dockerswarm.rocks icon indicating copy to clipboard operation
dockerswarm.rocks copied to clipboard

Published 20 hours ago verified publisher icon tiangolo

Docker Compose Template for Traefik Has Issues

Open coltonbh opened this issue 3 years ago • 18 comments

Great website, tutorial etc...! Thank you for providing this.

I'd like to document my issues using the guide for setting up Traefik at https://dockerswarm.rocks/traefik/ to try and help others...

Deploying the template exactly as described and having followed all the steps:

- invalid interpolation format for services.traefik.deploy.labels.[]: "required variable HASHED_PASSWORD is missing a value: Variable not set". You may need to escape any $ with another $.

According to this stack overflow answer, extended shell-style features, such as ${VARIABLE-default} and ${VARIABLE/foo/bar}, are not supported. So I changed the ${HASHED_PASSWORD?Variable not set} and other related values containing the ?Variable not set addendum to ${HASHED_PASSWORD}.

Next issue: Cannot login--incorrect password.

For those running ubuntu they may find that export USERNAME=admin doesn't do anything--their $USERNAME will still be ubuntu. It took me forever to find out why my login never worked! So log in with username ubuntu and the password they set.

Perhaps updating the docs would be helpful? I'm happy to make a PR and update, but I wanted to check here first to make sure I wasn't missing something elementary before suggesting changes. Thank you again for the great tutorial!

coltonbh avatar Sep 17 '20 23:09 coltonbh

And of course after painstakingly figuring out all these details, then reproducing it from the start the above seems incorrect! The ${VARIABLE?Variable not set} notation seems to work just fine. I think I somehow failed to correctly set my environment variables thereby creating the initial error?? 🤦🏼‍♂️

However, the note about export USERNAME=admin not changing the $USERNAME on ubuntu may be worth adding--I think that was at the root of all the bizarre paths I went down trying to debug.

coltonbh avatar Sep 18 '20 00:09 coltonbh

I got the same error.

I followed your steps and it solved the first issue. However I still can't log in (401 Unauthorized).

I have tried using my user and password without success.

Which password did work for you (with ubuntu username) ?

kaleming avatar Oct 05 '20 19:10 kaleming

The password set in the $PASSWORD variable did work for me once I used the ubuntu username instead of what I had set in $USERNAME.

coltonbh avatar Oct 05 '20 20:10 coltonbh

In my case, it doesn't work using the password I set in the $PASSWORD. How did you find out ubuntu as $USERNAME ?

kaleming avatar Oct 05 '20 20:10 kaleming

echo $USERNAME is always ubuntu regardless what I set using export USERNAME=my_own_name

coltonbh avatar Oct 05 '20 20:10 coltonbh

In my case both echo $USERNAME and echo $PASSWORD seems correct, but I still get:

"GET / HTTP/2.0" 401

I have tried to write the credetials directly on yml file:

traefik.http.middlewares.admin-auth.basicauth.users=example:password

I have also tried placing hash instead: example:$apr1$nyeKGV3t$Qj1EEOqrS1wKoURU6CPCU/ generated using htpasswd -nb example "password"

But no success either.

kaleming avatar Oct 05 '20 22:10 kaleming

I believe you may need to add an additional $ to your credentials if placed directly in the file, you also want to remove the double quotes from your password--those are being included.

So try: `❯ htpasswd -nb example password

example:$apr1$BVhy2emr$PRkqFeoHHQbIQtE5McvOc0`

Then place the following in your yaml file: example:$$apr1$$BVhy2emr$$PRkqFeoHHQbIQtE5McvOc0

Any luck?

coltonbh avatar Oct 05 '20 23:10 coltonbh

Unfortunately I still get the same - 401 Unauthorized message.

kaleming avatar Oct 06 '20 11:10 kaleming

Hi @coltonbh,

After some hours, it worked doing the following:

1- To create user:password pair, it's possible to use this command: echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g

2- Add quotes in this line: -"traefik.http.middlewares.testauth.basicauth.users=example:$$apr1$$BVhy2emr$$PRkqFeoHHQbIQtE5McvOc0"

Thanks to point out this issue.

kaleming avatar Oct 06 '20 18:10 kaleming

@kaleming congrats! I figured it was something small like that. Nice sleuthing.

coltonbh avatar Oct 06 '20 19:10 coltonbh

You know what, @kaleming I set up a new swarm yesterday and had the exact same issue again--traefik always gave me 401 responses with the variable defined USERNAME and PASSWORD so I had to do exactly what you did with the "" and the hard coded line. Not sure why this is...

coltonbh avatar Oct 16 '20 00:10 coltonbh

Hi @coltonbh, I'm glad this approach worked for you too. I didn't have time to go further into this issue, I am not sure why either.

kaleming avatar Oct 16 '20 01:10 kaleming

Yeah I'm curious what the issue with using the environment variables in the main example. I can't figure it out...

coltonbh avatar Oct 16 '20 01:10 coltonbh

Are you setting the $HASHED_PASSWORD As specified here?

export HASHED_PASSWORD=$(openssl passwd -apr1 $PASSWORD) (Optional): Alternatively, if you don't want to put the password in an environment variable, you could type it interactively, e.g.:

$ export HASHED_PASSWORD=$(openssl passwd -apr1) Password: $ enter your password here Verifying - Password: $ re enter your password here

daniel-butler avatar Oct 20 '20 22:10 daniel-butler

Using @coltonbh suggestion:

So I changed the ${HASHED_PASSWORD?Variable not set} and other related values containing the ?Variable not set addendum to ${HASHED_PASSWORD}.

Works like a charm in my case.

I do not really understand if the problem is related to the template file or to a bug in docker-compose (it is documented here).

I share my current environment:

  • Ubuntu 18.04.5 LTS
  • Docker version 19.03.11, build dd360c7 (snap version)

claudiopastorini avatar Oct 24 '20 12:10 claudiopastorini

My problem was caused because of sudo For docker usage, I used the command with sudo so enivornment variables not shared.

In this case, just share current environments using -E argument sudo docker -E stack deploy ...

mehdihz avatar Dec 22 '20 14:12 mehdihz

Try changing the template from $ to $$ (Ubuntu 20.04)

ccrvlh avatar Jan 16 '21 16:01 ccrvlh

I had this issue on Windows. I thought it was a problem with variable expansion as well, but I was wrong. I set a few env variables the .toml was looking for and it fixed the issue. For some reason the .env file isn't being picked up or used. Therefore, all env variables were empty. I made a quick gist to turn the .env file into 'set name=value' notation windows wants. I pasted the output in the terminal and everything worked. Attaching gist below.

# run in dir with a .env file. prints text block to paste into cmd to load env variables

import os
import re

with open('.env', 'r', encoding='utf-8') as fs:
    env_vars = fs.read().splitlines()
    good_pairs = []
    [good_pairs.append(f'set {var_pair}') for var_pair in env_vars if not re.findall('^ ?#', var_pair) and var_pair != '']
    # [os.system(f'set {var_pair}') for var_pair in env_vars if not re.findall('^ ?#', var_pair) and var_pair != '']

print(good_pairs)
for pair in good_pairs:
    print(pair)
    # os.system(pair)

kielerrr avatar Jul 30 '21 18:07 kielerrr

Thanks for the patience! And thanks for the notes. Maybe if someone wants to update the examples to use something different than USERNAME I would take that PR.

Nevertheless, I should let you know, I had to deprecate this website and ideas, I would no longer recommend Docker Swarm Mode for new projects: https://dockerswarm.rocks/swarm-or-kubernetes/ 🥲

tiangolo avatar Dec 10 '23 13:12 tiangolo

Assuming the original issue was solved, it will be automatically closed now. But feel free to add more comments or create new issues.

github-actions[bot] avatar Dec 21 '23 00:12 github-actions[bot]