Installation using Docker

a-0-dev · March 10, 2024, 11:08am

I have tried several methods of installing neos using docker, firstly following the documentation, where I always ended up at

$ sudo docker-compose logs neos
Attaching to neos-example_neos_1
neos_1  | Warning: opendir(/app/Packages/Sites/Neos.Demo/Configuration/): Failed to open directory: Permission denied in /app/Packages/Framework/Neos.Flow/Classes/Monitor/FileMonitor.php line 355
neos_1  | Type: Neos\Flow\Error\Exception
neos_1  |   Code: 1
neos_1  |   File: Packages/Framework/Neos.Flow/Classes/Error/ErrorHandler.php
neos_1  |   Line: 81
neos_1  | 
neos_1  | Open Data/Logs/Exceptions/20240310102337411f86.txt for a full stack
neos_1  | trace.
neos_1  | 
neos_1  |   Type: Neos\Flow\Core\Booting\Exception\SubProcessException
neos_1  |   Code: 1355480641
neos_1  |   File: Packages/Framework/Neos.Flow/Classes/Core/Booting/Scripts.php
neos_1  |   Line: 727
neos_1  | 
neos_1  | Open Data/Logs/Exceptions/20240310102337aab747.txt for a full stack trace.

…and then using the docker image linked in this forum (ttree/flowapp), where I only get 404 errors when trying to access it on port 80 locally.

I have no idea what’s going on, since I followed the basic example and still there seem to be issues somewhere with some permissions. The only difference is, that I ran the composer create-project command with --privileged=true, since the composer command would fail with mkdir(): Permission denied otherwise.

Is there any additional documentation or advice which I am missing? I’m loving Neos as much as one can not having tried it yet, but this installation process already makes me doubt whether it’s stable enough to host a website with…

Thanks a lot in advance for any advice

christianm · March 12, 2024, 8:28am

Hi and welcome around!

I assume that is a change in how permissions are handled compared to when we wrote the docs. I think the issue you see is because composer ran with privileged=true. One option might be to run composer outside of the container (you can run it from a separate docker container to write to your local disc if you don’t want to install docker on your machine). Then share the local folder into the container.

a-0-dev · March 18, 2024, 8:59pm

Thanks for your answer! I was unavalable the last few days, hence the late reply. I’m rather new to docker, so this may not make sense. But as far as I understand, by running docker run --privileged=true -v .:/app -it --rm composer create-project neos/neos-base-distribution neos-example I did exactly that (running composer from a separate docker container). The result is, that all files in the directory neos-example have uid and gid 0 (root).

And I verified the neos container is running as root (of course, also uid and gid 0), and that the files copied into the container’s /app are still owned by root.

So, as far as I understand it, the flow process, which is also running as root, should have no problem accessing anything inside there, right?

a-0-dev · March 20, 2024, 5:31pm

To make debugging easier / my problem reproducible, here is what exactly I did. I’m working on a Fedora 38 machine.

In an empty directory, as normal user (uid:gid 1000:1000), I run docker run --privileged=true -v .:/app -it --rm composer create-project neos/neos-base-distribution neos-example. Without the privileged option, this command yields the following output:

Creating a "neos/neos-base-distribution" project at "./neos-example"
Installing neos/neos-base-distribution (8.3.11)

In ProjectInstaller.php line 69:
                              
  mkdir(): Permission denied  
                              

create-project [-s|--stability STABILITY] [--prefer-source] [--prefer-dist] [--prefer-install PREFER-INSTALL] [--repository REPOSITORY] [--repository-url REPOSITORY-URL] [--add-repository] [--dev] [--no-dev] [--no-custom-installers] [--no-scripts] [--no-progress] [--no-secure-http] [--keep-vcs] [--remove-vcs] [--no-install] [--no-audit] [--audit-format AUDIT-FORMAT] [--ignore-platform-req IGNORE-PLATFORM-REQ] [--ignore-platform-reqs] [--ask] [--] [<package> [<directory> [<version>]]]

With the privileged option, I get lots of output of downloaded and extracted archives etc., everything is green, looks like expected. The output ends with

37 package suggestions were added by new dependencies, use `composer suggest` to see details.
Generating autoload files
120 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
> Neos\Flow\Composer\InstallerScripts::postUpdateAndInstall
No security vulnerability advisories found.
> ./flow setup

    ....######          .######
    .....#######      ...######
    .......#######   ....######
    .........####### ....######
    ....#......#######...######
    ....##.......#######.######
    ....#####......############
    ....#####  ......##########
    ....#####    ......########
    ....#####      ......######
    .#######         ........

          Welcome to Neos.

Basic system requirements
All basic requirements are fullfilled.

Database
Please configure your database in the settings or use the command ./flow setup:database

Neos setup not complete.
You can rerun this command anytime via ./flow setup

which looks just fine.
2. I now have a directory called neos-example in my working directory, whose contents are: bin Build composer.json composer.lock Configuration Data DistributionPackages flow flow.bat Packages Readme.rst Web, and all of them belong to uid:gid 0:0 (root), since that’s the user the composer process was running as in its docker container.
3. I copy a Dockerfile.dev (note the updated base image name, the old one was deprecated)

FROM php:8.2-cli

RUN apt-get update \
    # install GraphicsMagick
        && apt-get install -y \
                libgraphicsmagick1-dev graphicsmagick zlib1g-dev libicu-dev gcc g++ --no-install-recommends \
        && pecl -vvv install gmagick-beta && docker-php-ext-enable gmagick \
    # pdo_mysql
    && docker-php-ext-install pdo_mysql \
    # redis
    && pecl install redis && docker-php-ext-enable redis \
        # intl
        && docker-php-ext-configure intl && docker-php-ext-install intl \
    # cleanup
    && apt-get clean && rm -rf /var/lib/apt/lists/*


WORKDIR /app
EXPOSE 8081

# copy everything in the project into the container. This is what
# makes this image so fast!
COPY . /app

# start the dev server
CMD [ "./flow", "server:run", "--host", "0.0.0.0" ]

and docker-compose.yaml

# NEOS DEVELOPMENT ENVIRONMENT
#
# For instructions how to use docker-compose, see
# https://docs.neos.io/cms/installation-development-setup/docker-and-docker-compose-setup#docker-compose-cheat-sheet
version: '3.7'
services:
  # Neos CMS
  neos:
    build:
      context: .
      dockerfile: Dockerfile.dev
    environment:
      FLOW_CONTEXT: 'Development/Docker'
    volumes:
      - ./composer.json:/app/composer.json
      - ./composer.lock:/app/composer.lock
      - ./Configuration/:/app/Configuration/
      - ./DistributionPackages/:/app/DistributionPackages/
      # if you work on other packages, you need to add them here.

      # WARNING: you need to add all packages from Distribution packages here ONE BY ONE, see the notice below for explanation.
      - ./Packages/Sites/:/app/Packages/Sites/
    ports:
      - 8081:8081
  # DB
  db:
    image: mariadb:10.7
    environment:
      MYSQL_ROOT_PASSWORD: 'db'
    volumes:
      - db:/var/lib/mysql
    ports:
      - 13306:3306

volumes:
  db:

into the neos-example folder created by running the composer container.
4. I change into the neos-example folder, and one after the other run

sudo docker-compose build
sudo docker-compose up -d
sudo docker-compose logs
All containers are created as they should be. The last command yields the following output (first lines are left out as they are irrelevant):

Successfully built 1db75d25e4de
Successfully tagged neos-example_neos:latest
Creating network "neos-example_default" with the default driver
Creating neos-example_neos_1 ... done
Creating neos-example_db_1   ... done
Attaching to neos-example_db_1, neos-example_neos_1
neos_1  | Warning: opendir(/app/Packages/Sites/Neos.Demo/Configuration/): Failed to open directory: Permission denied in /app/Packages/Framework/Neos.Flow/Classes/Monitor/FileMonitor.php line 355
neos_1  | Type: Neos\Flow\Error\Exception
neos_1  |   Code: 1
neos_1  |   File: Packages/Framework/Neos.Flow/Classes/Error/ErrorHandler.php
neos_1  |   Line: 81
neos_1  | 
neos_1  | Open Data/Logs/Exceptions/202403201729165cacd1.txt for a full stack
neos_1  | trace.
neos_1  | 
neos_1  |   Type: Neos\Flow\Core\Booting\Exception\SubProcessException
neos_1  |   Code: 1355480641
neos_1  |   File: Packages/Framework/Neos.Flow/Classes/Core/Booting/Scripts.php
neos_1  |   Line: 727
neos_1  | 
neos_1  | Open Data/Logs/Exceptions/2024032017291685400e.txt for a full stack trace.
db_1    | 2024-03-20 17:29:16+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.7.8+maria~ubu2004 started.
db_1    | 2024-03-20 17:29:16+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
db_1    | 2024-03-20 17:29:16+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.7.8+maria~ubu2004 started.
db_1    | 2024-03-20 17:29:16+00:00 [Note] [Entrypoint]: MariaDB upgrade not required
db_1    | 2024-03-20 17:29:16 0 [Warning] Could not increase number of max_open_files to more than 1024 (request: 32202)
db_1    | 2024-03-20 17:29:16 0 [Warning] Changed limits: max_open_files: 1024  max_connections: 151 (was 151)  table_cache: 421 (was 2000)
db_1    | 2024-03-20 17:29:16 0 [Note] Starting MariaDB 10.7.8-MariaDB-1:10.7.8+maria~ubu2004 source revision bc656c4fa54c12ceabd857e8ae134f8979d82944 as process 1
db_1    | 2024-03-20 17:29:16 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
db_1    | 2024-03-20 17:29:16 0 [Note] InnoDB: Number of transaction pools: 1
db_1    | 2024-03-20 17:29:16 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
db_1    | 2024-03-20 17:29:16 0 [Note] InnoDB: Using Linux native AIO
db_1    | 2024-03-20 17:29:16 0 [Note] InnoDB: Initializing buffer pool, total size = 134217728, chunk size = 134217728
db_1    | 2024-03-20 17:29:16 0 [Note] InnoDB: Completed initialization of buffer pool
db_1    | 2024-03-20 17:29:16 0 [Note] InnoDB: 128 rollback segments are active.
db_1    | 2024-03-20 17:29:16 0 [Note] InnoDB: Creating shared tablespace for temporary tables
db_1    | 2024-03-20 17:29:16 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
db_1    | 2024-03-20 17:29:16 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
db_1    | 2024-03-20 17:29:16 0 [Note] InnoDB: 10.7.8 started; log sequence number 42604; transaction id 14
db_1    | 2024-03-20 17:29:16 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
db_1    | 2024-03-20 17:29:16 0 [Note] Plugin 'FEEDBACK' is disabled.
db_1    | 2024-03-20 17:29:16 0 [Warning] You need to use --log-bin to make --expire-logs-days or --binlog-expire-logs-seconds work.
db_1    | 2024-03-20 17:29:16 0 [Note] InnoDB: Buffer pool(s) load completed at 240320 17:29:16
db_1    | 2024-03-20 17:29:16 0 [Note] Server socket created on IP: '0.0.0.0'.
db_1    | 2024-03-20 17:29:16 0 [Note] Server socket created on IP: '::'.
db_1    | 2024-03-20 17:29:16 0 [Note] mariadbd: ready for connections.
db_1    | Version: '10.7.8-MariaDB-1:10.7.8+maria~ubu2004'  socket: '/run/mysqld/mysqld.sock'  port: 3306  mariadb.org binary distribution

Do you get the same result @christianm ?

a-0-dev · March 22, 2024, 10:59am

Soo I guess I figured it out. Since my machine is running Fedora 38, it comes with SELinux enabled, which does not work well with docker volumes. Doing exactly what I wrote in my previous post on some ubuntu VM I had on my hands brought me straight to the database setup.

So for whoever may have the same issue: Look at your SELinux config or do it on a different machine

And thinks to Christian for your support!

christianm · March 25, 2024, 11:33am

Great to hear, I didn’t have time to setup this exact scenario myself yet, even better I don’t have to anymore