Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nginx Unit user UID has changed to 999, breaks git data source sync #1200

Closed
heapdavid opened this issue Apr 11, 2024 · 2 comments
Closed

Nginx Unit user UID has changed to 999, breaks git data source sync #1200

heapdavid opened this issue Apr 11, 2024 · 2 comments

Comments

@heapdavid
Copy link

Current Behavior

Hi,

We are running our containers as user 101

We are moving to using external data sources rather than mounting scripts into the container.

When we try to sync with our git repository, we get the error SyncError('Fetching remote data failed (DefaultIdentityNotFound): no username found') on the frontend and ERROR:root:Fetching remote data failed (DefaultIdentityNotFound): no username found in the logs.

When we run the worker container as root the error goes away and we can sync successfully.

When we run the worker container as a user that has a name in /etc/passwd and set the folder permissions on /opt/netbox/netbox/scripts to match the error goes away and we can sync successfully. When we try to run the main netbox container as that user (e.g. 33 - www-data) it fails to run with permission errors trying to do mkdirs or access the socket etc in the /opt/unit folder

While looking into it and comparing with an older netbox container we see a change in /etc/passwd:

Netbox 3.4.x container:

unit:x:101:101:unit user,,,:/nonexistent:/bin/false

Netbox 3.7.x container:

unit:x:999:999:unit user:/nonexistent:/bin/false

It looks like nginx unit changed to a static uid of 999 in v1.30 so should that be the default user that netbox-docker should be run as going forward? It seems to work so far in testing.

Proof of change of uid: nginx/unit#893

Related? #516

Thanks

Expected Behavior

We should be able to sync with external data sources when the containers are run as user 101

Docker Compose Version

Running in docker swarm not compose

Docker Version

Client: Docker Engine - Community
 Version:           25.0.5
 API version:       1.44
 Go version:        go1.21.8
 Git commit:        5dc9bcc
 Built:             Tue Mar 19 15:05:34 2024
 OS/Arch:           linux/amd64
 Context:           default

The git Revision

n/a, v3.7.5 container

The git Status

n/a, only container

Startup Command

docker stack deploy

NetBox Logs

ERROR:root:Fetching remote data failed (DefaultIdentityNotFound): no username found

Content of docker-compose.override.yml

n/a
@tobiasge
Copy link
Member

In our docker-compose.yml we use user: 'unit:root', so it will use the new 999 id. You should configure your docker stack to run the container as 999 and change the ownership of the existing volume.

@heapdavid
Copy link
Author

Ah of course, thanks!

matofeder added a commit to osism/ansible-collection-services that referenced this issue Aug 14, 2024
@matofeder
Fix netbox user
6ea4617 
Nginx Unit user UID has changed to 999 which breaks git data source sync
in Netbox.

Netbox 3.7.x container fixed this and use user name and group `unit:root`
instead od user ID.

This fix sets the default netbox user in the same way as `unit:root`.

Refer to related issue and netbox-docker PR:
- netbox-community/netbox-docker#1200
- netbox-community/netbox-docker#589

Signed-off-by: Matej Feder <[email protected]>
@matofeder matofeder mentioned this issue Aug 14, 2024
Merged
berendt pushed a commit to osism/ansible-collection-services that referenced this issue Aug 14, 2024
@matofeder
netbox: fix netbox user (#1560)
dbac081 
Nginx Unit user UID has changed to 999 which breaks git data source sync
in Netbox.

Netbox 3.7.x container fixed this and use user name and group `unit:root`
instead od user ID.

This fix sets the default netbox user in the same way as `unit:root`.

Refer to related issue and netbox-docker PR:
- netbox-community/netbox-docker#1200
- netbox-community/netbox-docker#589

Signed-off-by: Matej Feder <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tobiasge @heapdavid