Closed reyman closed 8 years ago
Hi,
remove -p 443:443
then i guess there is some way to configure nginx proxy to proxy phpldapadmin container but i can't help you with that
Perhaps I can crosspost this case on nginxproxy repository..
Crossposter here : https://github.com/jwilder/nginx-proxy/issues/296#issuecomment-157832764
It seems that the 403 error i obtain (see crosspost) is due to docker-phpLDAPAdmin, what is the best way to debug ?
Here an example without ssl :
sudo docker run --name proxy -d -p 80:80 -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy
docker run --name phpldapadmin -e VIRTUAL_HOST=foo.bar.com -e PHPLDAPADMIN_HTTPS=false -e PHPLDAPADMIN_LDAP_HOSTS=ldap.example.com -d osixia/phpldapadmin
then get the ip adress of the nginx-proxy container :
sudo docker inspect -f "{{ .NetworkSettings.IPAddress }}" proxy
this return for example : 172.17.0.2
add in /etc/hosts
:
172.17.0.2 foo.bar.com
go to foo.bar.com
and phpLdapAdmin should show up !
With SSL enabled the "403 Forbidden" is due to the nginx proxy image that offload HTTPS and proxy only HTTP traffic.
example of nginx config generated by nginx proxy image :
... location / { proxy_pass http://foo.bar.com; } ...
so add -e PHPLDAPADMIN_HTTPS=false when you run the phpLdapAdmin image so the phpLdapAdmin server will listen on port 80 and wait HTTP connections.
Ok it works, i can connect to ldap.comnmodel.org , but now i have some problem to authenticate, arg... I try this (https://github.com/osixia/docker-openldap/issues/21) but i suppose this is not the good way to do. The ldap run correctly, the password is good, i can use ldapsearch to search cn=admin.
For an authentification error on connection on phpldapadmin, Docker image of openldap logs return nothing clear :
56648e38 conn=1013 fd=21 ACCEPT from IP=[::1]:45010 (IP=[::1]:389)
56648e38 conn=1013 op=0 EXT oid=1.3.6.1.4.1.1466.20037
56648e38 conn=1013 op=0 STARTTLS
56648e38 conn=1013 op=0 RESULT oid= err=0 text=
56648e38 conn=1013 fd=21 TLS established tls_ssf=256 ssf=256
56648e3d conn=1013 op=1 BIND dn="cn=admin,dc=comnmodel,dc=org" method=128
56648e3d conn=1013 op=1 BIND dn="cn=admin,dc=comnmodel,dc=org" mech=SIMPLE ssf=0
56648e3d conn=1013 op=1 RESULT tag=97 err=0 text=
56648e3d conn=1013 op=2 SRCH base="dc=comnmodel,dc=org" scope=2 deref=0 filter="(objectClass=*)"
56648e3d conn=1013 op=2 SRCH attr=admin
56648e3d conn=1013 op=2 SEARCH RESULT tag=101 err=0 nentries=2 text=
56648e3d conn=1013 op=3 UNBIND
56648e3d conn=1013 fd=21 closed
But logs of phpldapadmin image show some problems it seems :
*** Running /etc/my_init.d/phpldapadmin...
Enabling site phpldapadmin.
To activate the new configuration, you need to run:
service apache2 reload
link /container/service/phpldapadmin/assets/config.php to /var/www/phpldapadmin/config/config.php
tr: write error: Broken pipe
tr: write error
*** Running /etc/rc.local...
*** Booting runit daemon...
*** Runit started as PID 736
mknod: ‘/dev/xconsole’: File exists
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.4. Set the 'ServerName' directive globally to suppress this message
Any idea @osixia about these write error ? is it normal ?
The entry of config.php seem truncated, base
and bind_id
are not defined.
/*
* Autogenerated servers variables will come here
*/
$servers->newServer('ldap_pla');
$servers->setValue('server','name','ldap.comnmodel.org');
$servers->setValue('server','host','ldap.comnmodel.org');
File stop after this last line.
I found that openldap work if i expose osixia/openldap port on the VPS Ip. osixia/PhpLdapadmin
doesn't find the docker ldap directly on vps...
_Don't work : _
sudo docker run --name openLdap -e LDAP_ORGANISATION="comnmodel" -e LDAP_DOMAIN="comnmodel.org" -e LDAP_ADMIN_PASSWORD="mypassword" -d osixia/openldap
and with PHPLDAPADMIN_LDAP_HOSTS=localhost
in
sudo docker run --name phpLDAPadmin -e VIRTUAL_HOST=ldap.comnmodel.org -e PHPLDAPADMIN_HTTPS=false -e PHPLDAPADMIN_LDAP_HOSTS=localhost -d osixia/phpldapadmin
Work :
sudo docker run --name openLdap -e LDAP_ORGANISATION="comnmodel" -e LDAP_DOMAIN="comnmodel.org" -e LDAP_ADMIN_PASSWORD="mypassword" -p 389:389 -p 636:636 -d osixia/openldap
and with PHPLDAPADMIN_LDAP_HOSTS=ldap.comnmodel.org
in
sudo docker run --name phpLDAPadmin -e VIRTUAL_HOST=ldap.comnmodel.org -e PHPLDAPADMIN_HTTPS=false -e PHPLDAPADMIN_LDAP_HOSTS=ldap.comnmodel.org -d osixia/phpldapadmin
So, where is the problem with localhost (two docker run on the same vps) ? :/
Hi, this is more a question than an issue, i try to run your image with the nginx proxy images which already expose an 443 port for SSL.
When i try to run your image like this :+1:
sudo docker run -p 443:443 -e VIRTUAL_HOST=ldap.comnmodel.org -e PHPLDAPADMIN_LDAP_HOSTS=ldap.comnmodel.org -d osixia/phpldapadmin
the run of phpldapadmin image failed because port 443 is already allocated.
Any idea to solve that ?