mingfang / docker-mautic Goto Github PK
View Code? Open in Web Editor NEWRun Mautic Inside Docker
Run Mautic Inside Docker
Whilst reviewing your excellent looking work on instancing Mautic within a Kubernetes container, I was looking in detail at your container mount paths, especially as you had posted on Issue #2 Documentation on how this should be used with volumes thread for mautic/docker-mautic
.
The volume mount specified at in mautic.yml line 55:
pod:
containers:
- name: mautic
image: registry.rebelsoft.com/mautic:latest
volumeMounts:
- name: configmap
mountPath: /var/www/html/app/local/config/local.php
subPath: local.php
readOnly: false
Has this readOnly: false
attribute applied, which under the Kubernetes hood, has been patched in a security fix. This apparently:
configMap
volumes read-only (ro)
at the moment of mount;readOnly: false
configuration;kubectl describe pod
listing the volume as read-write (rw)
;ReadOnlyAPIVolumes
.The most troublesome inconsistency regarding these volumes is that:
Previously, applications were allowed to make changes to these volumes, but those changes were reverted at an arbitrary interval by the system.
In reference to @mbabker comment, he says:
Those variables, if set, are prefilled into a stub local.php configuration file so that when you run Mautic's installer on a new deployment then the database credentials are pre-filled (you'd just need to re-enter the password). There is also logic in place so that a new deployment doesn't overwrite the local.php file if it already exists which lets the configuration persist if you've attached everything to an external volume.
@wittwerch also comments regarding local.php
:
The configuration file is updated every time you change settings in the web UI. That means that you write state into your container, unless you somehow mount it using a volume.
I raise this issue for discussion: why readOnly: false
? is Mautic quite picky about writing to this file? Mautic and PHP is not my strongest suit so I ask, in your experience, is write access necessary truly necessary?
Looking forward to the discussion.
cat /var/log/nginx/error.log
2019/03/12 23:32:19 [error] 611#611: *1 FastCGI sent in stderr: "PHP message: PHP Fatal error: Uncaught UnexpectedValueException: The stream or file "/var/log/mautic/mautic_prod-2019-03-12.php" could not be opened: failed to open stream: Permission denied in /var/www/html/vendor/monolog/monolog/src/Monolog/Handler/StreamHandler.php:107
Stack trace:
#0 /var/www/html/vendor/monolog/monolog/src/Monolog/Handler/RotatingFileHandler.php(107): Monolog\Handler\StreamHandler->write(Array)
#1 /var/www/html/vendor/monolog/monolog/src/Monolog/Handler/AbstractProcessingHandler.php(37): Monolog\Handler\RotatingFileHandler->write(Array)
#2 /var/www/html/vendor/monolog/monolog/src/Monolog/Logger.php(337): Monolog\Handler\AbstractProcessingHandler->handle(Array)
#3 /var/www/html/vendor/monolog/monolog/src/Monolog/Logger.php(644): Monolog\Logger->addRecord(500, 'Uncaught PHP Ex...', Array)
#4 /var/www/html/vendor/symfony/http-kernel/EventListener/ExceptionListener.php(102): Monolog\Logger->critical('Uncaught PHP Ex...', Array)
#5 /var/www/html/app/bundles/CoreBundle/EventListener/Excep...
PHP message: PHP Fatal error: Uncaught UnexpectedValueException: The stream or file "/var/log/mautic/mautic_prod-2019-03-12.php" could not be opened: failed to open stream: Permission denied in /var/www/html/vendor/monolog/monolog/src/Monolog/Handler/StreamHandler.php:107
Stack trace:
#0 /var/www/html/vendor/monolog/monolog/src/Monolog/Handler/RotatingFileHandler.php(107): Monolog\Handler\StreamHandler->write(Array)
#1 /var/www/html/vendor/monolog/monolog/src/Monolog/Handler/AbstractProcessingHandler.php(37): Monolog\Handler\RotatingFileHandler->write(Array)
#2 /var/www/html/vendor/monolog/monolog/src/Monolog/Logger.php(337): Monolog\Handler\AbstractProcessingHandler->handle(Array)
#3 /var/www/html/vendor/monolog/monolog/src/Monolog/Logger.php(518): Monolog\Logger->addRecord(400, 'PHP Error: Unca...', Array)
#4 /var/www/html/app/bundles/CoreBundle/ErrorHandler/ErrorHandler.php(432): Monolog\Logger->log(400, 'PHP Error: Unca...', Array)
Running the mautic-console in https://github.com/mingfang/docker-mautic/blob/master/sv/nginx/run#L17-L19 as www-data (instead of root) fixes the problem
Hi there, firstly thanks a lot for sharing this great work!
I'm new to mautic so please forgive me if this is a newbie question, but I was wondering if you could clarify why you decided to build your own docker-mautic? I appreciate that there are problems with the official https://github.com/mautic/docker-mautic/ (e.g. it is not properly stateless as described in mautic/docker-mautic#2) so I am wondering why you didn't try to fix the problems there? Or did you try to contribute to the official project but encountered problems getting your contributions accepted?
I am asking because each time the community provides a different approach to the same thing, it causes fragmentation in the community, where development effort gets split between the different but overlapping approaches. This results in multiple groups independently trying to fix the same problems, and this slows down the community as a whole.
I think it would be great if the community could try to converge on a single solution. Then each problem only needs to get fixed once in a single place, and newcomers aren't faced with confusion over which solution to pick.
Does this sound reasonable to you? Thanks again!
Hello ๐
I did not find any license mentioned in the repository, and sadly this make your works "all right reserved" in most of the countries of this world.
Can you clarify the license under which you published this work ?
If you want you can just give me the license name you wish to use and I'll create a PR with it.
Best regards.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.