~tsileo/microblog.pub#61: 
Docker container crashes on startup

I've been trying to follow the directions here and have ran into some issues once I actually get to running the docker container. After running docker compose up -d, it all immediately crashes with the following logs (found via docker logs microblogpub):

2022-11-15 06:53:33,030 WARN received SIGTERM indicating exit request
Traceback (most recent call last):
  File "/opt/venv/.venv/bin/inv", line 8, in <module>
    sys.exit(program.run())
  File "/opt/venv/.venv/lib/python3.10/site-packages/invoke/program.py", line 384, in run
    self.execute()
  File "/opt/venv/.venv/lib/python3.10/site-packages/invoke/program.py", line 569, in execute
    executor.execute(*self.tasks)
  File "/opt/venv/.venv/lib/python3.10/site-packages/invoke/executor.py", line 129, in execute
    result = call.task(*args, **call.kwargs)
  File "/opt/venv/.venv/lib/python3.10/site-packages/invoke/tasks.py", line 127, in __call__
    result = self.body(*args, **kwargs)
  File "/app/tasks.py", line 51, in compile_scss
    build_favicon()
  File "/app/app/utils/favicon.py", line 22, in build_favicon
    im.save("app/static/favicon.ico")
  File "/opt/venv/.venv/lib/python3.10/site-packages/PIL/Image.py", line 2350, in save
    fp = builtins.open(filename, "w+b")
PermissionError: [Errno 13] Permission denied: 'app/static/favicon.ico'
2022-11-15 06:53:41,743 CRIT could not write pidfile /app/data/supervisord.pid
2022-11-15 06:53:42,745 INFO spawnerr: unknown error making dispatchers for 'incoming_worker': EACCES
2022-11-15 06:53:42,746 INFO spawnerr: unknown error making dispatchers for 'outgoing_worker': EACCES
2022-11-15 06:53:42,746 INFO spawnerr: unknown error making dispatchers for 'uvicorn': EACCES
2022-11-15 06:53:43,748 INFO spawnerr: unknown error making dispatchers for 'incoming_worker': EACCES
2022-11-15 06:53:43,749 INFO spawnerr: unknown error making dispatchers for 'outgoing_worker': EACCES
2022-11-15 06:53:43,749 INFO spawnerr: unknown error making dispatchers for 'uvicorn': EACCES
2022-11-15 06:53:45,752 INFO spawnerr: unknown error making dispatchers for 'incoming_worker': EACCES
2022-11-15 06:53:45,753 INFO spawnerr: unknown error making dispatchers for 'outgoing_worker': EACCES
2022-11-15 06:53:45,753 INFO spawnerr: unknown error making dispatchers for 'uvicorn': EACCES
2022-11-15 06:53:48,758 INFO spawnerr: unknown error making dispatchers for 'incoming_worker': EACCES
2022-11-15 06:53:48,758 INFO gave up: incoming_worker entered FATAL state, too many start retries too quickly
2022-11-15 06:53:48,758 INFO spawnerr: unknown error making dispatchers for 'outgoing_worker': EACCES
2022-11-15 06:53:48,758 INFO gave up: outgoing_worker entered FATAL state, too many start retries too quickly
2022-11-15 06:53:48,758 INFO spawnerr: unknown error making dispatchers for 'uvicorn': EACCES
2022-11-15 06:53:48,758 INFO gave up: uvicorn entered FATAL state, too many start retries too quickly

I'm running on Debian 11 as root. I followed the advice in ticket #7 when configuring as root which I imagine might be related to these issues.

Status
REPORTED
Submitter
~tomlisankie
Assigned to
No-one
Submitted
2 years ago
Updated
1 year, 8 months ago
Labels
awaiting feedback

~tsileo 2 years ago

Hey,

It seems to be an issue related to running as root (which again, is not recommended), can you share your Dockerfile?

Thanks

~tomlisankie 2 years ago

Thanks for the quick response. Yeah I figured it was that, I think I'll just start the process again as a different user. Btw, if you need someone to help with updating the docs with this info, let me know. Here's the Dockerfile:

FROM python:3.10-slim as python-base
ENV PYTHONUNBUFFERED=1 \
    PYTHONDONTWRITEBYTECODE=1 \
    POETRY_HOME="/opt/poetry" \
    POETRY_VIRTUALENVS_IN_PROJECT=true \
    POETRY_NO_INTERACTION=1 \
    PYSETUP_PATH="/opt/venv" \
    VENV_PATH="/opt/venv/.venv"
ENV PATH="$POETRY_HOME/bin:$VENV_PATH/bin:$PATH"

FROM python-base as builder-base
RUN apt-get update
RUN apt-get install -y --no-install-recommends curl build-essential gcc libffi-dev libssl-dev libxml2-dev libxslt1-dev zlib1g-dev libxslt-dev gcc libjpeg-dev zlib1g-dev libwebp-dev
# rustc is needed to compile Python packages
RUN curl https://sh.rustup.rs -sSf | bash -s -- -y
ENV PATH="/root/.cargo/bin:${PATH}"
RUN curl -sSL https://install.python-poetry.org | python3 - 
WORKDIR $PYSETUP_PATH
COPY poetry.lock pyproject.toml ./
RUN poetry install --only main

FROM python-base as production
RUN apt-get update
RUN apt-get install -y --no-install-recommends libjpeg-dev libxslt1-dev libxml2-dev libxslt-dev
COPY --from=builder-base $PYSETUP_PATH $PYSETUP_PATH
COPY . /app/
WORKDIR /app
EXPOSE 8000
CMD ["./misc/docker_start.sh"]

~tsileo 2 years ago

If you really want to run as root, I think the Dockerfile looks ok, maybe the permissions were changed?

I would try to see if the directory is owned by root (ls -l yourdir) and if it's not the case, change the owner back to root:

chown -R root:root yourdir

If you're willing to share the additional for running it on a system starting with the root user, that could be helpful.

Thanks!

~fofeu 1 year, 8 months ago

Hello,

I think my issue is similar to what was experienced here. I wanted to launch my own instance on a nearly fresh server (dedicated server not a VPS, Arch Linux, just some basic packages installed). Because of that, the machine only has a root user and "system" (i.e. http, ftp, etc.) users. My initial process was as follows

useradd -r microblogpub
cd /srv
git clone https://git.sr.ht/~tsileo/microblog.pub your-domain.tld
make build
make config
echo 'trusted_hosts = ["*"]' >> data/profile.toml
docker compose up -d

This, obviously didn't work and did it silently moreover (if you attach to the container afterwards, something is actually running but nothing productive). I've pinned down the issue to access rights. For some reason, the container runs using the uid 1000 (even if no such uid exists on the system). Chowning everything to 1000:1000 seems to work, but data/ and app/static/ (and their subdirectories) seem to be enough ? At least, this seems to work on my setup.

useradd -r microblogpub
cd /srv
mkdir your-domain.tld
chown microblogpub:microblogpub your-domain.tld
sudo -u microblogpub -- git clone https://git.sr.ht/~tsileo/microblog.pub your-domain.tld
cd your-domain.tld
sudo -u microblogpub -- make build
find data/ app/static/ -type d | xargs chgrp 1000
find data/ app/static/ -type d | xargs chmod g+w
sudo -u microblogpub -- make config
echo 'trusted_hosts = ["*"]' >> data/profile.toml
sudo -u microblogpub -- docker compose up

I didn't test everything, but python doesn't raise any exceptions and I can navigate on the website.

PS: I hope microblog.pub doesn't send wildly messages to other servers because I've installed and launched a couple dozen instances ^^'

Register here or Log in to comment, or comment via email.