Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SSL: permissions error reading certificates #24

Open
pgorod opened this issue Sep 11, 2023 · 0 comments
Open

SSL: permissions error reading certificates #24

pgorod opened this issue Sep 11, 2023 · 0 comments

Comments

@pgorod
Copy link

pgorod commented Sep 11, 2023

Hi

I am trying to run HedgeDoc for the first time, and I am getting this error:

s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
cont-init: info: running /etc/cont-init.d/00-banner.sh
-----------------------------------------------------------
 Add-on: HedgeDoc
 HedgeDoc for Home Assistant
-----------------------------------------------------------
 Add-on version: 1.6.3
 You are running the latest version of this add-on.
 System: Home Assistant OS 10.5  (amd64 / qemux86-64)
 Home Assistant Core: 2023.8.4
 Home Assistant Supervisor: 2023.08.3
-----------------------------------------------------------
 Please, share the above information when looking for help
 or support in, e.g., GitHub, forums or the Discord chat.
-----------------------------------------------------------
cont-init: info: /etc/cont-init.d/00-banner.sh exited 0
cont-init: info: running /etc/cont-init.d/01-log-level.sh
Log level is set to INFO
cont-init: info: /etc/cont-init.d/01-log-level.sh exited 0
cont-init: info: running /etc/cont-init.d/30-config.sh
[13:24:31] INFO: Setting up SSL...
cont-init: info: /etc/cont-init.d/30-config.sh exited 0
cont-init: info: running /etc/cont-init.d/40-mysql.sh
[13:24:32] NOTICE: Hedgedoc is using the Maria DB addon's database
[13:24:32] NOTICE: Please ensure that addon is included in your backups
[13:24:32] NOTICE: Uninstalling the Maria DB addon will also remove Hedgedoc's data
cont-init: info: /etc/cont-init.d/40-mysql.sh exited 0
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun hedgedoc (no readiness notification)
s6-rc: info: service legacy-services successfully started
[13:24:32] INFO: Hedgedoc log level set to info
[13:24:32] INFO: Handing over control to Hedgedoc...
2023-09-11T12:24:33.040Z warn: 	Overriding protocolUseSSL to 'true' as useSSL is enabled.
2023-09-11T12:24:33.331Z error: 	uncaughtException: EACCES: permission denied, open '/ssl/privkey.pem'
Error: EACCES: permission denied, open '/ssl/privkey.pem'
    at Object.openSync (node:fs:585:3)
    at Object.readFileSync (node:fs:453:35)
    at Object.<anonymous> (/opt/hedgedoc/app.js:47:13)
    at Module._compile (node:internal/modules/cjs/loader:1105:14)
    at Object.Module._extensions..js (node:internal/modules/cjs/loader:1159:10)
    at Module.load (node:internal/modules/cjs/loader:981:32)
    at Function.Module._load (node:internal/modules/cjs/loader:822:12)
    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:77:12)
    at node:internal/main/run_main_module:17:47

My certificates are working fine for other things, like my main Home Assistant UI which is open to the Internet via https.

The certificates directory is like this:

➜  config ll /ssl
total 20K
-rw-r--r--    1 root     root        4.0K Sep 11 03:01 fullchain.pem
-rw-r--r--    1 root     root        1.0K May 25 15:22 hass.crt
-rw-------    1 root     root         227 May 25 15:28 hass_private.key
-rw-------    1 root     root         227 Sep 11 03:01 privkey.pem

From what I read online, these are the correct ownerships/permissions. Am I wrong?

@pgorod pgorod changed the title SSL error reading certificates SSL: permissions error reading certificates Sep 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant