Hi,
I recognize this is open-source software. Much/all of it is built by volunteers. I would not submit this issue in most cases, but this is also an on-premises paid solution that I'm unable to even trial on my own server due to the difficulties I'm encountering with a bog-standard demo deploy. If the response to this ticket is "you're an idiot, you did this obvious thing wrong" or "fork and fix it yourself" so be it, I will accept that.
tl;dr
I can't find any documentation for a docker-compose.yml that pulls the necessary images from docker hub. I'm having no end of problems building these images manually (see below details). Virtually every other docker-based application I run (which is in the dozens) has off-the-shelf images that I can just deploy without fiddling with Dockerfiles, filesystem permissions, etc, so I'm surprised enterprise-grade applications like this don't just work with a simple docker-compose deployment.
I've looked through several of the guides (many of which contradict each other or are deprecated), including the other issues in this repo.
I have reviewed the below and always get some variation of fatal error on deploy:
Thanks in advance for any feedback, suggestions, or ridicule at my incompetence.
The rest is some detail on the problems I'm encountering, but the above is the crux of the issue - it's very rare I need to futz around this much for a docker-based deploy of anything I run. Generally, I clone a repo (or even just copy/paste a docker-compose.yml sample), make a couple customizations for my use case, and docker-compose up -d and I'm done.
The key issue seems to be file permissions. When I run docker-compose as my regular non-root user, somehow it creates the volume directory as root? I'm no linux expert, but how is a non-root process creating a directory owned by root?
drwxr-xr-x 9 sulli sulli 4096 Jul 4 21:51 ./
drwxrwxr-x 45 sulli user 4096 Jul 4 21:17 ../
drwxr-xr-x 2 sulli sulli 4096 Jul 4 18:46 .circleci/
drwxr-xr-x 8 sulli sulli 4096 Jul 4 21:30 .git/
-rw-r--r-- 1 sulli sulli 134 Jul 4 18:46 .gitignore
-rw-r--r-- 1 sulli sulli 762 Jul 4 18:46 .travis.yml
-rwxr-xr-x 1 sulli sulli 609 Jul 4 18:46 CONTRIBUTING.md*
-rw-r--r-- 1 sulli sulli 10173 Jul 4 18:46 LICENSE
-rw-r--r-- 1 sulli sulli 2821 Jul 4 18:46 MAINTENANCE.md
-rw-r--r-- 1 sulli sulli 11127 Jul 4 18:46 README.md
drwxr-xr-x 2 sulli sulli 4096 Jul 4 21:33 app/
drwxr-xr-x 5 sulli sulli 4096 Jul 4 18:46 contrib/
drwxr-xr-x 2 sulli sulli 4096 Jul 4 21:35 db/
-rwxr-xr-x 1 sulli sulli 1239 Jul 4 21:49 docker-compose.yml*
**drwxr-xr-x 5 root root 4096 Jul 4 21:51 volumes/**
drwxr-xr-x 2 sulli sulli 4096 Jul 4 21:44 web/
resulting in...
Error: failed to load configuration: failed to create store: unable to load on store creation: failed to persist: failed to write file: open /mattermost/config/config.json: permission denied
Alright, so I tried using @mahenzon's container which attempts to set the permissions correctly and appears to do so. Now I run into this issue #399 which I'm unable to work around.
2021/07/04 22:17:56 [error] 10#10: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: , request: "GET / HTTP/1.1", upstream: "http://172.29.0.4:8000/", host: "localhost:8080"
I'd be overjoyed to hear "you're an idiot, you didn't read (x) right", but I feel I've done quite a bit of due diligence to resolve this on my own before reporting.
My current docker-compose.yml is:
version: "3"
services:
db:
image: postgres
restart: unless-stopped
volumes:
- ./volumes/db/var/lib/postgresql/data:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
environment:
- POSTGRES_USER=mmuser
- POSTGRES_PASSWORD=tJRkF6TsLF
- POSTGRES_DB=mattermost
app:
image: mahenzon/mattermost-enterprise
restart: unless-stopped
volumes:
- ./volumes/app/mattermost/config:/mattermost/config:rw
- ./volumes/app/mattermost/data:/mattermost/data:rw
- ./volumes/app/mattermost/logs:/mattermost/logs:rw
- ./volumes/app/mattermost/plugins:/mattermost/plugins:rw
- ./volumes/app/mattermost/client-plugins:/mattermost/client/plugins:rw
- /etc/localtime:/etc/localtime:ro
environment:
- MM_USERNAME=mmuser
- MM_PASSWORD=tJRkF6TsLF
- MM_DBNAME=mattermost
- MM_SQLSETTINGS_DATASOURCE=postgres://mmuser:tJRkF6TsLF@db:5432/mattermost?sslmode=disable&connect_timeout=10
web:
build: web
ports:
- "13531:8080"
read_only: true
restart: unless-stopped
volumes:
- ./volumes/web/cert:/cert:ro
- /etc/localtime:/etc/localtime:ro
cap_drop:
- ALL
Hi,
I recognize this is open-source software. Much/all of it is built by volunteers. I would not submit this issue in most cases, but this is also an on-premises paid solution that I'm unable to even trial on my own server due to the difficulties I'm encountering with a bog-standard demo deploy. If the response to this ticket is "you're an idiot, you did this obvious thing wrong" or "fork and fix it yourself" so be it, I will accept that.
tl;dr
I can't find any documentation for a docker-compose.yml that pulls the necessary images from docker hub. I'm having no end of problems building these images manually (see below details). Virtually every other docker-based application I run (which is in the dozens) has off-the-shelf images that I can just deploy without fiddling with Dockerfiles, filesystem permissions, etc, so I'm surprised enterprise-grade applications like this don't just work with a simple docker-compose deployment.
I've looked through several of the guides (many of which contradict each other or are deprecated), including the other issues in this repo.
I have reviewed the below and always get some variation of fatal error on deploy:
ERROR: libressl3.3-libtls-3.3.3-r0: trying to overwrite usr/lib/libtls.so.20 owned by libretls-3.3.3-r0.on building the db image)Thanks in advance for any feedback, suggestions, or ridicule at my incompetence.
The rest is some detail on the problems I'm encountering, but the above is the crux of the issue - it's very rare I need to futz around this much for a docker-based deploy of anything I run. Generally, I clone a repo (or even just copy/paste a docker-compose.yml sample), make a couple customizations for my use case, and docker-compose up -d and I'm done.
The key issue seems to be file permissions. When I run docker-compose as my regular non-root user, somehow it creates the volume directory as root? I'm no linux expert, but how is a non-root process creating a directory owned by root?
resulting in...
Error: failed to load configuration: failed to create store: unable to load on store creation: failed to persist: failed to write file: open /mattermost/config/config.json: permission deniedAlright, so I tried using @mahenzon's container which attempts to set the permissions correctly and appears to do so. Now I run into this issue #399 which I'm unable to work around.
2021/07/04 22:17:56 [error] 10#10: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: , request: "GET / HTTP/1.1", upstream: "http://172.29.0.4:8000/", host: "localhost:8080"I'd be overjoyed to hear "you're an idiot, you didn't read (x) right", but I feel I've done quite a bit of due diligence to resolve this on my own before reporting.
My current docker-compose.yml is: