Docker Community Forums

Share and learn in the Docker community.

Compose - Access denied for user

Hey there,

I’m really new with docker, and hoping I can express myself well enough.

I worked with the Wordpress Image in combination with docker-compose,
I created my first compose file with the help of the official Docker “Wordpress Quickstart-Docs article”

    version: '3.3'

    services:
       db:
         image: mysql:5.7
         volumes:
           - db_data:/var/lib/mysql
         restart: always
         environment:
           MYSQL_ROOT_PASSWORD: myRootPassword
           MYSQL_DATABASE: wordpress_oxygen
           MYSQL_USER: wordpress_username
           MYSQL_PASSWORD: myPassword

       wordpress:
         depends_on:
           - db
         image: wordpress:latest
         ports:
           - "8000:80"
         restart: always
         environment:
           WORDPRESS_DB_HOST: db:3306
           WORDPRESS_DB_USER: wordpress
           WORDPRESS_DB_PASSWORD: wordpress
           WORDPRESS_DB_NAME: wordpress
    volumes:
        db_data: {}

After doing this, everything wen well.
Question: Was it wrong to keep this as it was ?

environment:
  WORDPRESS_DB_HOST: db:3306
  WORDPRESS_DB_USER: wordpress
  WORDPRESS_DB_PASSWORD: wordpress
  WORDPRESS_DB_NAME: wordpres

And if so, why did it still worked ? :confused:

After that I was building my site in wordpress and everthing got saved nicely.
When I was done, I decided to take my work to production. So I did this:

    version: '3.3'

    services:
       db:
         image: mysql:5.7
         volumes:
           - wordpress-oxygen_db_data:/var/lib/mysql
         restart: always
         environment:
           MYSQL_ROOT_PASSWORD: myRootPassword
           MYSQL_DATABASE: wordpress_oxygen
           MYSQL_USER: wordpress_name
           MYSQL_PASSWORD: myPassword

       wordpress:
         depends_on:
           - db
         image: wordpress:5.6.0-php7.4
         restart: always
         ports:
           - "80:80"
         environment:
           WORDPRESS_DB_HOST: db:3306
           WORDPRESS_DB_USER: wordpress
           WORDPRESS_DB_PASSWORD: wordpress
           WORDPRESS_DB_NAME: wordpress
         volumes:
           - 45d1ad6b1d8fa57241d4929e8aae5fc45ad7697a51dc5f5c39f70bdf3053d137:/var/www/html

    volumes:
        wordpress-oxygen_db_data:
          external: true
        45d1ad6b1d8fa57241d4929e8aae5fc45ad7697a51dc5f5c39f70bdf3053d137:
          external: true

This also went well

When I realized that I totally forgot to use SSL I tried to do this like so:

So I first cloned my volumes to get a Copy of my Development Environment.

docker volume create wordpress_db-data

docker run --rm --volumes-from wordpress-oxygen_db_data -v wordpress_db-data:/target alpine sh -c "cp -rp /var/lib/mysql/. /target"

&

docker volume create wordpress_data

docker run --rm --volumes-from 45d1ad6b1d8fa57241d4929e8aae5fc45ad7697a51dc5f5c39f70bdf3053d137 -v wordpress_data:/target alpine sh -c "cp -rp /var/www/html/. /target"

I also checked every volumes content by “ls -lsa” into them.

After that:

version: '3'

    services:
      db:
        image: mysql:5.7
        container_name: db
        restart: unless-stopped
        env_file: .env
        environment:
          - MYSQL_DATABASE=wordpress_oxygen
        volumes:
          - wordpress_db-data:/var/lib/mysql
        networks:
          - conturas-network

      wordpress:
        depends_on:
          - db
        image: wordpress:5.6.0-fpm-alpine
        container_name: wordpress
        restart: unless-stopped
        env_file: .env
        environment:
          - WORDPRESS_DB_HOST=db:3306
          - WORDPRESS_DB_USER=$MYSQL_USER
          - WORDPRESS_DB_PASSWORD=$MYSQL_PASSWORD
          - WORDPRESS_DB_NAME=wordpress_oxygen
        volumes:
          - wordpress_data:/var/www/html
        networks:
          - conturas-network

      webserver:
        depends_on:
          - wordpress
        image: nginx:1.19.6-alpine
        container_name: webserver
        restart: unless-stopped
        ports:
          - "80:80"
        volumes:
          - wordpress_data:/var/www/html
          - ./nginx-conf:/etc/nginx/conf.d
          - certbot-etc:/etc/letsencrypt
        networks:
          - conturas-network

      certbot:
        depends_on:
          - webserver
        image: certbot/certbot
        container_name: certbot
        volumes:
          - certbot-etc:/etc/letsencrypt
          - wordpress_data:/var/www/html
        command: certonly --webroot --webroot-path=/var/www/html --email username@xyz.io --agree-tos --no-eff-email --force-renewal -d xyz.io -d www.xyz.io

    volumes:
      certbot-etc:
      wordpress_data:
      wordpress_db-data:

    networks:
      conturas-network:
        driver: bridge

At this Point I was not able to establish the connection to the MySQL Server.
Could someone maybe help me out here ?

Error Logs from the "db-container"

2020-12-27 15:52:40+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 5.7.32-1debian10 started.
	2020-12-27 15:52:40+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
	2020-12-27 15:52:40+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 5.7.32-1debian10 started.
	2020-12-27T15:52:40.374694Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
	2020-12-27T15:52:40.375686Z 0 [Note] mysqld (mysqld 5.7.32) starting as process 1 ...
	2020-12-27T15:52:40.378123Z 0 [Note] InnoDB: PUNCH HOLE support available
	2020-12-27T15:52:40.378135Z 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
	2020-12-27T15:52:40.378139Z 0 [Note] InnoDB: Uses event mutexes
	2020-12-27T15:52:40.378142Z 0 [Note] InnoDB: GCC builtin __atomic_thread_fence() is used for memory barrier
	2020-12-27T15:52:40.378144Z 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
	2020-12-27T15:52:40.378147Z 0 [Note] InnoDB: Using Linux native AIO
	2020-12-27T15:52:40.378320Z 0 [Note] InnoDB: Number of pools: 1
	2020-12-27T15:52:40.378399Z 0 [Note] InnoDB: Using CPU crc32 instructions
	2020-12-27T15:52:40.381106Z 0 [Note] InnoDB: Initializing buffer pool, total size = 128M, instances = 1, chunk size = 128M
	2020-12-27T15:52:40.393395Z 0 [Note] InnoDB: Completed initialization of buffer pool
	2020-12-27T15:52:40.396225Z 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority().
	2020-12-27T15:52:40.408584Z 0 [Note] InnoDB: Highest supported file format is Barracuda.
	2020-12-27T15:52:40.511788Z 0 [Note] InnoDB: Creating shared tablespace for temporary tables
	2020-12-27T15:52:40.511909Z 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
	2020-12-27T15:52:40.720024Z 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
	2020-12-27T15:52:40.721299Z 0 [Note] InnoDB: 96 redo rollback segment(s) found. 96 redo rollback segment(s) are active.
	2020-12-27T15:52:40.721317Z 0 [Note] InnoDB: 32 non-redo rollback segment(s) are active.
	2020-12-27T15:52:40.722083Z 0 [Note] InnoDB: 5.7.32 started; log sequence number 114815208
	2020-12-27T15:52:40.722349Z 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
	2020-12-27T15:52:40.722561Z 0 [Note] Plugin 'FEDERATED' is disabled.
	2020-12-27T15:52:40.725907Z 0 [Note] InnoDB: Buffer pool(s) load completed at 201227 15:52:40
	2020-12-27T15:52:40.730380Z 0 [Note] Found ca.pem, server-cert.pem and server-key.pem in data directory. Trying to enable SSL support using them.
	2020-12-27T15:52:40.730402Z 0 [Note] Skipping generation of SSL certificates as certificate files are present in data directory.
	2020-12-27T15:52:40.731426Z 0 [Warning] CA certificate ca.pem is self signed.
	2020-12-27T15:52:40.731473Z 0 [Note] Skipping generation of RSA key pair as key files are present in data directory.
	2020-12-27T15:52:40.732295Z 0 [Note] Server hostname (bind-address): '*'; port: 3306
	2020-12-27T15:52:40.732337Z 0 [Note] IPv6 is available.
	2020-12-27T15:52:40.732351Z 0 [Note]   - '::' resolves to '::';
	2020-12-27T15:52:40.732370Z 0 [Note] Server socket created on IP: '::'.
	2020-12-27T15:52:40.778933Z 0 [Warning] Insecure configuration for --pid-file: Location '/var/run/mysqld' in the path is accessible to all OS users. Consider choosing a different directory.
	2020-12-27T15:52:40.792799Z 0 [Note] Event Scheduler: Loaded 0 events
	2020-12-27T15:52:40.793135Z 0 [Note] mysqld: ready for connections.
	Version: '5.7.32'  socket: '/var/run/mysqld/mysqld.sock'  port: 3306  MySQL Community Server (GPL)
	2020-12-27T15:53:26.593191Z 2 [Note] Access denied for user 'wordpress_oxygen'@'172.30.0.3' (using password: YES)

Thanks a lot.