Issues deploying with docker / portainer

[tiritibambix]

Hello. I'm a portainer user and wanted to try shotshare as is looks exactly like what I need :)

I followed these steps: sudo mkdir Shotshare and cd into this directory sudo touch .env database.sqlite sudo chown 82:82 .env database.sqlite

and then tried this docker-compose:

version: "3.3"
services:
  shotshare:
    ports:
      - 8008:80
    environment:
      - HOST=:80
    volumes:
      - /srv/Files/Shotshare/shotshare_data:/app/storage
      - /srv/Files/Shotshare/database.sqlite:/app/database/database.sqlite
      - /srv/Files/Shotshare/.env:/app/.env
    restart: unless-stopped
    container_name: shotshare
    image: mdshack/shotshare:latest
volumes:
  shotshare_data: {}
networks: {}

I does not work. Can you help me understand why ? Thank you

[EmberHeartshine]

Are you receiving any error messages?

[tiritibambix]

Here is the full log: https://pastebin.com/nXBur8iv

[mdshack]

Here is the full log: https://pastebin.com/nXBur8iv

Hey @tiritibambix, it looks like you are setup to listen on port 8008, are you using that port when you attempt to navigate in the browser?

[tiritibambix]

Hey @tiritibambix, it looks like you are setup to listen on port 8008, are you using that port when you attempt to navigate in the browser?

Hello. Absolutely. I use http://mymachineip:8008. Just like I would do with any other container with their spécific port.

.env file only has an hashed key. Are there any value I mandatory need to populate it with maybe ?

[EmberHeartshine]

Try curling localhost:8008 from the server and seeing if there's any output.

[tiritibambix]

Try curling localhost:8008 from the server and seeing if there's any output.

It returned (7) Failed to connect to localhost port 8008: Connection refused So I tried port 8178. It returns nothing.

When I go to 192.168.1.104:8178, it's just an empty page. Log says this:

Generating config

   INFO  Preparing database.  

  Creating migration table ........................................ 129ms DONE

   INFO  Running migrations.  

  2014_10_12_000000_create_users_table ............................ 668ms DONE

  2014_10_12_100000_create_password_reset_tokens_table ............. 77ms DONE

  2019_08_19_000000_create_failed_jobs_table ...................... 143ms DONE

  2019_12_14_000001_create_personal_access_tokens_table ........... 242ms DONE

  2023_12_07_052547_create_shots_table ............................. 87ms DONE

  2023_12_29_181202_update_shots_table_add_parent_shot_id .......... 49ms DONE

Caching application configuration

   INFO  Configuration cached successfully.  

INF | ts=1705003942.8791478 msg=using provided configuration config_file=/etc/caddy/Caddyfile config_adapter= 

WRN | ts=1705003942.880817 msg=Caddyfile input is not formatted; run 'caddy fmt --overwrite' to fix inconsistencies adapter=caddyfile file=/etc/caddy/Caddyfile line=2 

INF | ts=1705003942.8818696 logger=admin msg=admin endpoint started address=localhost:2019 enforce_origin=false origins=["//[::1]:2019","//127.0.0.1:2019","//localhost:2019"] 

WRN | ts=1705003942.8820443 logger=http.auto_https msg=server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server server_name=srv0 http_port=80 

INF | ts=1705003942.8820965 logger=tls.cache.maintenance msg=started background certificate maintenance cache=0xc0001c6d00 

INF | ts=1705003942.8823943 logger=http.log msg=server running name=srv0 protocols=["h1","h2","h3"] 

WRN | ts=1705003942.8825939 logger=tls msg=unable to get instance ID; storage clean stamps will be incomplete error=open /data/caddy/instance.uuid: no such file or directory 

INF | ts=1705003942.8826678 msg=autosaved config (load with --resume flag) file=/config/caddy/autosave.json 

INF | ts=1705003942.8826897 msg=serving initial configuration 

[11-Jan-2024 20:12:22] NOTICE: fpm is running, pid 21

[11-Jan-2024 20:12:22] NOTICE: ready to handle connections

INF | ts=1705003942.8854275 logger=tls msg=cleaning storage unit storage=FileStorage:/data/caddy 

INF | ts=1705003942.8856966 logger=tls msg=finished cleaning storage units 

127.0.0.1 -  11/Jan/2024:20:12:49 +0000 "GET /index.php" 500

ERR | ts=1705003969.657054 logger=http.log.access msg=handled request request={"remote_ip":"192.168.1.106","remote_port":"39598","client_ip":"192.168.1.106","proto":"HTTP/1.1","method":"GET","host":"192.168.1.104:8178","uri":"/","headers":{"Connection":["keep-alive"],"Cookie":[],"Upgrade-Insecure-Requests":["1"],"Sec-Gpc":["1"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8"],"Accept-Language":["en-US,en;q=0.5"],"Accept-Encoding":["gzip, deflate"],"Dnt":["1"]}} bytes_read=0 user_id= duration=0.170860993 size=0 status=500 resp_headers={"Server":["Caddy"],"Content-Type":["text/html; charset=UTF-8"],"Status":["500 Internal Server Error"],"X-Powered-By":["PHP/8.3.1"]} 

INF | ts=1705003969.765317 logger=http.log.access msg=handled request request={"remote_ip":"192.168.1.106","remote_port":"39598","client_ip":"192.168.1.106","proto":"HTTP/1.1","method":"GET","host":"192.168.1.104:8178","uri":"/favicon.ico","headers":{"Accept":["image/avif,image/webp,*/*"],"Accept-Language":["en-US,en;q=0.5"],"Cookie":[],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0"],"Accept-Encoding":["gzip, deflate"],"Dnt":["1"],"Sec-Gpc":["1"],"Connection":["keep-alive"],"Referer":["http://192.168.1.104:8178/"]}} bytes_read=0 user_id= duration=0.000414287 size=0 status=200 resp_headers={"Content-Length":["0"],"Server":["Caddy"],"Etag":["\"s70z8h0\""],"Content-Type":[],"Last-Modified":["Wed, 10 Jan 2024 03:05:05 GMT"],"Accept-Ranges":["bytes"]} 

192.168.1.104 is the server hosting shotshare 192.168.1.106 is the machine I try to access it from.

[tiritibambix]

I stull struggle.

Why is it asking for caddy ? What should I put in HOST=:80 ?

Any help would be greatly appreciated.

[mdshack]

I stull struggle.

Why is it asking for caddy ? What should I put in HOST=:80 ?

Any help would be greatly appreciated.

Hello again, just looking at your logs, it looks like your container was successfully started. I haven’t gotten the chance to debug your compose file, but have you by chance been able to run the example docks setup included here?

[tiritibambix]

Hello and sorry for the late answer. My server is at 192.168.1.104

I tried to run the example docks setup included here with my (OMV) paths

docker run \
  -p 8178:80 \
  -e DB_CONNECTION=sqlite \
  -e FEATURE_UUID_ROUTES=true \
  -v /srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Shotshare/shotshare_data:/app/storage \
  --mount type=bind,source=/srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Shotshare/database.sqlite,target=/app/database/database.sqlite \
  --mount type=bind,source=/srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Shotshare/.env,target=/app/.env \
  -d \
  --restart unless-stopped \
  --name shotshare \
  mdshack/shotshare:latest

I also tried to adapt it to docker-compose:

version: "3.3"
services:
  shotshare:
    ports:
      - 8178:80
    environment:
      - DB_CONNECTION=sqlite
      - FEATURE_UUID_ROUTES=true
    volumes:
      - /srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Shotshare/shotshare_data:/app/storage
      - type: bind
        source: /srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Shotshare/database.sqlite
        target: /app/database/database.sqlite
      - type: bind
        source: /srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Shotshare/.env
        target: /app/.env
    restart: unless-stopped
    container_name: shotshare
    image: mdshack/shotshare:latest
networks: {}

When I go to http://192.168.1.104:8178, it redirects me to https://192.168.1.104 (note https and no port)

[tiritibambix]

Bumping this up as I still haven't found a solution

[EmberHeartshine]

I'm not sure if this is true of all platforms, but typically /srv/dev-disk-by-uuid-* are symlinks to block devices, not mounted directories. (eg. it's intended to replace /dev/sdX for reasons.) Does the platform you're on use them as filesystem directories instead?

[tiritibambix]

I am not sure I am really competent to properly answer this question, but this is how Open Media Vault names shared folders.

So let's say I mount a volume / "file system" in OMV, and it names it /dev/sdb1, I then have to create a shared folder, in this instance "Files", which it names using /srv/dev-disk-by-uuid-*

Here's a screenshot to illustrate this.

This is exactly how I run and store data for my containers since I started learning 2 years ago. I don't know any other method.

[EmberHeartshine]

OMV is.... weird about mount stuff compared to other Debian-based distros. (even between versions) Since you have shell access, can you cd to wherever the Shotshare/ directory is and pwd? I imagine it'll be the same as what you posted above but just in case some trickery is afoot.

[tiritibambix]

It is indeed exactly the same

[EmberHeartshine]

Oh, I just noticed that HOST isn't defined in your most recent examples. I believe that's what Caddy uses to decide what port to use.

Since your ports are defined as 8178 (internal) and 80 (external), you'll need to include -e HOST=":8178" (or the equivalent in docker-compose). That will serve Shotshare on port 80. Since you're on OMV, changing to a different port number would probably be best (since I think OMV's management interface is open on 80/443?). Keeping all ports the same would simplify things... Try setting the ports to 8178 across the board (e.g. -e HOST=":8178" ; -p 8178:8178), then accessing it on 8178.

[EmberHeartshine]

Er, sorry, I got the syntax of -p backwards. -p 80:8178 expects 80 open inside the container and exposes 8178 externally. In that case you'd want -e HOST=":80".

My advice about using the same ports across the board still remains, though. I personally use port 2000 and use nginx to reverse proxy 80 (or rather, I use 443 with my own managed certbot cert and -e FORCE_HTTPS=true).

[tiritibambix]

I fear all this is beyond my understanding.

I got OMV's management interface set to 82, Nginx Proxy Manager interface set to 81, and I never use port 80 with my containers as it is used by nginx to go outside. My ports are configured as follow in my nginx proxy manager docker-compose:

    ports:
      - '80:80'
      - '81:81'
      - '443:443'

With all services I use, I always change the first port on the left and leave the port on the right as it is hard coded in the container. So I'm lost with your suggestion of using 80:8178.

When I look at your Dockerfile

EXPOSE 80
EXPOSE 443

So I don't get why I would have to change that.

Anyway, I tried all sorts of possibilities with ports, and everyone of them lead me to https://192.168.1.104

As an example, Here is a docker-compose for Homepage:

version: '3.3'
services:
    homepage:
        image: ghcr.io/gethomepage/homepage:latest
        container_name: homepage
        ports:
            - 5005:3000
        volumes:
            - /srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Homepage/config:/app/config
            - /srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a:/data # for widget resources
            - /srv/dev-disk-by-uuid-2da450f2-4dde-4234-8a5a-2011f9145fee:/backup # for widget resources
            - /var/run/docker.sock:/var/run/docker.sock # (optional) For docker integrations
        environment:
            - LOG_LEVEL=debug
        restart: unless-stopped

Original ports were 3000:3000. I was already using port 3000 on my side so I arbitrarily changed it to 5005 and I access it by going to http://192.168.1.104:5005

I have to admit that deploying a container was never this hard before 😅

[tiritibambix]

Anyway, I tried all sorts of possibilities with ports, and everyone of them lead me to https://192.168.1.104

This is not true anymore since I added -e HOST=":80" or whatever port I tried. It just leads to a "connection error"

[EmberHeartshine]

The expected container port used by Caddy the web server used by the docker image) is set by the HOST envvar, it's not hard-coded.

Would you mind elaborating on, "used by nginx to go outside"? Nginx just serves files on whatever port is defined in a given server block (namely with the listen directive). 80 just coincidentally happens to be the default for HTTP (and 443 for HTTPS).

Im not using a dockerfile-- I use runtime flags and environment variables to define my ports. (Note that I'm not the dev, just another user.) I honestly don't like docker at all, but I haven't had time to figure out a bare metal installation method. Something something php socks...

[tiritibambix]

Would you mind elaborating on, "used by nginx to go outside"?

They are just the HTTP and HTTPS public ports. So I need them free to be used by Nginx Proxy Manager and that is why I don't use them with other containers.

So did you use docker Cli to deploy ? Mind sharing it ?

[EmberHeartshine]

This is the line I use to start the container:

$ docker run -p 2000:2000 \
-e HOST=":2000" \
-e ALLOW_REGISTRATION=false \
--mount type=bind,source=/home/ember/shotshare/data,target=/app/storage \
--mount type=bind,source=/home/ember/shotshare/database.sqlite,target=/app/database/database.sqlite \
--mount type=bind,source=/home/ember/shotshare/.env,target=/app/.env \
-d --restart unless-stopped \
--name shotshare mdshack/shotshare:latest

My nginx server directive looks like this:

server {
        listen 80;
        listen [::]:80;
        server_name (FQDN redacted);
        return 308 https://$host$request_uri;
}
server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        server_name (FQDN redacted);
        ssl_certificate /etc/letsencrypt/live/(FQDN redacted)/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/(FQDN redacted)/privkey.pem;
        ssl_dhparam /etc/nginx/ssl/dhparam.pem;
        ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_prefer_server_ciphers on;
        client_max_body_size 20M;
        location /.well-known {
                root /var/www/(FQDN redacted);
                autoindex off;
                server_tokens off;
        }
        location / {
                proxy_pass http://localhost:2000;
                proxy_redirect off;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Host $server_name;
        }
}

A few caveats to my setup:

• I'm using certbot to manage the SSL certificate myself
• Most of the config is defined in my .env file
• I generated the dhparams myself
• I currently only have ALLOW_REGISTRATION set in the run line because I turn registration on and off somewhat frequently, otherwise it'd live in the .env file
• This server isn't being used for anything else at the moment (though it could)

[tiritibambix]

Thank you very much.

So I took inspiration from your config and put

    ports:
      - 8178:8178
    environment:
      - HOST=:8178

I just land on a HTTP ERROR 500

I wish @mdshack could have a look at this 😇

[EmberHeartshine]

Is it a Caddy 500 error or an nginx 500? (Caddy is light grey text on a dark grey background; nginx is black text on white bg unless changed)

[tiritibambix]

ERR | ts=1705936180.7673454 logger=http.log.access msg=handled request request={"remote_ip":"192.168.1.106","remote_port":"57659","client_ip":"192.168.1.106","proto":"HTTP/1.1","method":"GET","host":"192.168.1.104:2000","uri":"/","headers":{"Dnt":["1"],"Sec-Gpc":["1"],"Connection":["keep-alive"],"Upgrade-Insecure-Requests":["1"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8"],"Accept-Language":["en-US,en;q=0.5"],"Accept-Encoding":["gzip, deflate"],"Cookie":[]}} bytes_read=0 user_id= duration=0.168065318 size=651 status=500 resp_headers={"Status":["500 Internal Server Error"],"X-Powered-By":["PHP/8.3.1"],"Cache-Control":["no-cache, private"],"Content-Encoding":["gzip"],"Vary":["Accept-Encoding"],"Server":["Caddy"],"Date":["Mon, 22 Jan 2024 15:09:40 GMT"],"Content-Type":["text/html; charset=UTF-8"]} 

[EmberHeartshine]

Ah, that looks like an nginx 500. Not a 504, though, which would indicate something wrong with the container's setup, so something's up with the nginx config.

Unfortunately since I do everything bare metal (as opposed to using something like OMV) my actual utility here may be limited.

[tiritibambix]

my actual utility here may be limited.

You've already done so much. Thanks a lot for your time and for trying to help me !!

[EmberHeartshine]

Oh, wait, interesting, that is a Caddy 500. I haven't seen it look like that before! Well at a minimum that means your host config is fine and something is up with either the image or the files... Perhaps check the owner of all the mounted files to make sure they're all owned by 82:82.

[tiritibambix]

So, someone one Lemmy helped me out and gave me this docker-compose:

version: "3.3"
services:
  shotshare:
    ports:
      - 2000:80
    environment:
      - HOST=:80
      - ALLOW_REGISTRATION=false
    volumes:
      - shotshare_data:/app/storage
      - /srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Shotshare/database.sqlite:/app/database/database.sqlite
      - /srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Shotshare/.env:/app/.env
    restart: unless-stopped
    container_name: shotshare
    image: mdshack/shotshare:latest
volumes:
    shotshare_data:
networks: {}

That means we have to use the volume instead of a bind mount for /app/storage. Which is not convenient at all, particularly for my backup routine.

I must find a way to bind /app/storage to /srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Shotshare/

[EmberHeartshine]

Ah hah! I should have seen that. See #31. I'm using a bind mount and it worked flawlessly once I created the subdirectories and chown'd them to 82:82.

[tiritibambix]

Ok so my solution was this:

cd /home git clone https://github.com/mdshack/shotshare cd .../Files/ sudo mkdir Shotshare cd .../Files/Shotshare sudo mkdir shotshare_data sudo touch .env database.sqlite cp -r /home/shotshare/storage/* .../Files/Shotshare/shotshare_data chown 82:82 -R .../Files/Shotshare/

version: "3.3"
services:
  shotshare:
    ports:
      - 2000:80
    environment:
      - HOST=:80
      - ALLOW_REGISTRATION=false
    volumes:
      - .../Files/Shotshare/shotshare_data:/app/storage
      - .../Files/Shotshare/database.sqlite:/app/database/database.sqlite
      - .../Files/Shotshare/.env:/app/.env
    restart: unless-stopped
    container_name: shotshare
    image: mdshack/shotshare:latest
networks: {}

Thank you @EmberHeartshine Bringing this to your attention @mdshack