Re: Docker TLS for PGAdmin

Hi Omar,

It looks to be launched successfully. What does 'docker ps' show now ? For
me without TLS it shows following and works with 0.0.0.0:80 in the browser:

adityatoshniwal(at)Laptop381pnin pgadmin4_copy % docker ps

CONTAINER ID IMAGE COMMAND CREATED
STATUS PORTS NAMES

a7f32fd312c7 dpage/pgadmin4 "/entrypoint.sh" 4 seconds ago
Up 3 seconds 0.0.0.0:80->80/tcp, 443/tcp objective_swanson

On Fri, Jun 26, 2020 at 3:09 PM Omar Francis <omar(dot)francis(at)branchbot(dot)com>
wrote:

> Hi Aditya thanks for your help I have given a+rwx to that dir. The
> container status is now up however I am not getting a pgadmin login screen
> on my browser when I navigate to publicip:443
>
> Is there a critical connection flaw in the logs below that stops this?
>
> Thanks again :)
>
>
> WARNING: Failed to set ACL on the directory containing the configuration
> database: [Errno 1] Operation not permitted: '/var/lib/pgadmin'
> NOTE: Configuring authentication for SERVER mode.
>
> WARNING: Failed to set ACL on the directory containing the configuration
> database: [Errno 1] Operation not permitted: '/var/lib/pgadmin'
> Added 1 Server Group(s) and 1 Server(s).
> sudo: setrlimit(RLIMIT_CORE): Operation not permitted
> [2020-06-26 09:28:34 +0000] [1] [INFO] Starting gunicorn 19.9.0
> [2020-06-26 09:28:34 +0000] [1] [INFO] Listening at: http://[::]:443 (1)
> [2020-06-26 09:28:34 +0000] [1] [INFO] Using worker: threads
> /usr/local/lib/python3.8/os.py:1023: RuntimeWarning: line buffering
> (buffering=1) isn't supported in binary mode, the default buffer size will
> be used
> return io.open(fd, *args, **kwargs)
> [2020-06-26 09:28:34 +0000] [91] [INFO] Booting worker with pid: 91
>
>
>
>
> On 26 Jun 2020, at 09:39, Aditya Toshniwal <
> aditya(dot)toshniwal(at)enterprisedb(dot)com> wrote:
>
> Hi Omar,
>
> The logs say there's insufficient permission given to the mapped volume - /private/var/lib/pgadmin.
> Please go through -
> https://www.pgadmin.org/docs/pgadmin4/4.23/container_deployment.html#mapped-files-and-directories once
> and make sure the requirements are satisfied.
>
> On Fri, Jun 26, 2020 at 1:55 PM Omar Francis <omar(dot)francis(at)branchbot(dot)com>
> wrote:
>
>> Hi Aditya
>>
>> Please find the lovs below thanks :)
>>
>>
>>
>> ubuntu(at)my-ip:~$ docker logs tender_goodall
>> WARNING: Failed to set ACL on the directory containing the configuration
>> database: [Errno 1] Operation not permitted: '/var/lib/pgadmin'
>> Traceback (most recent call last):
>> File "run_pgadmin.py", line 4, in <module>
>> from pgAdmin4 import app
>> File "/pgadmin4/pgAdmin4.py", line 92, in <module>
>> app = create_app()
>> File "/pgadmin4/pgadmin/__init__.py", line 241, in create_app
>> create_app_data_directory(config)
>> File "/pgadmin4/pgadmin/setup/data_directory.py", line 40, in
>> create_app_data_directory
>> _create_directory_if_not_exists(config.SESSION_DB_PATH)
>> File "/pgadmin4/pgadmin/setup/data_directory.py", line 16, in
>> _create_directory_if_not_exists
>> os.mkdir(_path)
>> PermissionError: [Errno 13] Permission denied: '/var/lib/pgadmin/sessions'
>> WARNING: Failed to set ACL on the directory containing the configuration
>> database: [Errno 1] Operation not permitted: '/var/lib/pgadmin'
>> Traceback (most recent call last):
>> File "/pgadmin4/setup.py", line 407, in <module>
>> load_servers(args)
>> File "/pgadmin4/setup.py", line 167, in load_servers
>> app = create_app()
>> File "/pgadmin4/pgadmin/__init__.py", line 241, in create_app
>> create_app_data_directory(config)
>> File "/pgadmin4/pgadmin/setup/data_directory.py", line 40, in
>> create_app_data_directory
>> _create_directory_if_not_exists(config.SESSION_DB_PATH)
>> File "/pgadmin4/pgadmin/setup/data_directory.py", line 16, in
>> _create_directory_if_not_exists
>> os.mkdir(_path)
>> PermissionError: [Errno 13] Permission denied: '/var/lib/pgadmin/sessions'
>> sudo: setrlimit(RLIMIT_CORE): Operation not permitted
>> [2020-06-26 08:21:48 +0000] [1] [INFO] Starting gunicorn 19.9.0
>> [2020-06-26 08:21:48 +0000] [1] [INFO] Listening at: http://[::]:443 (1)
>> [2020-06-26 08:21:48 +0000] [1] [INFO] Using worker: threads
>> /usr/local/lib/python3.8/os.py:1023: RuntimeWarning: line buffering
>> (buffering=1) isn't supported in binary mode, the default buffer size will
>> be used
>> return io.open(fd, *args, **kwargs)
>> [2020-06-26 08:21:48 +0000] [91] [INFO] Booting worker with pid: 91
>> [2020-06-26 08:21:49 +0000] [91] [ERROR] Exception in worker process
>> Traceback (most recent call last):
>> File "/usr/local/lib/python3.8/site-packages/gunicorn/arbiter.py", line
>> 583, in spawn_worker
>> worker.init_process()
>> File
>> "/usr/local/lib/python3.8/site-packages/gunicorn/workers/gthread.py", line
>> 104, in init_process
>> super(ThreadWorker, self).init_process()
>> File "/usr/local/lib/python3.8/site-packages/gunicorn/workers/base.py",
>> line 129, in init_process
>> self.load_wsgi()
>> File "/usr/local/lib/python3.8/site-packages/gunicorn/workers/base.py",
>> line 138, in load_wsgi
>> self.wsgi = self.app.wsgi()
>> File "/usr/local/lib/python3.8/site-packages/gunicorn/app/base.py",
>> line 67, in wsgi
>> self.callable = self.load()
>> File "/usr/local/lib/python3.8/site-packages/gunicorn/app/wsgiapp.py",
>> line 52, in load
>> return self.load_wsgiapp()
>> File "/usr/local/lib/python3.8/site-packages/gunicorn/app/wsgiapp.py",
>> line 41, in load_wsgiapp
>> return util.import_app(self.app_uri)
>> File "/usr/local/lib/python3.8/site-packages/gunicorn/util.py", line
>> 350, in import_app
>> __import__(module)
>> File "/pgadmin4/run_pgadmin.py", line 4, in <module>
>> from pgAdmin4 import app
>> File "/pgadmin4/pgAdmin4.py", line 92, in <module>
>> app = create_app()
>> File "/pgadmin4/pgadmin/__init__.py", line 241, in create_app
>> create_app_data_directory(config)
>> File "/pgadmin4/pgadmin/setup/data_directory.py", line 40, in
>> create_app_data_directory
>> _create_directory_if_not_exists(config.SESSION_DB_PATH)
>> File "/pgadmin4/pgadmin/setup/data_directory.py", line 16, in
>> _create_directory_if_not_exists
>> os.mkdir(_path)
>> PermissionError: [Errno 13] Permission denied: '/var/lib/pgadmin/sessions'
>> [2020-06-26 08:21:49 +0000] [91] [INFO] Worker exiting (pid: 91)
>> WARNING: Failed to set ACL on the directory containing the configuration
>> database: [Errno 1] Operation not permitted: '/var/lib/pgadmin'
>> /usr/local/lib/python3.8/os.py:1023: RuntimeWarning: line buffering
>> (buffering=1) isn't supported in binary mode, the default buffer size will
>> be used
>> return io.open(fd, *args, **kwargs)
>> [2020-06-26 08:21:49 +0000] [1] [INFO] Shutting down: Master
>> [2020-06-26 08:21:49 +0000] [1] [INFO] Reason: Worker failed to boot.
>>
>>
>> On 26 Jun 2020, at 06:53, Aditya Toshniwal <
>> aditya(dot)toshniwal(at)enterprisedb(dot)com> wrote:
>>
>> Hi Omar,
>>
>> I meant the "docker logs" command. Refer-
>> https://docs.docker.com/engine/reference/commandline/logs/. Run "docker
>> ps -a", grab the container id and user "docker logs <container id>".
>>
>> On Thu, Jun 25, 2020 at 7:03 PM Omar Francis <omar(dot)francis(at)branchbot(dot)com>
>> wrote:
>>
>>> Hi Aditya
>>>
>>> Below is the output from when I run it in ubuntu. Moments after running
>>> docker ps the first time the container exits
>>>
>>> ubuntu(at)my-ip:~$ docker run -p 443:443 -v
>>> /private/var/lib/pgadmin:/var/lib/pgadmin -v
>>> /etc/ssl/certs/server.cert:/certs/server.cert -v
>>> /etc/ssl/private/server.key:/certs/server.key -v
>>> /private/var/lib/pgadmin/servers.json:/pgadmin4/servers.json -e
>>> 'PGADMIN_DEFAULT_EMAIL=somebody(at)anyemail(dot)com' -e
>>> 'PGADMIN_DEFAULT_PASSWORD=userpwd' -e 'PGADMIN_ENABLE_TLS=True' -d
>>> dpage/pgadmin4
>>> f17b1525d62908a8440a3f8caa73c8442de077e652d311e44df6630f5cc3babd
>>> ubuntu(at)my-ip:~$ docker ps
>>> CONTAINER ID IMAGE COMMAND CREATED
>>> STATUS PORTS NAMES
>>> f17b1525d629 dpage/pgadmin4 "/entrypoint.sh" 4 seconds
>>> ago Up 3 seconds 80/tcp, 0.0.0.0:443->443/tcp
>>> gracious_shockley
>>> ubuntu(at)my-ip:~$ docker ps
>>> CONTAINER ID IMAGE COMMAND CREATED
>>> STATUS PORTS NAMES
>>> ubuntu(at)my-ip:~$
>>>
>>>
>>>
>>>
>>> On 25 Jun 2020, at 11:25, Aditya Toshniwal <
>>> aditya(dot)toshniwal(at)enterprisedb(dot)com> wrote:
>>>
>>> Hi Omar,
>>>
>>> Could you please share docker logs ? Might get something helpful there.
>>>
>>> On Thu, Jun 25, 2020 at 3:29 PM Omar Francis <omar(dot)francis(at)branchbot(dot)com>
>>> wrote:
>>>
>>>>
>>>> Hi am I emailing the right mailbox? Dave Page advised this was the
>>>> correct channel for support on his image.
>>>>
>>>> Regards
>>>>
>>>> Omar
>>>>
>>>> > On 22 Jun 2020, at 09:38, Omar Francis <omar(dot)francis(at)branchbot(dot)com>
>>>> wrote:
>>>> >
>>>> > Hi all
>>>> >
>>>> > I am looking to run PGAdmin4 over TLS through a Docker container in a
>>>> Ubuntu terminal. I have been able to run over a simple http connection but
>>>> when I pass in the arguments below to set up TLS the container ID runs for
>>>> several seconds before exiting.
>>>> >
>>>> > docker run -p 443:443 \
>>>> > -v /private/var/lib/pgadmin:/var/lib/pgadmin \
>>>> > -v /etc/ssl/certs/server.cert:/certs/server.cert \
>>>> > -v /etc/ssl/private/server.key:/certs/server.key \
>>>> > -v /private/var/lib/pgadmin/servers.json:/pgadmin4/servers.json \
>>>> > -e 'PGADMIN_DEFAULT_EMAIL=user(at)email(dot)com' \
>>>> > -e 'PGADMIN_DEFAULT_PASSWORD=userpwd' \
>>>> > -e 'PGADMIN_ENABLE_TLS=True' \
>>>> > -d dpage/pgadmin4
>>>> >
>>>> > I have created the key, certificates required and am pointing to the
>>>> correct directories. Would anyone who has connected through Docker be able
>>>> to shed some light?
>>>> >
>>>> > Thanks
>>>>
>>>>
>>>>
>>>
>>> --
>>> Thanks and Regards,
>>> Aditya Toshniwal
>>> pgAdmin Hacker | Sr. Software Engineer | EnterpriseDB India | Pune
>>> "Don't Complain about Heat, Plant a TREE"
>>>
>>>
>>
>> --
>> Thanks and Regards,
>> Aditya Toshniwal
>> pgAdmin Hacker | Sr. Software Engineer | EnterpriseDB India | Pune
>> "Don't Complain about Heat, Plant a TREE"
>>
>>
>
> --
> Thanks and Regards,
> Aditya Toshniwal
> pgAdmin Hacker | Sr. Software Engineer | EnterpriseDB India | Pune
> "Don't Complain about Heat, Plant a TREE"
>
>

--
Thanks and Regards,
Aditya Toshniwal
pgAdmin Hacker | Sr. Software Engineer | EnterpriseDB India | Pune
"Don't Complain about Heat, Plant a TREE"