Within the netbox container itself, I did an 'apt-get update' because I need an additional package there.
But during the process, the following pops up:
# apt update
Hit:1 http://security.ubuntu.com/ubuntu lunar-security InRelease
Hit:2 http://archive.ubuntu.com/ubuntu lunar InRelease
Hit:3 http://archive.ubuntu.com/ubuntu lunar-updates InRelease
Hit:4 http://archive.ubuntu.com/ubuntu lunar-backports InRelease
Get:5 https://packages.nginx.org/unit/ubuntu lunar InRelease [2812 B]
Err:5 https://packages.nginx.org/unit/ubuntu lunar InRelease
The following signatures were invalid: EXPKEYSIG ABF5BD827BD9BF62 nginx signing key <signing-key@nginx.com>
Reading package lists... Done
W: GPG error: https://packages.nginx.org/unit/ubuntu lunar InRelease: The following signatures were invalid: EXPKEYSIG ABF5BD827BD9BF62 nginx signing key <signing-key@nginx.com>
E: The repository 'https://packages.nginx.org/unit/ubuntu lunar InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
[…]
This can be actually resolved by doing an "apt update" in the container, which fails, but installing gpg is then possible. With curl -s https://nginx.org/keys/nginx_signing.key | gpg --dearmor > /usr/share/keyrings/nginx-keyring.gpg
But. Doing this in an additional Dockerfile fails … probably because docker-entrypoint.sh and launch-netbox.sh (CMD in your Dockerfile) do some stuff which makes this odd behaviour possible.
(Please note: I run multiple netbox instances in host mode, therefore have to assign different ports to redis etc.)
Expected Behavior
apt update runs smoothly and does not exit with a code != 0
Docker Compose Version
docker-compose version 1.29.2, build unknown
Docker Version
Client: Podman Engine
Version: 4.3.1
API Version: 4.3.1
Go Version: go1.19.8
Built: Thu Jan 1 01:00:00 1970
OS/Arch: linux/amd64
The git Revision
f1ca9ab7ebc16b288fd9da8825176c75d6b7ea4f
The git Status
On branch release
Your branch is up to date with 'origin/release'.
Startup Command
docker-compose -f docker-compose.yml -f docker-compose.override.yml up -d
NetBox Logs
(not relevant, fails on build)
Content of docker-compose.override.yml
---
version: '3.4'
services:
netbox:
network_mode: host
image: test-tud-zih-nk-netbox:latest
build: &build
context: .
dockerfile: Dockerfile-NetBox
depends_on:
- redis
- redis-cache
healthcheck: &healthcheck
# start_period is a period of grace where failures do not count
# Because migrations take a while and health check is done already by then,
# we prolong it … 300 seconds should be enough
start_period: 300s
timeout: 3s
interval: 15s
test: "curl -f http://localhost:8000/api/ || exit 1"
volumes:
- ./configuration:/etc/netbox/config:z,ro
- /run/postgresql:/run/postgresql:z,ro
- /opt/netbox-deployment/test/tools:/opt/netbox/tools:rw
- /opt/netbox-deployment/Campusnetz:/opt/netbox/Campusnetz:z,ro
postgres:
deploy:
replicas: 0
netbox-worker:
network_mode: host
image: test-tud-zih-nk-netbox:latest
build:
<<: *build
depends_on:
netbox:
condition: service_healthy
healthcheck:
<<: *healthcheck
volumes:
- ./configuration:/etc/netbox/config:z,ro
- /run/postgresql:/run/postgresql:z,ro
- /opt/netbox-deployment/test/tools:/opt/netbox/tools:rw
netbox-housekeeping:
network_mode: host
image: test-tud-zih-nk-netbox:latest
build:
<<: *build
depends_on:
netbox:
condition: service_healthy
healthcheck:
<<: *healthcheck
volumes:
- ./configuration:/etc/netbox/config:z,ro
- /run/postgresql:/run/postgresql:z,ro
redis:
network_mode: host
command:
- sh
- -c # this is to evaluate the $REDIS_PASSWORD from the env
- redis-server --bind 127.0.0.1 -::1 --port 6381 --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
redis-cache:
network_mode: host
command:
- sh
- -c # this is to evaluate the $REDIS_PASSWORD from the env
- redis-server --bind 127.0.0.1 -::1 --port 6382 --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
netbox-apache2:
network_mode: host
image: test-tud-zih-nk-netbox-apache2
build:
context: .
dockerfile: Dockerfile-apache2
volumes:
[… skipped due privacy reasons, is not relevant, because other service …]
Current Behavior
Within the netbox container itself, I did an 'apt-get update' because I need an additional package there.
But during the process, the following pops up:
This can be actually resolved by doing an "apt update" in the container, which fails, but installing gpg is then possible. With
curl -s https://nginx.org/keys/nginx_signing.key | gpg --dearmor > /usr/share/keyrings/nginx-keyring.gpg
But. Doing this in an additional Dockerfile fails … probably because docker-entrypoint.sh and launch-netbox.sh (CMD in your Dockerfile) do some stuff which makes this odd behaviour possible.
(Please note: I run multiple netbox instances in host mode, therefore have to assign different ports to redis etc.)
Expected Behavior
apt update runs smoothly and does not exit with a code != 0
Docker Compose Version
docker-compose version 1.29.2, build unknown
Docker Version
The git Revision
f1ca9ab7ebc16b288fd9da8825176c75d6b7ea4f
The git Status
Startup Command
docker-compose -f docker-compose.yml -f docker-compose.override.yml up -d
NetBox Logs
Content of docker-compose.override.yml