docker-mailman icon indicating copy to clipboard operation
docker-mailman copied to clipboard

Published 20 hours ago verified publisher icon maxking

HTTP(S)_PROXY os environment variable not used

Open jkaberg opened this issue 6 years ago • 5 comments

When running the mailman-core container the mailman app doesn't honor the HTTP(S)_PROXY os variables which results in mailman not beeing able to download the https://publicsuffix.org/list/public_suffix_list.dat file.

I've tried exposing the variables using docker-compose like so

version: '2'

services:
  mailman-core:
    image: maxking/mailman-core:0.1
    container_name: mailman-core
    hostname: mailman-core
    volumes:
    - /opt/mailman/core:/opt/mailman/
    stop_grace_period: 30s
    links:
    - database:database
    depends_on:
    - database
    environment:
    - HTTP_PROXY=http://<proxy>:<port>
    - HTTPS_PROXY=http://<proxy>:<port>
    - DATABASE_URL=postgres://mailman:mailmanpass@database/mailmandb
    - DATABASE_TYPE=postgres
    - DATABASE_CLASS=mailman.database.postgresql.PostgreSQLDatabase
    - HYPERKITTY_API_KEY=someapikey
    networks:
      mailman:
        ipv4_address: 172.19.199.2
...

And then using docker exec -it mailman-core bash I first tried echo $HTTP(S)_PROXY which is populated with correct env's (however mailman is still not able to download the file), so I ran su - mailman -s /bin/bash -c "echo $HTTP_PROXY" which is empty - which I'm guessing this is the problem since mailman is run by user mailman.

Note that curl https://publicsuffix.org/list/public_suffix_list.dat works fine within the mailman-core container aslong as HTTP(S)_PROXY is set.

jkaberg avatar Apr 12 '18 11:04 jkaberg

Mailman uses requests under the hood to GET things and according to the documentation it should work with Environment Variables.

docker exec -it malman-core bash should drop you in an env for mailman user, so, if you can see the variable there, it is being populated properly.

I am wondering what do you mean when you say Mailman isn't able to download the file? Where does it need to download this file from and what?

maxking avatar Apr 12 '18 23:04 maxking

@maxking When you set a mailing list to "Wrap the message in an outer message From: the list." or "Replace From: with list address." in DMARC Mitigations for any given mailing list; Mailman3 will try to download the file or use a cached copy.

docker exec -it mailman-core bash will drop you in as root user since you don't use the USER Dockerfile option anywhere to change the user AFAIK. You do however run mailman as the mailman user with exec su-exec mailman "$@" however the shell is still run by root. This is due to su-exec using execvp which doesn't expose the environment variables - it should in this case be using execvpe but that's another issue.

jkaberg avatar Apr 13 '18 06:04 jkaberg

Ah, thanks about that, I forgot we do su-exec ;)

I will investigate the reason why Mailman isn't able to pickup the environment variable.

maxking avatar Apr 13 '18 22:04 maxking

I am not able to re-produce this issue, atleast in the Mailman-core container. I added the HTTP_PROXY to my docker-compose.yaml file:

version: '2'

services:
  mailman-core:
    image: maxking/mailman-core:0.1
    container_name: mailman-core
    hostname: mailman-core
    volumes:
    - /opt/mailman/core:/opt/mailman/
    stop_grace_period: 30s
    links:
    - database:database
    depends_on:
    - database
    environment:
    - DATABASE_URL=postgres://mailman:mailmanpass@database/mailmandb
    - DATABASE_TYPE=postgres
    - DATABASE_CLASS=mailman.database.postgresql.PostgreSQLDatabase
    - HYPERKITTY_API_KEY=someapikey
    - HTTP_PROXY=http://someproxy.com
    networks:
      mailman:
        ipv4_address: 172.19.199.2

Then I did the normal docker-compose up and ran the following commands to check for the environment variables:

docker exec -it mailman-core bash                                                                                                                                                                                                      maxking@phoenix
bash-4.3# env
DATABASE_TYPE=postgres
HOSTNAME=mailman-core
GPG_KEY=0D96DF4D4110E5C43FBFB17F2D347EA6AA65421D
MAILMAN_CONFIG_FILE=/etc/mailman.cfg
TERM=xterm
HYPERKITTY_API_KEY=someapikey
PYTHON_VERSION=3.6.4
PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PWD=/opt/mailman
LANG=C.UTF-8
PYTHON_PIP_VERSION=9.0.1
SHLVL=1
HOME=/root
HTTP_PROXY=http://someproxy.com
DATABASE_CLASS=mailman.database.postgresql.PostgreSQLDatabase
DATABASE_URL=postgres://mailman:mailmanpass@database/mailmandb
_=/usr/bin/env
bash-4.3# whoami
root
bash-4.3# exec su-exec mailman bash
bash-4.3$ env
DATABASE_TYPE=postgres
HOSTNAME=mailman-core
GPG_KEY=0D96DF4D4110E5C43FBFB17F2D347EA6AA65421D
MAILMAN_CONFIG_FILE=/etc/mailman.cfg
TERM=xterm
HYPERKITTY_API_KEY=someapikey
PYTHON_VERSION=3.6.4
PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PWD=/opt/mailman
LANG=C.UTF-8
PYTHON_PIP_VERSION=9.0.1
HOME=/home/mailman
SHLVL=1
HTTP_PROXY=http://someproxy.com
DATABASE_CLASS=mailman.database.postgresql.PostgreSQLDatabase
DATABASE_URL=postgres://mailman:mailmanpass@database/mailmandb
_=/usr/bin/env
bash-4.3$

maxking avatar Apr 22 '18 03:04 maxking

I initially thought that su-exec wouldn't be forwarding the environment variables (like usually sudo doesn't). However, it looks like all the environment variables persist as expected.

maxking avatar Apr 22 '18 03:04 maxking

This issue has not been updated for more than 1year

github-actions[bot] avatar Nov 08 '22 22:11 github-actions[bot]