search

invoiceninja / dockerfiles

Docker files for Invoice Ninja
https://hub.docker.com/r/invoiceninja/invoiceninja
GNU General Public License v2.0
419 stars 268 forks source link

Version 5 Alpine Image and secure connection to external database #395

Closed MarkWasley closed 3 years ago

MarkWasley commented 3 years ago

Setup information Docker Compose

Describe the bug There are no Docker images for Version 5 with Alpine. I could only find Version 4 ones on Docker Hub. I tried to create one with this Dockerfile but Docker didn't know what $BUILDPLATFORM was.

I also need to be able to establish a secure connection to an external database, My database provider wants me to validate their server side certificate, as explained here.

To reproduce Steps to reproduce the behaviour:

  1. Replace app image in docker-compose.yml with 
    build:
  context: ./alpine/5
  2. Run docker-compose up -d to build image
  3. The build will fail, as shown in the logs below.

Expected behaviour Being able to install Version 5 with Alpine on Docker and being able to establish a secure connection to an external database.

Screenshots/logs

Building invoiceninja
Step 1/37 : ARG PHP_VERSION=7.4
Step 2/37 : ARG BAK_STORAGE_PATH=/var/www/app/docker-backup-storage/
Step 3/37 : ARG BAK_PUBLIC_PATH=/var/www/app/docker-backup-public/
Step 4/37 : FROM --platform=$BUILDPLATFORM node:lts-alpine as build
ERROR: Service 'invoiceninja' failed to build : failed to parse platform : "" is an invalid component of "": platform specifier component must match "^[A-Za-z0-9_-]+$": invalid argument
2021-08-27T10:20:00Z [INFO] [Entrypoint]: Initialising Invoice Ninja...
Configuration cache cleared!
Configuration cached successfully!
Configuration cache cleared!
Configuration cached successfully!
Route cache cleared!
Routes cached successfully!
Files cached successfully!

In Connection.php line 692:

  SQLSTATE[HY000] [1105] unknown error: Code: UNAVAILABLE
  server does not allow insecure connections, client must use SSL/TLS
   (SQL: select * from information_schema.tables where table_schema = invoice
  ninja and table_name = accounts and table_type = 'BASE TABLE')

In Exception.php line 18:

  SQLSTATE[HY000] [1105] unknown error: Code: UNAVAILABLE
  server does not allow insecure connections, client must use SSL/TLS

In PDOConnection.php line 39:

  SQLSTATE[HY000] [1105] unknown error: Code: UNAVAILABLE
  server does not allow insecure connections, client must use SSL/TLS

2021-08-27T09:37:20Z [ERROR] [Entrypoint]: Error connecting to DB

Docker/Kubernetes/Helm:

Server: Docker Engine - Community Engine: Version: 20.10.8 API version: 1.41 (minimum version 1.12) Go version: go1.16.6 Git commit: 75249d8 Built: Fri Jul 30 19:52:10 2021 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.4.9 GitCommit: e25210fe30a0a703442421b0f60afac609f950a3 runc: Version: 1.0.1 GitCommit: v1.0.1-0-g4144b63 docker-init: Version: 0.19.0 GitCommit: de40ad0

lwj5 commented 3 years ago

Hey there, IN only builds their docker using alpine currently. So are already using alpine containers!

As for the SSL issue, it’s better to file a feature request in the invoiceninja repo, as I don’t think that’s currently supported

turbo124 commented 3 years ago

I believe you would need to define your SSL certs in the database configuration

ie, something like this in config/database.php

    'mysql' => [
        'driver' => 'mysql',
        'host' => env('DB_HOST', '127.0.0.1'),
        'port' => env('DB_PORT', '3306'),
        'database' => env('DB_DATABASE', 'forge'),
        'username' => env('DB_USERNAME', 'forge'),
        'password' => env('DB_PASSWORD', ''),
        'unix_socket' => env('DB_SOCKET', ''),
        'charset' => 'utf8mb4',
        'collation' => 'utf8mb4_unicode_ci',
        'prefix' => '',
        'sslmode' => env('DB_SSLMODE', 'prefer'),
        'options'   => array(
            PDO::MYSQL_ATTR_SSL_CA      => '/home/.../ca-cert.pem',
            PDO::MYSQL_ATTR_SSL_CERT    => '/home/.../cert.pem',
            PDO::MYSQL_ATTR_SSL_KEY     => '/home/.../key.pem'
        ),
        'strict' => true,
        'engine' => null,
    ],
MarkWasley commented 3 years ago

That's good to know that the builds are already using Alpine.

@turbo124 Thanks David. This solved my connection problem but I ran into other issues so I'm using my own database server in the meantime.