Rootless podman, login responds with 500

Running via rootless Podman on rocky linux:

  • Podman 4.1.1
  • Podman-compose 1.0.3

I managed to get the login screen with no errors at the beginning in the browsers console. Nevertheless I do have some errors after podman-compose build and podman-compose up -d.

#podman logs metasfresh-docker_rabbitmq_1
2022-08-14 23:45:30.809 [error] <0.89.0> Failed to open crash log file /var/log/rabbitmq/log/crash.log with error: permission denied

#podman logs metasfresh-docker_app_1
2022-08-14 21:47:27.430 ERROR 43 --- [or-http-epoll-2] reactor.core.publisher.Operators         : Operator called default onErrorDropped
reactor.core.Exceptions$ErrorCallbackNotImplemented: org.springframework.data.elasticsearch.client.NoReachableHostException: Host 'localhost:9200' not reachable. Cluster state is offline.
Caused by: org.springframework.data.elasticsearch.client.NoReachableHostException: Host 'localhost:9200' not reachable. Cluster state is offline.

2022-08-14 21:47:38.425 ERROR 43 --- [           main] d.m.e.process.InvokeGRSSignumAction      : camelHttpResourceAuthKey for childConfig should not be empty at this point
Additional parameters:
 childConfigId: ExternalSystemGRSSignumConfigId(repoId=540000)
org.adempiere.exceptions.AdempiereException: camelHttpResourceAuthKey for childConfig should not be empty at this point
Additional parameters:
 childConfigId: ExternalSystemGRSSignumConfigId(repoId=540000)
...

#podman logs metasfresh-docker_db_1
ERROR:  null value in column "c_incoterms_trl_id" violates not-null constraint
DETAIL:  Failing row contains (0, de_DE, 0, null, 2022-08-14 23:47:41.37199+02, -1, null, Y, N, DAF - frei Grenze, 2022-08-14 23:47:41.37199+02, -1, 1000000).
STATEMENT:   INSERT INTO C_Incoterms_Trl(AD_Language, IsTranslated, AD_Client_ID, AD_Org_ID, Created, CreatedBy, Updated, UpdatedBy, IsActive, C_Incoterms_ID, Name)
	 SELECT 'de_DE', 'N', t.AD_Client_ID, t.AD_Org_ID, now(), -1, now(), -1, 'Y', t.C_Incoterms_ID, t.Name
	 FROM C_Incoterms t
	 LEFT JOIN C_Incoterms_Trl trl ON (trl.C_Incoterms_ID = t.C_Incoterms_ID AND trl.AD_Language='de_DE')
	 WHERE trl.C_Incoterms_ID IS NULL

#podman logs metasfresh-docker_webapi_1
2022-08-14 21:46:23.580 ERROR 19 --- [or-http-epoll-2] reactor.core.publisher.Operators         : Operator called default onErrorDropped
reactor.core.Exceptions$ErrorCallbackNotImplemented: org.springframework.data.elasticsearch.client.NoReachableHostException: Host 'localhost:9200' not reachable. Cluster state is offline.
Caused by: org.springframework.data.elasticsearch.client.NoReachableHostException: Host 'localhost:9200' not reachable. Cluster state is offline

After I try to login with username metasfresh and the password I used via env var for METASFRESH_PASSWORD I get the following:

#podman logs metasfresh-docker_webapi_1
2022-08-14 22:13:58.991  WARN 19 --- [nio-8080-exec-5] d.m.ui.web.config.WebuiExceptionHandler  : Got REST exception from handler=de.metas.ui.web.login.LoginRestController#authenticate(JSONLoginAuthRequest)
org.adempiere.exceptions.AdempiereException: Nutzer oder Passwort ist nicht korrekt.

2022-08-14 22:13:59.004 ERROR 19 --- [nio-8080-exec-5] o.a.c.c.C.[.[.[/].[dispatcherServlet]    : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is org.adempiere.exceptions.AdempiereException: Nutzer oder Passwort ist nicht korrekt.] with root cause
org.adempiere.exceptions.AdempiereException: Nutzer oder Passwort ist nicht korrekt.
...

#podman logs metasfresh-docker_app_1
2022-08-14 21:47:38.425 ERROR 43 --- [           main] d.m.e.process.InvokeGRSSignumAction      : camelHttpResourceAuthKey for childConfig should not be empty at this point
Additional parameters:
 childConfigId: ExternalSystemGRSSignumConfigId(repoId=540000)
org.adempiere.exceptions.AdempiereException: camelHttpResourceAuthKey for childConfig should not be empty at this point
Additional parameters:
 childConfigId: ExternalSystemGRSSignumConfigId(repoId=540000)

And in the browser console: Failed to load resource: the server responded with a status of 500 ().

Any suggestions?

Okay, changing the password in docker-compose.yml seems to be causing the issue, after changing METASFRESH_PASSWORD back to metasfresh it seems to work.

  1. I wonder why ist that? Isn’t the password taken from here on initial deployment? I can change the password afterwards but why is it not possible right away on deployment? Maybe special characters in the password cause some confusion?
  db:
    build: db
    restart: always
    volumes:
      - ./volumes/db/data:/var/lib/postgresql/data:z
      - ./volumes/db/log:/var/log/postgresql:z
      - /etc/localtime:/etc/localtime:ro
      #- /etc/timezone:/etc/timezone:ro
    environment:
      - METASFRESH_USERNAME=metasfresh
      - METASFRESH_PASSWORD=metasfresh
      - METASFRESH_DBNAME=metasfresh
      - DB_SYSPASS=System
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
  1. What about the POSTGRES_PASSWORD variable, do I have to use the hard coded default password which was there before I edited it?

  2. On login, (Role: System Administrator, System, *), I managed to login, but the browser console shows a lot of error messages:

[Error] WebSocket connection to 'wss://metasfresh.my-domain.com/stomp/931/2gf2esun/websocket' failed: There was a bad response from the server.
[Error] WebSocket connection to 'wss://metasfresh.my-domain.com/stomp/761/xqcf05ds/websocket' failed: There was a bad response from the server.
[Error] Failed to load resource: the server responded with a status of 403 () (xhr_streaming, line 0)
[Error] Failed to load resource: the server responded with a status of 403 () (xhr_streaming, line 0)
[Error] WebSocket connection to 'wss://metasfresh.my-domain.com/stomp/488/5h2rmw4l/websocket' failed: There was a bad response from the server.
[Error] WebSocket connection to 'wss://metasfresh.my-domain.com/stomp/562/fgnbdhc4/websocket' failed: There was a bad response from the server.
[Error] Failed to load resource: the server responded with a status of 403 () (xhr_streaming, line 0)
[Error] WebSocket connection to 'wss://metasfresh.my-domain.com/stomp/940/xtsv1ezt/websocket' failed: There was a bad response from the server.
[Error] Failed to load resource: the server responded with a status of 403 () (xhr_streaming, line 0)
[Error] Failed to load resource: the server responded with a status of 403 () (xhr_send, line 0)
[Error] Failed to load resource: the server responded with a status of 403 () (xhr_send, line 0)
[Error] Failed to load resource: the server responded with a status of 403 () (xhr_streaming, line 0)
[Error] Failed to load resource: the server responded with a status of 403 () (xhr_send, line 0)
[Error] Failed to load resource: the server responded with a status of 403 () (xhr_send, line 0)
[Error] Failed to load resource: the server responded with a status of 403 () (xhr_send, line 0)

The community here seems not that active, or simply no one experienced such issues?
I still hope someone can answer 1. and 2. from my previous post? (also in German if its easier for you)
3. is solved I think, at least no more errors in the browser console after booting up, I also managed to solve the first two errors from the initial post (Failed to open crash log file and NoReachableHostException: Host 'localhost:9200')

But I do have some errors after podman-compose up -d, which to me looks like application errors not caused by the deployment itself. Can someone confirm?

logs for db container
ERROR:  null value in column "c_incoterms_trl_id" violates not-null constraint
DETAIL:  Failing row contains (0, de_DE, 0, null, 2022-08-17 16:32:15.688761+02, -1, null, Y, N, DAF - frei Grenze, 2022-08-17 16:32:15.688761+02, -1, 1000000).
STATEMENT:   INSERT INTO C_Incoterms_Trl(AD_Language, IsTranslated, AD_Client_ID, AD_Org_ID, Created, CreatedBy, Updated, UpdatedBy, IsActive, C_Incoterms_ID, Name)
	 SELECT 'de_DE', 'N', t.AD_Client_ID, t.AD_Org_ID, now(), -1, now(), -1, 'Y', t.C_Incoterms_ID, t.Name
	 FROM C_Incoterms t
	 LEFT JOIN C_Incoterms_Trl trl ON (trl.C_Incoterms_ID = t.C_Incoterms_ID AND trl.AD_Language='de_DE')
	 WHERE trl.C_Incoterms_ID IS NULL
logs for app container
2022-08-17 20:00:05.886 ERROR 43 --- [           main] d.m.e.process.InvokeGRSSignumAction      : camelHttpResourceAuthKey for childConfig should not be empty at this point
Additional parameters:
 childConfigId: ExternalSystemGRSSignumConfigId(repoId=540000)

org.adempiere.exceptions.AdempiereException: camelHttpResourceAuthKey for childConfig should not be empty at this point
Additional parameters:
 childConfigId: ExternalSystemGRSSignumConfigId(repoId=540000)
	at de.metas.externalsystem.process.InvokeGRSSignumAction.extractExternalSystemParameters(InvokeGRSSignumAction.java:77)
	at de.metas.externalsystem.process.InvokeExternalSystemProcess.extractParameters(InvokeExternalSystemProcess.java:173)
	at de.metas.externalsystem.process.InvokeExternalSystemProcess.getRequest(InvokeExternalSystemProcess.java:108)
	at de.metas.externalsystem.process.InvokeExternalSystemProcess.doIt(InvokeExternalSystemProcess.java:93)
	at de.metas.process.JavaProcess.startProcess(JavaProcess.java:294)
	at de.metas.process.ProcessExecutor.startJavaProcess(ProcessExecutor.java:568)
	at de.metas.process.ProcessExecutor.startJavaOrScriptProcess(ProcessExecutor.java:464)
	at de.metas.process.ProcessExecutor.access$700(ProcessExecutor.java:62)
	at de.metas.process.ProcessExecutor$1.run(ProcessExecutor.java:196)
	at org.adempiere.ad.trx.api.impl.TrxCallableWrappers$3.call(TrxCallableWrappers.java:147)
	at org.adempiere.ad.trx.api.impl.TrxCallableWrappers$3.call(TrxCallableWrappers.java:137)
	at org.adempiere.ad.trx.api.impl.AbstractTrxManager.call0(AbstractTrxManager.java:753)
	at org.adempiere.ad.trx.api.impl.AbstractTrxManager.call(AbstractTrxManager.java:666)
	at org.adempiere.ad.trx.api.impl.AbstractTrxManager.call(AbstractTrxManager.java:567)
	at org.adempiere.ad.trx.api.impl.AbstractTrxManager.call(AbstractTrxManager.java:498)
	at org.adempiere.ad.trx.api.impl.AbstractTrxManager.run(AbstractTrxManager.java:484)
	at de.metas.process.ProcessExecutor.executeNow(ProcessExecutor.java:260)
	at de.metas.process.ProcessExecutor.executeSync(ProcessExecutor.java:172)
	at de.metas.process.ProcessExecutor.access$1200(ProcessExecutor.java:62)
	at de.metas.process.ProcessExecutor$Builder.executeSync(ProcessExecutor.java:670)
	at de.metas.externalsystem.grssignum.housekeeping.ExternalSystemGRSSignumHouseKeepingTask.lambda$executeTask$1(ExternalSystemGRSSignumHouseKeepingTask.java:83)
	at java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:183)
	at java.util.stream.ReferencePipeline$11$1.accept(ReferencePipeline.java:440)
	at java.util.Collections$2.tryAdvance(Collections.java:4719)
	at java.util.Collections$2.forEachRemaining(Collections.java:4727)
	at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:482)
	at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:472)
	at java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150)
	at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173)
	at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
	at java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:485)
	at de.metas.externalsystem.grssignum.housekeeping.ExternalSystemGRSSignumHouseKeepingTask.executeTask(ExternalSystemGRSSignumHouseKeepingTask.java:77)
	at org.adempiere.ad.housekeeping.HouseKeepingService.runStartupHouseKeepingTasks(HouseKeepingService.java:94)
	at de.metas.ServerBoot.main(ServerBoot.java:146)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:49)
	at org.springframework.boot.loader.Launcher.launch(Launcher.java:107)
	at org.springframework.boot.loader.Launcher.launch(Launcher.java:58)
	at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:88)

After visitting website and creating a new user:

logs for db container
ERROR:  column "c_bpartner_id_id" does not exist at character 69
logs for webapi container
org.adempiere.exceptions.DBException: ERROR: column "c_bpartner_id_id" does not exist
  Hint: Perhaps you meant to reference the column "ad_user.c_bpartner_id".
  Position: 69
	SQL: SELECT COALESCE(MAX(SeqNo),0)+10 AS DefaultValue FROM AD_User WHERE C_BPartner_ID_ID=0

If interested I can provide a detailed “how to” for deploying metasfresh with rootless podman. I had to refactor the docker-compose quite a bit, as it still uses legacy stuff like links. Maybe this updated docker-compose would also work with docker, if so, it could serve as a new and updated, default docker-compose.yml.
Let me know if you guys are interested in all that.