Open JDDyson opened 1 year ago
Would you be able to share your docker-compose file?
My guess is this is from a compose-up
when the data folder is already present. Is causing the gwcmd command that resets the password to execute.
Haven't tested that idea yet though
services:
proxy:
image: traefik:v2.9
container_name: proxy
restart: always
ports:
- 80:80
environment: # https://docs.traefik.io/reference/static-configuration/env/
- TRAEFIK_ENTRYPOINTS_WEB_ADDRESS=:80
- TRAEFIK_API_DASHBOARD=true
- TRAEFIK_PROVIDERS_DOCKER=true
- TRAEFIK_PROVIDERS_DOCKER_EXPOSEDBYDEFAULT=true
- TRAEFIK_PROVIDERS_DOCKER_NETWORK=proxy
- TRAEFIK_PROVIDERS_DOCKER_ALLOWEMPTYSERVICES=true
labels:
traefik.enable: "true"
traefik.http.routers.proxy.entrypoints: "web"
traefik.http.routers.proxy.rule: "Host(`proxy.dco.int`)"
traefik.http.routers.proxy.service: "api@internal"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
data-hub:
image: bwdesigngroup/ignition-docker-iiot:latest
hostname: data-hub
container_name: data-hub
ports:
- 8088
volumes:
# - ./data-hub-data:/workdir
- ./backups/data-hub.gwbk:/restore.gwbk
- ./modules/data-hub/Azure-Injector-signed.modl:/modules/Azure-Injector-signed.modl
- ./modules/Enterprise-Administration-module.modl:/modules/Enterprise-Administration-module.modl
environment:
- SYMLINK_GITIGNORE=false
- SYMLINK_LOGBACK=false
- IIOT_MODULES_ENABLED=mqtt-engine, mqtt-transmission
command: >
-r /restore.gwbk
broker:
image: bwdesigngroup/ignition-docker-iiot:latest
hostname: broker
container_name: broker
ports:
- 8088
volumes:
- ./backups/broker.gwbk:/restore.gwbk
environment:
- SYMLINK_GITIGNORE=false
- SYMLINK_LOGBACK=false
- IIOT_MODULES_ENABLED=mqtt-distributor
command: >
-r /restore.gwbk
data-collector:
image: bwdesigngroup/ignition-docker-iiot:latest
hostname: data-collector
container_name: data-collector
ports:
- 8088
volumes:
# - ./data-collector-data:/workdir
- ./backups/data-collector.gwbk:/restore.gwbk
- ./modules/data-collector/snmp-1.11.7.modl:/modules/snmp-1.11.7.modl
- ./modules/Enterprise-Administration-module.modl:/modules/Enterprise-Administration-module.modl
environment:
- SYMLINK_GITIGNORE=false
- SYMLINK_LOGBACK=false
- SYMLINK_THEMES=false
- IIOT_MODULES_ENABLED=mqtt-transmission
command: >
-r /restore.gwbk
networks:
default:
proxy:
services:
data-hub:
labels:
traefik.enable: "true"
traefik.http.routers.data-hub.entrypoints: "web"
traefik.http.routers.data-hub.rule: "Host(`data-hub.dco.int`)"
traefik.http.services.data-hub.loadbalancer.server.port: "8088"
environment:
GATEWAY_SYSTEM_NAME: data-hub
GATEWAY_PUBLIC_HTTP_PORT: 80
GATEWAY_PUBLIC_HTTPS_PORT: 443
GATEWAY_PUBLIC_ADDRESS: data-hub.dco.int
networks:
- default
- proxy
data-collector:
labels:
traefik.enable: "true"
traefik.http.routers.data-collector.entrypoints: "web"
traefik.http.routers.data-collector.rule: "Host(`data-collector.dco.int`)"
traefik.http.services.data-collector.loadbalancer.server.port: "8088"
environment:
GATEWAY_SYSTEM_NAME: data-collector
GATEWAY_PUBLIC_HTTP_PORT: 80
GATEWAY_PUBLIC_HTTPS_PORT: 443
GATEWAY_PUBLIC_ADDRESS: data-collector.dco.int
GATEWAY_NETWORK_0_HOST: data-hub
networks:
- default
- proxy
broker:
labels:
traefik.enable: "true"
traefik.http.routers.broker.entrypoints: "web"
traefik.http.routers.broker.rule: "Host(`broker.dco.int`)"
traefik.http.services.broker.loadbalancer.server.port: "8088"
environment:
GATEWAY_SYSTEM_NAME: broker
GATEWAY_PUBLIC_HTTP_PORT: 80
GATEWAY_PUBLIC_HTTPS_PORT: 443
GATEWAY_PUBLIC_ADDRESS: broker.dco.int
networks:
- default
- proxy
I'm using both yml files; These are the same compose files as the issue #56
This is likely happening due to the use of GATEWAY_ADMIN_PASSWORD
being pre-loaded by the image.
When that environment variable is used, it uses the gwcmd.sh
utility to reset the password on container creation, meaning there will always be at least 1 of those tmp user sources. Take a few backups over time, and they increase.
To fix this I would likely need to implement the register-password
scripts located in this @thirdgen88 repo
Describe the bug Creating the container causes a user "temp_X". Seems to be using the gwcmd.sh to with -r to create temp user for gateway access. This occurs every time the container is created.
To Reproduce Down the container and create a new one
docker-compose down && docker-compose up -d
creates another temp userExpected behavior Should have no "temp_X" users.
Screenshots
Development Environment (please complete the following information):