Not listening to any connection

[Tinostarn]

Hi,

I'm having some difficulties to make ejabberd container working. I can't neither access web admin via https://mydomain:5280/admin (EMPTY_RESPONSE), nor make websocket connection via wss://mydomain:5280/websocket I'm suspecting some network misconfiguration, but I'm not good enough with Docker to debug it.

I am under Win10 with Docker v 18.09.0

First, It works when I leave the container with its original configuration files :

ejabberd | 22:13:40.746 [info] Waiting for Mnesia synchronization to complete
ejabberd | 22:13:40.747 [info] ejabberd 18.09 is started in the node '[email protected]' in 2.62s
ejabberd | 22:13:40.749 [info] Start accepting TCP connections at 0.0.0.0:5443 for ejabberd_http
ejabberd | 22:13:40.749 [info] Start accepting TCP connections at 0.0.0.0:5280 for ejabberd_http
ejabberd | 22:13:40.749 [info] Start accepting TCP connections at 0.0.0.0:5269 for ejabberd_s2s_in
ejabberd | 22:13:40.749 [info] Start accepting TCP connections at 0.0.0.0:5222 for ejabberd_c2s
ejabberd | 22:13:40.750 [info] Start accepting TCP connections at 0.0.0.0:4560 for ejabberd_xmlrpc
ejabberd | 22:13:40.750 [info] Start accepting TCP connections at 172.18.0.2:5277 for mod_proxy65_stream

But if I include my own ejabberd.yml file, the container doesn't want to start listening connections

My docker-compose.yml

ejabberd:
    image: rroemhild/ejabberd
    ports:
      - 5222:5222
      - 5269:5269
      - 5280:5280
    environment:
      - [email protected]
      - XMPP_DOMAIN=mydomain.com
      - [email protected]
      - [email protected]:foobar
    # volumes:
    #  - ${EJABBERD_DOCKER_CONFIG_PATH}:/opt/ejabberd/conf

The log :

docker-compose up --no-deps --build ejabberd
Recreating ejabberd ... done
Attaching to ejabberd
ejabberd | /opt/ejabberd/scripts/pre/00_change_user.sh...
ejabberd | /opt/ejabberd/scripts/pre/00a_set_permissions.sh...
ejabberd | /opt/ejabberd/scripts/pre/01_write_certifiates_from_env.sh...
ejabberd | /opt/ejabberd/scripts/pre/01a_copy_ssl_certs_and_watch.sh...
ejabberd | /opt/ejabberd/scripts/pre/02_make_snakeoil_certificates.sh...
ejabberd | /opt/ejabberd/scripts/pre/03_make_dhparam.sh...
ejabberd | /opt/ejabberd/scripts/pre/10_erlang_cookie.sh...
ejabberd | /opt/ejabberd/scripts/pre/20_ejabberd_config.sh...
ejabberd | ejabberd config file exists.
ejabberd | ejabberdctl config file exists.
ejabberd | Starting ejabberd...
ejabberd | tail: cannot open '/usr/local/var/log/ejabberd/crash.log' for reading: No such file or directory
ejabberd | tail: cannot open '/usr/local/var/log/ejabberd/error.log' for reading: No such file or directory
ejabberd | tail: cannot open '/usr/local/var/log/ejabberd/erlang.log' for reading: No such file or directory
ejabberd | "/usr/local2018-12-18 22:25:44 inet_config: file ~ts not found~n
ejabberd |   /etc/ejabberd/inetrc"
ejabberd |
ejabberd | =ERROR REPORT==== 18-Dec-2018::23:25:44 ===
ejabberd | inet_config: file /usr/local/etc/ejabberd/inetrc not found
ejabberd | 22:25:44.653 [notice] Changed loghwm of /usr/local/var/log/ejabberd/error.log to 100
ejabberd | 22:25:44.653 [notice] Changed loghwm of /usr/local/var/log/ejabberd/ejabberd.log to 100
ejabberd | 22:25:44.658 [info] Application lager started on node ejabberd@localhost
ejabberd | 22:25:44.675 [info] Application crypto started on node ejabberd@localhost
ejabberd | 22:25:44.691 [info] Application sasl started on node ejabberd@localhost
ejabberd | 22:25:44.713 [info] Application asn1 started on node ejabberd@localhost
ejabberd | 22:25:44.713 [info] Application public_key started on node ejabberd@localhost
ejabberd | 22:25:44.761 [info] Application ssl started on node ejabberd@localhost
ejabberd | 22:25:44.766 [info] Application p1_utils started on node ejabberd@localhost
ejabberd | 22:25:44.776 [info] Application fast_yaml started on node ejabberd@localhost
ejabberd | 22:25:44.795 [info] Application fast_tls started on node ejabberd@localhost
ejabberd | 22:25:44.809 [info] Application fast_xml started on node ejabberd@localhost
ejabberd | 22:25:44.817 [info] Application stringprep started on node ejabberd@localhost
ejabberd | 22:25:44.829 [info] Application ezlib started on node ejabberd@localhost
ejabberd | 22:25:44.867 [info] Application xmpp started on node ejabberd@localhost
ejabberd | 22:25:44.893 [info] Application cache_tab started on node ejabberd@localhost
ejabberd | 22:25:44.928 [info] Application eimp started on node ejabberd@localhost
ejabberd | 22:25:44.968 [info] Application elixir started on node ejabberd@localhost
ejabberd | 22:25:45.001 [info] Loading configuration from /usr/local/etc/ejabberd/ejabberd.yml
ejabberd | tail: '/usr/local/var/log/ejabberd/crash.log' has appeared;  following new file
ejabberd | tail: '/usr/local/var/log/ejabberd/error.log' has appeared;  following new file
ejabberd | 22:25:46.174 [info] Application mnesia started on node ejabberd@localhost
ejabberd | 22:25:46.183 [info] Building translation cache, this may take a while
ejabberd | 2018-12-18 22:25:46 inet_config: file ~ts not found~n
ejabberd |   22:25:46.818 [info] Creating Mnesia table 'ejabberd_commands'
ejabberd | 22:25:46.884 [info] Creating Mnesia table 's2s'
ejabberd | 22:25:46.894 [info] Creating Mnesia table 'temporarily_blocked'
ejabberd | 22:25:46.904 [info] Creating Mnesia table 'acl'
ejabberd | 22:25:46.915 [info] Creating Mnesia table 'access'
ejabberd | 22:25:46.925 [info] Creating Mnesia table 'shaper'
ejabberd | 22:25:46.937 [info] Creating Mnesia table 'route'
ejabberd | 22:25:46.950 [info] Creating Mnesia table 'route_multicast'
ejabberd | 22:25:46.963 [warning] No certificate found matching 'localhost': strictly configured clients or servers will reject connections with this host; obtain a certificate for this (sub)domain from any trusted CA such as Let's Encrypt (www.letsencrypt.org)
ejabberd | 22:25:46.963 [info] Creating Mnesia table 'session'
ejabberd | 22:25:46.975 [info] Creating Mnesia table 'session_counter'
ejabberd | 22:25:47.082 [info] Application inets started on node ejabberd@localhost
ejabberd | 22:25:47.099 [info] Loading modules for localhost
ejabberd | 22:25:47.101 [info] Creating Mnesia table 'passwd'
ejabberd | 22:25:47.111 [info] Creating Mnesia table 'reg_users_counter'
ejabberd | 22:25:47.124 [info] Creating Mnesia table 'oauth_token'
ejabberd | 22:25:47.187 [info] Waiting for Mnesia synchronization to complete
ejabberd | 22:25:47.187 [info] ejabberd 18.09 is started in the node ejabberd@localhost in 2.83s
ejabberd | 22:25:48.036 [warning] lager_error_logger_h dropped 3 messages in the last second that exceeded the limit of 100 messages/sec
ejabberd | 2018-12-18 22:25:48 inet_config: file ~ts not found~n
ejabberd |   /opt/ejabberd/scripts/post/10_ejabberd_modules_update_specs.sh...
ejabberd | Updating module specs... 2018-12-18 22:25:49 inet_config: file "/usr/local/etc/ejabberd/~ts not found~n
ejabberd |   inetrc"
ejabberd |
ejabberd | =ERROR REPORT==== 18-Dec-2018::23:25:49 ===
ejabberd | inet_config: file /usr/local/etc/ejabberd/inetrc not found
ejabberd | 22:25:51.314 [info] Update packages from repo https://github.com/processone/ejabberd-contrib: ok
ejabberd | /opt/ejabberd/scripts/post/11_ejabberd_install_modules.sh...
ejabberd | /opt/ejabberd/scripts/post/20_ejabberd_register_users.sh...
ejabberd | "/usr/local/etc/ejabberd/inetrc"
ejabberd | 2018-12-18 22:25:51 inet_config: file ~ts not found~n
ejabberd |
ejabberd | =ERROR REPORT==== 18-Dec-2018::23:25:51 ===
ejabberd | inet_config: file /usr/local/etc/ejabberd/inetrc not found
ejabberd | Error: cannot_register
ejabberd | /opt/ejabberd/scripts/post/30_ejabberd_setup_groups.sh...
ejabberd | /opt/ejabberd/scripts/post/99_first_start_done.sh...

I also tried to copy locally ejabberdctl.cfg and inetrc files that seems to work in original configuration. So, the three configuration files are exactly the same than the generated ones... Without success.

I also tried to run some command in the container, but i'm stuck as netstat is not available. Is there anything that must be done at the container network level ? I don't get why it doesn't work only when I mount my files...

Any tips are welcome. Thanks in advance

[Tinostarn]

I notice when I use my own ejabberd.yml

ejabberd | 22:25:47.187 [info] ejabberd 18.09 is started in the node ejabberd@localhost in 2.83s

ERLANG_NODE in docker-compose.yml seems to be skipped

When I don't use it, ejabberd starts well on ERLANG_NODE specified in environment

ejabberd | 22:13:40.747 [info] ejabberd 18.09 is started in the node '[email protected]' in 2.62s

Could it be the cause of this issue ?

For all practical purpose, my ejabberd.yml

###
###               ejabberd configuration file
###
###

### The parameters used in this configuration file are explained in more detail
### in the ejabberd Installation and Operation Guide.
### Please consult the Guide in case of doubts, it is included with
### your copy of ejabberd, and is also available online at
### http://www.process-one.net/en/ejabberd/docs/

###   =======
###   LOGGING

loglevel: 4
log_rotate_size: 10485760
log_rotate_count: 0
log_rate_limit: 100

## watchdog_admins:
##   - "[email protected]"

###   ================
###   SERVED HOSTNAMES

hosts:
  - "mydomain.com"

##
## route_subdomains: Delegate subdomains to other XMPP servers.
## For example, if this ejabberd serves example.org and you want
## to allow communication with an XMPP server called im.example.org.
##
## route_subdomains: s2s

###   ===============
###   LISTENING PORTS

listen:
  -
    port: 5222
    module: ejabberd_c2s
    starttls_required: true
    protocol_options:
      - "no_sslv2"
      - "no_sslv3"
      - "no_tlsv1"
    max_stanza_size: 65536
    shaper: c2s_shaper
    access: c2s
    tls_compression: false
    ciphers: "HIGH:!aNULL:!3DES"
  -
    port: 5269
    module: ejabberd_s2s_in
  -
    port: 4560
    module: ejabberd_xmlrpc
    access_commands:
      configure:
        all: []

  -
    port: 5280
    module: ejabberd_http
    request_handlers:
      "/websocket": ejabberd_http_ws
    ##  "/pub/archive": mod_http_fileserver
    web_admin: true
    http_bind: true
    ## register: true
    tls: true
    tls_compression: false
    ciphers: "HIGH:!aNULL:!3DES"

  -
    port: 5443
    module: ejabberd_http
    request_handlers:
      "": mod_http_upload
    tls: true
    tls_compression: false
    ciphers: "HIGH:!aNULL:!3DES"



###   CERTIFICATES
###   ================
certfiles:
  - "/opt/ejabberd/ssl/host.pem"
  - "/opt/ejabberd/ssl/mydomain.com.pem"

###   SERVER TO SERVER
###   ================
s2s_use_starttls: required
s2s_protocol_options:
  - "no_sslv3"
  - "no_tlsv1"
s2s_ciphers: "HIGH:!aNULL:!3DES"


###   ==============
###   AUTHENTICATION

auth_method:
  - internal

auth_password_format: scram


## LDAP authentication

###   ===============
###   TRAFFIC SHAPERS

shaper:
  normal: 1000
  fast: 50000
max_fsm_queue: 1000

###   ====================
###   ACCESS CONTROL LISTS

acl:
  admin:
    user:
      - "admin": "mydomain.com"
  local:
    user_regexp: ""

###   ============
###   ACCESS RULES

access:
  ## Maximum number of simultaneous sessions allowed for a single user:
  max_user_sessions:
    all: 10
  ## Maximum number of offline messages that users can have:
  max_user_offline_messages:
    admin: 5000
    all: 100
  ## This rule allows access only for local users:
  local:
    local: allow
  ## Only non-blocked users can use c2s connections:
  c2s:
    blocked: deny
    all: allow
  ## For C2S connections, all users except admins use the "normal" shaper
  c2s_shaper:
    admin: none
    all: normal
  ## All S2S connections use the "fast" shaper
  s2s_shaper:
    all: fast
  ## Only admins can send announcement messages:
  announce:
    admin: allow
  ## Only admins can use the configuration interface:
  configure:
    admin: allow
  ## Admins of this server are also admins of the MUC service:
  muc_admin:
    admin: allow
  ## Only accounts of the local ejabberd server, or only admins can create rooms, depending o
  muc_create:
    local: allow

  ## All users are allowed to use the MUC service:
  muc:
    all: allow
  ## Only accounts on the local ejabberd server can create Pubsub nodes:
  pubsub_createnode:
    local: allow
  ## In-band registration allows registration of any possible username.
  register:
    all: allow

  ## Only allow to register from localhost
  trusted_network:
    loopback: allow
  soft_upload_quota:
    all: 400 # MiB
  hard_upload_quota:
    all: 500 # MiB


language: "en"

###   =======
###   MODULES

modules:
  mod_adhoc: {}

  mod_announce: # recommends mod_adhoc
    access: announce
  mod_blocking: {} # requires mod_privacy
  mod_bosh: {}
  mod_caps: {}
  mod_carboncopy: {}
  mod_client_state:
    queue_chat_states: true
    queue_presence: false
  mod_configure: {} # requires mod_adhoc
  mod_disco: {}
  ## mod_echo: {}
  ## mod_http_fileserver:
  ##   docroot: "/var/www"
  ##   accesslog: "/var/log/ejabberd/access.log"
  mod_http_upload:
    docroot: "/opt/ejabberd/upload"
    put_url: "https://@HOST@:5443"
  mod_http_upload_quota:
    max_days: 10
  mod_last: {}
  mod_mam:
    default: always
    use_cache: true
  mod_muc:
    host: "conference.@HOST@"
    access: muc
    access_create: muc_create
    access_persistent: muc_create
    access_admin: muc_admin
    history_size: 50
    default_room_options:
      persistent: true
      mam : true
  ## mod_muc_log: {}
  ## mod_multicast: {}
  mod_offline:
    access_max_user_messages: max_user_offline_messages
  mod_ping: {}
  ## mod_pres_counter:
  ##   count: 5
  ##   interval: 60
  mod_privacy: {}
  mod_private: {}
  mod_proxy65:
    host: "proxy.@HOST@"
    name: "File Transfer Proxy"
    port: 5277
  mod_pubsub:
    access_createnode: pubsub_createnode
    force_node_config:
      "eu.siacs.conversations.axolotl.*":
        access_model: open
    ## reduces resource comsumption, but XEP incompliant
    ignore_pep_from_offline: true
    ## XEP compliant, but increases resource comsumption
    ignore_pep_from_offline: false
    last_item_cache: true
    plugins:
      - "flat"
      - "hometree"
      - "pep" # pep requires mod_caps
  mod_push: {}
  mod_push_keepalive: {}
  mod_register:

    ##
    ## Set the minimum informational entropy for passwords.
    ##
    ## password_strength: 32

    ##
    ## After successful registration, the user receives
    ## a message with this subject and body.
    ##
    welcome_message:
      subject: "Welcome!"
      body: |-
        Hi.
        Welcome to this XMPP server.

    ##
    ## Only clients in the server machine can register accounts
    ##

    access: register
  mod_roster:
    versioning: true
  mod_s2s_dialback: {}
  mod_shared_roster: {}
  mod_stats: {}
  mod_stream_mgmt:
    resend_on_timeout: if_offline
  mod_time: {}
  mod_vcard: {}


###   ============
###   HOST CONFIG

certfiles:
  - "/opt/ejabberd/ssl/*.pem"

###   =====================
###   SESSION MANAGEMENT DB
sm_db_type: mnesia

[Tinostarn]

The only workaround I've found is to build my own Dockerfile and copy my ejabberd.yml.tpl

FROM rroemhild/ejabberd
ADD ./ejabberd.yml.tpl /opt/ejabberd/conf/ejabberd.yml.tpl

This way, the network works. But no idea why it would not work in the case of fully mounting the conf directory.

[youmad]

@Tinostarn First, I think you should learn about how docker stages are work. https://docs.docker.com/get-started/part2/ And you should notice that the ejabberd.yml file is generated using your env variables. @Tinostarn please, ask again if I misunderstood.