search

jitsi / docker-jitsi-meet

Jitsi Meet on Docker
https://hub.docker.com/u/jitsi/
Apache License 2.0
3.06k stars 1.36k forks source link

10-config file is causing Build failed : Failed to fetch repos , Build failed with Exit code 100 #1534

Open narayanan-ka opened 1 year ago

narayanan-ka commented 1 year ago

Note : Testing whether changes to frontend web work by making small changes !

Hi, I’ve made small changes to the webversion on only the UI side and copied the resulting folder after make & make source-package. The resulting folder ‘myapp_web’ is placed inside the web folder of docker-jitsi-meet.I have copied the following 2 lines above the EXPOSE command inside the Dockerfile for web :

COPY myapp_web/ /usr/share/jitsi-meet/ COPY myapp_web/interface_config.js /defaults/interface_config.js

The images tag everywhere has been kept as stable ( .env, individual docker files and docker-compose.yml).

However , when I run docker-compose.yml i get the following error.

Building myapp_webserver
Step 1/15 : ARG JITSI_REPO=jitsi
Step 2/15 : ARG BASE_TAG=stable
Step 3/15 : FROM ${JITSI_REPO}/base:${BASE_TAG}
 ---> 319b2e366502
Step 4/15 : LABEL org.opencontainers.image.title="Jitsi Meet"
 ---> Using cache
 ---> c5cc34716be6
Step 5/15 : LABEL org.opencontainers.image.description="WebRTC compatible JavaScript application that uses Jitsi Videobridge to provide high quality, scalable video conferences."
 ---> Using cache
 ---> 298eae2d1ff6
Step 6/15 : LABEL org.opencontainers.image.url="https://jitsi.org/jitsi-meet/"
 ---> Using cache
 ---> dfebe0d4db74
Step 7/15 : LABEL org.opencontainers.image.source="https://github.com/jitsi/docker-jitsi-meet"
 ---> Using cache
 ---> 20b854afd9af
Step 8/15 : LABEL org.opencontainers.image.documentation="https://jitsi.github.io/handbook/"
 ---> Using cache
 ---> 0c82729c172f
Step 9/15 : ADD https://raw.githubusercontent.com/acmesh-official/acme.sh/2.8.8/acme.sh /opt

 ---> Using cache
 ---> 494ef2963655
Step 10/15 : COPY rootfs/ /
 ---> Using cache
 ---> 06c78e7406c2
Step 11/15 : RUN apt-dpkg-wrap apt-get update &&     apt-dpkg-wrap apt-get install -y cron nginx-extras jitsi-meet-web socat curl jq &&     mv /usr/share/jitsi-meet/interface_config.js /defaults &&     rm -f /etc/nginx/conf.d/default.conf &&     apt-cleanup
 ---> Running in 9b3e147c12de
Err:1 http://deb.debian.org/debian bullseye InRelease
  Temporary failure resolving 'deb.debian.org'
Err:2 http://ftp.debian.org/debian bullseye-backports InRelease
  Temporary failure resolving 'ftp.debian.org'
Err:3 https://download.jitsi.org stable/ InRelease
  Temporary failure resolving 'download.jitsi.org'
Err:4 http://deb.debian.org/debian-security bullseye-security InRelease
  Temporary failure resolving 'deb.debian.org'
Err:5 http://deb.debian.org/debian bullseye-updates InRelease
  Temporary failure resolving 'deb.debian.org'
Reading package lists...
W: Failed to fetch http://deb.debian.org/debian/dists/bullseye/InRelease  Temporary failure resolving 'deb.debian.org'
W: Failed to fetch http://deb.debian.org/debian-security/dists/bullseye-security/InRelease  Temporary failure resolving 'deb.debian.org'
W: Failed to fetch http://deb.debian.org/debian/dists/bullseye-updates/InRelease  Temporary failure resolving 'deb.debian.org'
W: Failed to fetch http://ftp.debian.org/debian/dists/bullseye-backports/InRelease  Temporary failure resolving 'ftp.debian.org'
W: Failed to fetch https://download.jitsi.org/stable/InRelease  Temporary failure resolving 'download.jitsi.org'
W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists...
Building dependency tree...
Reading state information...
E: Unable to locate package cron
E: Unable to locate package nginx-extras
E: Unable to locate package jitsi-meet-web
E: Unable to locate package socat
E: Unable to locate package curl
E: Unable to locate package jq
ERROR: Service 'myapp_webserver' failed to build: The command '/bin/sh -c apt-dpkg-wrap apt-get update &&     apt-dpkg-wrap apt-get install -y cron nginx-extras jitsi-meet-web socat curl jq &&     mv /usr/share/jitsi-meet/interface_config.js /defaults &&     rm -f /etc/nginx/conf.d/default.conf &&     apt-cleanup' returned a non-zero code: 100

After debugging for days, I figured the following: The culprit file is this one : 10-config inside rootfs/etc/cont-init.d/10-config This is the file that was causing build issues. Once i deleted the file the build completed and containers spawned ,of course with an error that it couldn't find the 10-config file. I can't seem to figure out the reason why it's causing issues since I do not know how it was built. Need some assistance.

Here is the file itself:

#!/usr/bin/with-contenv bash

# make our folders
mkdir -p \
    /config/{nginx/site-confs,keys} \
    /run \
    /var/lib/nginx/tmp/client_body \
    /var/tmp/nginx

# generate keys (maybe)
if [[ $DISABLE_HTTPS -ne 1 ]]; then
    if [[ $ENABLE_LETSENCRYPT -eq 1 ]]; then
        mkdir -p /config/acme.sh
        pushd /opt
        sh ./acme.sh --install --home /config/acme.sh --accountemail $LETSENCRYPT_EMAIL
        popd

        STAGING=""
        if [[ $LETSENCRYPT_USE_STAGING -eq 1 ]]; then
            STAGING="--staging"
        fi
        export LE_WORKING_DIR="/config/acme.sh"
        # TODO: move away from standalone mode to webroot mode.
        /config/acme.sh/acme.sh \
            $STAGING \
            --issue \
            --standalone \
            --pre-hook "if [[ -d /var/run/s6/services/nginx ]]; then s6-svc -d /var/run/s6/services/nginx; fi" \
            --post-hook "if [[ -d /var/run/s6/services/nginx ]]; then s6-svc -u /var/run/s6/services/nginx; fi" \
            -d $LETSENCRYPT_DOMAIN
        rc=$?
        if [[ $rc -eq 1 ]]; then
            echo "Failed to obtain a certificate from the Let's Encrypt CA."
            # this tries to get the user's attention and to spare the
            # authority's rate limit:
            sleep 15
            echo "Exiting."
            exit 1
        fi
        if [[ $rc -eq 0 ]]; then
            mkdir -p /config/acme-certs/$LETSENCRYPT_DOMAIN
            if ! /config/acme.sh/acme.sh \
                    --install-cert -d $LETSENCRYPT_DOMAIN \
                    --key-file /config/acme-certs/$LETSENCRYPT_DOMAIN/key.pem  \
                    --fullchain-file /config/acme-certs/$LETSENCRYPT_DOMAIN/fullchain.pem ; then
                echo "Failed to install certificate."
                # this tries to get the user's attention and to spare the
                # authority's rate limit:
                sleep 15
                echo "Exiting."
                exit 1
            fi
        fi
    else
        # use self-signed certs
        if [[ -f /config/keys/cert.key && -f /config/keys/cert.crt ]]; then
            echo "using keys found in /config/keys"
        else
            echo "generating self-signed keys in /config/keys, you can replace these with your own keys if required"
            SUBJECT="/C=US/ST=TX/L=Austin/O=jitsi.org/OU=Jitsi Server/CN=*"
            openssl req -new -x509 -days 3650 -nodes -out /config/keys/cert.crt -keyout /config/keys/cert.key -subj "$SUBJECT"
        fi
    fi
fi

# Detect nameserver for Nginx, if not specified.
if [[ -z "$NGINX_RESOLVER" ]]; then
    IP_LIST=""

    # Parse IPs in /etc/resolv.conf, taking into account IPv6 addresses need to be
    # enclosed in square brackets for the Nginx config file.
    while read -r line; do
        if [[ $line =~ ^nameserver.* ]]; then
            IP=$(echo $line | cut -d" " -f2)
            COLONS=$(echo $IP | tr -dc ":" | awk '{ print length '})
            if [[ $COLONS -ge 2 ]]; then
                IP="[$IP]"
            fi
            if [[ ! "$IP_LIST" = "" ]]; then
                IP_LIST+=" "
            fi
            IP_LIST+="$IP"
        fi
    done < <(cat /etc/resolv.conf)

    export NGINX_RESOLVER=$IP_LIST
fi

echo "Using Nginx resolver: =$NGINX_RESOLVER="

# copy config files
tpl /defaults/nginx.conf > /config/nginx/nginx.conf

tpl /defaults/meet.conf > /config/nginx/meet.conf
if [[ -f /config/nginx/custom-meet.conf ]]; then
    cat /config/nginx/custom-meet.conf >> /config/nginx/meet.conf
fi

tpl /defaults/ssl.conf > /config/nginx/ssl.conf

tpl /defaults/default > /config/nginx/site-confs/default

tpl /defaults/system-config.js > /config/config.js
tpl /defaults/settings-config.js >> /config/config.js
if [[ -f /config/custom-config.js ]]; then
    cat /config/custom-config.js >> /config/config.js
fi

cp /defaults/interface_config.js /config/interface_config.js
if [[ -f /config/custom-interface_config.js ]]; then
    cat /config/custom-interface_config.js >> /config/interface_config.js
fi
saghul commented 1 year ago

I have no idea how those 2 can be related.

We do daily builds without a problem.

narayanan-ka commented 1 year ago

It was debugged as a step by step process on docker forums by me and someone who was helping me out there. I eventually narrowed out to this file that is causing issues. Its go to do with resolv.conf inside the file which is causing the said error. Perhaps you could just let me know why that happens on Ubuntu 22.04 and what could be done.

saghul commented 1 year ago

We don't touch resolv.conf, we just read it for using it with Nginx.

saghul commented 1 year ago

Also, our nightly unstable builds are built on Ubuntu using a GH action.

Sorry but I don't know how to help you.

narayanan-ka commented 1 year ago

@saghul Yeah. I'm technically out of options now to troubleshoot.

princechennai commented 1 year ago

@saghul This isn't working at all in Ubuntu 23.04 in OVH cloud. I get "FQDN:Verify error:IPv4: Fetching FQDN/.well-known/acme-challenge/SECRET: Connection refused" on ""Run pre hook:'if [[ -d /var/run/s6/services/nginx ]]; then s6-svc -d /var/run/s6/services/nginx; fi'" Failed to obtain a certificate from the Let's Encrypt CA. I tried all possible solutions on the internet but none of them worked. It looks like the temporary web container s6 is not able to verify the domain because the nginx itself hasn't been started by that time. Also you shouldn't say its working on your systems and so everything is fine. Try to help us.

saghul commented 1 year ago

I tried to help but I've ran out of things to try, since I cannot reproduce the problem.

Our let's encrypt support is relatively basic. Only HTTP verification is supported which means you need to have ports 443 and 80 forwarded.

If you want to use a different kind of setup (maybe use DNS validation) you might want to use a proxy container and disable let's encrypt on our setup.