search

iFargle / headscale-webui

A simple Headscale web UI for small-scale deployments.
Other
653 stars 62 forks source link

Unable to validate the API key #20

Closed henry-bao closed 1 year ago

henry-bao commented 1 year ago

I followed the instructions shown on the website, yet it displays the following when I enter the API key that I just generated from my control server

Error
Key authentication failed. Check your key.

this is my docker-compose file (sorry for the multiple issues, thanks a bunch!)

version: "3"
services:
  headscale-webui:
    image: ghcr.io/ifargle/headscale-webui:latest
    container_name: headscale-webui
    ports:
      - 5000:5000
    environment:
      - TZ=PST
      - HS_SERVER=http://10.1.0.2:27896
      - BASE_PATH="/admin"
      - KEY="some-base64-key"
    volumes:
      - /root/docker/headscale-webui:/data
      - /root/docker/headscale/config/:/etc/headscale/:ro
    restart: unless-stopped
henry-bao commented 1 year ago

Also this error pops up whenever I try to save the API key

PermissionError: [Errno 13] Permission denied: '/data/key.txt'
2023-02-14 03:34:19,737 - server - ERROR - Exception on /admin/api/save_key [POST]
Traceback (most recent call last):
  File "/app/.venv/lib/python3.11/site-packages/flask/app.py", line 2525, in wsgi_app
    response = self.full_dispatch_request()
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.11/site-packages/flask/app.py", line 1822, in full_dispatch_request
    rv = self.handle_user_exception(e)
         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.11/site-packages/flask/app.py", line 1820, in full_dispatch_request
    rv = self.dispatch_request()
         ^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.11/site-packages/flask/app.py", line 1796, in dispatch_request
    return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/server.py", line 157, in save_key_page
    file_written  = headscale.set_api_key(api_key)
                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/headscale.py", line 21, in set_api_key
    key_file       = open("/data/key.txt", "wb+")           # Key file on the filesystem for persistent storage
                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
PermissionError: [Errno 13] Permission denied: '/data/key.txt'
iFargle commented 1 year ago

Make sure wherever your /data is writable by user 1000:1000 chown -R 1000:1000 /path/to/data/

iFargle commented 1 year ago

Oh I just read your docker-compose. You may need to move it out of /root, 1000:1000 user won't have access.

henry-bao commented 1 year ago

Ah, I was testing on my testing rig and didn't bother to create another user. Will do, thanks!

iFargle commented 1 year ago

You shouldn't need to create a new user, just make sure it's owned by the UID/GID 1000:1000 :)