docker-endpoint.sh permission denied

[mrehanabbasi]

First of all, thanks for this amazing project to create a docker-compose file for simplelogin.

However, I am running into an issue while running the ./up.sh file.

[+] Running 10/10
 ✔ Network simplelogin_default  Created                                                                            0.2s
 ✔ Container sl-db              Healthy                                                                            0.3s
 ✔ Container nginx              Started                                                                            0.3s
 ✔ Container acme.sh            Started                                                                            0.1s
 ✔ Container sl-migration       Exited                                                                             0.1s
 ✔ Container sl-init            Exited                                                                             0.1s
 ✔ Container sl-email           Started                                                                            0.1s
 ✔ Container sl-app             Started                                                                            0.1s
 ✔ Container postfix            Created                                                                            0.1s
 ✔ Container sl-job-runner      Created                                                                            0.1s
Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "/docker-entrypoint.sh": permission denied: unknown

Any reason why this is happening? BTW I am using sudo to run this file as I can't make any changes in the /opt/simplelogin folder without that.

[springcomp]

@mrehanabbasi thanks for your feedback.

I find this project makes starting up a new (and upgrading an existing) instance of Simple Login very easy for my use case.

First, your are absolutely right, this project has not been designed to run without administrative privileges. I must absolutely address that.

Second, this project is opinionated and embeds everything from the Web Server to the SSL certificates delivery and renewals. If you only need the Postfix + SimpleLogin part, you can easily remove the reference to the nginx part. Be careful to update approriate files to accomodate for the location to the SSL certificates.

For the time being, can you please try and login as root. You may then clone the repo again (or change ownership of all cloned files recursively). And try and start again ?

[springcomp]

Also, for better understanding, can you clarify how you can reproduce this problem. My assumption is that you:

• Logged in as a regular user.
• Cloned the repository
• Used sudo ./up.sh to run the stack.

If that is not exactly the steps you took, can you clarify the steps ? Do you have a way to add your regular users to the list of users that can run docker containers ?

[mrehanabbasi]

I am running the containers from a non-root user but I have granted it permission to run the docker command without sudo using

sudo usermod -aG docker $USER

[springcomp]

Does it succeed when running as root, though ?

Maybe do not clone into /opt but clone in your local home folder ? You may need to adjust some references in the configuration files, though.

[springcomp]

Can you please share a bit more of your setup ? Is the server a fresh default install ? Do you have your own separate configuration for service web apps ? Did you just clone the repository and run the ./up.sh script ? Did you update the configuration for your specific domain ? Do you use the project-supplied nginx and acme.sh configuration (in which case are you using DNS-01 or HTTP-01 SSL challenge) ?

[mrehanabbasi]

I am using a fresh Ubuntu 22.04 VM from DigitalOcean.

Also, I am trying to do everything from docker and hence try to avoid any local service.

I made some changes to the .env file according to my domain and then ran the ./up.sh.

I am using the project-supplied acme.sh and nginx. Also, I'm using DNS-01 challenge.

Hope that clarifies everything regarding my setup.

[mrehanabbasi]

I also ran ./up.sh using root but got the same error.

[mrehanabbasi]

After many hours of troubleshooting, I found what the error was. I cloned the repo to my Windows machine first and then copied the files to the remote VM after making the desired changes. This made it so that the files contained CRLF line endings instead of LF line endings along with some other things. So I cloned the repo on the VM and then made the changes. After a lot of trial and error, I was finally able to get it up and running. However, I could not get acme.sh to work (and even tried it with Cloudflare DNS) and had to manually create SSL certificates using certbot.

[springcomp]

Good to know thanks