Hi there,
I am not able to get influxdbv2 up and running with docker and a self signed certificate. I would love to leave it out, but unfortunately hassio demands a secure implementation.
i basically followed this Guide here:
I shared the certificates with the container, but i think the problem lies within the environment variables of the container. I tried some different things but basically i did not find a list of all the valid environment variables. So i tried these here: InfluxDB configuration options | InfluxDB OSS 2.0 Documentation
But they won’t work either.
This is my docker-compose config so far:
# INFLUXDB
influxdb:
container_name: influxdbv2
image: influxdb:latest
ports:
- $INFLUXDB_PORT:8086
volumes:
# - $DOCKERDIR/influxdbv2/influxdb:/var/lib/influxdb
- $DOCKERDIR/influx/data:/var/lib/influxdb2
- $DOCKERDIR/influx/config:/etc/influxdb2
- $DOCKERDIR/influx/cert:/etc/ssl/
environment:
- DOCKER_INFLUXDB_INIT_MODE=setup
- DOCKER_INFLUXDB_INIT_USERNAME=$INFLUXDB_ADMIN_USERNAME
- DOCKER_INFLUXDB_INIT_PASSWORD=$INFLUXDB_ADMIN_PASSWORD
- DOCKER_INFLUXDB_INIT_ORG=$INFLUXDB_ORG
- DOCKER_INFLUXDB_INIT_BUCKET=$INFLUXDB_BUCKETNAME
# - INFLUXDB_HTTP_HTTPS_ENABLED=true
- INFLUXD_TSL_CERT=/etc/ssl/influxdb-selfsigned.crt
- INFLUXD_TSL_KEY=/etc/ssl/influxdb-selfsigned.key
Thanks in advance!
I have had the same issue, but have managed to solve it and here is my basic run config
sudo podman run -d \
--name influxdb \
--net=influxdb-telegraf-net \
--ip 10.89.0.98 \
--security-opt label=disable \
--privileged \
-p 8086:8086 \
-v /etc/ssl:/etc/ssl \
-e INFLUXD_CONFIG_PATH=/root/.influxdbv2 \
-e INFLUXD_BOLT_PATH=/root/.influxdbv2/influxd.bolt \
-e INFLUXD_ENGINE_PATH=/root/.influxdbv2/engine \
-v /home/influx/config/config.yml:/root/.influxdbv2/config.yml \
-v /home/influx/data:/root/.influxdbv2 \
quay.io/influxdb/influxdb:v2.0.6 \
--reporting-disabled
Note: If you’re are migrating from an unsecure container you will need the BOLT and ENGINE_PATH variables or your existing data will not be accessible.
Hi @17over27, It looks like you are setting the wrong ENV vars here. it should be INFLUXD_TLS_CERT and INFLUXD_TLS_KEY instead of TSL. The following docker-compose file worked for me.
Thanks,
Russ
version: '3'
services:
influxdb:
image: influxdb:latest
volumes:
- influxdbv2:/.influxdbv2
- ./ssl/influxdb-selfsigned.crt:/etc/ssl/influxdb-selfsigned.crt
- ./ssl/influxdb-selfsigned.key:/etc/ssl/influxdb-selfsigned.key
environment:
- DOCKER_INFLUXDB_INIT_MODE=setup
- DOCKER_INFLUXDB_INIT_USERNAME=russ
- DOCKER_INFLUXDB_INIT_PASSWORD=something
- DOCKER_INFLUXDB_INIT_ORG=InfluxData
- DOCKER_INFLUXDB_INIT_BUCKET=telegraf
- DOCKER_INFLUXDB_INIT_ADMIN_TOKEN=mytoken
- INFLUXD_TLS_CERT=/etc/ssl/influxdb-selfsigned.crt
- INFLUXD_TLS_KEY=/etc/ssl/influxdb-selfsigned.key
ports:
- "8086:8086"
volumes:
influxdbv2:
curl -k https://localhost:8086/api/v2 | jq
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1022 100 1022 0 0 27621 0 --:--:-- --:--:-- --:--:-- 28388
{
"authorizations": "/api/v2/authorizations",
"backup": "/api/v2/backup",
"buckets": "/api/v2/buckets",
"checks": "/api/v2/checks",
"dashboards": "/api/v2/dashboards",
"delete": "/api/v2/delete",
"external": {
"statusFeed": "https://www.influxdata.com/feed/json"
},
"flags": "/api/v2/flags",
"labels": "/api/v2/labels",
"me": "/api/v2/me",
"notificationEndpoints": "/api/v2/notificationEndpoints",
"notificationRules": "/api/v2/notificationRules",
"orgs": "/api/v2/orgs",
"plugins": "/api/v2/telegraf/plugins",
"query": {
"analyze": "/api/v2/query/analyze",
"ast": "/api/v2/query/ast",
"self": "/api/v2/query",
"suggestions": "/api/v2/query/suggestions"
},
"restore": "/api/v2/restore",
"scrapers": "/api/v2/scrapers",
"setup": "/api/v2/setup",
"signin": "/api/v2/signin",
"signout": "/api/v2/signout",
"sources": "/api/v2/sources",
"swagger": "/api/v2/swagger.json",
"system": {
"debug": "/debug/pprof",
"health": "/health",
"metrics": "/metrics"
},
"tasks": "/api/v2/tasks",
"telegrafs": "/api/v2/telegrafs",
"users": "/api/v2/users",
"variables": "/api/v2/variables",
"write": "/api/v2/write"
}
