Working Docker Image?

ken.colwell · March 3, 2020, 1:30pm

Hi,

I’m attempting to test PrivacyIdea to see if it is a good fit for a project that I’m working on and I can’t seem to find a working docker image for this project. Is there a recommended one?

Thanks,
Ken Colwell

cornelinux · March 3, 2020, 3:01pm

Hi Ken,

welcome to the forum and thanks for your interest in privacyIDEA.
No. We have no approved docker image.
Installing privacyidea is fairly simple.
https://privacyidea.readthedocs.io/en/latest/installation/index.html
You can also enclose it in a python virtual env.
Regards,
Cornelius

ken.colwell · March 3, 2020, 3:16pm

Hi,

Yes it does seem fairly simple but I can’t get it to work in docker. This project is completely based on docker.

I’ve created the following docker file based on your old one and information from the install page. But I can’t get it to work.

FROM ubuntu:latest
ARG DEBIAN_FRONTEND=noninteractive
RUN apt-get update
RUN apt-get install -y software-properties-common
RUN apt-get install wget -y

# Next line/script is used to fake systemctl
RUN wget https://raw.githubusercontent.com/gdraheim/docker-systemctl-replacement/master/files/docker/systemctl.py -O /usr/local/bin/systemctl
RUN chmod 700 /usr/local/bin/systemctl
RUN mkdir /root/.gnupg/
RUN chmod 700 /root/.gnupg/
RUN wget https://lancelot.netknights.it/NetKnights-Release.asc
RUN gpg --dry-run --import --with-fingerprint NetKnights-Release.asc
RUN apt-key add NetKnights-Release.asc
RUN add-apt-repository http://lancelot.netknights.it/community/bionic/stable
RUN apt-get update
RUN apt-get install -y python-mysqldb -y
RUN apt-get install privacyidea-apache2 -f -y

docker image build -t privacyimage:1.0 .

This causes the following error:

Errors were encountered while processing:

Setting up privacyidea-apache2 (3.2.2-1bionic) ...

dpkg: error processing package privacyidea-apache2 (--configure):

installed privacyidea-apache2 package post-installation script subprocess returned error exit status 1

Setting up libcgi-fast-perl (1:2.13-1) ...

Setting up libhttp-message-perl (6.14-1) ...

Processing triggers for libc-bin (2.27-3ubuntu1) ...

Errors were encountered while processing:

privacyidea-apache2

E: Sub-process /usr/bin/dpkg returned an error code (1)

The command '/bin/sh -c apt-get install privacyidea-apache2 -f -y' returned a non-zero code: 100

Any tips or ideas to get past this error?

ken.colwell · March 5, 2020, 6:59pm

In case someone else is struggling with getting privacy idea to workin in docker. I got it working inside a docker container buy doing the following:

Create a Dockerfile with the following:
FROM ubuntu:latest
ARG DEBIAN_FRONTEND=noninteractive
RUN apt-get update
RUN apt-get install -y software-properties-common
RUN apt-get install apt-utils wget curl python-mysqldb dialog vim mysql-server apache2 -y
# Next line/script is used to fake systemctl
RUN wget s://raw.githubusercontent.com/gdraheim/docker-systemctl-replacement/master/files/docker/systemctl.py -O /usr/local/bin/systemctl
RUN chmod 700 /usr/local/bin/systemctl
RUN mkdir /root/.gnupg/
RUN chmod 700 /root/.gnupg/
RUN wget s://lancelot.netknights.it/NetKnights-Release.asc
RUN gpg --dry-run --import --with-fingerprint NetKnights-Release.asc
RUN apt-key add NetKnights-Release.asc
RUN add-apt-repository p://lancelot.netknights.it/community/bionic/stable
RUN apt-get update
RUN mkdir /var/run/mysqld
RUN apt-get install rng-tools -y
RUN /etc/init.d/rng-tools start
EXPOSE 443

Then run the following commands:

docker buildx create --use --name insecure-builder --buildkitd-flags '--allow-insecure-entitlement security.insecure'
docker buildx build --load --allow security.insecure .   
Find image: docker image ls -a
docker run -it --privileged -p 127.0.0.1:443:443/tcp put_image_id_here /bin/bash

Then inside the running container:

apt-get install privacyidea-apache2 -f -y
chown -R mysql:mysql /var/lib/mysql /var/run/mysqld
service mysql start
apt-get install privacyidea-apache2 -f -y
pi-manage admin add admin -e admin@localhost

Then in another window:
Find the container name: docker ps -a
docker commit put_container_name_here privacyinfo:1.0

You can later start it with:

docker run -it -p 127.0.0.1:443:443/tcp privacyinfo:1.7 /bin/bash -c "chown -R mysql:mysql /var/lib/mysql /var/run/mysqld; service mysql start; service apache2 start; /bin/bash"

Hopefully someone with more docker experience can come up with a better way of doing this process.

khalibssd · October 18, 2022, 3:51am

I’ve created a working Docker image and using in production here

you can have a try and leave feedback.
Cheer