search

ldez / traefik-certs-dumper

Dump ACME data from Traefik to certificates
Other
462 stars 30 forks source link

I'm having difficulty converting the entrypoint compose for docker run ( GUI of unraid) #183

Open justinsangoi opened 1 year ago

justinsangoi commented 1 year ago

I'm trying to run this container using the native GUI of unraid. The GUI allows for you to enter "extra parameters". Basically, you can take any docker run command and enter it into the interface piecemeal and it will execute the command.

I took entrypoints and converted it to this line:

--entrypoint="sh -c 'apk add jq; while ! [ -e /data/acme.json ] || ! [ `jq ".[] | .Certificates | length" /data/acme.json` != 0 ]; do sleep 1; done && traefik-certs-dumper file --version v2 --watch --source /data/acme.json --dest /data/certs'"

However, it doesn't seem to parse it out correctly. I suspect it has to do with having to quote the whole string due to spaces, but I'm struggling to figure it out. Would anyone be able to assist in converting the compose to a docker run equivalent?

Here's the docker error that unraid returns when I try and run it: image

justinsangoi commented 1 year ago

I've been working at this a little bit this morning and I've tried several variations.

Using this:

--entrypoint sh -c 'apk add jq; while ! [ -e /data/acme.json ] || ! [ `jq ".[] | .Certificates | length" /data/acme.json` != 0 ]; do sleep 1; done && traefik-certs-dumper file --version v2 --watch --source /data/acme.json --dest /data/certs'

Gives the following Error:

image

Using this:

--entrypoint "sh -c 'apk add jq; while ! [ -e /data/acme.json ] || ! [ `jq \".[] | .Certificates | length\" /data/acme.json` != 0 ]; do sleep 1; done && traefik-certs-dumper file --version v2 --watch --source /data/acme.json --dest /data/certs'"

Gives this error, which I'm inclined to believe is closer to correct but it somehow thinks the directories don't exist despite the volumes very clearly being defined in the parameters above:

image

At this point, I'm not sure if it's Unraid parsing it incorrectly, as I expect it to just take the field in the GUI and intsert it as is into the command. I think if I somehow get it working using command line as a docker run command I can at least rule out that the conversion from Docker Compose is correct.

justinsangoi commented 1 year ago

Trying to run this as a docker run:

docker run -d --name='traefik-certs-dumper' --net='bridge' -v '/mnt/user/appdata/traefik/':'/data/' --entrypoint "sh -c 'apk add jq; while ! [ -e /data/acme.json ] || ! [ `jq ".[] | .Certificates | length" /data/acme.json` != 0 ]; do sleep 1; done && traefik-certs-dumper file --version v2 --watch --source /data/acme.json --dest /data/certs' 'ldez/traefik-certs-dumper:latest'"

Comes out with this error:

jq: error: Could not open file /data/acme.json: No such file or directory
"docker run" requires at least 1 argument.
See 'docker run --help'.

Usage:  docker run [OPTIONS] IMAGE [COMMAND] [ARG...]

Run a command in a new container

Same error it seems - an issue accessing the file under /data/

I know this file exists at the mapped location. I'm missing something here in the syntax I believe.

justinsangoi commented 1 year ago

Seems I'm having some kind of permissions issue. I don't understand how, as the docker system in unraid is root, but it seems that the /data path isn't mounting.

justinsangoi commented 1 year ago

I'm almost certain it's a permissions issue because when I attempt to read and parse the acme.json from SSH as root, it works until I add a select statement to the jq, at which point bash throws an error stating it doesn't have access.

image

This aligns with the error that the attempted docker run statement is throwing. That the path or file doesn't exist, implying it cannot mount it to access it.

PrplHaz4 commented 1 year ago

I'm almost certain it's a permissions issue because when I attempt to read and parse the acme.json from SSH as root, it works until I add a select statement to the jq, at which point bash throws an error stating it doesn't have access.

Try explicitly mounting the acme.json - i remember having some issues with the traefik container when just the parent directory was mapped.

justinsangoi commented 1 year ago

I'm almost certain it's a permissions issue because when I attempt to read and parse the acme.json from SSH as root, it works until I add a select statement to the jq, at which point bash throws an error stating it doesn't have access.

Try explicitly mounting the acme.json - i remember having some issues with the traefik container when just the parent directory was mapped.

That's actually the first way I attempted to do it. You can see in the first screenshot of my unraid GUI attempts that I was mapping the acme.json by it's file name. Afterwards, I tried just mapping the entire folder and that didn't work either, same error.

The owner of the file is root, because traefik runs as root in the container, but what confuses me is I'm running docker as root and it still cannot access it.

justinsangoi commented 1 year ago

I tried adding the PGID and PUID defaults that containers use on Unraid and it didnt' solve the directory/file missing error.

So there is still an access issue here. I may dig a bit more, but I've currently got a user script set up that uses jq to extract the keys and install them correctly.