Closed tbennett6421 closed 2 years ago
Thanks for the detailed bug report. We'll look into this when able and report back.
Paul
Can you verify that in your docker-compose.yml, the "user" directory is a bind-mount and not a named volume? It should look like this:
- ./user:/opt/vectr/user
- #- vectr-user:/opt/vectr/user
vectr-tomcat:
image: securityriskadvisors/vectr_tomcat:8.0.2
networks:
vectr_bridge:
aliases:
- ${VECTR_HOSTNAME}
volumes:
#- ./resources:/opt/vectr/resources
- vectr-resources:/opt/vectr/resources
- ./user:/opt/vectr/user
#- vectr-user:/opt/vectr/user
#- ./logs:/usr/local/tomcat/logs
- vectr-logs:/usr/local/tomcat/logs
- builder-runtimes:/opt/vectr/rta
Does the user vectr on the host have a uid/gid of 10001/10001?
uid=1001(vectr) gid=1001(vectr) groups=1001(vectr),999(docker)
Can you try to make the gid for vectr 10001?
https://docs.vectr.io/upgrading/non-root-migration/#1-configure-permissions-for-vectr-directories
There's a writeup of what's going on in the FAQ if you want to know what's going on under the hood:
uid=10001(vectr) gid=10001(vectr) groups=10001(vectr),999(docker) That appears to have fixed it. Thank you greatly
Describe the bug On upgrade to 8.0.2, Custom TLS certs do not appear to be working; confirmed working with last 7.x branch. Followed all instructions for upgrading at this link https://docs.vectr.io/upgrading/non-root-migration/
We are using our own pki internally. Firefox reports SSL_ERROR_RX_RECORD_TOO_LONG; and doesn't show a certificate being presented from the server.
To Reproduce
Expected behavior docker-compose brings the solution up, and the site is accessible via HTTPS
Screenshots
Desktop (please complete the following information): Client 1:
Client 2:
Additional context
Full docker output is available at the following gist https://gist.github.com/tbennett6421/100741de30c440c054e57969f959b1f9#file-vectr-8x-docker-log