search

spiral-project / ihatemoney

A simple shared budget manager web application
https://ihatemoney.org
Other
1.19k stars 268 forks source link

Admin Password in Docker Compose #1169

Closed Chacsam closed 1 year ago

Chacsam commented 1 year ago

Hello,

I am trying to install ihatemoney through a Portainer Stack (docker-compose file), but I cannot get the Admin password to work.. Using a https reverse proxy I avoid the invalid CRSF with secure cookies, but I always get "Admin password: This admin password is not the right one. Only x attempts left." on the admin page.

My code to generate the hash: docker run -it --rm --entrypoint ihatemoney ihatemoney/ihatemoney generate_password_hash

My Docker-compose

version: "3.0"
services:
  ihatemoney:
    image: ihatemoney/ihatemoney:latest
    container_name: I_Hate_Money
    network_mode: "bridge"
    environment:
      - BABEL_DEFAULT_TIMEZONE=xxx
      - ACTIVATE_ADMIN_DASHBOARD=True
      - ACTIVATE_DEMO_PROJECT=False
      - ALLOW_PUBLIC_PROJECT_CREATION=True
      - SHOW_ADMIN_EMAIL=True
      - ADMIN_PASSWORD=pbkdf2:sha256:260000$bvN2imsPpC323VGJ$xxxxxx
      - MAIL_SERVER=xxx
      - MAIL_PORT=587
      - MAIL_DEFAULT_SENDER=Expense Split <xxxxx@xxxxx.xx>
      - MAIL_USERNAME=xxxx@xxx.xx
      - MAIL_PASSWORD=xxxx
      - MAIL_USE_SSL=False
      - MAIL_USE_TLS=True
    volumes:
      - /home/my_map/apps/ihatemoney/db:/database
    ports:
      - 41008:8000
    restart: unless-stopped

Docker 24.0 on a Ubuntu 22.04 container in Proxmox.

Am I doing something wrong?

AkshayRao27 commented 1 year ago

I have the same issue.

I am on Ubuntu 22.04.1 LTS and using Portainer CE 2.17.0 Docker 23.0.1.

I tried generating the hash using just ihatemoney generate_password_hash via the Portainer Console within the container, as well as generating it via the console using the same command you did.

Here's my compose file:

version: "3.9"

services:
  ihatemoney:
    image: ihatemoney/ihatemoney:latest
    environment:
      - DEBUG=False
      - ACTIVATE_ADMIN_DASHBOARD=True
      - ACTIVATE_DEMO_PROJECT=False
      - ADMIN_PASSWORD=<hash-generated-as-described-above>
      - ALLOW_PUBLIC_PROJECT_CREATION=True
      - BABEL_DEFAULT_TIMEZONE=Europe/Vienna
      - GREENLET_TEST_CPP=no
      - MAIL_DEFAULT_SENDER=Budget Manager <admin@example.com>
      - MAIL_PASSWORD=
      - MAIL_PORT=25
      - MAIL_SERVER=localhost
      - MAIL_USE_SSL=False
      - MAIL_USE_TLS=False
      - MAIL_USERNAME=
      - SECRET_KEY=<is-a-secret>
      - SESSION_COOKIE_SECURE=False
      - SHOW_ADMIN_EMAIL=True
      - SQLALCHEMY_DATABASE_URI=sqlite:////database/ihatemoney.db
      - SQLALCHEMY_TRACK_MODIFICATIONS=False
      - ENABLE_CAPTCHA=True
      - LEGAL_LINK=
      - PORT=8000
      - PUID=0
      - PGID=0
    ports:
      - 32660:8000
LilPeen commented 1 year ago

I too tried installing this recently and also can't access.. even though I got the proper hash or atleast the one generated by the command.

I tried multiple times, but no change. FWIW here's my Settings and the error I'm getting. 

version: "3.9"

services:
  ihatemoney:
    image: ihatemoney/ihatemoney:latest
    container_name: ihatemoney
    environment:
      - DEBUG=False
      - ACTIVATE_ADMIN_DASHBOARD=True
      - ACTIVATE_DEMO_PROJECT=False
      - ADMIN_PASSWORD=pbkdf2:sha256:260000$jk0qpL7E8i35MrNM$f2ac9f48fa356c44fef95639c3cac588df0eaf455d29753a827f8df74814a709
      - ALLOW_PUBLIC_PROJECT_CREATION=False
      - BABEL_DEFAULT_TIMEZONE=america/new_york
      - GREENLET_TEST_CPP=no
      - MAIL_DEFAULT_SENDER=
      - MAIL_PASSWORD=
      - MAIL_PORT=
      - MAIL_SERVER=
      - MAIL_USE_SSL=True
      - MAIL_USE_TLS=False
      - MAIL_USERNAME=
      - SECRET_KEY=pingadulce
      - SESSION_COOKIE_SECURE=True
      - SHOW_ADMIN_EMAIL=True
      - SQLALCHEMY_DATABASE_URI=sqlite:////database/ihatemoney.db
      - SQLALCHEMY_TRACK_MODIFICATIONS=False
      - ENABLE_CAPTCHA=False
      - LEGAL_LINK=
      - PORT=8000
      - PUID=0
      - PGID=0
    networks:
      - nginx_default
    ports:
      - "8003:8000"
networks:
  nginx_default:
    external: true

and getting this:

WARN[0000] The "jk0qpL7E8i35MrNM" variable is not set. Defaulting to a blank string. 
WARN[0000] The "f2ac9f48fa356c44fef95639c3cac588df0eaf455d29753a827f8df74814a709" variable is not set. Defaulting to a blank string.

Which makes it seem like it's just ignoring everything after "$"

If any of this helps :D

LilPeen commented 1 year ago

https://github.com/spiral-project/ihatemoney/issues/334#issuecomment-478635244

This fixed it... Might be worth adding this in documentation.. but sharing here for @AkshayRao27 @Chacsam

Made a separate post so if someone runs into my previous example. But I am now operational! Thanks!

AkshayRao27 commented 1 year ago

I tried the fixes listed in #334

It still doesn't work for me. What might I be doing wrong?

jonathan8devs commented 1 year ago

The trick is to put the hash in '': - ADMIN_PASSWORD='pbkdf2:sha256:260000$randomhash'

Chacsam commented 1 year ago

When putting the hash in '', the application crashes:


File "/etc/ihatemoney/ihatemoney.cfg", line 4

    ADMIN_PASSWORD = ''pbkdf2:sha256:260000$aK5qSyAdIa762UNO$xxxx''

SyntaxError: invalid decimal literal

[2023-07-10 14:35:54 +0000] [8] [INFO] Worker exiting (pid: 8)

[2023-07-10 14:35:54 +0000] [1] [INFO] Shutting down: Master

[2023-07-10 14:35:54 +0000] [1] [INFO] Reason: Worker failed to boot.```
besendorf commented 1 year ago

When putting the hash in '', the application crashes:

File "/etc/ihatemoney/ihatemoney.cfg", line 4

    ADMIN_PASSWORD = ''pbkdf2:sha256:260000$aK5qSyAdIa762UNO$xxxx''

SyntaxError: invalid decimal literal

[2023-07-10 14:35:54 +0000] [8] [INFO] Worker exiting (pid: 8)

[2023-07-10 14:35:54 +0000] [1] [INFO] Shutting down: Master

[2023-07-10 14:35:54 +0000] [1] [INFO] Reason: Worker failed to boot.```

Single ' not double

zorun commented 1 year ago

So, quoting doesn't work, because it gets quoted again in Python.

But double dollars work fine, I have added some "documentation" about it here: #1183