Vulnz Docker image - Cron job not running and Apache conf not picked up

jeremylong / Open-Vulnerability-Project

Java libraries for working with available vulnerability data sources (GitHub Security Advisories, NVD, EPSS, CISA Known Exploited Vulnerabilities, etc.)

Apache License 2.0

107 stars 30 forks source link

Vulnz Docker image - Cron job not running and Apache conf not picked up #147

Closed PaulCormier closed 3 months ago

PaulCormier commented 4 months ago

First of all, thank you @EugenMayer and @jeremylong for putting this together. I was trying to do this in my spare time, but I didn't get this far.

Unfortunately, the cron job isn't running for me when the crontab file is owned by mirror. If I change it to root:root it does run.

Also, the Apache config for the mirror location isn't being picked up automatically. I had to append "Include conf/mirror.conf" to the main httpd.conf. Specifically, I was trying to configure the fancy directory listing from within the mirror.conf file, and it wasn't being picked up.

If it's not just me, I hope I've helped pinpoint the issue.

EugenMayer commented 4 months ago

Did you build your image yourself or did you use https://github.com/jeremylong/Open-Vulnerability-Project/pkgs/container/open-vulnerability-data-mirror ? if the latter, did you use 6.0.0?

cron seems not to be running for me too, since my files have been updated on the 28. Feb. so there is something to it
apache - this one is working for sure, since this would take it down for me in production

PaulCormier commented 4 months ago

I built the image myself; I needed to add a CA cert.

For Apache, it was serving the files but changes to the mirror.conf weren't being picked up.

EugenMayer commented 4 months ago

For Apache, it was serving the files but changes to the mirror.conf weren't being picked up.

This is not a topic for this Docker image and nothing to support or not support. Those are docker basics or docker topics

Unfortunately, the cron job isn't running for me when the crontab file is owned by mirror. If I change it to root:root it does run.

I could reproduce this and fix it with the incoming PR #148

PaulCormier commented 4 months ago

For Apache, it was serving the files but changes to the mirror.conf weren't being picked up.

This is not a topic for this Docker image and nothing to support or not support. Those are docker basics or docker topics

But, does it work on your end? I changed the IndexOptions to: IndexOptions FancyIndexing SuppressDescription, but it was only showing the plain file list until I explicitly included mirror.conf in the httpd.conf.

Now I get:

EugenMayer commented 4 months ago

Sorry @PaulCormier, this is beyond this project and has nothing to do with this docker image in particular.

IMHO this issue should be resolved or at least resolved and the question with the mirror.conf should be moved into a disucssion.

jeremylong commented 3 months ago

I will try and publish the updated version soon.