dawarich icon indicating copy to clipboard operation
dawarich copied to clipboard
verified publisher icon Freika

Sidekiq UI no longer accessible, even with SELF_HOSTED=true

Open nareddyt opened this issue 11 months ago • 7 comments

OS & Hardware Kubernetes on Linux, running the official Dawarich docker container

Version 0.25.9

Describe the bug Visit /sidekiq triggers an authentication error, perhaps a type error?

TypeError: no implicit conversion of nil into String

  ActiveSupport::SecurityUtils.secure_compare(
      ::Digest::SHA256.hexdigest(username),
      ::Digest::SHA256.hexdigest(ENV['SIDEKIQ_USERNAME'])
    ) &
      ActiveSupport::SecurityUtils.secure_compare(
        ::Digest::SHA256.hexdigest(password),

To Reproduce Steps to reproduce the behavior:

  1. Go to /sidekiq

Expected behavior I should be able to access sidekiq UI on a self-hosted deployment of dawarich.

Screenshots Image

Logs N/A

Additional context I set SELF_HOSTED = "true" on both app and sidekiq containers.

          env:
            - name: SELF_HOSTED
              value: "true"

This commit https://github.com/Freika/dawarich/commit/dae1733320bc05e6ebc87cc40f8a687afe45ecb5 seems to indicate "Sidekiq Web UI is now protected by basic auth in non-self-hosted mode. (Needs to be tested)".

I guess it was not tested 😓 specifically, it looks like self-hosted mode is now broken. I didn't see any docs that ask us to set SIDEKIQ_USERNAME. The commit also seems to get rid of the self-hosted mode check.

nareddyt avatar May 04 '25 20:05 nareddyt

When you provide SIDEKIQ_USERNAME and SIDEKIQ_PASSWORD as environment variables, it will be accessible again (using those provided credentials)

salzig avatar May 05 '25 19:05 salzig

From my perspective, I can confirm this issue. I set both variables in docker-compose.yml (with and without quotation marks) and get the same screen.

kth1 avatar May 05 '25 20:05 kth1

From my perspective, I can confirm this issue. I set both variables in docker-compose.yml (with and without quotation marks) and get the same screen.

for dawarich_app or dawarich_sidekiq?

salzig avatar May 05 '25 20:05 salzig

SELF_HOSTED in both sections, SIDEKIQ_USERNAME and SIDEKIQ_PASSWORD in dawarich_sidekiq: only.

kth1 avatar May 05 '25 20:05 kth1

SELF_HOSTED in both sections, SIDEKIQ_USERNAME and SIDEKIQ_PASSWORD in dawarich_sidekiq: only.

you need to provide the SIDEKIQ_ variables to the app process, as that's the one serving the web views :)

salzig avatar May 05 '25 20:05 salzig

... good point, sounds logical and works for me ;-) Sorry for confusion. sidekiq now is available again, as long as I am signed in with admin account. Thanks!

kth1 avatar May 05 '25 21:05 kth1

When you provide SIDEKIQ_USERNAME and SIDEKIQ_PASSWORD as environment variables, it will be accessible again (using those provided credentials)

Thanks! I can confirm this works, but I assume this is a workaround for the root issue? Based on the recent commit, I don't think @Freika meant for authentication on the selfhosted version

nareddyt avatar May 05 '25 21:05 nareddyt

ye had the same thing it works with only settings the envs for app

narucx avatar May 06 '25 17:05 narucx

Should be fixed in 0.25.10

Freika avatar May 08 '25 10:05 Freika