search

Luzifer / nginx-sso

SSO authentication provider for the auth_request nginx module
Apache License 2.0
282 stars 41 forks source link

First container start without existing folders / wrong chmod fails to create assets #88

Open ohitsdylan opened 5 months ago

ohitsdylan commented 5 months ago

Hello,

I'm trying to set up this project and I feel like I'm missing a step in the documentation. It reads,

You can use the luzifer/nginx-sso docker image to start your SSO service. On first start an example configuration will be generated and after you've changed that configuration you can start the container:

# docker run -d -p 127.0.0.1:8082:8082 -v /data/sso-config:/data luzifer/nginx-sso

After you did this you need to configure your nginx to use the SSO service:

Is there a Docker command I should be running before I execute this docker run command above? Based on my research into those Docker flags, it creates the necessary directories and downloads the nginx-sso project automatically.

I do see a shell script in the project files and the compiled nginx-sso binary in the releases, but just a little confused on what I should be starting with. I don't have a config file generated in my /data directory that the documentation is talking about adjusting.

I hope I haven't missed something obvious. Thank you!

Luzifer commented 5 months ago

Hm indeed there is something if the data folder does not exist / has the wrong permissions:

# docker run -d --name nginx-sso -p 127.0.0.1:8082:8082 -v /tmp/sso-config:/data luzifer/nginx-sso

# docker logs nginx-sso
cp: can't create directory '/data/frontend': Permission denied

# sudo mkdir /tmp/sso-config/frontend
# sudo chown -R 1000:1000 /tmp/sso-config/

# docker rm nginx-sso
nginx-sso

# docker run -d --name nginx-sso -p 127.0.0.1:8082:8082 -v /tmp/sso-config:/data luzifer/nginx-sso
e5d1f83cb3e297b2432f9f82062a97abe92f116c62ab729a06a9b99a475e085f

# docker logs nginx-sso
An example configuration was copied to /data/config.yaml - You want to edit that one!

# lt /tmp/sso-config
drwxr-xr-x    - luzifer luzifer 27 Mar 21:10 /tmp/sso-config
.rw-r--r-- 5.0k luzifer luzifer 27 Mar 21:10 ├── config.yaml
drwxr-xr-x    - luzifer luzifer 27 Mar 21:10 └── frontend
.rw-r--r-- 5.4k luzifer luzifer 27 Mar 21:10    └── index.html

Try creating the /data/sso-config/frontend dir and chown -R 1000:1000 /data/sso-config before running the container.

After you've edited the config you need to start the container again (when generating the example config it will exit afterwards as you probably don't want to work with those defaults).

I'm assigning this issue to the v1.x Milestone to build a proper fix in there.

ohitsdylan commented 5 months ago

Thanks for the quick reply! And the spot-on troubleshooting. That was exactly the issue.

I created the directories and adjusted the permissions and the logs reflect that the example configuration file was created.