-
Notifications
You must be signed in to change notification settings - Fork 362
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Authentication on private instance #265
Comments
Hi @dbodencnve - Enabling authentication is possible by setting a list of environment variables or modifying a config file and mounting it into your application container (depending on how you are hosting the application). I have plans to document this once I smooth the process over. One complication is that the login system requires an SMTP server to send emails through. If you want to configure via environment variables, here is the list:
Alternatively, you can copy and modify this file for the application. If you are running the docker containers, you can then mount this file into the container at the same location. Environment variables always override this file. Without the above config, the login buttons are just hidden - not disabled in any way. This is because errors would occur in any case without the SMTP server configured (as you found out). Then there is also the ephemeral version where logins wouldn't be retained across application restarts. All things to figure out and smooth over for users. You are welcome to give this a try. I'll work on refining this process eventually. Any feedback, please let me know. Note January 2022: The rest of the discussion below was due to a bug in an earlier docker container version. That has been fixed since then. The summary above are the proper instructions. |
I actually did make the changes to the settings file earlier with my previous tests which at least shows that I was looking at the right location. I just tested again by updating the kubernetes deployment with the environment variables but the error remains. |
This means that there is a likely problem with these two variables:
These env vars help build fully qualified links in emails such as https://pwpush.com/pages/about Or SMTP related. If you wanted, you could set I should add that unconfirmed accounts automatically lock after 2 weeks I believe. |
Did you have any luck with this? |
I did configure the PWP__HOST_DOMAIN and PWP__HOST_PROTOCOL variables but no luck unfortunately. Do you have any hints on how to debug the application in e.g. Visual Studio Code? I am not that familiar with Ruby on Rails. |
Yes - I was wrong re:protocol. Here is what I set for development environment:
Line 10 is trying to build a fully qualified link for the email message (the confirm account link).
This makes me think that the setting you applied didn't take. As if the value isn't set at all. Could there be some discrepancy? Could the env var not be set correctly? |
I confirm that the variables are properly set. This is what I see from within the Kubernetes container:
I obviously replaced confidential information with dummy values. |
Hrm ok - still a mystery then. Could you get the pid of the puma cluster worker process and check the procfs environ if those values are in there? The last possibility I can think of is the process isn't inheriting the env vars because of the boot process? Let's see.
|
Environment variables are there:
|
Which container tag are you using? |
I don't specify one so will be latest? |
Yes I can see those. It is only when I try to register, I am receiving the error message.
…________________________________
Van: Peter Giacomo Lombardo ***@***.***>
Verzonden: Thursday, November 18, 2021 2:16:57 PM
Aan: pglombardo/PasswordPusher ***@***.***>
CC: Dieter Boden ***@***.***>; Mention ***@***.***>
Onderwerp: Re: [pglombardo/PasswordPusher] Authentication on private instance (Issue #265)
I assume so. If I run a docker container with a single env var, the login links show up:
[Screen Shot 2021-11-18 at 14 13 15]<https://user-images.githubusercontent.com/395132/142422026-c62d0840-3909-4725-917d-df0b3531ed4f.png>
[Screen Shot 2021-11-18 at 14 13 34]<https://user-images.githubusercontent.com/395132/142422212-6559cb82-2111-480b-a819-6a9a66c6d64a.png>
Do the login links show up for you?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<#265 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/APXU4E5CYF5PDAU5ABI43QDUMT4ETANCNFSM5HU5MOAQ>.
Triage notifications on the go with GitHub Mobile for iOS<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
|
Well that's something at least. Are you using ephemeral or a database backed container? |
Ephemeral at the moment.
…________________________________
Van: Peter Giacomo Lombardo ***@***.***>
Verzonden: donderdag, november 18, 2021 2:32 PM
Aan: pglombardo/PasswordPusher
CC: Dieter Boden; Mention
Onderwerp: Re: [pglombardo/PasswordPusher] Authentication on private instance (Issue #265)
Yes I can see those. It is only when I try to register, I am receiving the error message.
Well that's something at least. Are you using ephemeral or a database backed container?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<#265 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/APXU4EYXOW5KEMFGNXU6BFTUMT55XANCNFSM5HU5MOAQ>.
Triage notifications on the go with GitHub Mobile for iOS<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
|
We don't have support for logins on the ephemeral version because it didn't make sense. The environment variables you set are ignored in the ephemeral version. Next time, I'll ask up front which container and version is running. Sorry for the longer than needed resolution. Even though logins don't make sense for the ephemeral version - it does make it easy to test things out. Let me add the config to ephemeral and I'll post back here with a tag you can try. |
Much appreciated
…________________________________
Van: Peter Giacomo Lombardo ***@***.***>
Verzonden: Thursday, November 18, 2021 2:44:05 PM
Aan: pglombardo/PasswordPusher ***@***.***>
CC: Dieter Boden ***@***.***>; Mention ***@***.***>
Onderwerp: Re: [pglombardo/PasswordPusher] Authentication on private instance (Issue #265)
We don't have support for logins on the ephemeral version because it didn't make sense. The environment variables you set are ignored in the ephemeral version.
Next time, I'll ask up front which container and version is running. Sorry for the longer than needed resolution.
Even though logins don't make sense for the ephemeral version - it does make it easy to test things out.
Let me add the config to ephemeral and I'll post back here with a tag you can try.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<#265 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/APXU4E2L4SKUI3X537PIDPLUMT7KLANCNFSM5HU5MOAQ>.
Triage notifications on the go with GitHub Mobile for iOS<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
|
Could you try this docker tag? That has the login/email support added. |
That seems to be much better.
I am now having SMTP authentication issues which I need to solve, but that is another story.
I guess this issue can be closed.
|
Ok that is mostly good news. If I can help with anything else, let me know. Eventually we'll get logins improved, documented and smoothed over. |
I want to reopen this issue. In my docker container everything works fine. However when I want to use Office 365 as mail service, the docker gives the error pwpush-docker-pwpush-1 | F, [2023-10-27T11:05:02.712418 #228] FATAL -- : [5437df51-ec08-4cad-98f6-ce1193b143ae] I've debugged the actionmailer (screenshot below). The settings seem to be OK. Sending with gmail works perfectly. |
Hi @RafVandelaer - I was writing some ideas and tips and then I saw this. 😄 |
Hey @pglombardo, I feel stupid now. First I thought I made a typo, but now I don't get it. Should be working, right? |
Hi @pglombardo, I've been testing some more. To be sure I'm not a complete idiot :D |
Hi @RafVandelaer - have you made any progress on this? If not, could you post the full stack trace of the error? |
Hi @pglombardo |
I have noticed that support for authentication has been added as part of #97 but it appears this is not supported for private instances yet? I tried to make it work but getting errors when trying to create an account. The account gets created but the notifications are not working.
The text was updated successfully, but these errors were encountered: