search

linuxserver / docker-bazarr

GNU General Public License v3.0
243 stars 30 forks source link

Getting 'InsecureRequestWarning' #18

Closed aegie closed 5 years ago

aegie commented 5 years ago

linuxserver.io

Thanks, team linuxserver.io

Looking through my logs, I see this warning spammed over and over: /app/bazarr/bazarr/../libs/urllib3/connectionpool.py:847: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings

I'm on openmediavault and this is my docker-compose file:

bazarr: depends_on:

  • ReverseProxy image: linuxserver/bazarr restart: unless-stopped volumes:
  • /sharedfolders/Media/TV:/tv
  • /sharedfolders/Media/Movies:/movies
  • /sharedfolders/mediatools/bazarr:/config environment:
  • TZ=Europe/Bucharest
  • PUID=1001
  • PGID=100 networks:
  • media container_name: bazarr
aptalca commented 5 years ago

What is your reverse proxy config? That's likely the issue

aegie commented 5 years ago

It might well be related, but I have 14 other containers depending on ReverseProxy, without issues there.

Here it is:

ReverseProxy: image: linuxserver/letsencrypt restart: unless-stopped

logging:

# driver: "none"
ports:
  - "4480:80"
  - "4443:443"
volumes:
  - /sharedfolders/mediatools/letsencrypt:/config
cap_add:
  - NET_ADMIN      
networks:
  - media
container_name: ReverseProxy
environment:
  - PUID=1001 # get on dockerhost through command "id <user>""
  - PGID=100
  - EMAIL=my@mail.net
  - URL=domain.net
  - SUBDOMAINS=www,ds,plex,portainer,bazarr,bw,nextcloud,duplicati,glances,heimdall,tautulli,sonarr,radarr,lidarr,znc,ombi,rutorrent
  - TZ=Europe/Bucharest
  - VALIDATION=dns # using dns validation
  - DNSPLUGIN=cloudflare # via dnsimple, note there is additional configuration require separate from this file
  # - STAGING=true # this should be uncommented when testing for initial success, to avoid some rate limiting

Thanks!

aptalca commented 5 years ago

Are you seeing that in bazarr logs?

If so, I believe it means bazarr is using https to connect to one of the services you set up, but their cert is invalid.

You should ask the bazarr devs for further troubleshooting.

aegie commented 5 years ago

Yes, it is in bazarr logs. Ok, thanks, will do that!

C8opmBM commented 4 years ago

Can you please add this fix as mentioned here: https://github.com/morpheus65535/bazarr/issues/370#issuecomment-477829142

Thanks!

CHBMB commented 4 years ago

@C8opmBM I'm not in favour of implementing a workaround for a security warning across the board.

C8opmBM commented 4 years ago

Understandable, still I fail to see the reason why the bazarr dev won't address this issue after all this time... Guess I'll keep deleting logs after all.

aptalca commented 4 years ago

Feel free to pass that env variable in your docker create/compose

morpheus65535 commented 4 years ago

Understandable, still I fail to see the reason why the bazarr dev won't address this issue after all this time... Guess I'll keep deleting logs after all.

Because I wasn't even aware you had an issue...

I'm using this Docker image myself and don't have any InsecureRequestWarning error in my log.

What version of Bazarr are you using? What version of the Docker image? Did you pull latest first?

C8opmBM commented 4 years ago

Thank you for your reply. I'm always pulling the latest tag version from linuxserver. All other containers are using the latest tag, coming from linuxserver.

However, this issue is present for at least one year in my setup. You did accept the workaround aka muting it rather than addressing it: https://github.com/morpheus65535/bazarr/issues/370#issuecomment-477829142 There were at least 3 other users reporting the same problem. Same as @CHBMB I'm not in favor of passing the env variable to silence a security issue, unless this is an upstream problem that cannot be solved.

My logs wont stop spamming it. Logs size gets about 7 mb every other day. I really hope this can be fixed. Sorry to trouble you and thank you for your amazing work!

`[s6-init] making user provided files available at /var/run/s6/etc...exited 0. [s6-init] ensuring user provided files have correct perms...exited 0. [fix-attrs.d] applying ownership & permissions fixes... [fix-attrs.d] done. [cont-init.d] executing container initialization scripts... [cont-init.d] 01-envfile: executing... [cont-init.d] 01-envfile: exited 0. [cont-init.d] 10-adduser: executing...

      _         ()
     | |  ___   _    __
     | | / __| | |  /  \
     | | \__ \ | | | () |
     |_| |___/ |_|  \__/

Brought to you by linuxserver.io We gratefully accept donations at: https://www.linuxserver.io/donate/

GID/UID

User uid: 1001 User gid: 100

[cont-init.d] 10-adduser: exited 0. [cont-init.d] 30-config: executing... [cont-init.d] 30-config: exited 0. [cont-init.d] 99-custom-files: executing... [custom-init] no custom files found exiting... [cont-init.d] 99-custom-files: exited 0. [cont-init.d] done. [services.d] starting services [services.d] done. /app/bazarr/bazarr/../libs/urllib3/connectionpool.py:846: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings Bazarr starting... warnings.warn(( /app/bazarr/bazarr/../libs/urllib3/connectionpool.py:846: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings warnings.warn(( 2020-03-01 00:01:42,686 - root (7f2844b5cd48) : INFO (main:2269) - BAZARR is started and waiting for request on http://0.0.0.0:6767/ /app/bazarr/bazarr/../libs/urllib3/connectionpool.py:846: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings warnings.warn(( /app/bazarr/bazarr/../libs/urllib3/connectionpool.py:846: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings warnings.warn(( /app/bazarr/bazarr/../libs/urllib3/connectionpool.py:846: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings warnings.warn((`

1

CHBMB commented 4 years ago

Understandable, still I fail to see the reason why the bazarr dev won't address this issue after all this time... Guess I'll keep deleting logs after all.

Because I wasn't even aware you had an issue...

I'm using this Docker image myself and don't have any InsecureRequestWarning error in my log.

What version of Bazarr are you using? What version of the Docker image? Did you pull latest first?

I suspect the error is something to do with the way a reverse proxy or other component is implemented, rather than Bazaar itself, although I admit that's just supposition.

Hence why I'm not in favour of changing the container, for me the solution shouldn't be to mute a warning message, but rather tackle the root cause.

@C8opmBM It might be prudent to post some details about your setup, reverse proxy configs etc.

morpheus65535 commented 4 years ago

I agree with @CHBMB but I suggest we move over to https://github.com/morpheus65535/bazarr/issues/843.

morpheus65535 commented 4 years ago

The insecure call were made to Sonarr and Radarr. As many users have self signed certificate, I cannot enforce SSL certificate verification. I added code to Bazarr dev branch to ignore those warning.