planka icon indicating copy to clipboard operation
planka copied to clipboard
verified publisher icon plankanban

Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: client password must be a string')

Open Arturo-Penas-Rial opened this issue 2 years ago • 6 comments

Hi all, I need your help! Thanks in advance ...

During the Planka installation I execute:

[email protected] server:db:init npm run db:init --prefix server

db:init node db/init.js

But an error occurs:

➜ planka npm run server:db:init > err /var/www/planka/server/node_modules/pg/lib/sasl.js:24 throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: client password must be a string') ^

Error: SASL: SCRAM-SERVER-FIRST-MESSAGE: client password must be a string at Object.continueSession (/var/www/planka/server/node_modules/pg/lib/sasl.js:24:11) at Client._handleAuthSASLContinue (/var/www/planka/server/node_modules/pg/lib/client.js:257:10) at Connection.emit (node:events:512:28) at /var/www/planka/server/node_modules/pg/lib/connection.js:114:12 at Parser.parse (/var/www/planka/server/node_modules/pg-protocol/dist/parser.js:40:17) at Socket. (/var/www/planka/server/node_modules/pg-protocol/dist/index.js:11:42) at Socket.emit (node:events:512:28) at addChunk (node:internal/streams/readable:324:12) at readableAddChunk (node:internal/streams/readable:297:9) at Readable.push (node:interthe dabanal/streams/readable:234:10)

Node.js v19.6.0

The procedure to install PostgreSQL was:

$ sudo apt install postgresql postgresql-contrib postgresql-client $ sudo systemctl start postgresql.service $ systemctl status postgresql

$ su - postgres -c "createuser -P planka" $ su - postgres -c "createdb -O planka planka" $ sudo adduser planka

$ sudo vi /etc/postgresql/14/main/pg_hba.conf # Add the following lines ... host all all all local planka planka password local all postgres peer $ sudo vi /etc/postgresql/14/main/postgresql.conf # Add the following line ... listen_addresses = '*'

$ systemctl reload postgresql

@meltyshev Can you help me to solve this issue?

Arturo-Penas-Rial avatar Feb 03 '23 18:02 Arturo-Penas-Rial

Good evening! I can assume that maybe you forgot to create an server/.env file. Or you have something missing in the DATABASE_URL there.

Configure environment variables.

cp .env.sample .env

# Edit .env file (You could use nano, vim, etc.)
nano .env

I recently corrected the installation instructions: https://github.com/plankanban/planka#2-without-docker.

meltyshev avatar Feb 05 '23 21:02 meltyshev

@Arturo-Penas-Rial You need to edit .env file in /var/www/planka/server/ to include the db password, by default it was blank for me.

i.e DATABASE_URL=postgresql://user:password@localhost/planka

threedotsonedash avatar Feb 21 '23 05:02 threedotsonedash

Same for me.

I have tried including the password in the DATABASE_URL, but as reported in https://github.com/balderdashy/sails/issues/7173, it does not work properly with complex passwords.

Also, I tried edit ./server/config/datastores.js as follows, but does not work properly either.

https://github.com/alxndrsn/sails-postgresql#usage-with-unix-sockets

const { POSTGRES_HOST, POSTGRES_USER, POSTGRES_PASSWORD, POSTGRES_DATABASE } = process.env;
module.exports.datastores = {
  default: {
    adapter: ‘sails-postgresql-redacted’,
    host:     POSTGRES_HOST,
    user:     POSTGRES_USER,
    password: POSTGRES_PASSWORD,
    database: POSTGRES_DATABASE,
  },
};

It would be great if unix domain sockets could be used. Thanks in advance.

eternity1984 avatar Mar 31 '23 03:03 eternity1984

This essentially looks like a bug in Planka (or in the docker-compose files, respectively), because of this:

The Postgres Docker file at https://github.com/plankanban/planka/blob/master/docker-compose-db.yml contains this: POSTGRES_HOST_AUTH_METHOD=trust

This means according to https://hub.docker.com/_/postgres : "This optional variable can be used to control the auth-method for host connections for all databases, all users, and all addresses. If unspecified then scram-sha-256 password authentication is used"

So we might assume that with this file Planka should be fine if the database server only requires a username and not a password, as can be seen in https://github.com/plankanban/planka/blob/master/docker-compose.yml : DATABASE_URL=postgresql://postgres@postgres/planka

Based on these two files Planka should work out-of-the-box with the configuration and it did for some time. Only when I updated the container lately it failed with the message above. It looks to me like an "if" might be missing somwehere because it should not require a password here, but the SASL code fails because that one requires one.

This means that I would assume that out of the box the current Planka installation using the Docker Compose files linked above will not work anymore, but it worked previously, so for me this is definitely a bug.

Also, when I enter the Postgres Docker container it shows the setting applied:

root@planka-postgres:/# env
POSTGRES_HOST_AUTH_METHOD=trust
HOSTNAME=planka-postgres
PWD=/
HOME=/root
LANG=en_US.utf8
GOSU_VERSION=1.14
PG_MAJOR=13
PG_VERSION=13.8-1.pgdg110+1
TERM=xterm
SHLVL=1
PGDATA=/var/lib/postgresql/data
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/lib/postgresql/13/bin
POSTGRES_DB=planka
_=/usr/bin/env
root@planka-postgres:/#

So it is definitely not Postgres refusing the access, but Planka not working anymore with the default "trust all" configuration in the docker-compose files in this repository. This should be fixed.

tricoos avatar Jan 08 '24 15:01 tricoos

As an addition to my previous comment: I simply added pgadmin to my docker-compose and I was able to login to Postgres with the user name "postgres" and no password, so this is clearly not a Postgres issue like where Postgres does not honor the POSTGRES_HOST_AUTH_METHOD=trust setting. Please fix this.

tricoos avatar Jan 09 '24 07:01 tricoos