Use Docker Compose to setup Ghost CMS
Hello folks, I’m following along with a guide on setting up Ghost using docker-compose to setup most of the pieces.
For reference, this is the guide: https://www.linode.com/docs/websites/cms/how-to-install-ghost-cms-with-docker-compose-on-ubuntu-18-04/ I realize it’s for Ubuntu 18 but I’m not sure if that matters in this case. If it does I’d appreciate that knowledge!
I’ve omitted some output from the MySQL container but I can add them if it’s helpful. It seems to start and stay up just fine. The Ghost container is crashing.
Starting ghost_db_1 ... done Recreating ghost_ghost_1 ... done Attaching to ghost_db_1, ghost_ghost_1 db_1 | 2019-06-17T01:12:39.921457Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details). db_1 | 2019-06-17T01:12:39.926905Z 0 [Note] mysqld (mysqld 5.7.26) starting as process 1 ... <... seeming benign mysql output ...> db_1 | 2019-06-17T01:12:40.180142Z 0 [Note] mysqld: ready for connections. db_1 | Version: '5.7.26' socket: '/var/run/mysqld/mysqld.sock' port: 3306 MySQL Community Server (GPL) ghost_1 | [2019-06-17 01:12:41] ERROR ER_HOST_NOT_PRIVILEGED: Host '172.21.0.3' is not allowed to connect to this MySQL server ghost_1 | ghost_1 | ER_HOST_NOT_PRIVILEGED: Host '172.21.0.3' is not allowed to connect to this MySQL server ghost_1 | ghost_1 | "Unknown database error" ghost_1 | ghost_1 | Error ID: ghost_1 | 500 ghost_1 | ghost_1 | Error Code: ghost_1 | ER_HOST_NOT_PRIVILEGED ghost_1 | ghost_1 | ---------------------------------------- ghost_1 | ghost_1 | DatabaseError: ER_HOST_NOT_PRIVILEGED: Host '172.21.0.3' is not allowed to connect to this MySQL server ghost_1 | at DatabaseError.KnexMigrateError (/var/lib/ghost/versions/2.23.4/node_modules/knex-migrator/lib/errors.js:7:26) ghost_1 | at new DatabaseError (/var/lib/ghost/versions/2.23.4/node_modules/knex-migrator/lib/errors.js:56:26) ghost_1 | at connection.raw.catch (/var/lib/ghost/versions/2.23.4/node_modules/knex-migrator/lib/database.js:40:19) ghost_1 | at tryCatcher (/var/lib/ghost/versions/2.23.4/node_modules/bluebird/js/release/util.js:16:23) ghost_1 | at Promise._settlePromiseFromHandler (/var/lib/ghost/versions/2.23.4/node_modules/bluebird/js/release/promise.js:512:31) ghost_1 | at Promise._settlePromise (/var/lib/ghost/versions/2.23.4/node_modules/bluebird/js/release/promise.js:569:18) ghost_1 | at Promise._settlePromise0 (/var/lib/ghost/versions/2.23.4/node_modules/bluebird/js/release/promise.js:614:10) ghost_1 | at Promise._settlePromises (/var/lib/ghost/versions/2.23.4/node_modules/bluebird/js/release/promise.js:690:18) ghost_1 | at _drainQueueStep (/var/lib/ghost/versions/2.23.4/node_modules/bluebird/js/release/async.js:138:12) ghost_1 | at _drainQueue (/var/lib/ghost/versions/2.23.4/node_modules/bluebird/js/release/async.js:131:9) ghost_1 | at Async._drainQueues (/var/lib/ghost/versions/2.23.4/node_modules/bluebird/js/release/async.js:147:5) ghost_1 | at Immediate.Async.drainQueues [as _onImmediate] (/var/lib/ghost/versions/2.23.4/node_modules/bluebird/js/release/async.js:17:14) ghost_1 | at runCallback (timers.js:705:18) ghost_1 | at tryOnImmediate (timers.js:676:5) ghost_1 | at processImmediate (timers.js:658:5) ghost_1 | ghost_1 | Error: ER_HOST_NOT_PRIVILEGED: Host '172.21.0.3' is not allowed to connect to this MySQL server ghost_1 | at Handshake.Sequence._packetToError (/var/lib/ghost/versions/2.23.4/node_modules/mysql/lib/protocol/sequences/Sequence.js:47:14) ghost_1 | at Handshake.ErrorPacket (/var/lib/ghost/versions/2.23.4/node_modules/mysql/lib/protocol/sequences/Handshake.js:124:18) ghost_1 | at Protocol._parsePacket (/var/lib/ghost/versions/2.23.4/node_modules/mysql/lib/protocol/Protocol.js:278:23) ghost_1 | at Parser.write (/var/lib/ghost/versions/2.23.4/node_modules/mysql/lib/protocol/Parser.js:76:12) ghost_1 | at Protocol.write (/var/lib/ghost/versions/2.23.4/node_modules/mysql/lib/protocol/Protocol.js:38:16) ghost_1 | at Socket.<anonymous> (/var/lib/ghost/versions/2.23.4/node_modules/mysql/lib/Connection.js:91:28) ghost_1 | at Socket.<anonymous> (/var/lib/ghost/versions/2.23.4/node_modules/mysql/lib/Connection.js:502:10) ghost_1 | at Socket.emit (events.js:198:13) ghost_1 | at addChunk (_stream_readable.js:288:12) ghost_1 | at readableAddChunk (_stream_readable.js:269:11) ghost_1 | at Socket.Readable.push (_stream_readable.js:224:10) ghost_1 | at TCP.onStreamRead [as onread] (internal/stream_base_commons.js:94:17) ghost_1 | -------------------- ghost_1 | at Protocol._enqueue (/var/lib/ghost/versions/2.23.4/node_modules/mysql/lib/protocol/Protocol.js:144:48) ghost_1 | at Protocol.handshake (/var/lib/ghost/versions/2.23.4/node_modules/mysql/lib/protocol/Protocol.js:51:23) ghost_1 | at Connection.connect (/var/lib/ghost/versions/2.23.4/node_modules/mysql/lib/Connection.js:118:18) ghost_1 | at _bluebird.default (/var/lib/ghost/versions/2.23.4/node_modules/knex-migrator/node_modules/knex/lib/dialects/mysql/index.js:82:18) ghost_1 | at Promise._execute (/var/lib/ghost/versions/2.23.4/node_modules/bluebird/js/release/debuggability.js:313:9) ghost_1 | at Promise._resolveFromExecutor (/var/lib/ghost/versions/2.23.4/node_modules/bluebird/js/release/promise.js:483:18) ghost_1 | at new Promise (/var/lib/ghost/versions/2.23.4/node_modules/bluebird/js/release/promise.js:79:10) ghost_1 | at Client_MySQL.acquireRawConnection (/var/lib/ghost/versions/2.23.4/node_modules/knex-migrator/node_modules/knex/lib/dialects/mysql/index.js:77:12) ghost_1 | at create (/var/lib/ghost/versions/2.23.4/node_modules/knex-migrator/node_modules/knex/lib/client.js:282:21) ghost_1 | at tryPromise (/var/lib/ghost/versions/2.23.4/node_modules/tarn/lib/Pool.js:366:22) ghost_1 | at tryPromise (/var/lib/ghost/versions/2.23.4/node_modules/tarn/lib/utils.js:57:20) ghost_1 | at Promise (/var/lib/ghost/versions/2.23.4/node_modules/tarn/lib/Pool.js:366:5) ghost_1 | at Promise._execute (/var/lib/ghost/versions/2.23.4/node_modules/bluebird/js/release/debuggability.js:313:9) ghost_1 | at Promise._resolveFromExecutor (/var/lib/ghost/versions/2.23.4/node_modules/bluebird/js/release/promise.js:483:18) ghost_1 | at new Promise (/var/lib/ghost/versions/2.23.4/node_modules/bluebird/js/release/promise.js:79:10) ghost_1 | at callbackOrPromise (/var/lib/ghost/versions/2.23.4/node_modules/tarn/lib/Pool.js:357:10) ghost_1 |
I’m using this docker-compose file to setup the system.
version: '3' services: ghost: image: ghost:latest restart: always depends_on: - db environment: url: https://blog.example.net database__client: mysql database__connection__host: db database__connection__user: root database__connection__password: BIGPASSWORD database__connection__database: ghost volumes: - /opt/ghost_content:/var/lib/ghost/content db: image: mysql:5.7 restart: always environment: MYSQL_ROOT_PASSWORD: BIGPASSWORD volumes: - /opt/ghost_mysql:/var/lib/mysql
Now, I’m omitting the nginx part of the guide since I’m running that directly, on the host myself. I’d hoped to proxy a connection to the ghost container. Suffice to say I’m not even that far as my containers aren’t working yet.
I've got the A/AAAA records setup, and my host nginx responding to it with a dummy index just fine. I tried setting up the proxy_pass to my localhost and port of ghost but as shown it isn't even staying up enough to capture that proxy.
Does this check out? I’ve looked and seen people running commands to ALTER the root user of the MySQL db to have other/all permissions. This didn’t seem like something I could do easily here, since if the container restarts wouldn’t I need to make the alter every time? I created the other mount directories as described for ghost and the db, would there be a permissions thing with those? I’m not sure what 172.21.0.3 refers to, maybe the networking setup by docker?
The most likely cause of the
ER_HOST_NOT_PRIVILEGED: Host '172.21.0.3' is not allowed to connect to this MySQL server error is that the Ghost user for MySQL does not have proper permissions. If you're connecting as root, I'd recommend verifying privileges directly in MySQL. The container crashing may be related to the MySQL privileges; otherwise, you might find this blog post to be helpful regarding container persistency.