Replies: 16 comments
-
|
Hi, sorry about this. I am away out of town right now, but I have a fix for this I just haven't kept the public repo up to date. I'm also going to be removing Fail2ban from the 2.x branch as there is a similar function that is included in the 2.x branches. I'm back in the office on Thursday. |
Beta Was this translation helpful? Give feedback.
-
|
Great ! An other question, not related on this problem. How you manage to protect WebApp access with LemonLDAP since it's running in container ? You can't add Vhost in container's Nginx config (on recreate it's lost) ... |
Beta Was this translation helpful? Give feedback.
-
|
I use a seperate handler container on each server, which talks to the main portal server via rest (2.x) or SOAP (1.9). What are you trying to protect? I dont make any modifications to the LLNG server or handler once they are up and running, it happens on the other applications/containers nginx config files. |
Beta Was this translation helpful? Give feedback.
-
|
New build submitted that matches my private repository. This one also removes MongoDB temporarily as Alpine has removed it from their repos and I'm trying to find an effective way to build and reutilize. Let me know if this works. This is also 2.0.3 which fixes a tonne of issues in the 2.x branch. |
Beta Was this translation helpful? Give feedback.
-
|
Also submitted new build that might fix your fail2ban issue? Basically upon each container startup it just wipes the lock and pid files. |
Beta Was this translation helpful? Give feedback.
-
What I want (but don't know if it's possible) : Via reverse proxy (by Plesk VHost) I have portal and manager working. But I don't know how configure handler on my Plesk Vhost for protecting it by SSO.
I'll try ! Thx |
Beta Was this translation helpful? Give feedback.
-
Still not working. After a Docker restart, FastCGI server is starting (and exit, obviously) infinitly
Working ! |
Beta Was this translation helpful? Give feedback.
-
|
Fun fact, coudot/lemonldap-ng image has almost same error ... It's a LemonLDAP error ? |
Beta Was this translation helpful? Give feedback.
-
|
Perhaps. Can you take a peek in any of the llng logs, or even try to get into the container and execute the /etc/s6/services/20-llng-fastcgi-server and see what the output reveals? It may very well be a configuration file issue that might have crept in. |
Beta Was this translation helpful? Give feedback.
-
Manual execution does not log more than
Maybe, but i don't see why. I just follow instructions. But if i'm the only one whith this error, indeed, my config is probably the cause. |
Beta Was this translation helpful? Give feedback.
-
|
Full start sequence : |
Beta Was this translation helpful? Give feedback.
-
|
You are right, that doesn't tell us anything. This is with a brand new install? Lets try this: Change your environment variables to the following
Then edit your ./data/etc/lemonldap-ng/lemonldap-ng.ini to this: [all]
logger = Lemonldap::NG::Common::Logger::Std
userLogger = Lemonldap::NG::Common::Logger::Std
logLevel = warn
globalSessionStorage=Cache::FileCache
globalSessionStorageOptions={'namespace' => 'lemonldap-ng-sessions','default_expires_in' => 600, 'directory_umask' => '007', 'cache_root' => '/tmp', 'cache_depth' => 3, }
globalStorage = Apache::Session::File
globalStorageOptions = { 'Directory' => '/var/lib/lemonldap-ng/sessions/', 'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/', }
[configuration]
type = File
dirName = /var/lib/lemonldap-ng/conf
localStorage=Cache::FileCache
localStorageOptions={'namespace' => 'lemonldap-ng-config','default_expires_in' => 600, 'directory_umask' => '007', 'cache_root' => '/tmp', 'cache_depth' => 0, }
[portal]
staticPrefix = /static
templateDir = /usr/share/lemonldap-ng/portal/templates
languages = en
[handler]
useRedirectOnError = 1
status = 1
[manager]
protection = manager
staticPrefix = /static
templateDir = /usr/share/lemonldap-ng/manager/templates
languages = en
enabledModules = conf, sessions, 2ndFAand restart, that's a stripped down configuration I use. |
Beta Was this translation helpful? Give feedback.
-
On each test, I remove container and prune volumes. The first start is OK. But even without editing any config, after a container restart, FastCGI server won't start. |
Beta Was this translation helpful? Give feedback.
-
|
I wouldn't say you are cursed, I'm actually going to raise my hand here and bet I don't fully understand 2.0 myself. I had it running in production for approximately 2 weeks and had to pull back to 1.9 due to some bugs in the application code, and some quirks I wasn't able to fully figure out. I would be willing to get together and poke around with you on your server to a) satisfy my curiosity b) fix the image if its related to me c) get you up and running. |
Beta Was this translation helpful? Give feedback.
-
|
This is the way I create my container : If you try yourself with this, can you reproduce my problem ? |
Beta Was this translation helpful? Give feedback.
-
|
Hello, @maxbes has fixed it on the official docker image: LemonLDAPNG/lemonldap-ng-docker#25 You can try this patch on your side |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
I've created a docker with
tiredofit/lemonldap:2.0-latestimage. On first start, everything is ok. But if i restart the container :I disable Fail2ban using env var, but the FastCGI Server is still restarting ...
For restart container, i need to remove it and re-run.
Any idea ?
Beta Was this translation helpful? Give feedback.
All reactions