Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Successfully installed the nginx-ldap-auth module but errors when i execute #107

Open
3linkceo opened this issue Jun 3, 2024 · 4 comments
Open

Successfully installed the nginx-ldap-auth module but errors when i execute #107

3linkceo opened this issue Jun 3, 2024 · 4 comments

Comments

@3linkceo
Copy link

3linkceo commented Jun 3, 2024

Does anyone know how to debug this. I am trying to setup nginx to authenticate using LDAP and installed the nginx-ldap-auth perl moudule but getting these errors:

nginx-ldap-auth settings

Traceback (most recent call last):
File "/opt/.venv/python-env/bin/nginx-ldap-auth", line 8, in
sys.exit(main())
File "/opt/.venv/python-env/lib64/python3.9/site-packages/nginx_ldap_auth/main.py", line 7, in main
from .cli import cli
File "/opt/.venv/python-env/lib64/python3.9/site-packages/nginx_ldap_auth/cli/init.py", line 2, in
from .server import * # noqa:F403,F401
File "/opt/.venv/python-env/lib64/python3.9/site-packages/nginx_ldap_auth/cli/server.py", line 11, in
settings = Settings()
File "/opt/.venv/python-env/lib64/python3.9/site-packages/pydantic_settings/main.py", line 84, in init
super().init(
File "/opt/.venv/python-env/lib64/python3.9/site-packages/pydantic/main.py", line 176, in init
self.pydantic_validator.validate_python(data, self_instance=self)
pydantic_core._pydantic_core.ValidationError: 5 validation errors for Settings
secret_key
Field required [type=missing, input_value={}, input_type=dict]
For further information visit https://errors.pydantic.dev/2.7/v/missing
ldap_uri
Field required [type=missing, input_value={}, input_type=dict]
For further information visit https://errors.pydantic.dev/2.7/v/missing
ldap_binddn
Field required [type=missing, input_value={}, input_type=dict]
For further information visit https://errors.pydantic.dev/2.7/v/missing
ldap_password
Field required [type=missing, input_value={}, input_type=dict]
For further information visit https://errors.pydantic.dev/2.7/v/missing
ldap_basedn
Field required [type=missing, input_value={}, input_type=dict]
For further information visit https://errors.pydantic.dev/2.7/v/missing
@JustGitting JustGitting mentioned this issue Feb 10, 2025
Closed
@JustGitting
Copy link

JustGitting commented Feb 10, 2025
edited
Loading

I've encountered this problem testing LDAP authentication using the python module as well (https://github.com/caltechads/nginx-ldap-auth-service). I've created an issue there in case the problem is with the python module.

Unable to start: ValidationError: 5 validation errors for Settings

Did you find any solutions?

@cmalek
Copy link

cmalek commented Feb 10, 2025

You need to export some environment variables into your shell before running the server. See here https://nginx-ldap-auth-service.readthedocs.io/en/latest/configuration.html#environment. The error means that the server can't find those environment variables.

@JustGitting
Copy link

JustGitting commented Feb 11, 2025
edited
Loading

Thanks @cmalek,

I'm calling the module by supervisord (https://supervisord.org/) to daemonize the module and I've configured it to use the environment settings (--env-file) passed as follows:

[program:nginx-ldap-auth-service]
command=/usr/local/bin/nginx-ldap-auth --env-file /etc/nginx-ldap-auth-service/nginx-ldap-auth-service.env
directory=/tmp
childlogdir=/var/log/nginx-ldap-auth-service
stdout_logfile=/var/log/nginx-ldap-auth-service/stdout.log
stdout_logfile_maxbytes=1MB
redirect_stderr=true
user=nobody
autostart=true
autorestart=true
redirect_stderr=true

supervisord is passing the file to the module according to the logs:

systemd[1]: Started Supervisor process control system for UNIX.
supervisord[969]: 2025-02-11 20:12:12,907 CRIT Supervisor is running as root.  Privileges were not dropped because no user is specified in the config file.  If you intend to run as root>
supervisord[969]: 2025-02-11 20:12:12,909 INFO Included extra file "/etc/supervisor/conf.d/nginx-ldap-auth-service.conf" during parsing
supervisord[969]: 2025-02-11 20:12:12,917 INFO RPC interface 'supervisor' initialized
supervisord[969]: 2025-02-11 20:12:12,917 CRIT Server 'unix_http_server' running without any HTTP authentication checking
supervisord[969]: 2025-02-11 20:12:12,917 INFO supervisord started with pid 969
supervisord[969]: 2025-02-11 20:12:13,923 INFO spawned: 'nginx-ldap-auth-service' with pid 1211
supervisord[969]: 2025-02-11 20:12:14,928 INFO success: nginx-ldap-auth-service entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
supervisord[969]: 2025-02-11 20:12:16,127 INFO exited: nginx-ldap-auth-service (exit status 1; not expected)
supervisord[969]: 2025-02-11 20:12:17,131 INFO spawned: 'nginx-ldap-auth-service' with pid 1306

I'll do some more digging to see why the env file is not being passed to the module.

@cmalek
Copy link

cmalek commented Feb 11, 2025

Ugh, what it actually is is that I pass the value of that --env-file flag into the uvicorn startup, but uvicorn doesn't accept an --env-file flag.

The relevant bit is in nginx_ldap_auth.cli.server.start

Try passing them in with with supervisor.conf config instead of using --env-file and I'll remove that flag.

See: https://stackoverflow.com/questions/12900402/supervisor-and-environment-variables

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@cmalek @JustGitting @3linkceo