Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA384:256) (Exim 4.89) (envelope-from ) id 1exwCX-00011Y-Dd for pgadmin-hackers@arkaria.postgresql.org; Mon, 19 Mar 2018 14:55:53 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.89) (envelope-from ) id 1exwCW-0002am-18 for pgadmin-hackers@arkaria.postgresql.org; Mon, 19 Mar 2018 14:55:52 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA384:256) (Exim 4.89) (envelope-from ) id 1exwCV-0002ad-Mf for pgadmin-hackers@lists.postgresql.org; Mon, 19 Mar 2018 14:55:51 +0000 Received: from mail-wr0-x242.google.com ([2a00:1450:400c:c0c::242]) by magus.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.89) (envelope-from ) id 1exwCQ-0008FV-J1 for pgadmin-hackers@lists.postgresql.org; Mon, 19 Mar 2018 14:55:50 +0000 Received: by mail-wr0-x242.google.com with SMTP id f14so18885165wre.8 for ; Mon, 19 Mar 2018 07:55:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pgadmin-org.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=FW9ep9Wutur1BRMpgUFGfSl+IfnUQ1frRYb/9EvnkAo=; b=wuYYA5fQcxWJF05HTtlIIogrmUEUJ6CrTNbd4jNg/0Gn7j0G80yJKKFFl+j5MMXgu7 rpTYlTsrmOB4IY5xYoeeayIi3FR0I0QgbF3fjwHlVAOu284AvUTuiVIi0rhyl62KUe5O WmabfqZQVgZGgnll9V7flHSimXCtok0j+RQKJHh7/WXFI61m26Io+1jzH56T86rq7nSn A1uT2I7ANpVPeq7zpXSgXHO+CjRlZa+CTAvl5eGUn4oNF7h9Xqc6cYmrTbwCmzBST6Ce JX2QIqQ3UW3+/6Pxooj+3lfZEMqOpmppREzu9CzUpprNw9s6uJgcysOqqyzeVL3KBNwA PzaQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=FW9ep9Wutur1BRMpgUFGfSl+IfnUQ1frRYb/9EvnkAo=; b=kkP5cl86CgOb2yRTYQd4v/fs6NM/wBQVkXRaWM5Nlj+HOolraDOJuskVuadiYw2NLs ibBF4pAcJhFN9SNWdXbyRPNeO50uq+ZvFbhc3UQSyVgfThLKHbXamBOAwLdFSDg3+AjQ Fi9VcqIBFieAtfrUDyw9WbjMkwtC6TgH9gZAXMQx+Xq4HJX6P1mSn/EPR3YTnuhHkEva pdW68HKQTF2MUYvtPcu7+xC+NgP9KMBf1oKvdz9e5vBd+wTX9GatQAffc939WtmVZW2+ eknJ0Dajz0CXNWRjzKx4HOP+HLhWaUk4zbmwFnOUcKHzVr/3+PMkQ+4wO14yaaONycKG NDKw== X-Gm-Message-State: AElRT7EGnTWzS0Q1XG7Gkb2oXx1vb8HJOCVEjedTWE4wC20USBkK8qYP 58rSTMMCwYCFXfQDhEMhrlsjmBP6UKagwHzRB5OwxQ== X-Google-Smtp-Source: AG47ELsYCBw4KMLAmuZf3CNHFAntaAwxj6vOGNPj2alu0srelrUoiTJOfn3hdChcWhPt29tRPplv7XaiPMtyAi4F7AY= X-Received: by 10.223.195.124 with SMTP id e57mr9147323wrg.135.1521471345578; Mon, 19 Mar 2018 07:55:45 -0700 (PDT) MIME-Version: 1.0 Received: by 10.28.109.7 with HTTP; Mon, 19 Mar 2018 07:55:44 -0700 (PDT) In-Reply-To: References: From: Dave Page Date: Mon, 19 Mar 2018 14:55:44 +0000 Message-ID: Subject: Re: Proposal for changes in official Docker image To: =?UTF-8?B?0JzQsNC60YHQuNC8INCa0L7Qu9GM0YbQvtCy?= Cc: pgadmin-hackers@lists.postgresql.org Content-Type: multipart/alternative; boundary="f403045c4e2216f0d60567c527fc" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Precedence: bulk --f403045c4e2216f0d60567c527fc Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi On Mon, Mar 19, 2018 at 11:19 AM, Dave Page wrote: > Hi > > On Fri, Mar 16, 2018 at 8:52 PM, =D0=9C=D0=B0=D0=BA=D1=81=D0=B8=D0=BC =D0= =9A=D0=BE=D0=BB=D1=8C=D1=86=D0=BE=D0=B2 > wrote: >> >> >> I've switched to Gunicorn, adding SSL support. It has the same >> interface as the original container: PGADMIN_ENABLE_TLS, >> /certs/server.key and /certs/server.cert. >> I also incorporated building of sphinx manual in Dockerfile, so now >> the image should be complete. >> > > Nice! > > >> >> I noticed that I can't use gunicorn forking worker with pgadmin4, this >> is probably caused by session implementation, but I'm not sure. You >> can investigate this by using e.g. `-w 4` in entrypoint.sh, otherwise >> it's working fine with single-process threaded worker. >> > > This is expected, and the reason why is explained here: > https://www.pgadmin.org/docs/pgadmin4/2.x/server_ > deployment.html#requirements > > >> >> I will make my work into a patch and send it to the mail list soon. >> Meanwhile, it'd be great if you tested the updated image at >> https://hub.docker.com/r/maksbotan/pgadmin4/ > > > I'll try to take a look later in the week (busy prepping for a release at > the moment). > I actually found some time for this today. It's looking pretty good - TLS vs. non-TLS seems to work well. The couple of things I did notice were: - PGADMIN_SERVER_NAME doesn't appear to be supported. This was added at user request, for security reasons (to help ensure the connection is going where expected). I'm not entirely convinced of the value of that, but if it's fairly painless to add, it may well be worth it. - If you don't map /var/lib/pgadmin (in my case, to a directory already containing a config), then I was seeing the following error. I would expect it to init within the container if the config directory isn't mapped: piranha:web dpage$ docker logs affectionate_spence sh: -z: unknown operand NOTE: Configuring authentication for SERVER mode. Enter the email address and password to use for the initial pgAdmin user account: Traceback (most recent call last): File "run_pgadmin.py", line 4, in from pgAdmin4 import app File "/pgadmin4/pgAdmin4.py", line 67, in app =3D create_app() File "/pgadmin4/pgadmin/__init__.py", line 306, in create_app db_upgrade(app) File "/pgadmin4/pgadmin/setup/db_upgrade.py", line 25, in db_upgrade flask_migrate.upgrade(migration_folder) File "/usr/local/lib/python3.6/site-packages/flask_migrate/__init__.py", line 244, in upgrade command.upgrade(config, revision, sql=3Dsql, tag=3Dtag) File "/usr/local/lib/python3.6/site-packages/alembic/command.py", line 254, in upgrade script.run_env() File "/usr/local/lib/python3.6/site-packages/alembic/script/base.py", line 427, in run_env util.load_python_file(self.dir, 'env.py') File "/usr/local/lib/python3.6/site-packages/alembic/util/pyfiles.py", line 81, in load_python_file module =3D load_module_py(module_id, path) File "/usr/local/lib/python3.6/site-packages/alembic/util/compat.py", line 83, in load_module_py spec.loader.exec_module(module) File "/pgadmin4/pgadmin/setup/../../migrations/env.py", line 94, in run_migrations_online() File "/pgadmin4/pgadmin/setup/../../migrations/env.py", line 87, in run_migrations_online context.run_migrations() File "", line 8, in run_migrations File "/usr/local/lib/python3.6/site-packages/alembic/runtime/environment.py", line 836, in run_migrations self.get_context().run_migrations(**kw) File "/usr/local/lib/python3.6/site-packages/alembic/runtime/migration.py", line 330, in run_migrations step.migration_fn(**kw) File "/pgadmin4/migrations/versions/fdc58d9bd449_.py", line 112, in upgrade email, password =3D user_info() File "/pgadmin4/pgadmin/setup/user_info.py", line 55, in user_info email =3D input("Email address: ") EOFError: EOF when reading a line [2018-03-19 14:50:59 +0000] [1] [INFO] Starting gunicorn 19.7.1 [2018-03-19 14:50:59 +0000] [1] [INFO] Listening at: http://0.0.0.0:8080 (1= ) [2018-03-19 14:50:59 +0000] [1] [INFO] Using worker: threads [2018-03-19 14:50:59 +0000] [14] [INFO] Booting worker with pid: 14 [2018-03-19 14:50:59 +0000] [14] [ERROR] Exception in worker process Traceback (most recent call last): File "/usr/local/lib/python3.6/site-packages/gunicorn/arbiter.py", line 578, in spawn_worker worker.init_process() File "/usr/local/lib/python3.6/site-packages/gunicorn/workers/gthread.py", line 109, in init_process super(ThreadWorker, self).init_process() File "/usr/local/lib/python3.6/site-packages/gunicorn/workers/base.py", line 126, in init_process self.load_wsgi() File "/usr/local/lib/python3.6/site-packages/gunicorn/workers/base.py", line 135, in load_wsgi self.wsgi =3D self.app.wsgi() File "/usr/local/lib/python3.6/site-packages/gunicorn/app/base.py", line 67, in wsgi self.callable =3D self.load() File "/usr/local/lib/python3.6/site-packages/gunicorn/app/wsgiapp.py", line 65, in load return self.load_wsgiapp() File "/usr/local/lib/python3.6/site-packages/gunicorn/app/wsgiapp.py", line 52, in load_wsgiapp return util.import_app(self.app_uri) File "/usr/local/lib/python3.6/site-packages/gunicorn/util.py", line 352, in import_app __import__(module) File "/pgadmin4/run_pgadmin.py", line 4, in from pgAdmin4 import app File "/pgadmin4/pgAdmin4.py", line 67, in app =3D create_app() File "/pgadmin4/pgadmin/__init__.py", line 309, in create_app schema_version =3D version.value AttributeError: 'NoneType' object has no attribute 'value' [2018-03-19 14:50:59 +0000] [14] [INFO] Worker exiting (pid: 14) [2018-03-19 14:50:59 +0000] [1] [INFO] Shutting down: Master [2018-03-19 14:50:59 +0000] [1] [INFO] Reason: Worker failed to boot. Thanks! --=20 Dave Page Blog: http://pgsnake.blogspot.com Twitter: @pgsnake EnterpriseDB UK: http://www.enterprisedb.com The Enterprise PostgreSQL Company --f403045c4e2216f0d60567c527fc Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi

On Mon, Mar 19, 2018 at 11:19 AM, Dave Page <dpage@pgadmin.org&g= t; wrote:
Hi

On Fri, Mar 16, 2018 at 8:52 PM, =D0=9C=D0=B0=D0=BA= =D1=81=D0=B8=D0=BC =D0=9A=D0=BE=D0=BB=D1=8C=D1=86=D0=BE=D0=B2 <kolmax94@g= mail.com> wrote:

I've switched to Gunicorn, adding SSL support. It has the s= ame
interface as the original container: PGADMIN_ENABLE_TLS,
/certs/server.key and /certs/server.cert.
I also incorporated building of sphinx manual in Dockerfile, so now
the image should be complete.

Ni= ce!
=C2=A0

I noticed that I can't use gunicorn forking worker with pgadmin4, this<= br> is probably caused by session implementation, but I'm not sure. You
can investigate this by using e.g. `-w 4` in entrypoint.sh, otherwise
it's working fine with single-process threaded worker.
=

This is expected, and the reason why is explaine= d here:=C2=A0https://www.pgadmin.org/= docs/pgadmin4/2.x/server_deployment.html#requirements
=C2=A0

I will make my work into a patch and send it to the mail list soon.
Meanwhile, it'd be great if you tested the updated image at
https://hub.docker.com/r/maksbotan/pgadmin4/

I'll try to take a look later in t= he week (busy prepping for a release at the moment).=C2=A0

I actually found some time for this= today. It's looking pretty good - TLS vs. non-TLS seems to work well. = The couple of things I did notice were:

- PGADMIN_= SERVER_NAME doesn't appear to be supported. This was added at user requ= est, for security reasons (to help ensure the connection is going where exp= ected). I'm not entirely convinced of the value of that, but if it'= s fairly painless to add, it may well be worth it.

- If you don't map /var/lib/pgadmin (in my case, to a directory alread= y containing a config), then I was seeing the following error. I would expe= ct it to init within the container if the config directory isn't mapped= :

piranha:web dpage$ docker logs affectionate= _spence
sh: -z: unknown operand
NOTE: Configuring authe= ntication for SERVER mode.

Enter the email address= and password to use for the initial pgAdmin user account:

Traceback (most recent call last):
=C2=A0 File "run= _pgadmin.py", line 4, in <module>
=C2=A0 =C2=A0 from p= gAdmin4 import app
=C2=A0 File "/pgadmin4/pgAdmin4.py",= line 67, in <module>
=C2=A0 =C2=A0 app =3D create_app()
=C2=A0 File "/pgadmin4/pgadmin/__init__.py", line 306, in= create_app
=C2=A0 =C2=A0 db_upgrade(app)
=C2=A0 File &= quot;/pgadmin4/pgadmin/setup/db_upgrade.py", line 25, in db_upgrade
=C2=A0 =C2=A0 flask_migrate.upgrade(migration_folder)
=C2= =A0 File "/usr/local/lib/python3.6/site-packages/flask_migrate/__init_= _.py", line 244, in upgrade
=C2=A0 =C2=A0 command.upgrade(co= nfig, revision, sql=3Dsql, tag=3Dtag)
=C2=A0 File "/usr/loca= l/lib/python3.6/site-packages/alembic/command.py", line 254, in upgrad= e
=C2=A0 =C2=A0 script.run_env()
=C2=A0 File "/usr= /local/lib/python3.6/site-packages/alembic/script/base.py", line 427, = in run_env
=C2=A0 =C2=A0 util.load_python_file(self.dir, 'env= .py')
=C2=A0 File "/usr/local/lib/python3.6/site-package= s/alembic/util/pyfiles.py", line 81, in load_python_file
=C2= =A0 =C2=A0 module =3D load_module_py(module_id, path)
=C2=A0 File= "/usr/local/lib/python3.6/site-packages/alembic/util/compat.py",= line 83, in load_module_py
=C2=A0 =C2=A0 spec.loader.exec_module= (module)
=C2=A0 File "/pgadmin4/pgadmin/setup/../../migratio= ns/env.py", line 94, in <module>
=C2=A0 =C2=A0 run_mig= rations_online()
=C2=A0 File "/pgadmin4/pgadmin/setup/../../= migrations/env.py", line 87, in run_migrations_online
=C2=A0= =C2=A0 context.run_migrations()
=C2=A0 File "<string>= ", line 8, in run_migrations
=C2=A0 File "/usr/local/li= b/python3.6/site-packages/alembic/runtime/environment.py", line 836, i= n run_migrations
=C2=A0 =C2=A0 self.get_context().run_migrations(= **kw)
=C2=A0 File "/usr/local/lib/python3.6/site-packages/al= embic/runtime/migration.py", line 330, in run_migrations
=C2= =A0 =C2=A0 step.migration_fn(**kw)
=C2=A0 File "/pgadmin4/mi= grations/versions/fdc58d9bd449_.py", line 112, in upgrade
= =C2=A0 =C2=A0 email, password =3D user_info()
=C2=A0 File "/= pgadmin4/pgadmin/setup/user_info.py", line 55, in user_info
= =C2=A0 =C2=A0 email =3D input("Email address: ")
EOFErr= or: EOF when reading a line
[2018-03-19 14:50:59 +0000] [1] [INFO= ] Starting gunicorn 19.7.1
[2018-03-19 14:50:59 +0000] [1] [INFO]= Listening at: http://0.0.0.0:8080 (1)<= /div>
[2018-03-19 14:50:59 +0000] [1] [INFO] Using worker: threads
[2018-03-19 14:50:59 +0000] [14] [INFO] Booting worker with pid: 14
[2018-03-19 14:50:59 +0000] [14] [ERROR] Exception in worker proce= ss
Traceback (most recent call last):
=C2=A0 File "= ;/usr/local/lib/python3.6/site-packages/gunicorn/arbiter.py", line 578= , in spawn_worker
=C2=A0 =C2=A0 worker.init_process()
= =C2=A0 File "/usr/local/lib/python3.6/site-packages/gunicorn/workers/g= thread.py", line 109, in init_process
=C2=A0 =C2=A0 super(Th= readWorker, self).init_process()
=C2=A0 File "/usr/local/lib= /python3.6/site-packages/gunicorn/workers/base.py", line 126, in init_= process
=C2=A0 =C2=A0 self.load_wsgi()
=C2=A0 File &quo= t;/usr/local/lib/python3.6/site-packages/gunicorn/workers/base.py", li= ne 135, in load_wsgi
=C2=A0 =C2=A0 self.wsgi =3D self.app.wsgi()<= /div>
=C2=A0 File "/usr/local/lib/python3.6/site-packages/gunicorn= /app/base.py", line 67, in wsgi
=C2=A0 =C2=A0 self.callable = =3D self.load()
=C2=A0 File "/usr/local/lib/python3.6/site-p= ackages/gunicorn/app/wsgiapp.py", line 65, in load
=C2=A0 = =C2=A0 return self.load_wsgiapp()
=C2=A0 File "/usr/local/li= b/python3.6/site-packages/gunicorn/app/wsgiapp.py", line 52, in load_w= sgiapp
=C2=A0 =C2=A0 return util.import_app(self.app_uri)
=C2=A0 File "/usr/local/lib/python3.6/site-packages/gunicorn/util.p= y", line 352, in import_app
=C2=A0 =C2=A0 __import__(module)=
=C2=A0 File "/pgadmin4/run_pgadmin.py", line 4, in <= ;module>
=C2=A0 =C2=A0 from pgAdmin4 import app
=C2= =A0 File "/pgadmin4/pgAdmin4.py", line 67, in <module>
=C2=A0 =C2=A0 app =3D create_app()
=C2=A0 File "/pgadm= in4/pgadmin/__init__.py", line 309, in create_app
=C2=A0 =C2= =A0 schema_version =3D version.value
AttributeError: 'NoneTyp= e' object has no attribute 'value'
[2018-03-19 14:50:= 59 +0000] [14] [INFO] Worker exiting (pid: 14)
[2018-03-19 14:50:= 59 +0000] [1] [INFO] Shutting down: Master
[2018-03-19 14:50:59 += 0000] [1] [INFO] Reason: Worker failed to boot.

<= div>
Thanks!

--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake
<= br>EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
=
--f403045c4e2216f0d60567c527fc--