graylog.conf is not updated from env variables

[mpibpc-mroose]

I have added configuration to enable email in graylog to my docker-compose.yml:

graylog:
    hostname: "server"
    image: "${GRAYLOG_IMAGE:-graylog/graylog-enterprise:5.0}"
    depends_on:
      opensearch:
        condition: "service_started"
      mongodb:
        condition: "service_started"
    entrypoint: "/usr/bin/tini -- wait-for-it opensearch:9200 --  /docker-entrypoint.sh"
    environment:
      GRAYLOG_NODE_ID_FILE: "/usr/share/graylog/data/config/node-id"
      GRAYLOG_PASSWORD_SECRET: "${GRAYLOG_PASSWORD_SECRET:?Please configure GRAYLOG_PASSWORD_SECRET in the .env file}"
      GRAYLOG_ROOT_PASSWORD_SHA2: "${GRAYLOG_ROOT_PASSWORD_SHA2:?Please configure GRAYLOG_ROOT_PASSWORD_SHA2 in the .env file}"
      GRAYLOG_HTTP_BIND_ADDRESS: "0.0.0.0:9000"
      GRAYLOG_HTTP_EXTERNAL_URI: "http://localhost:9000/"
      GRAYLOG_ELASTICSEARCH_HOSTS: "http://opensearch:9200"
      GRAYLOG_MONGODB_URI: "mongodb://mongodb:27017/graylog"
      # To make reporting (headless_shell) work inside a Docker container
      GRAYLOG_REPORT_DISABLE_SANDBOX: "true"
      # email
      GRAYLOG_TRANSPORT_EMAIL_ENABLED: "false"
      GRAYLOG_TRANSPORT_EMAIL_HOSTNAME: "mail.example.com"
      GRAYLOG_TRANSPORT_EMAIL_PORT: "587"
      GRAYLOG_TRANSPORT_EMAIL_USE_AUTH: "true"
      GRAYLOG_TRANSPORT_EMAIL_USE_TLS: "true"
      GRAYLOG_TRANSPORT_EMAIL_USE_SSL: "false"

When I go into my running graylog container and grep for those the config options are not added/changed:

graylog@server:~/data/config$ set | grep TRANSPORT_EMAIL
GRAYLOG_TRANSPORT_EMAIL_ENABLED=false
GRAYLOG_TRANSPORT_EMAIL_HOSTNAME=mail.example.com
GRAYLOG_TRANSPORT_EMAIL_PORT=587
GRAYLOG_TRANSPORT_EMAIL_USE_AUTH=true
GRAYLOG_TRANSPORT_EMAIL_USE_SSL=false
GRAYLOG_TRANSPORT_EMAIL_USE_TLS=true
graylog@server:~/data/config$ grep transport_email graylog.conf
#transport_email_enabled = false
#transport_email_hostname = mail.example.com
#transport_email_port = 587
#transport_email_use_auth = true
#transport_email_auth_username = you@example.com
#transport_email_auth_password = secret
#transport_email_subject_prefix = [graylog]
#transport_email_from_email = graylog@example.com
#transport_email_use_tls = true
#transport_email_use_ssl = false
#transport_email_web_interface_url = https://graylog.example.com

I checked the docker-entrypoint.sh to find out, where the env variables get converted to the config file. But I was not able to find the code for that ...

[dennisoelkers]

Hey @mpibpc-mroose,

the environment variables should be passed through to the Graylog server, which is using them to override settings from the config file. Therefore, there is no need for them to be written to the server config.

As this is not an issue with Graylog, I am closing this issue. Feel free to reopen it, if you have additional information.

[mpibpc-mroose]

Hi Dennis, ok, thanks for the explanation.

Anyway: in my case that does not work. If I try to add an alert I get:

"Error: Notification has email recipients and is triggered, but email transport is not configured. Email transport is not enabled in server configuration file!"

when trying to send a test mail.

How can I figure out with which configuration my graylog runs? An if it uses my settings from the environment variables?

[bernd]

@mpibpc-mroose The docker-compose.yml snippet you posted has the email transport disabled.

Is that the issue?

[mpibpc-mroose]

Thanks! Figured it out where something was missing and something was wrong...

I will make a feature request to migrate those settings into the Graylog UI. Configuring Email in the conf file seems to be old school in my opinion. In UI some more validation an testing options would be possible...