Hey Nathan, thanks for making this project. I've got an issue and could use some help.

Reverse proxy (i think) setup issue about webtrees-docker HOT 7 CLOSED

nathanvaughn commented on July 3, 2024

Reverse proxy (i think) setup issue

from webtrees-docker.

Comments (7)

NathanVaughn commented on July 3, 2024

Try changing LOGIN_URL to https://domain.tld/login.php. I'm going to experiment and see if I can replicate this.
Additionally, set the BASE_URL to the https version of your domain

from webtrees-docker.

LunaUrsa commented on July 3, 2024

Thanks for the response!

Unfortunately, no change in behavior =/ Just to clarify, I changed my docker-compose so that the web trees service's environment now starts with:

      environment:
        PRETTY_URLS: "1"
        HTTPS: "0"
        HTTPS_REDIRECT: "0"
        LANG: "en-US"
        LOGIN_URL: "https://domain.tld/login.php"
        SERVER_URL: "https://domain.tld"
        BASE_URL: "https://domain.tld"

Did a fresh install of everything (thank you, docker) with that and also made sure to update the MariaDB wt_site_settings with the same values, same thing: I can do the setup process, but once I restart the container, it gives me a 404. I wish I had more logs to give you, is there some kind of debug logs I can enable? All I can see in the browser console is a 404 error for my domain and the favicon, and a 500 error on the Webtrees container side.

Happy to do whatever to help resolve this, I'd really like to use this software, thanks again!

from webtrees-docker.

NathanVaughn commented on July 3, 2024

Okay, so I was able to spend more time looking into this. After starting the container for the second time, can you attach a terminal to it and check the contents on /var/ww/webtrees/data/config.ini.php?

When I was trying to replicate this issue, I found some of the environment variables were not getting loaded properly, and it was causing the webtrees config to get corrupted:

At least for that problem, I will dig into it more.

You should be able to prevent this by not setting any of the WT_ environment variables and manually doing the setup wizard.

from webtrees-docker.

NathanVaughn commented on July 3, 2024

Tags 2.1.16 and latest have been re-pushed, try that now

from webtrees-docker.

LunaUrsa commented on July 3, 2024

Thanks for the response! I've made progress, but still hitting an issue:

If my docker-compose has no env variables, it has me go through the site creation process, as I would expect. When I create the user in the final step, the page refreshes to the login screen, but there's no CSS formatting, so it looks gross. However! This is the only setup where the login page works. I can reload the container, and it stays the same: I can keep logging into that page and set up my family's specific tree. However, something is broken with the site cuz the formatting is broken.

If I add the 'BASE_URL: "https://webtrees.${DNS_DOMAIN}"' env variable and reload the container, the site looks normal, but I can no longer log in.

If I add my full env config, it seems to auto-complete the setup process, but I can't log in at all, even if I remove the BASE_URL variable and redo the container.

For clarity, I pasted my environment below. I've tried with pretty_urls on and off, along with a bunch of other combinations, but nothing I try seems to let me log in, except the first method without an env at all. When I go into MariaDB, I can see that the user is created, but maybe the password is getting hashed wrong? Just a guess, because there is a hashed password value there

      environment:
        PRETTY_URLS: "1"
        LANG: "en-US"
        LOGIN_URL: "https://webtrees.${DNS_DOMAIN}/login.php"
        SERVER_URL: "https://webtrees.${DNS_DOMAIN}"
        BASE_URL: "https://webtrees.${DNS_DOMAIN}"
        DB_TYPE: "mysql"
        DB_HOST: "webtrees_db"
        DB_PORT: "3306"
        MARIADB_USER: "webtrees"
        MARIADB_PASSWORD: "${WT_DB_PASS}"
        MARIADB_DATABASE: "webtrees"
        DB_PREFIX: "wt_"
        WT_USER: "${WT_USER}"
        WT_NAME: "${WT_NAME}"
        WT_PASS: "${WT_PASS}"
        WT_EMAIL: "${WT_EMAIL}"

If I have the browser console open while i click login, it shows:

webtrees:80 172.22.0.4 - - [31/May/2023:20:50:34 +0000] "POST /login HTTP/1.1" 302 526 "https://webtrees.${DNS_DOMAIN}/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0"
webtrees:80 172.22.0.4 - - [31/May/2023:20:50:34 +0000] "GET /login HTTP/1.1" 200 4240 "https://webtrees.${DNS_DOMAIN}/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0"

from webtrees-docker.

NathanVaughn commented on July 3, 2024

I'm still not sure what's going on exactly. If you could post your full docker compose file and traffic config (feel free to leave out environment variables), that would be appreciated.

I was able to set up a fresh instance from a blank slate on my computer with the following configs (admittedly without https):

docker-compose.yml:

services:
  traefik:
    image: traefik:latest
    volumes:
      - ./traefik.toml:/etc/traefik/traefik.toml
      - /var/run/docker.sock:/var/run/docker.sock
    ports:
       - "80:80"
       - "8080:8080"

  webtrees_db:
    container_name: webtrees_db
    image: mariadb:latest
    restart: unless-stopped
    environment:
      MARIADB_ROOT_PASSWORD: rootpass
      MARIADB_USER: webtrees
      MARIADB_PASSWORD: wtpass
      MARIADB_DATABASE: webtrees
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - webtrees_db:/var/lib/mysql
    labels:
      - "traefik.enable=false"
    ports:
      - "3306:3306"

  webtrees:
      container_name: webtrees
      image: ghcr.io/nathanvaughn/webtrees:latest
      restart: unless-stopped
      depends_on:
      - webtrees_db
      environment:
        PRETTY_URLS: "1"
        HTTPS: "0"
        HTTPS_REDIRECT: "0"
        LANG: "en-US"
        BASE_URL: "http://webtrees.localhost"
        DB_TYPE: "mysql"
        DB_HOST: "webtrees_db"
        DB_PORT: "3306"
        MARIADB_USER: "webtrees"
        MARIADB_PASSWORD: wtpass
        MARIADB_DATABASE: "webtrees"
        DB_PREFIX: "wt_"
        WT_USER: "admin"
        WT_NAME: Nathan
        WT_PASS: wtpass
        WT_EMAIL: [email protected]
      volumes:
        - webtrees_data:/var/www/webtrees/data/
        - webtrees_media:/var/www/webtrees/media/
        - webtrees_themes:/var/www/webtrees/modules_v4/
      labels:
        - "traefik.enable=true"
        - "traefik.http.routers.webtrees.rule=Host(`webtrees.localhost`)"
        - "traefik.http.routers.webtrees.entrypoints=insecure"
        - "traefik.http.routers.webtrees.service=webtrees"
        - "traefik.http.services.webtrees.loadbalancer.server.port=80"

volumes:
  webtrees_db:
    driver: local
  webtrees_data:
    driver: local
  webtrees_media:
    driver: local
  webtrees_themes:
    driver: local

traefik.toml:

[entryPoints]
  [entryPoints.insecure]
    address = ":80"

[api]
  dashboard = true
  insecure = true
  debug = true

[log]
  level = "debug"

[providers.docker]

After modifying my hosts file for webtrees.localhost, this was able to completely automate the setup wizard, and then I logged in and created my tree. I restarted the container and the pretty URLs worked.

I never had to modify any database settings.

Maybe the problem is HTTPS. If you think so, I can try to spend more time replicating that locally.

from webtrees-docker.

LunaUrsa commented on July 3, 2024

Hey Nathan, thanks a ton! I'm not 100% sure what I was doing wrong, but it was probably something with the .env variables. I took your above example and started fresh, and I can run the site on HTTPS. If anyone else has this issue in the future, maybe my docker-compose will help:

  traefik:
    container_name: traefik
    image: traefik:latest
    restart: unless-stopped
    command:
      # Global
      - --global.checkNewVersion=true
      - --global.sendAnonymousUsage=true
      # Log info
      - --log=true
      - --log.filePath=/var/log/traefik/traefik.log
      - --log.level=DEBUG # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC
      # Access logs
      - --accesslog=true
      - --accesslog.filepath=/var/log/traefik/access.log
      - --accessLog.bufferingSize=100 # Configuring a buffer of 100 lines
      - --accessLog.filters.statusCodes=204-299,400-499,500-599
      - --accesslog.fields.headers.names.Content-Type=keep
      - --accesslog.fields.headers.names.Referer=keep
      - --accesslog.fields.headers.names.User-Agent=keep
      # Enable the Trafik dashboard
      - --api=true
      - --api.dashboard=true
      - --api.insecure=false
      - --api.debug=true
      # Tell Traefik to discover containers using the Docker API
      - --providers.docker
      - --providers.docker.exposedbydefault=false
      - --providers.docker.endpoint=unix:///var/run/docker.sock # Use Docker Socket Proxy instead for improved security
      - --providers.docker.network=traefik-net
      - --providers.docker.swarmMode=false
      - --providers.file.directory=/data/rules # Load dynamic configuration from one or more .toml or .yml files in a directory
      - --providers.file.watch=true # Only works on top level files in the rules folder
      # Set up an insecure listener that redirects all traffic to TLS
      - --entrypoints.web.address=:80
      - --entrypoints.web.http.redirections.entrypoint.to=websecure
      - --entrypoints.web.http.redirections.entrypoint.scheme=https
      # Set up the TLS configuration for our https listener
      - --entrypoints.websecure.address=:443
      - --entrypoints.websecure.http.tls=true
      - --entrypoints.websecure.http.tls.certResolver=letsencrypt
      - --entrypoints.websecure.http.tls.domains[0].main=*.${DNS_DOMAIN}
      - --entrypoints.websecure.http.tls.domains[0].sans=${DNS_DOMAIN}
      - --entrypoints.websecure.http.tls.options=tls-opts@file
      - --entrypoints.websecure.forwardedHeaders.trustedIPs=$CLOUDFLARE_IPS,$LOCAL_IPS
      # Set up LetsEncrypt
      - --certificatesresolvers.letsencrypt.acme.dnschallenge=true
      - --certificatesresolvers.letsencrypt.acme.dnschallenge.provider=cloudflare
      - --certificatesresolvers.letsencrypt.acme.email=${LETSENCRYPT_EMAIL}
      - --certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json
      - --certificatesresolvers.letsencrypt.acme.dnschallenge.resolvers==1.1.1.1:53,1.0.0.1:53
      - --certificatesresolvers.letsencrypt.acme.dnschallenge.disablepropagationcheck=true
    secrets:
      - cloudflare_email
      - cloudflare_api_key
      - cloudflare_api_token
    environment:
      - CF_API_EMAIL_FILE=/run/secrets/cloudflare_email
      - CF_DNS_API_TOKEN_FILE=/run/secrets/cloudflare_api_key
      - CF_ZONE_API_TOKEN_FILE=/run/secrets/cloudflare_api_token
    ports:
      - 80:80
      - 443:443
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ${DOCKERDIR}/traefik/data/:/data
      - ${DOCKERDIR}/traefik/logs:/var/log/traefik
      - ${LOCAL_MOUNT}/traefik/letsencrypt:/letsencrypt
      - /etc/traefik:/etc/traefik
    networks:
      - webtrees-net
    labels:
      - traefik.enable=true
      # Dashboard Config
      - traefik.http.routers.traefik-rtr.rule=Host(`traefik.${DNS_DOMAIN}`)
      - traefik.http.routers.traefik-rtr.entrypoints=websecure
      - traefik.http.routers.traefik-rtr.tls.certresolver=letsencrypt
      - traefik.http.routers.traefik-rtr.service=api@internal
      - traefik.http.routers.traefik-rtr.middlewares=middlewares-traefik-strip@file,chain-authelia@file
  webtrees_db:
    container_name: webtrees_db
    image: mariadb:latest
    restart: unless-stopped
    networks:
      - webtrees-net
    environment:
      - MARIADB_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD}
      - MARIADB_USER=webtrees
      - MARIADB_PASSWORD=${MARIADB_PASSWORD}
      - MARIADB_DATABASE=webtrees
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ${DOCKERDIR}/data/webtrees_db/mysql:/var/lib/mysql
    labels:
      - traefik.enable=false
  webtrees:
      container_name: webtrees
      image: ghcr.io/nathanvaughn/webtrees:latest
      restart: unless-stopped
      depends_on:
      - webtrees_db
      networks:
      - webtrees-net
      environment:
        PRETTY_URLS: "1"
        HTTPS: "0"
        HTTPS_REDIRECT: "0"
        LANG: "en-US"
        LOGIN_URL: "https://webtrees.${DNS_DOMAIN}"
        SERVER_URL: "https://webtrees.${DNS_DOMAIN}"
        BASE_URL: "https://webtrees.${DNS_DOMAIN}"
        DB_TYPE: "mysql"
        DB_HOST: "webtrees_db"
        DB_PORT: "3306"
        MARIADB_USER: "webtrees"
        MARIADB_PASSWORD: ${WT_DB_PASS}
        MARIADB_DATABASE: "webtrees"
        DB_PREFIX: "wt_"
        WT_USER: ${WT_USER}
        WT_NAME: ${WT_NAME}
        WT_PASS: ${WT_PASS}
        WT_EMAIL: ${WT_EMAIL}
      volumes:
        - /var/run/docker.sock:/var/run/docker.sock
        - ${DOCKERDIR}/data/webtrees/data:/var/www/webtrees/data/
        - ${DOCKERDIR}/data/webtrees/media:/var/www/webtrees/media/
        - ${DOCKERDIR}/data/webtrees/modules_v4:/var/www/webtrees/modules_v4/
      labels:
        - traefik.enable=true
        - traefik.http.routers.webtrees.rule=Host(`webtrees.${DNS_DOMAIN}`)
        - traefik.http.routers.webtrees.service=webtrees
        - traefik.http.services.webtrees.loadbalancer.server.port=80
        - traefik.http.routers.webtrees.entrypoints=websecure
        - traefik.http.routers.webtrees.tls.certresolver=letsencrypt
        - traefik.http.routers.webtrees.tls=true

Thanks once again!

from webtrees-docker.

Reverse proxy (i think) setup issue about webtrees-docker HOT 7 CLOSED

Comments (7)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent