We Keep Coding

Openldap setup with server and UI fails

I'm trying to setup open ldap in linux VM and I am using openldap server from bitnami and
also the UI container. My docker-compose file is as follows:
version: '3'
networks:
openldap:
name: openldap
services:
openldap:
image: bitnami/openldap:latest
restart: unless-stopped
ports:
- '1389:1389'
- '1636:1636'
environment:
- LDAP_ORGANISATION=company
- LDAP_DOMAIN=company.network
- LDAP_ROOT=dc=company,dc=network
- LDAP_ADMIN_USERNAME=admin
- LDAP_ADMIN_PASSWORD=password
networks:
- openldap
volumes:
- 'openldap_data:/bitnami/openldap'
openldap-ui:
image: wheelybird/ldap-user-manager:latest
restart: unless-stopped
ports:
- 8082:80
environment:
- SERVER_HOSTNAME=localhost:8082
- LDAP_URI=ldap://openldap
- LDAP_BASE_DN=dc=company,dc=network
- LDAP_ADMINS_GROUP=admins
- LDAP_ADMIN_BIND_DN=cn=admin,dc=company,dc=network
- LDAP_ADMIN_BIND_PWD=password
- LDAP_IGNORE_CERT_ERRORS=true
- NO_HTTPS=true
networks:
- openldap
depends_on:
- openldap
volumes:
openldap_data:
driver: local
As per this documentation, when i try to do the initial setup via UI (http://ip-address:8082/setup), using the password 'password', I always get the following error.
Problem: Failed to bind as cn=admin,dc=company,dc=network
Wondering if anyone help identify what'm missing here?

Why can I not use the traefik.yml with the docker provider?

I have the following instances of containers and all routing through Traefik as expected;
version: '3.3'
services:
website:
container_name: my-next-js-website
build:
context: .
dockerfile: Dockerfile.dev
ports:
- '3000:3000'
volumes:
- .:/srv
labels:
- traefik.http.routers.website.rule=Host(`domain.local`)
- traefik.enable=true
- traefik.port=3000
traefik:
image: traefik:v2.3
command:
- --entrypoints.web.address=:80
- --providers.docker
- --api
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
labels:
- traefik.http.routers.traefik.rule=Host(`traefik.domain.local`)
- traefik.http.routers.traefik.service=api#internal
- traefik.http.routers.traefik.middlewares=auth
- traefik.http.middlewares.auth.basicauth.usersfile=/path/to/userList
ports:
- '80:80'
Up until this point, it's all good.
My question is when I add $PWD/traefik.yml:/etc/traefik/traefik.yml as a volume and move the labels into this traefik.yml config, why does it not work in the same way (as in the basic auth is missing)?
What I'm trying to add is basic auth to Traefik so it's inaccessible but I can only do so via docker labels and not via traefik.yml - please, I would like to understand what I am doing incorrect or if I am missing something?
I've looked through the Traefik documentation with no luck and spent about 6 hours playing around with it... Do Docker labels and commands work better than the config file to set basic auth around Traefik's API and dashboard?

Traefik. Split configuration and redirect to https

I'm new to Traefik and have following basic question. Traefik should proxy NGINX. My goal is to start the stack either with http (f.e. locally) or with https (production): Therefore I've split the docker config in two yml files:
docker-compose-https.yml
version: "3.3"
services:
traefik:
image: "traefik:v2.4"
container_name: "traefik"
command:
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--entrypoints.web.http.redirections.entrypoint.permanent=true"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
- "--certificatesresolvers.myresolver.acme.email=my#email.com"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- "443:443"
- "8080:8080"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
docker-compose.yml
nginx:
image: nginx:alpine
ports:
- 80:80
labels:
- "traefik.enable=true"
- "traefik.http.routers.nginx.rule=Host('test.example.com')"
- "traefik.http.routers.nginx.entrypoints=websecure"
- "traefik.http.routers.nginx.tls.certresolver=myresolver"
This works so far. If I run docker-compose up -d with -f docker-compose-ssl.yml trafik jumps in for https and issues a cert. Without using it I can still start nginx over http. Unfortuantely what is not working is, as soon as Traefik is up it does not redirect http to https as my config should ask for. What do I oversee?

You need to use the RedirectScheme for the redirection from http to https and the middleware to the router as mentioned in https://doc.traefik.io/traefik/middlewares/overview/#configuration-example
So, your docker-compose.yml should look like this
nginx:
image: nginx:alpine
ports:
- 80:80
labels:
- "traefik.enable=true"
- "traefik.http.routers.nginx.entrypoints=web"
- "traefik.http.routers.nginx.rule=Host(`test.example.com`)"
- "traefik.http.middlewares.nginx-redirectscheme.redirectscheme.scheme=https"
- "traefik.http.routers.nginx.middlewares=nginx-redirectscheme"
- "traefik.http.routers.nginx-secured.entrypoints=websecure"
- "traefik.http.routers.nginx-secured.rule=Host(`test.example.com`)"
- "traefik.http.routers.nginx-secured.tls=true"
- "traefik.http.routers.nginx-secured.tls.certresolver=myresolver"

How to change port of selenium/hub docker container?

I am executing automation tests using Docker containers. I have to run test suites for multiple applications on the same server. But if I have same port for each selenium hub docker container then I cannot run all these suites at the same time. Thus I want to assign different ports to each selenium/hub docker container. Is there any way I can change hub container's port? Or do I need to write my own dockerfile and not use selenium/hub docker images?
My docker-compose file looks like this
version: "3"
services:
selenium-hub:
restart: always
image: selenium/hub:latest
ports:
- "4444:4444"
environment:
- GRID_BROWSER_TIMEOUT=300
- GRID_TIMEOUT=300
selenium-chrome:
restart: always
image: selenium/node-chrome:latest
depends_on:
- selenium-hub
volumes:
- /dev/shm:/dev/shm
links:
- selenium-hub:hub
environment:
- HUB_PORT_4444_TCP_ADDR=selenium-hub
- HUB_PORT_4444_TCP_PORT=4444
- JAVA_OPT=-Xmx512m
- DBUS_SESSION_BUS_ADDRESS=/dev/null
- no_proxy=localhost
- HUB_ENV_no_proxy=localhost
- GRID_BROWSER_TIMEOUT=300
- GRID_TIMEOUT=300
selenium-firefox:
restart: always
image: selenium/node-firefox:latest
depends_on:
- selenium-hub
volumes:
- /dev/shm:/dev/shm
links:
- selenium-hub:hub
environment:
- HUB_PORT_4444_TCP_ADDR=selenium-hub
- HUB_PORT_4444_TCP_PORT=4444
- JAVA_OPT=-Xmx512m
- DBUS_SESSION_BUS_ADDRESS=/dev/null
- no_proxy=localhost
- HUB_ENV_no_proxy=localhost
- GRID_BROWSER_TIMEOUT=300
- GRID_TIMEOUT=300

You can change the ports using the SE_OPTS environment variable: just add
environment:
SE_OPTS: "-port <YOUR_PREFERED_PORT>"
to your docker-compose.yml and Selenium will start at <YOUR_PREFERED_PORT>.
See https://github.com/SeleniumHQ/docker-selenium#se_opts-selenium-configuration-options

According to the Dockerfile https://github.com/SeleniumHQ/docker-selenium/blob/master/Hub/Dockerfile you can set GRID_HUB_PORT
environment:
GRID_HUB_PORT: "4545"

Just do a find and replace of 4444 with whatever port you want to use. For example, use 4440 instead of 4444.
version: "3"
services:
selenium-hub:
restart: always
image: selenium/hub:latest
ports:
- "4440:4440"
environment:
- GRID_BROWSER_TIMEOUT=300
- GRID_TIMEOUT=300
selenium-chrome:
restart: always
image: selenium/node-chrome:latest
depends_on:
- selenium-hub
volumes:
- /dev/shm:/dev/shm
links:
- selenium-hub:hub
environment:
- HUB_PORT_4440_TCP_ADDR=selenium-hub
- HUB_PORT_4440_TCP_PORT=4440
- JAVA_OPT=-Xmx512m
- DBUS_SESSION_BUS_ADDRESS=/dev/null
- no_proxy=localhost
- HUB_ENV_no_proxy=localhost
- GRID_BROWSER_TIMEOUT=300
- GRID_TIMEOUT=300
selenium-firefox:
restart: always
image: selenium/node-firefox:latest
depends_on:
- selenium-hub
volumes:
- /dev/shm:/dev/shm
links:
- selenium-hub:hub
environment:
- HUB_PORT_4440_TCP_ADDR=selenium-hub
- HUB_PORT_4440_TCP_PORT=4440
- JAVA_OPT=-Xmx512m
- DBUS_SESSION_BUS_ADDRESS=/dev/null
- no_proxy=localhost
- HUB_ENV_no_proxy=localhost
- GRID_BROWSER_TIMEOUT=300
- GRID_TIMEOUT=300

I had a situation where I was conducting automated selenium tests for two different web applications on the same Jenkins machine. I needed 2 selenium grids to be set up and running on the same machine each employing unique and distinct ports. Instead of creating docker images of my own for the hubs and nodes I changed the docker compose file for the second selenium grid to the following:
version: "3.5"
services:
hub:
image: selenium/hub
container_name: selenium_hub_nia
ports:
- "3333:4444"
networks:
- nia_bridge
environment:
GRID_MAX_SESSION: 16
GRID_BROWSER_TIMEOUT: 10000
GRID_TIMEOUT: 10000
GRID_HUB_PORT: 3333
expose:
- "3333"
chrome:
image: selenium/node-chrome
container_name: selenium_node_nia_chrome
depends_on:
- hub
environment:
- HUB_PORT_4444_TCP_ADDR=hub
- HUB_PORT_4444_TCP_PORT=3333
- NODE_MAX_SESSION=4
- NODE_MAX_INSTANCES=4
volumes:
- /dev/shm:/dev/shm
ports:
- "9003:5900"
links:
- hub
networks:
- nia_bridge
firefox:
image: selenium/node-firefox-debug
container_name: selenium_node_nia_firefox
depends_on:
- hub
environment:
- HUB_PORT_4444_TCP_ADDR=hub
- HUB_PORT_4444_TCP_PORT=3333
- NODE_MAX_SESSION=4
- NODE_MAX_INSTANCES=4
volumes:
- /dev/shm:/dev/shm
ports:
- "9004:5900"
links:
- hub
networks:
- nia_bridge
networks:
nia_bridge: {}
Three major changes in the above file:
In the hub definition :
I first mapped the port 4444 of the second selenium hub container to the host (Jenkins server) port 3333 (the first hub continues to run on 4444). This solves the error of 4444 being bound already when the first selenium hub container is running.
I also defined its GRID_HUB_PORT as 3333 and exposed that port to the containers on the network bridge named nia-bridge.
In the two services for my 2 nodes (chrome and firefox), I specified the HUB_PORT_4444_TCP_PORT as 3333 so they use the correct url to register to the hub.
This docker compose file spins up 3 containers. I made the container names unique i.e. different from the pre-existing selenium grid network that you may already have for your other web application. This is required because docker container names must be unique.
The above helped me spin up a completely distinct selenium grid with the hub and 2 nodes running on ports 3333,9003,9004 respectively of the host Jenkins server.

Builds stuck in pending state drone

I'm using drone:0.8 with the following configuration but the only two first jobs are succeeded in building. The rest of jobs are stuck in the pending state.
I'm deploying drone using Docker Swarm stack deploy. Here is my configuration file:
version: '3'
services:
server:
image: drone/drone:0.8
ports:
- 8000
- 9000
volumes:
- /data/local/drone:/var/lib/drone/
environment:
- DRONE_OPEN=true
- DRONE_HOST=http://example.com
- DRONE_GITHUB=true
- DRONE_ORGS=my_fake_company
- DRONE_ADMIN=my_github
- DRONE_GITHUB_CLIENT=my_secret
- DRONE_GITHUB_SECRET=my_client
- DRONE_SECRET=my_drone_secret
- VIRTUAL_HOST=virtual_host.nginx.com
- VIRTUAL_PORT=8000
networks:
- edge
agent:
image: drone/agent:0.8
command: agent
depends_on:
- drone-server
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
- DRONE_SERVER=drone_server:9000
- DRONE_SECRET=my_secret
networks:
- edge
networks:
- edge
external: true
It's running behind nginx-proxy by jwlinder.