Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: Unable to register when self-hosted via podman #1417

Open
bennypowers opened this issue Nov 5, 2024 · 9 comments
Open

Bug: Unable to register when self-hosted via podman #1417

bennypowers opened this issue Nov 5, 2024 · 9 comments
Labels
🐛 Bug Something isn't working

Comments

@bennypowers
Copy link

bennypowers commented Nov 5, 2024
edited
Loading

EDIT: I'm leaving the original description, however NB that I no longer believe the issue is email domains. I'm currently updating my original server to podman 5.4.5 and will report on my findings in a comment

Describe the bug
When starting a fresh instance (reset db and server by deleting podman volumes), then registering a new user with an email on the same domain as the self-hosted instance, registration does not proceed. submitting the registration form redirects to the registration page

To Reproduce
Steps to reproduce the behavior:

  1. Go to maybe.example.com
  2. register with "[email protected]"
  3. see that you're back on the registration page
  4. register with [email protected]
  5. see that you're in the user setup wizard

Expected behavior
registration proceeds as normal

What version of Maybe are you using?
Self-hosted, image hash e95537e2269f (latest as of this posting)
What operating system and browser are you using?
client: firefox on fedora 41
server: podman on gentoo

Screenshots / Recordings

Loading seed file: exchanges.rb
Created 68 stock exchanges
=> Booting Puma
=> Rails 7.2.1.2 application starting in production 
=> Run `bin/rails server --help` for more startup options
I, [2024-11-05T07:54:07.001916 #1]  INFO -- : [GoodJob] [1] GoodJob 4.4.2 started scheduler with queues=* max_threads=5.
Puma starting in single mode...
* Puma version: 6.4.3 (ruby 3.3.4-p94) ("The Eagle of Durango")
*  Min threads: 3
*  Max threads: 3
*  Environment: production
*          PID: 1
* Listening on http://0.0.0.0:3000
Use Ctrl-C to stop
I, [2024-11-05T07:54:07.260429 #1]  INFO -- : [GoodJob] Notifier subscribed with LISTEN
I, [2024-11-05T07:54:08.377128 #1]  INFO -- : [7187c794-f917-47a1-8d43-9d68ee967a2f] Started GET "/registration/new" for 2a06:c701:992a:4900:4cb:fc84:b43d:8cab at 2024-11-05 07:54:08 +0000
I, [2024-11-05T07:54:08.381143 #1]  INFO -- : [7187c794-f917-47a1-8d43-9d68ee967a2f] Processing by RegistrationsController#new as HTML
I, [2024-11-05T07:54:08.469950 #1]  INFO -- : [7187c794-f917-47a1-8d43-9d68ee967a2f]   Rendered layout layouts/auth.html.erb (Duration: 48.1ms | GC: 0.0ms)
I, [2024-11-05T07:54:08.471002 #1]  INFO -- : [7187c794-f917-47a1-8d43-9d68ee967a2f] Completed 200 OK in 90ms (Views: 46.6ms | ActiveRecord: 12.2ms (3 queries, 0 cached) | GC: 0.0ms)
I, [2024-11-05T07:54:18.187976 #1]  INFO -- : [22ad3b87-7771-42f9-a8dc-1b79ea110d8d] Started POST "/registration" for 2a06:c701:992a:4900:4cb:fc84:b43d:8cab at 2024-11-05 07:54:18 +0000
I, [2024-11-05T07:54:18.195442 #1]  INFO -- : [22ad3b87-7771-42f9-a8dc-1b79ea110d8d] Processing by RegistrationsController#create as TURBO_STREAM
I, [2024-11-05T07:54:18.195513 #1]  INFO -- : [22ad3b87-7771-42f9-a8dc-1b79ea110d8d]   Parameters: {"authenticity_token"=>"[FILTERED]", "user"=>{"email"=>"[FILTERED]", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "invitation"=>""}, "commit"=>"Create account"}
I, [2024-11-05T07:54:18.575582 #1]  INFO -- : [22ad3b87-7771-42f9-a8dc-1b79ea110d8d]   Rendered layout layouts/auth.html.erb (Duration: 13.6ms | GC: 0.6ms)
I, [2024-11-05T07:54:18.576598 #1]  INFO -- : [22ad3b87-7771-42f9-a8dc-1b79ea110d8d] Completed 422 Unprocessable Content in 381ms (Views: 14.1ms | ActiveRecord: 8.3ms (3 queries, 0 cached) | GC: 21.2ms)
@bennypowers bennypowers added the 🐛 Bug Something isn't working label Nov 5, 2024
@bennypowers
Copy link
Author

This is probably a duplicate of #1205

@zachgoll
Copy link
Collaborator

zachgoll commented Nov 5, 2024

@bennypowers did the suggestions I left in #1205 fix things for you?

@bennypowers
Copy link
Author

xpost from the discord: same issue when accessed via localhost, or on a different (fedora) machine

SUMMARY: after investigating and trying to reproduce in other environments, I'm not certain the issue is related to cloudflare. Perhaps if I was able to do some "console.log" style debugging in the auth process I could provide more info

I get 422 errors on reg as per #1205. I've had issues in the past with cloudflared, for example my nextcloud instance required me to add cloudflare IPs to the allowlist in the nextcloud config php files. is there a similar file I can edit for maybe finance?

Edit: i also get a 422 error when trying locally, so this might not just be a cloudflare thing.

I also tried toggling the following settings for the app in cloudflare tunnel settings:

  • the host header to null or to the same domain as the app
  • Bypass options requests to origin; on/off.
  • same site attribute: strict, lax, or none
  • http-only cookies: on/off
  • auth policy: bypass/service auth

I've also tried setting APP_DOMAIN=example.com (to my actual domain) and DISABLE_SSL=true
I also tried using the docker-compose.yml file with podman compose instead of quadlet units and got the same result
I also tried running the compose file on my fedora machine - same result

@bennypowers bennypowers reopened this Nov 5, 2024
@zachgoll
Copy link
Collaborator

zachgoll commented Nov 5, 2024

@bennypowers let's get the local stuff solved first here. Have you been able to successfully register locally with an email address that is not the same as the domain you're trying to run off?

@bennypowers
Copy link
Author

bennypowers commented Nov 5, 2024
edited
Loading

no. any email address i use, localhost or on the lan, fails.

The reason for the title of this issue is because once i was able to start the wizard with a gmail address. I originally though that the gmail address was the reason it succeeded, I don't think so any more. Now I'm not sure what happened there

@zachgoll
Copy link
Collaborator

zachgoll commented Nov 5, 2024

@bennypowers got it. Sounds like this is not related to the Maybe app then.

Can you post your docker compose file? It's likely a configuration issue.

@bennypowers
Copy link
Author

Thanks for looking into this

local compose file 
# ===========================================================================
# Example Docker Compose file
# ===========================================================================
#
# Purpose:
# --------
#
# This file is an example Docker Compose configuration for self hosting
# Maybe on your local machine or on a cloud VPS.
#
# The configuration below is a "standard" setup, but may require modification
# for your specific environment.
#
# Setup:
# ------
#
# To run this, you should read the setup guide:
#
# https://github.com/maybe-finance/maybe/blob/main/docs/hosting/docker.md
#
# Troubleshooting:
# ----------------
#
# If you run into problems, you should open a Discussion here:
#
# https://github.com/maybe-finance/maybe/discussions/categories/general
#

services:

  app:
    image: ghcr.io/maybe-finance/maybe:latest

    volumes:
      - app-storage:/rails/storage

    ports:
      - 3000:3000

    restart: unless-stopped

    environment:
      SELF_HOSTED: "true"
      RAILS_FORCE_SSL: "false"
      RAILS_ASSUME_SSL: "false"
      GOOD_JOB_EXECUTION_MODE: async
      SECRET_KEY_BASE: ${SECRET_KEY_BASE:?}
      DB_HOST: postgres
      POSTGRES_DB: ${POSTGRES_DB:-maybe_production}
      POSTGRES_USER: ${POSTGRES_USER:-maybe_user}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?}

    depends_on:
      postgres:
        condition: service_healthy

  postgres:
    image: postgres:16
    restart: unless-stopped
    volumes:
      - postgres-data:/var/lib/postgresql/data
    environment:
      POSTGRES_USER: ${POSTGRES_USER:-maybe_user}
      POSTGRES_DB: ${POSTGRES_DB:-maybe_production}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?}
    healthcheck:
      test: [ "CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB" ]
      interval: 5s
      timeout: 5s
      retries: 5

volumes:
  app-storage:
  postgres-data:
local .env file (redacted) 
PORT=3000
SYNTH_API_KEY=
SMTP_ADDRESS=
SMTP_PORT=465
SMTP_USERNAME=
SMTP_PASSWORD=
SMTP_TLS_ENABLED=true
EMAIL_SENDER=
DB_HOST=localhost
DB_PORT=5432
POSTGRES_PASSWORD=XXXXXXXXXXXXXXXXXXXXXXXX
POSTGRES_USER=XXXXXXXXXXXXXXXXXXXXXXXX
APP_DOMAIN=
SENTRY_DSN=
REQUIRE_INVITE_CODE=false
SELF_HOSTED=true
HOSTING_PLATFORM=localhost
SECRET_KEY_BASE=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
UPGRADES_MODE=manual # `manual` or `auto`
UPGRADES_TARGET=release # `release` or `commit`
GITHUB_REPO_OWNER=maybe-finance
GITHUB_REPO_NAME=maybe
GITHUB_REPO_BRANCH=main
STRIPE_PUBLISHABLE_KEY=
STRIPE_SECRET_KEY=
STRIPE_WEBHOOK_SECRET=
lan quadlet units 
# maybe-db.container
[Unit]
Description=Maybe Personal Finance Database
Documentation=https://maybe.co
Requires=podman.socket

[Service]
Restart=always

[Container]
Image=docker.io/postgres:16
ContainerName=maybe-db
EnvironmentFile=%h/.config/maybe/.env
HealthCmd=pg_isready -U XXX -d XXX
HealthInterval=5s
HealthRetries=5
HealthTimeout=5s
PublishPort=5432:5432
Network=maybe.network
Volume=maybe-db:/var/lib/postgresql/data
Volume=/run/user/1000/podman/podman.sock:/var/run/docker.sock
Notify=healthy

[Install]
WantedBy=multi-user.target
# maybe-server.container
[Unit]
Description=Maybe Personal Finance Server
Documentation=https://maybe.co
Requires=podman.socket maybe-db.service
After=podman.socket maybe-db.service

[Service]
Restart=always

[Container]
ContainerName=maybe-server
Image=ghcr.io/maybe-finance/maybe:latest
AutoUpdate=registry
EnvironmentFile=%h/.config/maybe/.env
PublishPort=3000:3000
Network=maybe.network
Volume=maybe-server:/rails/storage
Volume=/run/user/1000/podman/podman.sock:/var/run/docker.sock

[Install]
WantedBy=multi-user.target default.target
# maybe.network
[Network]
NetworkName=maybe
# maybe.volume
[Volume]
VolumeName=maybe-db
[Volume]
VolumeName=maybe-server
PORT=3000
SYNTH_API_KEY=
SMTP_ADDRESS=
SMTP_PORT=465
SMTP_USERNAME=
SMTP_PASSWORD=
SMTP_TLS_ENABLED=true
EMAIL_SENDER=
DB_HOST=maybe-db
DB_PORT=5432
POSTGRES_DB=XXX
POSTGRES_USER=XXX
POSTGRES_PASSWORD=XXX
APP_DOMAIN=XXX.XXX.XXX
SENTRY_DSN=
REQUIRE_INVITE_CODE=false
SELF_HOSTED=true
SECRET_KEY_BASE=XXX
DISABLE_SSL=true
UPGRADES_ENABLED=false
UPGRADES_MODE=manual
UPGRADES_TARGET=release
GITHUB_REPO_OWNER=maybe-finance
GITHUB_REPO_NAME=maybe
GITHUB_REPO_BRANCH=main
STRIPE_PUBLISHABLE_KEY=
STRIPE_SECRET_KEY=
STRIPE_WEBHOOK_SECRET=
RAILS_FORCE_SSL=false
RAILS_ASSUME_SSL=false
GOOD_JOB_EXECUTION_MODE=async

@zachgoll
Copy link
Collaborator

zachgoll commented Nov 5, 2024

@bennypowers to eliminate some of the possible causes, you should remove most of that .env file. All you'll need to get a basic app running will be:

https://github.com/maybe-finance/maybe/blob/main/docs/hosting/docker.md#fill-in-your-environment-file

Unfortunately, past that, I cannot provide much help for the Quadlet/Podman configuration. We fully support a basic docker compose setup but it is up to the user to configure everything past that.

@bennypowers
Copy link
Author

ok so here's something... I was able to "register" by copying the POST request as curl from the firefox network panel and replacing all the instances of the domain name with 'http://localhost:3000', then running it on the server where my systemd services are running

@bennypowers bennypowers changed the title Bug: Unable to register with email address from same domain as self-hosted instance Bug: Unable to register when self-hosted via podman Nov 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🐛 Bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bennypowers @zachgoll