aditosoftware / docker-keybox Goto Github PK

Keybox is running and seems to be fine except that i cannot log into it after a reboot. At first I thought it was a time issue, as this has caused OTP issues before. Tailing keybox.trace.db from the host revealed messages such as:

Caused by: org.h2.jdbc.JdbcSQLException: General error: "java.lang.IllegalStateException: Store header is corrupt: nio:/a/keydb/keybox.mv.db [1.4.192/6]" [50000-192]
        at org.h2.message.DbException.getJdbcSQLException(DbException.java:345)
        ... 132 more
Caused by: java.lang.IllegalStateException: Store header is corrupt: nio:/a/keydb/keybox.mv.db [1.4.192/6]
        at org.h2.mvstore.DataUtils.newIllegalStateException(DataUtils.java:773)
        at org.h2.mvstore.MVStore.readStoreHeader(MVStore.java:605)
        at org.h2.mvstore.MVStore.<init>(MVStore.java:355)
        ... 127 more

Could this be the cause of failure to log in? seems strange that the keybox starts at all if the DB is faulty.

If a faulty DB-file is the reason, is there a way to check and recover the db? Seems like an awful single point of failure if I have to cut my losses and re-initialize the entire keybox from scratch. I guess It's my fault for not doing a regular backup. There is no evidence for disk-failure, so could the database be corrupted if the container is killed/stopped (powerloss etc)? .I'm concerned that this may cause problems on one of my more critical environments where i have deployed keybox as well.

Why won't you use java:openjdk-8-alpine instead of java:openjdk-8 as base Docker image? You would beneficiate from much smaller Docker image.

Since the version you build from (2.85.01), 2 new releases have been created.
Could you update to the last one?

Hi

I'm not able to integrate the ldap configuration into the docker container.
The jaas.conf is hidden in the /opt/KeyBox-jetty/jetty/keybox/WEB-INF/classes, which is not mounted and when I mount this volume, the docker container is not working...

I use this docker run command:
docker run -d \ -v /Users/louis.dejaeger/Docker/keybox:/a/keydb \ -p 8443:8443 \ -e resetApplicationSSHKey=false \ -e sshKeyType=rsa \ -e privateKey=/a/keydb/sshkey/private \ -e publicKey=/a/keydb/sshkey/private.pub \ -e enableInternalAudit=false \ -e deleteAuditLogAfter=90 \ -e serverAliveInterval=60 \ -e oneTimePassword=optional \ -e keyManagementEnabled=true \ -e forceUserKeyGeneration=false \ -e authKeysRefreshInterval=120 \ -e jaasModule=ldap-ad \ adito/keybox

I can enable LDAP using the jaasModule variable but can't edit the jaas.conf file, which makes this conf useless. Maybe this file shoud be linked to file in a external mounted path.

Hi,
I am Kang Yin, a graduate student of Institute of Software, Chinese Academy of Sciences. Now we are doing a research on how to recommend tags for Docker Hub’s projects. We applied text mining and natural language processing to build a tag recommendation system for Docker projects.
We notice that you have created a repository on Docker Hub, which is named adito/keybox and the project address is https://hub.docker.com/r/adito/keybox/
Since the developers knows their projects better, we want to evaluate our recommendation results with your help as the project developer. We want to know if the recommended tags are reasonable for your projects.
The following tags (ranked by order) are generated from our model automatically. Would you like to do me a favor and reply with what tags are reasonable (Good) and what are not (Bad), in form of, “Good tags: ***, ***; Bad tags: ***, ***”.

The recommend tags for your project are listed as follows:

keybox, key, ssh, public ssh key, connection, key-management, connection-pool, public-key, ssh-keys, key-pair

It will be a great help if you can give us a feedback.
Thank you so much for your precious time.

Hi,

I've got some troubles to enable ldap-ad authentication on your image.
I don't know where to mount the jaas.conf, I've tried /a/jaas.conf but it didn't seem to work.

This is the command :

docker run -v /opt/docker/aditokeybox:/a/keydb -v /opt/docker/aditokeybox/jaas.conf:/a/jaas.conf -p 8443:8443 -e jaasModule=ldap-ad adito/keybox

Is there anything wrong?

Thank you