github-actions[bot]
commented
2 years ago Closed Griffin-III closed 2 years ago
github-actions[bot]
commented
2 years ago 
aptalca
commented
2 years ago Secrets should not have trailing newlines. Docker docs tell you how to correctly create them without a trailing newline.
Griffin-III
commented
2 years ago I guess that's my bad, I learned about docker secrets from a guide which didn't mention it.
As a suggestion then, could you add that to this section of the readme?
aptalca
commented
2 years ago It already references docker secrets. Docker docs show how to create it correctly. No need for us to repeat it in every image's readme. They are already too long as it is.
Bug
Bookstack reads docker secret files with the end of line character instead of removing it. This results in an error that makes it seem like FILE__ is broken for mail password. I found the real cause by testing it with the username instead and seeing the extra space in the error popup.
Fixed by removing the EOL character, ex. by launching nano with -L. I confirmed with both username and password as files that this fix works.
Authelia works fine with EOL, I haven't tested other services yet, or tested to see if removing it causes issues with others. Maybe this is the norm and Authelia is weird? But most popular editors automatically add one.
Expected Behavior
Bookstack should remove the EOL character from docker secret file when adding to env variable. Mail server accepts credentials.
Current Behavior
Bookstack adds EOL character from secret file to env variable. Get errors back from mail server.
Steps to Reproduce
Environment
OS: Fedora Server CPU architecture: x86_64 How docker service was installed: Docker Compose
Command used to create docker container
Compose File
```yaml networks: bookstackproxy: external: name: bookstackproxy default: driver: bridge secrets: mail_username_file: file: $DOCKERDIR/secrets/mail_username_file services: bookstack: image: lscr.io/linuxserver/bookstack container_name: bookstack networks: - bookstackproxy security_opt: - no-new-privileges:true secrets: - mail_username_file environment: - PUID=1000 - PGID=1000 - APP_URL= - DB_HOST= - DB_USER= - DB_PASS= - DB_DATABASE=bookstackapp - LOG_FAILED_LOGIN_MESSAGE="Failed login for %u" - SESSION_SECURE_COOKIE=true - SESSION_LIFETIME=10080 - MAIL_DRIVER=smtp - MAIL_HOST= - MAIL_PORT= - MAIL_ENCRYPTION=tls - FILE__MAIL_USERNAME=/run/secrets/mail_username_file - MAIL_PASSWORD=[actualmailpassword] - MAIL_FROM=domain@domain.com - MAIL_FROM_NAME="domain" volumes: - /path/Bookstack:/config restart: unless-stopped depends_on: - bookstack_db labels: - "traefik.enable=true" ## HTTP Routers - "traefik.http.routers.bookstack-rtr.entrypoints=https" - "traefik.http.routers.bookstack-rtr.rule=Host()" - "traefik.http.routers.bookstack-rtr.tls=true" ## Middlewares - "traefik.http.routers.bookstack-rtr.middlewares=chain-authelia@file" bookstack_db: image: lscr.io/linuxserver/mariadb container_name: bookstack_db networks: - bookstackproxy environment: - PUID=1000 - PGID=1000 - MYSQL_ROOT_PASSWORD= - TZ=$TZ - MYSQL_DATABASE=bookstackapp - MYSQL_USER= - MYSQL_PASSWORD= volumes: - /path/Bookstack:/config restart: unless-stopped ```
Docker logs
The mail error shows up on the webpage but not in the container log, so it must be somewhere in the volume/config logs.
[cont-init.d] executing container initialization scripts... [cont-init.d] 01-envfile: executing... [env-init] MAIL_USERNAME set from FILE__MAIL_USERNAME [cont-init.d] 01-envfile: exited 0.