Failed to run demo-setup
Closed this issue · 20 comments
theoneandonly-vector commented
Describe the bug
When I run "docker-compose up" after setup (only the last few rows):
ec0308da9185: Pull complete
Digest: sha256:6a09303edd1d686bd8ef4e3a80e7cdf7e837f9af56330cb805d8d3be1a27e1a8
Status: Downloaded newer image for zokradonh/kopano_meet:latest
Creating kopano_web_1 ... error
Creating kopano_kopano_ssl_1 ...
Creating kopano_kopano_kustomer_1 ...
Creating kopano_ldap ...
Creating kopano_db ...
Creating kopano_kopano_kustomer_1 ... error
urce path '/var/lib/dbus/machine-id': mkdir /var/lib/dbus/machine-id: read-only file system
Creating kopano_kopano_ssl_1 ... done
ERROR: for kopano_kopano_kustomer_1 Cannot start service kopano_kustomer: error
Creating kopano_ldap ... done
Creating kopano_db ... done
Creating kopano_mail ... done
ERROR: for web Cannot start service web: error while creating mount source path '/var/lib/dbus/machine-id': mkdir /var/lib/dbus/machine-id: read-only file system
ERROR: for kopano_kustomer Cannot start service kopano_kustomer: error while creating mount source path '/var/lib/dbus/machine-id': mkdir /var/lib/dbus/machine-id: read-only file system
ERROR: Encountered errors while bringing up the project.
To Reproduce
Steps to reproduce the behavior:
using latest ubuntu 18.04 + Docker version 19.03.5 + docker-compose version 1.25.1
git clone this repo and run ./setup.sh with demo-settings.
Expected behavior
I can access kopano-web.
Additional context
logs:
root@mail:/opt/kopano-docker# docker-compose logs kopano_kustomer
Attaching to kopano_kopano_kustomer_1
root@mail:/opt/kopano-docker# docker-compose logs web
Attaching to kopano_web_1
root@mail:/opt/kopano-docker#
docker-compose.yml:
version: "3.5"
services:
web:
image: ${docker_repo:-zokradonh}/kopano_web:${KWEB_VERSION:-latest}
restart: unless-stopped
environment:
- DEFAULTREDIRECT=${DEFAULTREDIRECT:-/webapp}
- EMAIL=${EMAIL:-off}
- FQDN=${FQDNCLEANED?err}
command: wrapper.sh
cap_drop:
- ALL
cap_add:
- CHOWN
- NET_BIND_SERVICE
- SETGID
- SETUID
volumes:
- /etc/machine-id:/etc/machine-id
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id
- web:/.kweb
networks:
web-net:
aliases:
- ${FQDNCLEANED?err}
ldap:
image: ${docker_repo:-zokradonh}/${LDAP_CONTAINER:-kopano_ldap_demo}:${LDAP_VERSION:-latest}
restart: unless-stopped
container_name: ${COMPOSE_PROJECT_NAME}_ldap
environment:
- LDAP_ADMIN_PASSWORD=${LDAP_ADMIN_PASSWORD}
- LDAP_BASE_DN=${LDAP_BASE_DN}
- LDAP_DOMAIN=${LDAP_DOMAIN}
- LDAP_ORGANISATION=${LDAP_ORGANISATION}
- LDAP_READONLY_USER_PASSWORD=${LDAP_READONLY_USER_PASSWORD}
- LDAP_READONLY_USER=true
env_file:
- ldap.env
command: "--loglevel info --copy-service"
volumes:
- ldap:/var/lib/ldap
- slapd:/etc/ldap/slapd.d
networks:
- ldap-net
mail:
image: tvial/docker-mailserver:release-v6.2.0
restart: unless-stopped
hostname: mail
domainname: ${LDAP_DOMAIN}
container_name: ${COMPOSE_PROJECT_NAME}_mail
depends_on:
- ldap
volumes:
- maildata:/var/mail
- mailstate:/var/mail-state
- mtaconfig:/tmp/docker-mailserver/
environment:
- DMS_DEBUG=0
- ENABLE_CLAMAV=1
- ENABLE_FAIL2BAN=1
- ENABLE_LDAP=1
- ENABLE_POSTFIX_VIRTUAL_TRANSPORT=1
- ENABLE_POSTGREY=1
- ENABLE_SASLAUTHD=1
- ENABLE_SPAMASSASSIN=1
- LDAP_BIND_DN=${LDAP_BIND_DN}
- LDAP_BIND_PW=${LDAP_BIND_PW}
- LDAP_QUERY_FILTER_ALIAS=${LDAP_QUERY_FILTER_ALIAS}
- LDAP_QUERY_FILTER_DOMAIN=${LDAP_QUERY_FILTER_DOMAIN}
- LDAP_QUERY_FILTER_GROUP=${LDAP_QUERY_FILTER_GROUP}
- LDAP_QUERY_FILTER_USER=${LDAP_QUERY_FILTER_USER}
- LDAP_SEARCH_BASE=${LDAP_SEARCH_BASE}
- LDAP_SERVER_HOST=${LDAP_SERVER}
- ONE_DIR=1
- PERMIT_DOCKER=connected-networks
- POSTFIX_DAGENT=lmtp:kopano_dagent:2003
- POSTMASTER_ADDRESS=${POSTMASTER_ADDRESS}
- REPORT_RECIPIENT=1
- SASLAUTHD_LDAP_BIND_DN=${LDAP_BIND_DN}
- SASLAUTHD_LDAP_FILTER=${SASLAUTHD_LDAP_FILTER}
- SASLAUTHD_LDAP_PASSWORD=${LDAP_BIND_PW}
- SASLAUTHD_LDAP_SEARCH_BASE=${LDAP_SEARCH_BASE}
- SASLAUTHD_LDAP_SERVER=${LDAP_SERVER}
- SASLAUTHD_MECHANISMS=ldap
- SMTP_ONLY=1
- SSL_TYPE=self-signed
- TZ=${TZ}
env_file:
- mail.env
networks:
- kopano-net
- ldap-net
# dns: 1.1.1.1 # using Google DNS can lead to lookup errors uncomment this option and
# set to the ip of a trusted dns service (Cloudflare is given as an example).
# See https://github.com/zokradonh/kopano-docker/issues/52 for more information.
cap_add:
- NET_ADMIN
- SYS_PTRACE
db:
image: mariadb:10.3.10-bionic
restart: unless-stopped
container_name: ${COMPOSE_PROJECT_NAME}_db
volumes:
- mysql/:/var/lib/mysql
environment:
- MYSQL_DATABASE=${MYSQL_DATABASE}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- MYSQL_USER=${MYSQL_USER}
env_file:
- db.env
healthcheck:
test: ["CMD-SHELL", 'mysql --database=$$MYSQL_DATABASE --password=$$MYSQL_ROOT_PASSWORD --execute="SELECT count(table_name) > 0 FROM information_schema.tables;" --skip-column-names -B']
interval: 30s
timeout: 10s
retries: 4
networks:
- kopano-net
kopano_ssl:
image: ${docker_repo:-zokradonh}/kopano_ssl:${SSL_VERSION:-latest}
environment:
- FQDN=${FQDN}
- PKI_COUNTRY=NL
env_file:
- kopano_ssl.env
volumes:
- kopanossl/:/kopano/ssl
kopano_kustomer:
image: kopano/kustomerd:${KUSTOMER_VERSION:-latest}
restart: unless-stopped
command: serve --log-level debug
volumes:
- /etc/machine-id:/etc/machine-id
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id\
- kopanolicenses:/etc/kopano/licenses
- kopanosocket/:/run/kopano
kopano_server:
image: ${docker_repo:-zokradonh}/kopano_core:${CORE_VERSION:-latest}
restart: unless-stopped
hostname: kopano_server
container_name: ${COMPOSE_PROJECT_NAME}_server
depends_on:
- db
- kopano_konnect
- kopano_ssl
- ldap
environment:
- ADDITIONAL_KOPANO_PACKAGES=${ADDITIONAL_KOPANO_PACKAGES}
- KCCOMMENT_LDAP_1=${KCCOMMENT_LDAP_1}
- KCCONF_ADMIN_DEFAULT_STORE_LOCALE=${MAILBOXLANG:-en_US.UTF-8}
- KCCONF_LDAP_LDAP_BIND_PASSWD=${LDAP_BIND_PW}
- KCCONF_LDAP_LDAP_BIND_USER=${LDAP_BIND_DN}
- KCCONF_LDAP_LDAP_SEARCH_BASE=${LDAP_SEARCH_BASE}
- KCCONF_LDAP_LDAP_URI=${LDAP_SERVER}
- KCCONF_SERVER_COREDUMP_ENABLED=no
- KCCONF_SERVER_ENABLE_SSO=yes
- KCCONF_SERVER_KCOIDC_INSECURE_SKIP_VERIFY=${INSECURE}
- KCCONF_SERVER_KCOIDC_ISSUER_IDENTIFIER=https://${FQDN}
- KCCONF_SERVER_MYSQL_DATABASE=${MYSQL_DATABASE}
- KCCONF_SERVER_MYSQL_HOST=${MYSQL_HOST}
- KCCONF_SERVER_MYSQL_PASSWORD=${MYSQL_PASSWORD}
- KCCONF_SERVER_MYSQL_PORT=3306
- KCCONF_SERVER_MYSQL_USER=${MYSQL_USER}
- KCCONF_SERVER_PROXY_HEADER=* # delete line if webapp is not behind reverse proxy
- KCCONF_SERVER_SERVER_NAME=Kopano
- KCCONF_SERVER_SERVER_SSL_CA_FILE=/kopano/ssl/ca.pem
- KCCONF_SERVER_SERVER_SSL_KEY_FILE=/kopano/ssl/kopano_server.pem
- KCCONF_SERVER_SSLKEYS_PATH=/kopano/ssl/clients
- KCCONF_SERVER_SYSTEM_EMAIL_ADDRESS=${POSTMASTER_ADDRESS}
- KCUNCOMMENT_LDAP_1=${KCUNCOMMENT_LDAP_1}
- SERVICE_TO_START=server
- TZ=${TZ}
env_file:
- kopano_server.env
networks:
- kopano-net
- ldap-net
- web-net
volumes:
- /etc/machine-id:/etc/machine-id
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id
- kopanodata/:/kopano/data
- kopanosocket/:/run/kopano
- kopanossl/:/kopano/ssl
kopano_webapp:
image: ${docker_repo:-zokradonh}/kopano_webapp:${WEBAPP_VERSION:-latest}
restart: unless-stopped
hostname: kopano_webapp
depends_on:
- kopano_server
volumes:
- /etc/machine-id:/etc/machine-id
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id
- kopanosocket/:/run/kopano
- kopanossl/:/kopano/ssl
- kopanowebapp/:/var/lib/kopano-webapp/
environment:
- ADDITIONAL_KOPANO_WEBAPP_PLUGINS=${ADDITIONAL_KOPANO_WEBAPP_PLUGINS}
- KCCONF_WEBAPP_OIDC_CLIENT_ID=webapp
- KCCONF_WEBAPP_OIDC_ISS=https://${FQDN}
- TZ=${TZ}
env_file:
- kopano_webapp.env
networks:
- kopano-net
- web-net
kopano_zpush:
image: ${docker_repo:-zokradonh}/kopano_zpush:${ZPUSH_VERSION:-latest}
restart: unless-stopped
hostname: kopano_zpush
container_name: ${COMPOSE_PROJECT_NAME}_zpush
depends_on:
- kopano_server
volumes:
- /etc/machine-id:/etc/machine-id
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id
- kopanosocket/:/run/kopano
- kopanossl/:/kopano/ssl
- zpushstates/:/var/lib/z-push/
environment:
- TZ=${TZ}
# Shared folders automatically assigned to all users in the format: [{"name":"<folder name>","id":"<kopano folder id>","type":"<type>","flags":"<flags>"},...]
# For more information on the parameters see the z-push-admin help for the addshared-action.
- ZPUSH_ADDITIONAL_FOLDERS=[]
env_file:
- kopano_zpush.env
networks:
- kopano-net
- web-net
kopano_grapi:
image: ${docker_repo:-zokradonh}/kopano_core:${CORE_VERSION:-latest}
restart: unless-stopped
container_name: ${COMPOSE_PROJECT_NAME}_grapi
depends_on:
- kopano_server
volumes:
- /etc/machine-id:/etc/machine-id
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id
- kopanograpi/:/var/lib/kopano-grapi
- kopanosocket/:/run/kopano
environment:
- KCCONF_GRAPI_ENABLE_EXPERIMENTAL_ENDPOINTS=no
- KCCONF_GRAPI_INSECURE=${INSECURE}
- SERVICE_TO_START=grapi
- TZ=${TZ}
env_file:
- kopano_grapi.env
networks:
- kopano-net
- web-net
kopano_kapi:
image: ${docker_repo:-zokradonh}/kopano_core:${CORE_VERSION:-latest}
restart: unless-stopped
container_name: ${COMPOSE_PROJECT_NAME}_kapi
depends_on:
- kopano_grapi
volumes:
- /etc/machine-id:/etc/machine-id
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id
- kopanodata/:/kopano/data
- kopanosocket/:/run/kopano
- kopanossl/:/kopano/ssl
environment:
- KCCONF_KAPID_INSECURE=${INSECURE}
- KCCONF_KAPID_LOG_LEVEL=DEBUG
- KCCONF_KAPID_OIDC_ISSUER_IDENTIFIER=https://${FQDN}
- SERVICE_TO_START=kapi
- TZ=${TZ}
env_file:
- kopano_kapi.env
networks:
- kopano-net
- web-net
kopano_kdav:
image: ${docker_repo:-zokradonh}/kopano_kdav:${KDAV_VERSION:-latest}
restart: unless-stopped
hostname: kopano_kdav
container_name: ${COMPOSE_PROJECT_NAME}_kdav
depends_on:
- kopano_server
volumes:
- /etc/machine-id:/etc/machine-id
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id
- kdavstates/:/var/lib/kopano/kdav
- kopanosocket/:/run/kopano
- kopanossl/:/kopano/ssl
environment:
- TZ=${TZ}
networks:
- kopano-net
- web-net
kopano_dagent:
image: ${docker_repo:-zokradonh}/kopano_core:${CORE_VERSION:-latest}
restart: unless-stopped
depends_on:
- kopano_server
volumes:
- /etc/machine-id:/etc/machine-id
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id
- kopanosocket/:/run/kopano
- kopanossl/:/kopano/ssl
environment:
- KCCONF_DAGENT_LOG_LEVEL=3
- KCCONF_DAGENT_SSLKEY_FILE=/kopano/ssl/kopano_dagent.pem
- SERVICE_TO_START=dagent
- TZ=${TZ}
env_file:
- kopano_dagent.env
networks:
- kopano-net
kopano_spooler:
image: ${docker_repo:-zokradonh}/kopano_core:${CORE_VERSION:-latest}
restart: unless-stopped
hostname: spooler
domainname: ${LDAP_DOMAIN}
depends_on:
- kopano_server
- mail
volumes:
- /etc/machine-id:/etc/machine-id
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id
- kopanosocket/:/run/kopano
- kopanossl/:/kopano/ssl
environment:
- KCCONF_SPOOLER_LOG_LEVEL=3
- KCCONF_SPOOLER_SMTP_SERVER=mail
- KCCONF_SPOOLER_SSLKEY_FILE=/kopano/ssl/kopano_spooler.pem
- SERVICE_TO_START=spooler
- TZ=${TZ}
env_file:
- kopano_spooler.env
networks:
- kopano-net
kopano_gateway:
image: ${docker_repo:-zokradonh}/kopano_core:${CORE_VERSION:-latest}
restart: unless-stopped
depends_on:
- kopano_server
volumes:
- /etc/machine-id:/etc/machine-id
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id
- kopanosocket/:/run/kopano
- kopanossl/:/kopano/ssl
environment:
- KCCONF_GATEWAY_LOG_LEVEL=3
- KCCONF_GATEWAY_SERVER_SOCKET=http://kopano_server:236/
- SERVICE_TO_START=gateway
- TZ=${TZ}
env_file:
- kopano_gateway.env
networks:
- kopano-net
kopano_ical:
image: ${docker_repo:-zokradonh}/kopano_core:${CORE_VERSION:-latest}
restart: unless-stopped
depends_on:
- kopano_server
volumes:
- /etc/machine-id:/etc/machine-id
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id
- kopanosocket/:/run/kopano
- kopanossl/:/kopano/ssl
environment:
- KCCONF_ICAL_SERVER_SOCKET=http://kopano_server:236/
- SERVICE_TO_START=ical
- TZ=${TZ}
env_file:
- kopano_ical.env
networks:
- kopano-net
- web-net
kopano_monitor:
image: ${docker_repo:-zokradonh}/kopano_core:${CORE_VERSION:-latest}
restart: unless-stopped
depends_on:
- kopano_server
volumes:
- /etc/machine-id:/etc/machine-id
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id
- kopanosocket/:/run/kopano
- kopanossl/:/kopano/ssl
environment:
- SERVICE_TO_START=monitor
- TZ=${TZ}
env_file:
- kopano_monitor.env
networks:
- kopano-net
kopano_search:
image: ${docker_repo:-zokradonh}/kopano_core:${CORE_VERSION:-latest}
restart: unless-stopped
container_name: ${COMPOSE_PROJECT_NAME}_search
depends_on:
- kopano_server
volumes:
- /etc/machine-id:/etc/machine-id
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id
- kopanodata/:/kopano/data
- kopanosocket/:/run/kopano
- kopanossl/:/kopano/ssl
environment:
- SERVICE_TO_START=search
- TZ=${TZ}
env_file:
- kopano_search.env
networks:
- kopano-net
kopano_konnect:
image: ${docker_repo:-zokradonh}/kopano_konnect:${KONNECT_VERSION:-latest}
restart: unless-stopped
depends_on:
- kopano_ssl
- web
# to be useful Konnect also need a running kopano_server, but this dependency cannot be added here since this would be a circular dependency
volumes:
- /etc/machine-id:/etc/machine-id
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id
- kopanosocket/:/run/kopano
- kopanossl/:/kopano/ssl
environment:
- allow_client_guests=yes
- allow_dynamic_client_registration=yes
- eckey=/kopano/ssl/meet-kwmserver.pem
- ecparam=/kopano/ssl/ecparam.pem
- encryption_secret_key=/kopano/ssl/konnectd-encryption.key
- FQDN=${FQDN}
- identifier_registration_conf=/kopano/ssl/konnectd-identifier-registration.yaml
- identifier_scopes_conf=/etc/kopano/konnectd-identifier-scopes.yaml
- signing_private_key=/kopano/ssl/konnectd-tokens-signing-key.pem
- validation_keys_path=/kopano/ssl/konnectkeys
env_file:
- kopano_konnect.env
networks:
- kopano-net
- web-net
kopano_kwmserver:
image: ${docker_repo:-zokradonh}/kopano_kwmserver:${KWM_VERSION:-latest}
restart: unless-stopped
command: wrapper.sh
depends_on:
- kopano_kapi
- kopano_konnect
environment:
- enable_guest_api=yes
- INSECURE=${INSECURE}
- oidc_issuer_identifier=https://${FQDN}
- public_guest_access_regexp=^group/public/.*
env_file:
- kopano_kwmserver.env
volumes:
- /etc/machine-id:/etc/machine-id
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id
- kopanossl/:/kopano/ssl
networks:
- web-net
kopano_meet:
image: ${docker_repo:-zokradonh}/kopano_meet:${MEET_VERSION:-latest}
restart: unless-stopped
environment:
- KCCONF_MEET_disableFullGAB=false
- KCCONF_MEET_guests_enabled=true
- SERVICE_TO_START=meet
env_file:
- kopano_meet.env
depends_on:
- kopano_kapi
- kopano_konnect
- kopano_kwmserver
- web
volumes:
- /etc/machine-id:/etc/machine-id
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id
networks:
- web-net
kopano_scheduler:
image: ${docker_repo:-zokradonh}/kopano_scheduler:${SCHEDULER_VERSION:-latest}
restart: "no"
container_name: ${COMPOSE_PROJECT_NAME}_scheduler
networks:
- kopano-net
- ldap-net
- web-net
depends_on:
- kopano_server
- kopano_zpush
environment:
- CRON_KOPANOUSERS=10 * * * * docker exec kopano_server kopano-admin --sync
- CRON_ZPUSHGAB=0 22 * * * docker exec kopano_zpush z-push-gabsync -a sync
- CRONDELAYED_KBACKUP=30 1 * * * docker run --rm -it --volumes-from kopano_server -v /root/kopano-backup:/kopano/path ${docker_repo:-zokradonh}/kopano_utils:${CORE_VERSION:-latest} kopano-backup -h
- CRONDELAYED_SOFTDELETE=30 2 * * * docker exec kopano_server kopano-admin --purge-softdelete 30
- TZ=${TZ}
env_file:
- kopano_scheduler.env
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
volumes:
kdavstates:
kopanodata:
kopanograpi:
kopanolicenses:
kopanosocket:
kopanossl:
kopanowebapp:
ldap:
maildata:
mailstate:
mtaconfig:
mysql:
slapd:
web:
zpushstates:
networks:
kopano-net:
driver: bridge
ldap-net:
driver: bridge
web-net:
.env:
# please consult https://github.com/zokradonh/kopano-docker
# for possible configuration values and their impact
CORE_VERSION=latest
WEBAPP_VERSION=latest
ZPUSH_VERSION=latest
KONNECT_VERSION=latest
KWM_VERSION=latest
MEET_VERSION=latest
KDAV_VERSION=latest
LDAP_CONTAINER=kopano_ldap_demo
LDAP_ORGANISATION="Kopano Demo"
LDAP_DOMAIN=kopano.demo
LDAP_BASE_DN=dc=kopano,dc=demo
LDAP_SERVER=ldap://ldap:389
LDAP_ADMIN_PASSWORD=95SftzB1hITFw5mZMUvYEYL6GE2K7u2t
LDAP_READONLY_USER_PASSWORD=TypWePqyHgnVd1YsUJPbvJQw6n0Tpltj
LDAP_BIND_DN=cn=readonly,dc=kopano,dc=demo
LDAP_BIND_PW=TypWePqyHgnVd1YsUJPbvJQw6n0Tpltj
LDAP_SEARCH_BASE=dc=kopano,dc=demo
# LDAP query filters
LDAP_QUERY_FILTER_USER=(&(kopanoAccount=1)(mail=%s))
LDAP_QUERY_FILTER_GROUP=(&(objectclass=kopano-group)(mail=%s))
LDAP_QUERY_FILTER_ALIAS=(&(kopanoAccount=1)(kopanoAliases=%s))
LDAP_QUERY_FILTER_DOMAIN=(&(|(mail=*@%s)(kopanoAliases=*@%s)))
SASLAUTHD_LDAP_FILTER=(&(kopanoAccount=1)(uid=%s))
# LDAP user password self-service reset settings
SELF_SERVICE_SECRETEKEY=qSGxYvQKiQqq90Q6BXJ3rpoHRUUTsB0D
SELF_SERVICE_PASSWORD_MIN_LENGTH=5
SELF_SERVICE_PASSWORD_MAX_LENGTH=0
SELF_SERVICE_PASSWORD_MIN_LOWERCASE=0
SELF_SERVICE_PASSWORD_MIN_UPPERCASE=0
SELF_SERVICE_PASSWORD_MIN_DIGIT=1
SELF_SERVICE_PASSWORD_MIN_SPECIAL=1
# switch the value of these two variables to use the activedirectory configuration
KCUNCOMMENT_LDAP_1=!include /usr/share/kopano/ldap.openldap.cfg
KCCOMMENT_LDAP_1=!include /usr/share/kopano/ldap.active-directory.cfg
MYSQL_HOST=db
MYSQL_ROOT_PASSWORD=b8N0lhc2ra8Xw3uEh91RbOYoHHELLoGI
MYSQL_USER=kopano
MYSQL_PASSWORD=bBoT5iqTtXqtT6B9kiPPDepDThONdfVG
MYSQL_DATABASE=kopano
KCCONF_SERVER_SERVER_NAME=Kopano
POSTMASTER_ADDRESS=postmaster@kopano.demo
MAILBOXLANG=de_CH.UTF-8
TZ=Europe/Zurich
# Defines how Kopano can be accessed from the outside world
FQDN=kopano.demo
FQDNCLEANED=kopano.demo
DEFAULTREDIRECT=/webapp
EMAIL=self_signed
CADDY=2015
HTTP=80
HTTPS=443
LDAPPORT=389
SMTPPORT=25
SMTPSPORT=465
MSAPORT=587
IMAPPORT=143
ICALPORT=8080
KOPANOPORT=236
KOPANOSPORT=237
# Settings for test environments
INSECURE=yes
# Docker and docker-compose settings
# Docker Repository to push to/pull from
docker_repo=zokradonh
COMPOSE_PROJECT_NAME=kopano
COMPOSE_FILE=docker-compose.yml:docker-compose.ports.yml
# Modify below to build a different version, than the kopano nightly release
#KOPANO_CORE_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/core:/final/Debian_9.0/
#KOPANO_MEET_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/meet:/final/Debian_9.0/
#KOPANO_WEBAPP_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/webapp:/final/Debian_9.0/
#KOPANO_WEBAPP_FILES_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/files:/final/Debian_9.0/
#KOPANO_WEBAPP_MDM_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/mdm:/final/Debian_9.0/
#KOPANO_WEBAPP_SMIME_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/smime:/final/Debian_9.0/
#KOPANO_ZPUSH_REPOSITORY_URL=http://repo.z-hub.io/z-push:/final/Debian_9.0/
#RELEASE_KEY_DOWNLOAD=1
#DOWNLOAD_COMMUNITY_PACKAGES=0
# Additional packages to install
ADDITIONAL_KOPANO_PACKAGES=""
ADDITIONAL_KOPANO_WEBAPP_PLUGINS="kopano-webapp-plugin-spell kopano-webapp-plugin-spell-de-ch kopano-webapp-plugin-spell-en kopano-webapp-plugin-desktopnotifications kopano-webapp-plugin-filepreviewer kopano-webapp-plugin-mdm kopano-webapp-plugin-smime kopano-webapp-plugin-titlecounter"
fbartels commented
This is your issue:
urce path '/var/lib/dbus/machine-id': mkdir /var/lib/dbus/machine-id: read-only file system
The file does not exist on your host, so docker wants to create it before starting (but fails since it cannot write to it). /var/lib/dbus/machine-id exists on my machine and also exists in the Ubuntu 18.04 machine deployed by Travis for CI
theoneandonly-vector commented
Hi @fbartels
the file exists, and as I tried to start it using root.. I shouldn't have any permission-problems too..
I can't create the file, as it already exists:
fbartels commented
still, it may exist now, but according to your output did not exist when you ran docker-compose up.
I also now retested on a Ubuntu 18.04 box and there the containers start up for me.
theoneandonly-vector commented
It exist, but I still get the same error. Do you have any idea on what to check why this happens?
fbartels commented
That must be some kind of docker-compose bug then, not quite sure how to best debug that.
If its really just about the file in /var/lib you could override the mount to point to the machine id file from /etc instead:
version: "3.5"
services:
web:
volumes:
- /etc/machine-id:/var/lib/dbus/machine-id
kopano_kustomer:
volumes:
- /etc/machine-id:/var/lib/dbus/machine-id
kopano_server:
volumes:
- /etc/machine-id:/var/lib/dbus/machine-id
kopano_webapp:
volumes:
- /etc/machine-id:/var/lib/dbus/machine-id
kopano_zpush:
volumes:
- /etc/machine-id:/var/lib/dbus/machine-id
kopano_grapi:
volumes:
- /etc/machine-id:/var/lib/dbus/machine-id
kopano_kapi:
volumes:
- /etc/machine-id:/var/lib/dbus/machine-id
kopano_kdav:
volumes:
- /etc/machine-id:/var/lib/dbus/machine-id
kopano_dagent:
volumes:
- /etc/machine-id:/var/lib/dbus/machine-id
kopano_spooler:
volumes:
- /etc/machine-id:/var/lib/dbus/machine-id
kopano_gateway:
volumes:
- /etc/machine-id:/var/lib/dbus/machine-id
kopano_ical:
volumes:
- /etc/machine-id:/var/lib/dbus/machine-id
kopano_monitor:
volumes:
- /etc/machine-id:/var/lib/dbus/machine-id
kopano_search:
volumes:
- /etc/machine-id:/var/lib/dbus/machine-id
kopano_konnect:
volumes:
- /etc/machine-id:/var/lib/dbus/machine-id
kopano_kwmserver:
volumes:
- /etc/machine-id:/var/lib/dbus/machine-id
kopano_meet:
volumes:
- /etc/machine-id:/var/lib/dbus/machine-id
theoneandonly-vector commented
weird.. all dockers but "kopano_kustomer" are starting now (that's what the log says) I still can't access web via port 80 and 443. and for "kopano_kustomer" it still gives me the same error:
Starting kopano_kopano_ssl_1 ... done
kopano_kopano_konnect_1 is up-to-date
kopano_server is up-to-date
kopano_kopano_spooler_1 is up-to-date
kopano_kopano_ical_1 is up-to-date
kopano_kopano_webapp_1 is up-to-date
kopano_search is up-to-date
kopano_zpush is up-to-date
kopano_grapi is up-to-date
kopano_kopano_dagent_1 is up-to-date
kopano_kopano_gateway_1 is up-to-date
kopano_kopano_monitor_1 is up-to-date
kopano_kdav is up-to-date
kopano_scheduler is up-to-date
kopano_kapi is up-to-date
kopano_kopano_kwmserver_1 is up-to-date
kopano_kopano_meet_1 is up-to-date
ERROR: for kopano_kustomer Cannot start service kopano_kustomer: error while creating mount source path '/var/lib/dbus/machine-id': mkdir /var/lib/dbus/machine-id: read-only file system
ERROR: Encountered errors while bringing up the project.
root@mail:/opt/kopano-docker#
as for "/var/lib/dbus/machine-id" "/var/lib/dbus/machine-id" is also readable when trying with nano
theoneandonly-vector commented
"I also now retested on a Ubuntu 18.04 box and there the containers start up for me."
what version of docker and docker-compose did you use?
As I installed ubuntu 18.04 on another machine -> same problem.
fbartels commented
How are you installing Docker? Maybe through snap?
Anyways, it works on my system and in ci. especially that it works for some containers on your system and not for others makes it sounds like a docker issue and not an issue of this project.
theoneandonly-vector commented
yes I installed docker through snap, how did you install it ?(so I can create a compatible installation..).
fbartels commented
theoneandonly-vector commented
since i've installed the right one everything starts up but I get the following error:
"HrLogon server "default:" user "SYSTEM": network error"
007)
kopano_spooler_1 | 2020-01-15T12:23:48.072523: [ 7] [error ] Logon to file:///var/run/kopano/server.sock: Remote side closed connection.
kopano_spooler_1 | 2020-01-15T12:23:48.072565: [ 7] [error ] HrLogon server "default:" user "SYSTEM": network error
kopano_spooler_1 | 2020-01-15T12:23:48.072579: [ 7] [error ] Unable to open admin session: network error (80040115)
kopano_gateway_1 | 2020/01/15 12:23:48 Waiting for tcp://kopano_server:236/: dial tcp 172.31.0.7:236: connect: connection refused.
kopano_scheduler | 2020/01/15 11:23:48 Problem with dial: dial tcp 172.31.0.7:236: connect: connection refused. Sleeping 1s
kopano_gateway_1 | 2020/01/15 12:23:49 Waiting for tcp://kopano_server:236/: dial tcp 108.167.172.157:236: connect: connection refused.
kopano_scheduler | 2020/01/15 11:23:49 Problem with dial: dial tcp 192.168.0.12:236: connect: connection refused. Sleeping 1s
kopano_gateway_1 | 2020/01/15 12:23:50 Waiting for tcp://kopano_server:236/: dial tcp 108.167.172.157:236: connect: connection refused.
kopano_spooler_1 | 2020-01-15T12:23:51.073153: [ 7] [error ] Logon to file:///var/run/kopano/server.sock: Remote side closed connection.
kopano_spooler_1 | 2020-01-15T12:23:51.073342: [ 7] [error ] HrLogon server "default:" user "SYSTEM": network error
kopano_spooler_1 | 2020-01-15T12:23:51.073423: [ 7] [error ] Unable to open admin session: network error (80040115)
kopano_gateway_1 | 2020/01/15 12:23:51 Waiting for tcp://kopano_server:236/: dial tcp 108.167.172.157:236: connect: connection refused.
kopano_search | [error ] Logon to file:///var/run/kopano/server.sock: Remote side closed connection.
kopano_search | [error ] HrLogon server "default:" user "SYSTEM": network error
kopano_search | 2020-01-15 12:23:51,736 - search - WARNING - could not connect to server at 'default:', retrying in 5 sec
kopano_server exited with code 1
db_1 | 2020-01-15 11:23:51 60 [Warning] Access denied for user 'root'@'localhost' (using password: YES)
db_1 | 2020-01-15 11:23:53 62 [Warning] Access denied for user 'kopano'@'172.31.0.7' (using password: YES)
db_1 | 2020-01-15 11:23:53 63 [Warning] Access denied for user 'kopano'@'172.31.0.7' (using password: YES)
kopano_scheduler | 2020/01/15 11:23:53 Problem with dial: dial tcp 192.168.0.12:236: connect: connection refused. Sleeping 1s
kopano_ical_1 | 2020/01/15 12:23:54 Waiting for tcp://kopano_server:236/: dial tcp 192.168.0.12:236: connect: connection refused.
kopano_spooler_1 | 2020-01-15T12:23:54.073992: [ 7] [error ] Logon to file:///var/run/kopano/server.sock: Remote side closed connection.
kopano_spooler_1 | 2020-01-15T12:23:54.074030: [ 7] [error ] HrLogon server "default:" user "SYSTEM": network error
kopano_spooler_1 | 2020-01-15T12:23:54.074044: [ 7] [error ] Unable to open admin session: network error (80040115)
theoneandonly-vector commented
my .env:
# please consult https://github.com/zokradonh/kopano-docker
# for possible configuration values and their impact
CORE_VERSION=latest
WEBAPP_VERSION=latest
ZPUSH_VERSION=latest
KONNECT_VERSION=latest
KWM_VERSION=latest
MEET_VERSION=latest
KDAV_VERSION=latest
LDAP_CONTAINER=kopano_ldap_demo
LDAP_ORGANISATION="Kopano Demo"
LDAP_DOMAIN=kopano.demo
LDAP_BASE_DN=dc=kopano,dc=demo
LDAP_SERVER=ldap://ldap:389
LDAP_ADMIN_PASSWORD=qRJAFphO2ExmO17swpZO1MvldyEajS1p
LDAP_READONLY_USER_PASSWORD=Vw0D4F0koUP6VvoPfHa08Ns5pVIS4jnB
LDAP_BIND_DN=cn=readonly,dc=kopano,dc=demo
LDAP_BIND_PW=Vw0D4F0koUP6VvoPfHa08Ns5pVIS4jnB
LDAP_SEARCH_BASE=dc=kopano,dc=demo
# LDAP query filters
LDAP_QUERY_FILTER_USER=(&(kopanoAccount=1)(mail=%s))
LDAP_QUERY_FILTER_GROUP=(&(objectclass=kopano-group)(mail=%s))
LDAP_QUERY_FILTER_ALIAS=(&(kopanoAccount=1)(kopanoAliases=%s))
LDAP_QUERY_FILTER_DOMAIN=(&(|(mail=*@%s)(kopanoAliases=*@%s)))
SASLAUTHD_LDAP_FILTER=(&(kopanoAccount=1)(uid=%s))
# LDAP user password self-service reset settings
SELF_SERVICE_SECRETEKEY=JdkciOgWqp5XN31SekRIfNJlyaeHBRNH
SELF_SERVICE_PASSWORD_MIN_LENGTH=5
SELF_SERVICE_PASSWORD_MAX_LENGTH=0
SELF_SERVICE_PASSWORD_MIN_LOWERCASE=0
SELF_SERVICE_PASSWORD_MIN_UPPERCASE=0
SELF_SERVICE_PASSWORD_MIN_DIGIT=1
SELF_SERVICE_PASSWORD_MIN_SPECIAL=1
# switch the value of these two variables to use the activedirectory configuration
KCUNCOMMENT_LDAP_1=!include /usr/share/kopano/ldap.openldap.cfg
KCCOMMENT_LDAP_1=!include /usr/share/kopano/ldap.active-directory.cfg
MYSQL_HOST=db
MYSQL_ROOT_PASSWORD=mbav7PO3lpuTEPoNBZC20HzbLzk0vKqZ
MYSQL_USER=kopano
MYSQL_PASSWORD=verRx9CfJOS7l3BJDCA0UKzIzYTyB1IH
MYSQL_DATABASE=kopano
KCCONF_SERVER_SERVER_NAME=Kopano
POSTMASTER_ADDRESS=postmaster@kopano.demo
MAILBOXLANG=en_US.UTF-8
TZ=Europe/Zurich
# Defines how Kopano can be accessed from the outside world
FQDN=kopano.demo
FQDNCLEANED=kopano.demo
DEFAULTREDIRECT=/webapp
EMAIL=self_signed
CADDY=2015
HTTP=80
HTTPS=443
LDAPPORT=389
SMTPPORT=25
SMTPSPORT=465
MSAPORT=587
IMAPPORT=143
ICALPORT=8080
KOPANOPORT=236
KOPANOSPORT=237
# Settings for test environments
INSECURE=yes
# Docker and docker-compose settings
# Docker Repository to push to/pull from
docker_repo=zokradonh
COMPOSE_PROJECT_NAME=kopano
COMPOSE_FILE=docker-compose.yml:docker-compose.ports.yml
# Modify below to build a different version, than the kopano nightly release
#KOPANO_CORE_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/core:/final/Debian_9.0/
#KOPANO_MEET_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/meet:/final/Debian_9.0/
#KOPANO_WEBAPP_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/webapp:/final/Debian_9.0/
#KOPANO_WEBAPP_FILES_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/files:/final/Debian_9.0/
#KOPANO_WEBAPP_MDM_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/mdm:/final/Debian_9.0/
#KOPANO_WEBAPP_SMIME_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/smime:/final/Debian_9.0/
#KOPANO_ZPUSH_REPOSITORY_URL=http://repo.z-hub.io/z-push:/final/Debian_9.0/
#RELEASE_KEY_DOWNLOAD=1
#DOWNLOAD_COMMUNITY_PACKAGES=0
# Additional packages to install
ADDITIONAL_KOPANO_PACKAGES=""
ADDITIONAL_KOPANO_WEBAPP_PLUGINS="kopano-webapp-plugin-spell kopano-webapp-plugin-spell-de-ch kopano-webapp-plugin-spell-en kopano-webapp-plugin-desktopnotifications kopano-webapp-plugin-filepreviewer kopano-webapp-plugin-mdm kopano-webapp-plugin-quickitems kopano-webapp-plugin-smime kopano-webapp-plugin-titlecounter"
my docker-compose config:
networks:
kopano-net:
driver: bridge
ldap-net:
driver: bridge
web-net: {}
services:
db:
container_name: kopano_db
environment:
MYSQL_DATABASE: kopano
MYSQL_PASSWORD: verRx9CfJOS7l3BJDCA0UKzIzYTyB1IH
MYSQL_ROOT_PASSWORD: mbav7PO3lpuTEPoNBZC20HzbLzk0vKqZ
MYSQL_USER: kopano
healthcheck:
interval: 30s
retries: 4
test:
- CMD-SHELL
- mysql --database=$$MYSQL_DATABASE --password=$$MYSQL_ROOT_PASSWORD --execute="SELECT
count(table_name) > 0 FROM information_schema.tables;" --skip-column-names
-B
timeout: 10s
image: mariadb:10.3.10-bionic
networks:
kopano-net: {}
restart: unless-stopped
volumes:
- mysql:/var/lib/mysql:rw
kopano_dagent:
depends_on:
- kopano_server
environment:
KCCONF_DAGENT_LOG_LEVEL: '3'
KCCONF_DAGENT_SSLKEY_FILE: /kopano/ssl/kopano_dagent.pem
SERVICE_TO_START: dagent
TZ: Europe/Zurich
image: zokradonh/kopano_core:latest
networks:
kopano-net: {}
read_only: true
restart: unless-stopped
tmpfs:
- /tmp
volumes:
- /etc/machine-id:/etc/machine-id:rw
- kopanossl:/kopano/ssl:rw
- kopanosocket:/run/kopano:rw
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:rw
kopano_gateway:
depends_on:
- kopano_server
environment:
KCCONF_GATEWAY_LOG_LEVEL: '3'
KCCONF_GATEWAY_SERVER_SOCKET: http://kopano_server:236/
SERVICE_TO_START: gateway
TZ: Europe/Zurich
image: zokradonh/kopano_core:latest
networks:
kopano-net: {}
ports:
- published: 110
target: 110
- published: 143
target: 143
read_only: true
restart: unless-stopped
tmpfs:
- /tmp
volumes:
- /etc/machine-id:/etc/machine-id:rw
- kopanossl:/kopano/ssl:rw
- kopanosocket:/run/kopano:rw
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:rw
kopano_grapi:
container_name: kopano_grapi
depends_on:
- kopano_server
environment:
KCCONF_GRAPI_ENABLE_EXPERIMENTAL_ENDPOINTS: "no"
KCCONF_GRAPI_INSECURE: "yes"
KCCONF_GRAPI_PERSISTENCY_PATH: /var/lib/kopano-grapi
SERVICE_TO_START: grapi
TZ: Europe/Zurich
image: zokradonh/kopano_core:latest
networks:
kopano-net: {}
web-net: {}
read_only: true
restart: unless-stopped
tmpfs:
- /tmp/
volumes:
- /etc/machine-id:/etc/machine-id:rw
- kopanosocket:/run/kopano:rw
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:rw
- kopanograpi:/var/lib/kopano-grapi:rw
kopano_ical:
depends_on:
- kopano_server
environment:
KCCONF_ICAL_SERVER_SOCKET: http://kopano_server:236/
SERVICE_TO_START: ical
TZ: Europe/Zurich
image: zokradonh/kopano_core:latest
networks:
kopano-net: {}
web-net: {}
ports:
- published: 8080
target: 8080
read_only: true
restart: unless-stopped
tmpfs:
- /tmp
volumes:
- /etc/machine-id:/etc/machine-id:rw
- kopanossl:/kopano/ssl:rw
- kopanosocket:/run/kopano:rw
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:rw
kopano_kapi:
container_name: kopano_kapi
depends_on:
- kopano_grapi
environment:
KCCONF_KAPID_INSECURE: "yes"
KCCONF_KAPID_LOG_LEVEL: DEBUG
KCCONF_KAPID_OIDC_ISSUER_IDENTIFIER: https://kopano.demo
SERVICE_TO_START: kapi
TZ: Europe/Zurich
image: zokradonh/kopano_core:latest
networks:
kopano-net: {}
web-net: {}
read_only: true
restart: unless-stopped
tmpfs:
- /tmp
volumes:
- /etc/machine-id:/etc/machine-id:rw
- kopanodata:/kopano/data:rw
- kopanossl:/kopano/ssl:rw
- kopanosocket:/run/kopano:rw
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:rw
kopano_kdav:
container_name: kopano_kdav
depends_on:
- kopano_server
environment:
TZ: Europe/Zurich
hostname: kopano_kdav
image: zokradonh/kopano_kdav:latest
networks:
kopano-net: {}
web-net: {}
read_only: true
restart: unless-stopped
tmpfs:
- /run/apache2/
- /run/sessions/
- /tmp
- /var/log/kdav/
volumes:
- /etc/machine-id:/etc/machine-id:rw
- kopanossl:/kopano/ssl:rw
- kopanosocket:/run/kopano:rw
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:rw
- kdavstates:/var/lib/kopano/kdav:rw
kopano_konnect:
depends_on:
- kopano_ssl
- web
environment:
FQDN: kopano.demo
allow_client_guests: "yes"
allow_dynamic_client_registration: "yes"
eckey: /kopano/ssl/meet-kwmserver.pem
ecparam: /kopano/ssl/ecparam.pem
encryption_secret_key: /kopano/ssl/konnectd-encryption.key
identifier_registration_conf: /kopano/ssl/konnectd-identifier-registration.yaml
identifier_scopes_conf: /etc/kopano/konnectd-identifier-scopes.yaml
signing_private_key: /kopano/ssl/konnectd-tokens-signing-key.pem
validation_keys_path: /kopano/ssl/konnectkeys
image: zokradonh/kopano_konnect:latest
networks:
kopano-net: {}
web-net: {}
read_only: true
restart: unless-stopped
tmpfs:
- /tmp
volumes:
- /etc/machine-id:/etc/machine-id:rw
- kopanossl:/kopano/ssl:rw
- kopanosocket:/run/kopano:rw
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:rw
kopano_kustomer:
command: serve --log-level debug
image: kopano/kustomerd:latest
read_only: true
restart: unless-stopped
volumes:
- kopanolicenses:/etc/kopano/licenses:rw
- /etc/machine-id:/etc/machine-id:rw
- kopanosocket:/run/kopano:rw
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id\:rw
kopano_kwmserver:
command: wrapper.sh
depends_on:
- kopano_kapi
- kopano_konnect
environment:
INSECURE: "yes"
enable_guest_api: "yes"
oidc_issuer_identifier: https://kopano.demo
public_guest_access_regexp: ^group/public/.*
image: zokradonh/kopano_kwmserver:latest
networks:
web-net: {}
read_only: true
restart: unless-stopped
tmpfs:
- /tmp
volumes:
- /etc/machine-id:/etc/machine-id:rw
- kopanossl:/kopano/ssl:rw
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:rw
kopano_meet:
depends_on:
- kopano_kapi
- kopano_konnect
- kopano_kwmserver
- web
environment:
KCCONF_MEET_disableFullGAB: "false"
KCCONF_MEET_guests_enabled: "true"
SERVICE_TO_START: meet
image: zokradonh/kopano_meet:latest
networks:
web-net: {}
read_only: true
restart: unless-stopped
tmpfs:
- /tmp
volumes:
- /etc/machine-id:/etc/machine-id:rw
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:rw
kopano_monitor:
depends_on:
- kopano_server
environment:
SERVICE_TO_START: monitor
TZ: Europe/Zurich
image: zokradonh/kopano_core:latest
networks:
kopano-net: {}
read_only: true
restart: unless-stopped
tmpfs:
- /tmp
volumes:
- /etc/machine-id:/etc/machine-id:rw
- kopanossl:/kopano/ssl:rw
- kopanosocket:/run/kopano:rw
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:rw
kopano_scheduler:
container_name: kopano_scheduler
depends_on:
- kopano_server
- kopano_zpush
environment:
CRONDELAYED_KBACKUP: 30 1 * * * docker run --rm -it --volumes-from kopano_server
-v /root/kopano-backup:/kopano/path zokradonh/kopano_utils:latest kopano-backup
-h
CRONDELAYED_SOFTDELETE: 30 2 * * * docker exec kopano_server kopano-admin --purge-softdelete
30
CRON_KOPANOUSERS: 10 * * * * docker exec kopano_server kopano-admin --sync
CRON_ZPUSHGAB: 0 22 * * * docker exec kopano_zpush z-push-gabsync -a sync
TZ: Europe/Zurich
image: zokradonh/kopano_scheduler:latest
networks:
kopano-net: {}
ldap-net: {}
web-net: {}
read_only: true
restart: "no"
tmpfs:
- /tmp
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
kopano_search:
container_name: kopano_search
depends_on:
- kopano_server
environment:
SERVICE_TO_START: search
TZ: Europe/Zurich
image: zokradonh/kopano_core:latest
networks:
kopano-net: {}
read_only: true
restart: unless-stopped
tmpfs:
- /tmp
volumes:
- /etc/machine-id:/etc/machine-id:rw
- kopanodata:/kopano/data:rw
- kopanossl:/kopano/ssl:rw
- kopanosocket:/run/kopano:rw
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:rw
kopano_server:
container_name: kopano_server
depends_on:
- db
- kopano_konnect
- kopano_ssl
- ldap
environment:
ADDITIONAL_KOPANO_PACKAGES: '""'
KCCOMMENT_LDAP_1: '!include /usr/share/kopano/ldap.active-directory.cfg'
KCCONF_ADMIN_DEFAULT_STORE_LOCALE: en_US.UTF-8
KCCONF_LDAP_LDAP_BIND_PASSWD: Vw0D4F0koUP6VvoPfHa08Ns5pVIS4jnB
KCCONF_LDAP_LDAP_BIND_USER: cn=readonly,dc=kopano,dc=demo
KCCONF_LDAP_LDAP_SEARCH_BASE: dc=kopano,dc=demo
KCCONF_LDAP_LDAP_URI: ldap://ldap:389
KCCONF_SERVER_COREDUMP_ENABLED: "no"
KCCONF_SERVER_ENABLE_SSO: "yes"
KCCONF_SERVER_KCOIDC_INSECURE_SKIP_VERIFY: "yes"
KCCONF_SERVER_KCOIDC_ISSUER_IDENTIFIER: https://kopano.demo
KCCONF_SERVER_MYSQL_DATABASE: kopano
KCCONF_SERVER_MYSQL_HOST: db
KCCONF_SERVER_MYSQL_PASSWORD: verRx9CfJOS7l3BJDCA0UKzIzYTyB1IH
KCCONF_SERVER_MYSQL_PORT: '3306'
KCCONF_SERVER_MYSQL_USER: kopano
KCCONF_SERVER_PROXY_HEADER: '*'
KCCONF_SERVER_SERVER_NAME: Kopano
KCCONF_SERVER_SERVER_SSL_CA_FILE: /kopano/ssl/ca.pem
KCCONF_SERVER_SERVER_SSL_KEY_FILE: /kopano/ssl/kopano_server.pem
KCCONF_SERVER_SSLKEYS_PATH: /kopano/ssl/clients
KCCONF_SERVER_SYSTEM_EMAIL_ADDRESS: postmaster@kopano.demo
KCUNCOMMENT_LDAP_1: '!include /usr/share/kopano/ldap.openldap.cfg'
SERVICE_TO_START: server
TZ: Europe/Zurich
hostname: kopano_server
image: zokradonh/kopano_core:latest
networks:
kopano-net: {}
ldap-net: {}
web-net: {}
ports:
- published: 236
target: 236
- published: 237
target: 237
read_only: true
restart: unless-stopped
tmpfs:
- /tmp/
volumes:
- /etc/machine-id:/etc/machine-id:rw
- kopanodata:/kopano/data:rw
- kopanossl:/kopano/ssl:rw
- kopanosocket:/run/kopano:rw
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:rw
kopano_spooler:
depends_on:
- kopano_server
- mail
domainname: kopano.demo
environment:
KCCONF_SPOOLER_LOG_LEVEL: '3'
KCCONF_SPOOLER_SMTP_SERVER: mail
KCCONF_SPOOLER_SSLKEY_FILE: /kopano/ssl/kopano_spooler.pem
SERVICE_TO_START: spooler
TZ: Europe/Zurich
hostname: spooler
image: zokradonh/kopano_core:latest
networks:
kopano-net: {}
read_only: true
restart: unless-stopped
tmpfs:
- /tmp
volumes:
- /etc/machine-id:/etc/machine-id:rw
- kopanossl:/kopano/ssl:rw
- kopanosocket:/run/kopano:rw
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:rw
kopano_ssl:
environment:
FQDN: kopano.demo
PKI_COUNTRY: NL
image: zokradonh/kopano_ssl:latest
read_only: true
tmpfs:
- /kopano/easypki/
volumes:
- kopanossl:/kopano/ssl:rw
kopano_webapp:
depends_on:
- kopano_server
environment:
ADDITIONAL_KOPANO_WEBAPP_PLUGINS: '"kopano-webapp-plugin-spell kopano-webapp-plugin-spell-de-ch
kopano-webapp-plugin-spell-en kopano-webapp-plugin-desktopnotifications kopano-webapp-plugin-filepreviewer
kopano-webapp-plugin-mdm kopano-webapp-plugin-quickitems kopano-webapp-plugin-smime
kopano-webapp-plugin-titlecounter"'
KCCONF_WEBAPP_OIDC_CLIENT_ID: webapp
KCCONF_WEBAPP_OIDC_ISS: https://kopano.demo
TZ: Europe/Zurich
hostname: kopano_webapp
image: zokradonh/kopano_webapp:latest
networks:
kopano-net: {}
web-net: {}
read_only: true
restart: unless-stopped
tmpfs:
- /tmp/
- /run/sessions/
- /run/php/
- /var/log/
volumes:
- /etc/machine-id:/etc/machine-id:rw
- kopanossl:/kopano/ssl:rw
- kopanosocket:/run/kopano:rw
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:rw
- kopanowebapp:/var/lib/kopano-webapp:rw
kopano_zpush:
container_name: kopano_zpush
depends_on:
- kopano_server
environment:
TZ: Europe/Zurich
ZPUSH_ADDITIONAL_FOLDERS: '[]'
hostname: kopano_zpush
image: zokradonh/kopano_zpush:latest
networks:
kopano-net: {}
web-net: {}
read_only: true
restart: unless-stopped
tmpfs:
- /run/apache2/
- /run/sessions/
- /tmp
- /var/log/z-push/
volumes:
- /etc/machine-id:/etc/machine-id:rw
- kopanossl:/kopano/ssl:rw
- kopanosocket:/run/kopano:rw
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:rw
- zpushstates:/var/lib/z-push:rw
ldap:
command: --loglevel info --copy-service
container_name: kopano_ldap
environment:
LDAP_ADMIN_PASSWORD: qRJAFphO2ExmO17swpZO1MvldyEajS1p
LDAP_BASE_DN: dc=kopano,dc=demo
LDAP_DOMAIN: kopano.demo
LDAP_ORGANISATION: '"Kopano Demo"'
LDAP_READONLY_USER: "true"
LDAP_READONLY_USER_PASSWORD: Vw0D4F0koUP6VvoPfHa08Ns5pVIS4jnB
image: zokradonh/kopano_ldap_demo:latest
networks:
ldap-net: {}
ports:
- published: 389
target: 389
restart: unless-stopped
volumes:
- slapd:/etc/ldap/slapd.d:rw
- ldap:/var/lib/ldap:rw
mail:
cap_add:
- NET_ADMIN
- SYS_PTRACE
container_name: kopano_mail
depends_on:
- ldap
domainname: kopano.demo
environment:
DMS_DEBUG: '0'
ENABLE_CLAMAV: '1'
ENABLE_FAIL2BAN: '1'
ENABLE_LDAP: '1'
ENABLE_POSTFIX_VIRTUAL_TRANSPORT: '1'
ENABLE_POSTGREY: '1'
ENABLE_SASLAUTHD: '1'
ENABLE_SPAMASSASSIN: '1'
LDAP_BIND_DN: cn=readonly,dc=kopano,dc=demo
LDAP_BIND_PW: Vw0D4F0koUP6VvoPfHa08Ns5pVIS4jnB
LDAP_QUERY_FILTER_ALIAS: (&(kopanoAccount=1)(kopanoAliases=%s))
LDAP_QUERY_FILTER_DOMAIN: (&(|(mail=*@%s)(kopanoAliases=*@%s)))
LDAP_QUERY_FILTER_GROUP: (&(objectclass=kopano-group)(mail=%s))
LDAP_QUERY_FILTER_USER: (&(kopanoAccount=1)(mail=%s))
LDAP_SEARCH_BASE: dc=kopano,dc=demo
LDAP_SERVER_HOST: ldap://ldap:389
ONE_DIR: '1'
PERMIT_DOCKER: connected-networks
POSTFIX_DAGENT: lmtp:kopano_dagent:2003
POSTMASTER_ADDRESS: postmaster@kopano.demo
REPORT_RECIPIENT: '1'
SASLAUTHD_LDAP_BIND_DN: cn=readonly,dc=kopano,dc=demo
SASLAUTHD_LDAP_FILTER: (&(kopanoAccount=1)(uid=%s))
SASLAUTHD_LDAP_PASSWORD: Vw0D4F0koUP6VvoPfHa08Ns5pVIS4jnB
SASLAUTHD_LDAP_SEARCH_BASE: dc=kopano,dc=demo
SASLAUTHD_LDAP_SERVER: ldap://ldap:389
SASLAUTHD_MECHANISMS: ldap
SMTP_ONLY: '1'
SSL_TYPE: self-signed
TZ: Europe/Zurich
hostname: mail
image: tvial/docker-mailserver:release-v6.2.0
networks:
kopano-net: {}
ldap-net: {}
ports:
- published: 25
target: 25
- published: 465
target: 465
- published: 587
target: 587
restart: unless-stopped
volumes:
- mtaconfig:/tmp/docker-mailserver:rw
- maildata:/var/mail:rw
- mailstate:/var/mail-state:rw
web:
cap_add:
- CHOWN
- NET_BIND_SERVICE
- SETGID
- SETUID
cap_drop:
- ALL
command: wrapper.sh
environment:
DEFAULTREDIRECT: /webapp
EMAIL: self_signed
FQDN: kopano.demo
image: zokradonh/kopano_web:latest
networks:
web-net:
aliases:
- kopano.demo
ports:
- published: 80
target: 80
- published: 443
target: 443
- published: 2015
target: 2015
read_only: true
restart: unless-stopped
volumes:
- web:/.kweb:rw
- /etc/machine-id:/etc/machine-id:rw
- /var/lib/dbus/machine-id:/var/lib/dbus/machine-id:rw
version: '3.5'
volumes:
kdavstates: {}
kopanodata: {}
kopanograpi: {}
kopanolicenses: {}
kopanosocket: {}
kopanossl: {}
kopanowebapp: {}
ldap: {}
maildata: {}
mailstate: {}
mtaconfig: {}
mysql: {}
slapd: {}
web: {}
zpushstates: {}
fbartels commented
hm.. I had a browser window open somewhere with some followup questions, but it seems to have gone lost.
the really relevant part is missing in the provided logs:
kopano_server exited with code 1
Why did this container stop?
I do have the feeling, though that its connected to
db_1 | 2020-01-15 11:23:53 62 [Warning] Access denied for user 'kopano'@'172.31.0.7' (using password: YES)
Maybe the database container was not properly initialised? or the .env file deleted and recreated in between?
theoneandonly-vector commented
I most likely re-created the .env-file.
I just removed all docker images and purged docker to re-install it. then I removed the git-repo and cloned it freshly -> setup.sh -> docker compose up resulting in the following error:
kopano_webapp_1 |
kopano_webapp_1 | WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
kopano_webapp_1 |
kopano_webapp_1 | Reading package lists...
kopano_webapp_1 | E: List directory /var/lib/apt/lists/partial is missing. - Acquire (2: No such file or directory)
theoneandonly-vector commented
it's only this one error, over and over again
theoneandonly-vector commented
when I cd to this location (on the host), there`s just an empty folder
fbartels commented
Yes, the No such file or directory is a bit misleading message from apt. Since a few days all containers are started read-only and allow only write access to specific locations. This is generally not compatible with installation additional packages (this is documented both in the container and in the compose file, but not in the setup script).
If you want to install packages you need to change
kopano-docker/docker-compose.yml
Line 105 in 3367b53
Edit:
I just removed all docker images and purged docker to re-install it
That was waaayy too much. A simple docker-compose down -v would have deleted containers and data volumes.
theoneandonly-vector commented
hi @fbartels
everything started now, whithout posting any errors. But sadly I can't connect to it's web (SSL_ERROR_INTERNAL_ERROR_ALERT):
do you have an idea, what I could do?
fbartels commented
FQDN=kopano.demo
You need to call the fqdn you have configured in your configuration
theoneandonly-vector commented
thank you very much :)