search

MDeLuise / plant-it

🪴 Self-hosted, open source gardening companion app
https://plant-it.org
GNU General Public License v3.0
455 stars 17 forks source link

ERROR: Certificates not found. Sleeping for 5 seconds... #144

Closed zahedhelmand closed 2 months ago

zahedhelmand commented 2 months ago

Avoid duplicated bug reports

Description

Hey, i somehow started plant-it and could open the page and everything, then i found the traefik-config so i wanted to make a clean start so i deleted all files (including the certificates folder). But after i copied the traefik config and tried to run plant-it, the frontend got this error Certificates not found. Sleeping for 5 seconds... How do i get the certificates again?

Expected behaviour

No response

Steps to reproduce

##
version: '3.9'
name: plant-it
# Keys common to some of the dependent services/apps
x-common-keys-apps: &common-keys-apps
  networks:
    - proxy
  security_opt:
    - no-new-privileges:true
  restart: unless-stopped
  # profiles:
  # - apps

# Common environment values
x-environment: &default-tz-puid-pgid
  TZ: $TZ
  PUID: $PUID
  PGID: $PGID

networks:
  proxy:
    external: true

services:
  plantit-fe:
    <<: *common-keys-apps
    image: msdeluise/plant-it-frontend:latest
    container_name: plantit-fe
    restart: unless-stopped
    networks:
      proxy:
#      internal:
        # ipv4_address: ${PLANTIT_FE_IP}
    # ports:
    #   - 3000:3000
    volumes:
      - certs:/certificates
    environment:
      <<: *default-tz-puid-pgid
      PORT: 3000
      API_URL: https://plantit.${DOMAINNAME}/api
      WAIT_TIMEOUT: 10000 # backend response timeout in ms
      PAGE_SIZE: 25
      BROWSER: none
    labels:
      # Traefik
      - "traefik.enable=true"
      ## HTTP Routers
      - "traefik.http.routers.plantit-rtr.entrypoints=https"
      - "traefik.http.routers.plantit-rtr.rule=Host(`plantit.${DOMAINNAME}`)"
      ## Middlewares
      - "traefik.http.routers.plantit-rtr.middlewares=chain-oauth@file"
      ## HTTP Services
      - "traefik.http.routers.plantit-rtr.service=plantit-svc"
      - "traefik.http.services.plantit-svc.loadbalancer.server.port=3000"
    labels:
      - "traefik.enable=true"
      ## HTTP Routers
      - "traefik.http.routers.plantit-rtr.entrypoints=https"
      - "traefik.http.routers.plantit-rtr.rule=Host(`plantit.$DOMAINNAME_HOME_SYNOLOGY`)"
      ## Middlewares
      - "traefik.http.routers.plantit-rtr.middlewares=chain-oauth@file"
      ## HTTP Services
      - "traefik.http.routers.plantit-rtr.service=plantit-svc"
      - "traefik.http.services.plantit-svc.loadbalancer.server.port=3000"
  plantit-be:
    <<: *common-keys-apps
    image: msdeluise/plant-it-backend:latest
    container_name: plantit-be
    restart: unless-stopped
    depends_on:
      - plantit-db
      - plantit-cache
    networks:
      proxy:
#      internal:
        # ipv4_address: ${PLANTIT_BE_IP}
    # ports:
    #   - 8080:8080
    volumes:
      - $DOCKERDIR/appdata/plantit/upload-dir:/upload-dir
      - certs:/certificates
    environment:
      <<: *default-tz-puid-pgid
      MYSQL_HOST: plantit-db
      MYSQL_PORT: 3306
      MYSQL_DATABASE: '${PLANTIT_DB_NAME}'
      MYSQL_USERNAME: '${PLANTIT_DB_USER}'
      MYSQL_PSW: '${PLANTIT_DB_ROOT}'
      MYSQL_ROOT_PASSWORD: '${PLANTIT_DB_ROOT}'
      CACHE_HOST: plantit-cache
      CACHE_TTL: 86400
      CACHE_PORT: 6379
      API_PORT: 8080
      JWT_SECRET: <redacted>
      JWT_EXP: 1
      USERS_LIMIT: -1 # less then 0 means no limit
      UPLOAD_DIR: /upload-dir
      TREFLE_KEY: <redacted>
      # ALLOWED_ORIGINS: http://${PLANTIT_FE_IP}:3000
      ALLOWED_ORIGINS: https://plantit.${DOMAINNAME}:3000
      LOG_LEVEL: INFO # DEBUG, INFO, WARN, ERROR
    labels:
      # Traefik
      - "traefik.enable=true"
      ## HTTP Routers
      - "traefik.http.routers.plantit-api-rtr.entrypoints=https"
      - "traefik.http.routers.plantit-api-rtr.rule=Host(`plantit.$DOMAINNAME`) && (PathPrefix(`/api`))"
      ## Middlewares
      - "traefik.http.routers.plantit-api-rtr.middlewares=plantit-cors@docker,chain-no-auth@file"
      ## HTTP Services
      - "traefik.http.routers.plantit-api-rtr.service=plantit-api-svc"
      - "traefik.http.services.plantit-api-svc.loadbalancer.server.port=8080"
      ## CORS
      - "traefik.http.middlewares.plantit-cors.headers.customResponseHeaders.Access-Control-Allow-Origin=https://plantit.${DOMAINNAME}"

  plantit-db:
    <<: *common-keys-apps
    image: mysql:8.0
    container_name: plantit-db
    restart: unless-stopped
    networks:
     - proxy
#      - internal
    volumes:
      - $DOCKERDIR/appdata/plantit/plantit-db:/var/lib/mysql
    environment:
      <<: *default-tz-puid-pgid
      MYSQL_ROOT_PASSWORD: '${PLANTIT_DB_ROOT}'

  plantit-cache:
    <<: *common-keys-apps
    image: redis:7.2.1
    container_name: plantit-cache
    restart: unless-stopped
    networks:
     - proxy
#      - internal
    environment:
      <<: *default-tz-puid-pgid
volumes:
  certs:
    driver: local
    driver_opts:
      type: none
      o: bind
      device: ./certificates
MDeLuise commented 2 months ago

Hi @zahedhelmand, thanks for opening the issue! I think the problem reside in the absence of the CERTIFICATE_PATH property. Could you please add CERTIFICATE_PATH: /certificates/ to the list of environment: both in the plantit-be: and plantit-fe:? So something like:

...
plantit-fe:
    environment:
      <<: *default-tz-puid-pgid
      PORT: 3000
      API_URL: https://plantit.${DOMAINNAME}/api
      WAIT_TIMEOUT: 10000 # backend response timeout in ms
      PAGE_SIZE: 25
      BROWSER: none
      CERTIFICATE_PATH: /certificates/
...
plantit-be:
    environment:
      <<: *default-tz-puid-pgid
      MYSQL_HOST: plantit-db
      MYSQL_PORT: 3306
      MYSQL_DATABASE: '${PLANTIT_DB_NAME}'
      MYSQL_USERNAME: '${PLANTIT_DB_USER}'
      MYSQL_PSW: '${PLANTIT_DB_ROOT}'
      MYSQL_ROOT_PASSWORD: '${PLANTIT_DB_ROOT}'
      CACHE_HOST: plantit-cache
      CACHE_TTL: 86400
      CACHE_PORT: 6379
      API_PORT: 8080
      JWT_SECRET: <redacted>
      JWT_EXP: 1
      USERS_LIMIT: -1 # less then 0 means no limit
      UPLOAD_DIR: /upload-dir
      TREFLE_KEY: <redacted>
      # ALLOWED_ORIGINS: http://${PLANTIT_FE_IP}:3000
      ALLOWED_ORIGINS: https://plantit.${DOMAINNAME}:3000
      LOG_LEVEL: INFO # DEBUG, INFO, WARN, ERROR
      CERTIFICATE_PATH: /certificates/

The example in the documentation was written before adding the ssl feature, so if this resolve the issue I will update the documentation

zahedhelmand commented 2 months ago

Thank you! It worked! I almost got crazy trying to fix it. :) I got the config from here, maybe you can add the enviroment to the yml here. https://docs.plant-it.org/installation/configurations/#example-of-traefik-deployment