Hello aw new user i’m trying to install open remote in a Windows 64bit Docker Desktop…
I have download source and extracted and after that i run docker-compose pull and after finalized the download i run docker-compose up --no-build
At this point i notice that deployment container started but after new seconds stopped …
At the end of the procedure after the rest of containers started … i’m trying to access localhost but i get an “Access to localhost was denied… You don’t have authorisation to view this page.
HTTP ERROR 403”
Any ideas what is happened … ??
When i run docker ps i get:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c30229177230 openremote/proxy:latest "/entrypoint.sh run" About an hour ago Up About a minute (healthy) 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:8883->8883/tcp openremote-master_proxy_1
2d44038dc358 openremote/manager:latest "/bin/sh -c 'java $J…" About an hour ago Up About a minute (healthy) 8080/tcp openremote-master_manager_1
acd7b1ea3b64 openremote/keycloak:latest "/opt/jboss/docker-e…" About an hour ago Up 2 minutes (healthy) 8080/tcp, 8443/tcp openremote-master_keycloak_1
3833676fee7d openremote/postgresql:latest "docker-entrypoint.s…" About an hour ago Up 2 minutes (healthy) 5432/tcp openremote-master_postgresql_1
The deployment container only populates the docker volume and is meant to exit.
The running containers look correct and if you’re getting a 403 error then there must be a Web server at https://localhost/, when running locally openremote uses a self signed certificate which browsers will warn you about, just need to select ‘proceed’ and you should get a login page and you can login with default credentials:
admin/secret
FYI: please use markdown code quotes when pasting code or console output (I edited your question to make it more readable).
Hi, I have the same issue. I tried installation of OpenRemote v3 in both Windows 10 Enterprise and CentOS Linux release 8.3.2011, but neither was working. In Windows 10, after I run docker-compose -p openremote up from the guide on https://github.com/openremote/openremote/blob/master/README.md.
I got the ‘HTTP ERROR 403’ error.
However on CentOS, the error message was Invalid parameter: redirect_uri.
The log is like: keycloak_1 | 10:14:11,854 WARN [org.keycloak.events] (default task-1) type=LOGIN_ERROR, realmId=master, clientId=openremote, userId=null, ipAddress=172.20.0.5, error=invalid_redirect_uri, redirect_uri=https://192.168.55.21/manager/
Can anyone help me? Reinstallation seems not work here. Thanks ahead.
Looking at those error messages it seems you aren’t accessing the running system using https://localhost, running on a VM maybe?
Our keycloak identity provider expects you to be coming from https://localhost by default, you can alter this by supplying the KEYCLOAK_FRONTEND_URL env variable e.g:
KEYCLOAK_FRONTEND_URL=https://192.168.55.21/auth docker-compose -p openremote up -d
Sorry forgot to mention you’ll need to get the latest docker-compose.yml file from the repo as it allows the KEYCLOAK_FRONTEND_URL to be overridden from the shell.
Thanks for your reply. However I cannot make it work yet.
Here is my environment:
I have two computers. One uses Windows 10. The IP is 192.168.55.77. The other one used CentOS 8 with IP 192.168.55.21.
I used the docker-compose.yml from https://raw.githubusercontent.com/openremote/openremote/master/docker-compose.yml
That should be the latest one, is it?
On my Windows environment. I tried running Openremote with Windows 64bit Docker Desktop as panosp did, but I cannot access https://localhost.
The error message was
Access to localhost was denied
You don't have the user rights to view this page.
HTTP ERROR 403
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
74091132df95 openremote/proxy:latest "/entrypoint.sh run" 19 hours ago Up 13 minutes (healthy) 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:8883->8883/tcp openremote_proxy_1
8eb0f4c68adc openremote/manager:latest "/bin/sh -c 'java $M…" 19 hours ago Up 13 minutes (healthy) 8080/tcp openremote_manager_1
677102f4cd79 openremote/keycloak:latest "/opt/jboss/tools/do…" 19 hours ago Up 14 minutes (healthy) 8080/tcp openremote_keycloak_1
b9ad0270cbc5 openremote/postgresql:latest "docker-entrypoint.s…" 19 hours ago Up 14 minutes (healthy) 5432/tcp openremote_postgresql_1
Then I tried using installing OpenRemote in my CentOS machine and access it on my windows PC by running
KEYCLOAK_FRONTEND_URL=https://192.168.55.1/auth docker-compose -p openremote up -d
The result I got was that:
Accessing https://192.168.55.21/ was redirecting to access
From your error message I see that it fails on the fetching yaml file from the github. What I suspect here is a firewall or something similar blocking your traffic. Here is what I would try:
run the oipenremote-cli in --dry-run mode (so it does not break) and then execute all separate commands from the terminal.
example I run on my computer
% docker run --rm -ti -v /var/run/docker.sock:/var/run/docker.sock openremote/openremote-cli deploy --dnsname 192.168.55.21 -v --dry-run
Config created in /root/.openremote/config.ini
--dry-run active!
If you need help go to https://forum.openremote.io/
Deploying OR... This usually takes less than 15 minutes.
> docker swarm init
> docker volume rm openremote_postgresql-data
> wget -nc https://github.com/openremote/openremote/raw/master/mvp/mvp-docker-compose.yml
Generated password: pjfoHdfU9vR
> DOMAINNAME=localhost IDENTITY_NETWORK_HOST=192.168.55.21 PASSWORD=pjfoHdfU9vR docker-compose -f mvp-docker-compose.yml -p openremote up -d
Open https://localhost and login with admin:pjfoHdfU9vR
Remove the stack when you are done:
> docker-compose -f mvp-docker-compose.yml -p openremote down
> rm mvp-docker-compose.yml
To remove docker resources:
> docker images --filter 'reference=openremote/*' -q | xargs docker rmi
> docker volume ls --filter 'dangling=true' -q | xargs docker volume rm
The most important command here for starting the stack is
DOMAINNAME=localhost IDENTITY_NETWORK_HOST=192.168.55.21 PASSWORD=pjfoHdfU9vR docker-compose -f mvp-docker-compose.yml -p openremote up -d
You can try to run only it. Note that it uses a different yaml file which you can grab from git hub. The CLI is trying to do it for you but fails to connect to the github.
Another note, the CLI is generating a password when not given with --password option. This is due that we don’t want to expose to outside network a stack with a default password. The catch here is that once given password cannot be easily changed right now. Therefore, before starting the stack again, with docker-compose or cli, you have to either remove the database (docker volume rm openremote_postgresql-data is doing this) or use --passord option in the CLI or setting PASSWORD environment variable.
This allows KEYCLOAK_FRONTEND_URL to be supplied from your shell so you can override the default of https://localhost/auth.
As for why you are having issues on localhost are you sure you don’t have IIS running? Can look at the logs of the proxy container for clues about binding issues: