docker icon indicating copy to clipboard operation
docker copied to clipboard

Published 20 hours ago verified publisher icon wallabag

Provisioner fails in task add mariadb user

Open m0wer opened this issue 4 years ago • 10 comments

The error is:

InvalidPrivsError: unable to parse the MySQL grant string: GRANT USAGE ON entrypoint.sh TO `wallabag`@`%` IDENTIFIED BY PASSWORD '[OMMITED]'

Which appears to be related to https://github.com/ansible/ansible/issues/51356. Simply upgrading ansible inside the container solves the issue:

apk add py3-pip
pip3 install --upgrade ansible

And then the provisioner can be run again:

ansible-playbook -i /etc/ansible/hosts /etc/ansible/entrypoint.yml -c local

This error avoided the container from starting properly and the logs where showing HTTP 500 error codes.

m0wer avatar May 15 '20 10:05 m0wer

So what do we have to do to fix it? Can you open a PR to fix it?

j0k3r avatar May 15 '20 12:05 j0k3r

Works fine in master/latest since the Alpine base image was upgraded to 3.10 (from 3.9) and in that branch of Alpine ansible is updated to 2.8 (instead of 2.7). So no changes are needed.

Maybe it would be nice to update the 2.3.8 tag though.

Thanks!

m0wer avatar May 15 '20 13:05 m0wer

Not sure if I have the same issue, but wallabag after the recent update 500's now, can't find any proper logs to confirm what the issue is though - compose logs do not contain anything useful, except maybe mysql complaining about an attempt to connect:

[Warning] Aborted connection 8 to db: 'unconnected' user: 'unauthenticated' host: 'xxx' (This connection closed normally without authentication)

Provisioner however seems to finish:

wallabag_1  | Starting provisioner...
wallabag_1  | [WARNING]: Found both group and host with same name: localhost
wallabag_1  | Provisioner finished.

Miosame avatar May 26 '20 05:05 Miosame

@Miosame Are you pinning to 2.3.8? If so, that was causing issues for me as well. I saw @m0wer 's command and used latest instead and that resolved my issue. It would be nice if there was a new release since Docker Bench for Security complains about using latest :-) .

paulcalabro avatar May 30 '20 06:05 paulcalabro

@paulcalabro I've on purpose set recently containers like wallabag to latest and have watchtower updating them, so sadly I'm on latest from hub at least. No idea how to debug the 500, considering it logs nothing.

Miosame avatar May 30 '20 07:05 Miosame

@Miosame You might be able to troubleshoot the issue by examining WALLABAG_DIR/var/logs/prod.log. Additional information can be found here.

paulcalabro avatar May 30 '20 21:05 paulcalabro

@paulcalabro /var/www/wallabag/var/logs is empty, no prod.log.

Miosame avatar May 30 '20 23:05 Miosame

What if you attach to the container and manually run the app?

paulcalabro avatar May 31 '20 04:05 paulcalabro

@paulcalabro how would I manually run it? looking at it, it's actually symfony based (so regular php served via webserver) - though sadly enough different from laravel to be alien to me.

Moving temporarily config_dev.yml in place of config_prod.yml in /var/www/wallabag/app/config/config_dev.yml - did sadly not trigger the hoped for debug page nor cause it to dump any useful messages to docker logs or create any files in the logs folder.

Miosame avatar May 31 '20 04:05 Miosame

@paulcalabro nevermind it was some weird caddy-server issue that was causing it

Miosame avatar May 31 '20 05:05 Miosame

Ansible has been replaced by shell script few days ago https://github.com/wallabag/docker/pull/307, so I'm closing that issue.

j0k3r avatar Nov 30 '22 22:11 j0k3r