
EnvironmentFile=.env.server
With .env.server containing:
GLPI_DB_HOST=glpi-mariadb
GLPI_DB_PORT=3306
GLPI_DB_NAME=glpi
GLPI_DB_USER=glpi
GLPI_DB_PASSWORD=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
So it's possible it's missing some Variables or that there is a Typo somewhere, but then which Variable is not defined ? Or is it complaining about mysql Command possibly not being found because this is the mariadb Docker Image thus mariadb shall be used instead ?
Although both seem to exist inside the container:
root@glpi:/var/www/glpi# which mariadb
/usr/bin/mariadb
root@glpi:/var/www/glpi# which mysql
/usr/bin/mysql
root@glpi:/var/www/glpi# ls -l /usr/bin/mysql
lrwxrwxrwx. 1 root root 7 Feb 19 00:56 /usr/bin/mysql -> mariadb
root@glpi:/var/www/glpi# ls -l /usr/bin/mariadb
-rwxr-xr-x. 1 root root 5308576 Feb 19 00:56 /usr/bin/mariadb
Allow the possibility to use Custom Ports or use a different Port by Default
This one is particular, because usually with docker-compose, you expose the internal port on what you want externally. We use
php:apacheas base image and it's their configuration. In the standard usage (aka docker-compose) it's not an issue. In your case, I guess pushing another conf for Apache or sed existing conf file could do the way. Maybe official php images provides an env var, but AFAIK there's none.
That's the Way it usually works, yeah. But clearly there is a Limitation where you cannot bind 2 Ports to the same IP Address.
Since I use a Reverse Proxy is usually what I put in front of everything, mainly for providing TLS via Letsencrypt Certificates, it IS a Problem if Port 80 or 443 is already being used.
To be clear: in Podman, all Containers within the same Pod (think of it as Network Namespace), share the same Network. Therefore 2 Containers CANNOT bind to the same Port.
Better Document the GRANT Command on MariaDB Side to enable Timezone Support
It's noted in the README, and on docker hub (replicated) -> https://github.com/glpi-project/docker-images/tree/main?tab=readme-ov-file#timezones-support
I couldn't find it at https://glpi-install.readthedocs.io/en/latest/timezones.html#grant-access
Not sure if it's this Project or if it was another Initiative maybe ? Weird that was IIRC the 1st Result on Google.
The FLUSH PRIVILEGES was missing there at least ...
--
A last topic on my side, could you explain why adding another web server, caddy, in front of the provided apache server ? I may miss something, but I don't get the pro of that
I always put a Reverse Proxy in front of everything, mainly for providing TLS via Letsencrypt Certificates. It also standardizes my Configuration.
Otherwise I need to either make a "Hack" to let the Container's Web Server use the TLS Certificates, or (such in this Case) a "Hack" to force the Container to use a Custom Port to NOT conflict with the Reverse Proxy (Caddy/Traefik).
It could also be advantageous for instance to leverage a Reverse Proxy Plugin and put crowdsec or other Stuff (I couldn't get Crowdsec to work with Traefik but that's another Topic) in front of the actual Application.
I checked a bit podman quadlets, as I just discovered them. Some very naive suggestions maybe:
- could you use
PublishPortdirective to correctly map the glpi apache port to something else ? This is a staple and I would found strange that no equivalent mechanism of port mapping from compose exists in podman/quadlets . - you may check inside GLPI container the env variable are correctly defined (
eco $GLPI_DB_HOSTfor example). It will help us to find where the error lies in the command l47
About timezone, I'm currently discussing and check if we could remove the whole requirement of the Grant. This could ease all GLPI installation, not only containers based .
About directories init, I'll think about making a better process.
@orthagh: the PublishPort Directive is for mapping the Port on the Host to the Port inside the Container.
However, the issue is NOT about the External Port (outside of the Container) or the Mapping: the Issue is the Port INSIDE of the Pod/Container (i.e. that Apache is listening on).
That's what's causing the Issue (2 Containers within the same Pod cannot bind the same Port to the same IP Address, and Apache is conflicting with Caddy on Port 80):
Aug 15 07:43:48 HOST glpi-server[2836446]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
Aug 15 07:43:48 HOST glpi-server[2836446]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
In short: PublishPort (or Docker Compose ports Section for that Matter, it's the same Concept & Issue anyways) will ONLY change the Port on the Host Side. It will NOT change the Port INSIDE the Container. For that, typically Environment Variables (e.g. APP_LISTEN_PORT or similar) or Configuration Files (YAML, JSON, INI, etc) are used which are read by the Application being used or by the Entrypoint Wrapper.
Not sure why I forgot to post glpi.pod, but here it is:
[Pod]
PodName=glpi
# Ports
PublishPort=[2XXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:1234]:80:80/tcp
PublishPort=[2XXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:1234]:443:443/tcp
PublishPort=[2XXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:1234]:443:443/udp
# Network Mode
#Network=pasta:--ipv6-only
Network=pasta
[Install]
WantedBy=default.target
Those are the Settings I typically use for Caddy.
You could say Caddy could in Theory use Port 8080 and 8443 instead INSIDE of the Pod, however I think that will probably get "twisted" in how to configure the reverse_proxy Directive, since it's all essentially on the same IP Address (Pod).
This is my normal "Path" for Caddy paired with an Application:
Host Port 80 (Host) -> Container Port 80 (Caddy) -> Redirect to Host Port 443 (Host) -> Container Port 443 (Caddy) -> Reverse Proxy to Port 8080 (GLPI)
Host Port 443 (Host) -> Container Port 443 (Caddy) -> Reverse Proxy to Port 8080 (GLPI)
However, if now you would like to have Caddy listening on Port 8080 and 8443 INSIDE the Pod, I expect some Problems, particularly infinite redirect Loops:
Host Port 80 (Host) -> Container Port 8080 (Caddy) -> Redirect to Host Port 443 (Host) -> Container Port 8443 (Caddy) -> Reverse Proxy to Port 80 (Host OR GLPI ????)
Host Port 443 (Host) -> Container Port 8443 (Caddy) -> Reverse Proxy to Port 80 (Host OR GLPI ????)
About the Environment Variables, this is what I see inside the Container when it's running normally (GLPI_DB_PASSWORD, GPG_KEYS and PHP_SHA256 redacted):
envroot@glpi:/var/www/glpi# env
GLPI_INSTALL_MODE=DOCKER
PHP_VERSION=8.4.11
APACHE_CONFDIR=/etc/apache2
PHP_INI_DIR=/usr/local/etc/php
GLPI_SKIP_AUTOINSTALL=false
GPG_KEYS=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
GLPI_LOG_DIR=/var/glpi/logs
PHP_LDFLAGS=-Wl,-O1 -pie
GLPI_VAR_DIR=/var/glpi/files
PWD=/var/www/glpi
GLPI_DB_USER=glpi
GLPI_MARKETPLACE_DIR=/var/www/glpi/marketplace
container=podman
GLPI_DB_HOST=glpi-mariadb
HOME=/root
TIMEZONE=Europe/Copenhagen
PHP_SHA256=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
PHPIZE_DEPS=autoconf dpkg-dev file g++ gcc libc-dev make pkg-config re2c
TERM=xterm
PHP_URL=https://www.php.net/distributions/php-8.4.11.tar.xz
SHLVL=1
PHP_CFLAGS=-fstack-protector-strong -fpic -fpie -O2 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64
GLPI_SKIP_AUTOUPDATE=false
GLPI_DB_PASSWORD=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
APACHE_ENVVARS=/etc/apache2/envvars
GLPI_DB_NAME=glpi
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
GLPI_DB_PORT=3306
PHP_ASC_URL=https://www.php.net/distributions/php-8.4.11.tar.xz.asc
PHP_CPPFLAGS=-fstack-protector-strong -fpic -fpie -O2 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64
GLPI_CONFIG_DIR=/var/glpi/config
_=/usr/bin/env
The grant requirement related to timezones will be removed in GLPI 10.0.20, see https://github.com/glpi-project/glpi/pull/20797.
