Unable to login on a fresh login

Support guidelines

• I've read the FAQs

Description

Very similar to the user in #3 , I'm unable to login after a fresh install - docker compose logs indicate a 501 (method not implemented) on each attempt. The only changes I'm making are to add in a docker network that I use to allow all services to be reachable via the container container name rather than configuring port/IP pairings. This works for about 30 other services on the same server. HTTPS is achieved by Cloudflare "full" SSL/TLS mode.

I get the same result whether or not I have the nginx proxy in my compose file - since I already have a proxy, I don't actually need this, but the result is the same even if I comment this out. Some logs from docker-compose - the 501's are my login attempts, I'm not sure what's causing the 404's but I haven't actually seen any 404 behavior in the browser:

frontend-1  | 2024-10-13T23:49:49.546230532Z [::ffff:172.29.0.29]:34466: response:200
frontend-1  | 2024-10-13T23:49:49.665808071Z [::ffff:172.29.0.29]:34482: response:501
frontend-1  | 2024-10-13T23:49:50.051106824Z [::ffff:172.29.0.29]:34488: response:404
frontend-1  | 2024-10-13T23:49:56.011485359Z [::ffff:172.29.0.29]:34492: response:501
frontend-1  | 2024-10-13T23:49:58.733117407Z [::ffff:172.29.0.29]:54464: response:501
frontend-1  | 2024-10-13T23:50:06.049884593Z [::ffff:172.29.0.29]:54472: response:200
frontend-1  | 2024-10-13T23:50:07.118551747Z [::ffff:127.0.0.1]:34852: response:200
frontend-1  | 2024-10-13T23:50:07.482974739Z [::ffff:172.29.0.29]:54486: response:200
frontend-1  | 2024-10-13T23:50:07.548570985Z [::ffff:172.29.0.29]:54494: response:501
frontend-1  | 2024-10-13T23:50:13.096436167Z [::ffff:172.29.0.29]:60436: response:501
frontend-1  | 2024-10-13T23:50:37.153323197Z [::ffff:127.0.0.1]:47410: response:200
frontend-1  | 2024-10-13T23:51:07.194604251Z [::ffff:127.0.0.1]:51770: response:200
frontend-1  | 2024-10-13T23:51:37.231792559Z [::ffff:127.0.0.1]:46674: response:200
frontend-1  | 2024-10-13T23:52:07.295630417Z [::ffff:127.0.0.1]:56322: response:200
frontend-1  | 2024-10-13T23:52:37.330490027Z [::ffff:127.0.0.1]:59910: response:200
frontend-1  | 2024-10-13T23:53:07.367848298Z [::ffff:127.0.0.1]:48574: response:200
frontend-1  | 2024-10-13T23:53:37.407771927Z [::ffff:127.0.0.1]:51170: response:200
frontend-1  | 2024-10-13T23:54:07.451565210Z [::ffff:127.0.0.1]:45204: response:200
frontend-1  | 2024-10-13T23:54:37.491937093Z [::ffff:127.0.0.1]:37926: response:200
frontend-1  | 2024-10-13T23:55:07.544627074Z [::ffff:127.0.0.1]:35256: response:200
frontend-1  | 2024-10-13T23:55:37.597376181Z [::ffff:127.0.0.1]:37408: response:200
frontend-1  | 2024-10-13T23:55:41.700492880Z [::ffff:172.29.0.29]:38898: response:200
frontend-1  | 2024-10-13T23:55:41.813531169Z [::ffff:172.29.0.29]:38906: response:501
frontend-1  | 2024-10-13T23:55:42.051067424Z [::ffff:172.29.0.29]:38912: response:404
frontend-1  | 2024-10-13T23:56:07.657257596Z [::ffff:127.0.0.1]:55124: response:200
frontend-1  | 2024-10-13T23:56:14.771280417Z [::ffff:172.29.0.29]:39526: response:501
frontend-1  | 2024-10-13T23:56:16.532772104Z [::ffff:172.29.0.29]:39528: response:501
frontend-1  | 2024-10-13T23:56:17.124533528Z [::ffff:172.29.0.29]:39542: response:501
frontend-1  | 2024-10-13T23:56:17.290126854Z [::ffff:172.29.0.29]:39556: response:501
frontend-1  | 2024-10-13T23:56:17.457884052Z [::ffff:172.29.0.29]:39570: response:501
nginx-1     | 2024-10-13T23:58:38.553142780Z /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
frontend-1  | 2024-10-13T23:56:17.618648878Z [::ffff:172.29.0.29]:39584: response:501
nginx-1     | 2024-10-13T23:58:38.553174212Z /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
frontend-1  | 2024-10-13T23:56:17.784478575Z [::ffff:172.29.0.29]:39598: response:501
nginx-1     | 2024-10-13T23:58:38.553623974Z /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
frontend-1  | 2024-10-13T23:56:17.922259505Z [::ffff:172.29.0.29]:52360: response:501
nginx-1     | 2024-10-13T23:58:38.556444784Z 10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
frontend-1  | 2024-10-13T23:56:18.058119639Z [::ffff:172.29.0.29]:52370: response:501
nginx-1     | 2024-10-13T23:58:38.563637345Z 10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
frontend-1  | 2024-10-13T23:56:37.701656711Z [::ffff:127.0.0.1]:53656: response:200
nginx-1     | 2024-10-13T23:58:38.563798628Z /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
frontend-1  | 2024-10-13T23:57:07.763495770Z [::ffff:127.0.0.1]:35116: response:200
frontend-1  | 2024-10-13T23:57:10.608439624Z [::ffff:172.29.0.29]:38212: response:501
frontend-1  | 2024-10-13T23:57:11.161422746Z [::ffff:172.29.0.29]:38226: response:501
nginx-1     | 2024-10-13T23:58:38.565277625Z /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
frontend-1  | 2024-10-13T23:57:11.329669103Z [::ffff:172.29.0.29]:38234: response:501
frontend-1  | 2024-10-13T23:57:13.181974109Z [::ffff:172.29.0.29]:38238: response:501
frontend-1  | 2024-10-13T23:57:13.637861363Z [::ffff:172.29.0.29]:38254: response:501
nginx-1     | 2024-10-13T23:58:38.565974375Z /docker-entrypoint.sh: Configuration complete; ready for start up
frontend-1  | 2024-10-13T23:57:13.805448757Z [::ffff:172.29.0.29]:38264: response:501
frontend-1  | 2024-10-13T23:57:13.929842439Z [::ffff:172.29.0.29]:38274: response:501
frontend-1  | 2024-10-13T23:57:14.720453252Z [::ffff:172.29.0.29]:38288: response:200
frontend-1  | 2024-10-13T23:57:14.773759871Z [::ffff:172.29.0.29]:38290: response:501
frontend-1  | 2024-10-13T23:57:15.673117201Z [::ffff:172.29.0.29]:38304: response:404
frontend-1  | 2024-10-13T23:57:15.768861200Z [::ffff:172.29.0.29]:38314: response:200
frontend-1  | 2024-10-13T23:57:15.771680333Z [::ffff:172.29.0.29]:38322: response:200
frontend-1  | 2024-10-13T23:57:15.779909812Z [::ffff:172.29.0.29]:38334: response:200
frontend-1  | 2024-10-13T23:57:33.498564671Z [::ffff:172.29.0.29]:57684: response:404
frontend-1  | 2024-10-13T23:57:33.596581718Z [::ffff:172.29.0.29]:57692: response:200
frontend-1  | 2024-10-13T23:57:37.808572734Z [::ffff:127.0.0.1]:41388: response:200
frontend-1  | 2024-10-13T23:57:53.017480275Z [::ffff:172.29.0.29]:35616: response:200
frontend-1  | 2024-10-13T23:58:07.852023744Z [::ffff:127.0.0.1]:58414: response:200
frontend-1  | 2024-10-13T23:58:17.539228539Z [::ffff:172.29.0.29]:42040: response:501
frontend-1  | 2024-10-13T23:58:19.674733622Z [::ffff:172.29.0.29]:44824: response:501
frontend-1  | 2024-10-13T23:58:37.906087436Z [::ffff:127.0.0.1]:33100: response:200
frontend-1  | 2024-10-13T23:58:42.402021740Z [::ffff:172.29.0.29]:59518: response:501
frontend-1  | 2024-10-13T23:58:43.028821376Z [::ffff:172.29.0.29]:59522: response:501
frontend-1  | 2024-10-13T23:58:43.170827515Z [::ffff:172.29.0.29]:59532: response:501
frontend-1  | 2024-10-13T23:58:43.298918900Z [::ffff:172.29.0.29]:59536: response:501
frontend-1  | 2024-10-13T23:58:45.026137120Z [::ffff:172.29.0.29]:59546: response:501
frontend-1  | 2024-10-13T23:58:45.457649424Z [::ffff:172.29.0.29]:59562: response:501
frontend-1  | 2024-10-13T23:58:45.613860193Z [::ffff:172.29.0.29]:59572: response:501
frontend-1  | 2024-10-13T23:58:45.909237013Z [::ffff:172.29.0.29]:59584: response:501
frontend-1  | 2024-10-13T23:59:07.966336385Z [::ffff:127.0.0.1]:60610: response:200
frontend-1  | 2024-10-13T23:59:38.003131204Z [::ffff:127.0.0.1]:44660: response:200
frontend-1  | 2024-10-14T00:00:08.060107192Z [::ffff:127.0.0.1]:58940: response:200
frontend-1  | 2024-10-14T00:00:38.105464442Z [::ffff:127.0.0.1]:51242: response:200
frontend-1  | 2024-10-14T00:01:08.154200025Z [::ffff:127.0.0.1]:48400: response:200
frontend-1  | 2024-10-14T00:01:38.206671848Z [::ffff:127.0.0.1]:45284: response:200
frontend-1  | 2024-10-14T00:02:08.253506779Z [::ffff:127.0.0.1]:58140: response:200
frontend-1  | 2024-10-14T00:02:38.303052762Z [::ffff:127.0.0.1]:59270: response:200
frontend-1  | 2024-10-14T00:03:08.362703521Z [::ffff:127.0.0.1]:34688: response:200
frontend-1  | 2024-10-14T00:03:38.409620165Z [::ffff:127.0.0.1]:57712: response:200
frontend-1  | 2024-10-14T00:04:08.453848961Z [::ffff:127.0.0.1]:37048: response:200
frontend-1  | 2024-10-14T00:04:38.507159089Z [::ffff:127.0.0.1]:41674: response:200
frontend-1  | 2024-10-14T00:05:08.565458753Z [::ffff:127.0.0.1]:41942: response:200
frontend-1  | 2024-10-14T00:05:38.605866873Z [::ffff:127.0.0.1]:43094: response:200
frontend-1  | 2024-10-14T00:06:08.649562265Z [::ffff:127.0.0.1]:60344: response:200
frontend-1  | 2024-10-14T00:06:38.694550849Z [::ffff:127.0.0.1]:49924: response:200
frontend-1  | 2024-10-14T00:07:08.741010102Z [::ffff:127.0.0.1]:58038: response:200
frontend-1  | 2024-10-14T00:07:38.779954572Z [::ffff:127.0.0.1]:35600: response:200
frontend-1  | 2024-10-14T00:08:08.833472464Z [::ffff:127.0.0.1]:48174: response:200
frontend-1  | 2024-10-14T00:08:38.880679099Z [::ffff:127.0.0.1]:56752: response:200
frontend-1  | 2024-10-14T00:09:08.923355376Z [::ffff:127.0.0.1]:57848: response:200

Here's my compose file - the port # is commented out because I usually use whichever port is natively exposed by the dockerfile, but my result appears to be the same regardless of if this is commented or not:

services:
  backend:
    image: ghcr.io/simonwep/genesis:v1.3
    restart: unless-stopped
    volumes:
      - ./data:/app/.data
    command: start
    environment:
      - GENESIS_PORT
      - GENESIS_DB_PATH
      - GENESIS_CREATE_USERS
      - GENESIS_AUTHORIZED_URIS
      - GENESIS_JWT_SECRET
      - GENESIS_JWT_TOKEN_EXPIRATION
      - GENESIS_JWT_COOKIE_ALLOW_HTTP
      - GENESIS_USERNAME_PATTERN
      - GENESIS_KEY_PATTERN
      - GENESIS_DATA_MAX_SIZE
      - GENESIS_KEYS_PER_USER
      - GENESIS_GIN_MODE
      - GENESIS_LOG_MODE
    networks:
      - services

  frontend:
    image: ghcr.io/simonwep/ocular:v1.5
    restart: unless-stopped
    networks:
      - services

  nginx:
    image: nginx:1.24-alpine
    restart: unless-stopped
#    ports:
#      - "3030:80"
    volumes:
      - ./config/nginx.conf:/etc/nginx/nginx.conf
    depends_on:
      - backend
      - frontend
    networks:
      - services

networks:
  services:
    name: services
    external: true

Environment

Client Browser - Google Chrome Version 129.0.6668.101 (Official Build) (arm64) Client OS - MacOS Sequoia 15.0.1 Client Hardware - MacBook M3 Pro (2023) Ocular Version - 1.4.0 Docker Version - Docker version 27.0.3, build 7d4bcd8 Server Hardware - Beelink AMD mini PC

Expected behaviour

Be allowed to login without a 501 error

Steps to reproduce

1. Follow the steps in the repo readme - including downloading the release (NOT a repo clone), renaming the .env file, running ./gen-passwords.sh and using docker-compose up -d to start the container.
2. Before bringing the container up, I edit the compose file to add my docker network (called services) which connects to my Cloudflare Tunnels container upstream, and downstream each service is added to this network. This works for 30+ other services hosted on the same machine.
3. When attempting to login using the username/password combo from the .env file, I am greeted with a 501 error (method not implemented)

5. I've tried setting a very simple username/password (this is attached as a failed login attempt and has been disabled for security reasons), without success. budget.kadaranwar.com.har.zip
6. I reviewed the other issues where the nginx.conf was suspected as causing issues (#2 ) but I don't see that same output in the developer tools in my requests. The attached .har.zip can be extracted and then imported into Chrome to see the full request/response.
7. The GENESIS_JWT_COOKIE_ALLOW_HTTP is already set to true in my .env file:

# Database location
GENESIS_DB_PATH=.data

# JWT secret known only to your token generator
GENESIS_JWT_SECRET=THIS_IS_A_SECURE_TOKEN_USUALLY

# JWT expiration in minutes
GENESIS_JWT_TOKEN_EXPIRATION=120960

# If the session cookie for the backend should be allowed to be sent over http
# Dangerous, it's best to run it behind a reverse proxy with https
GENESIS_JWT_COOKIE_ALLOW_HTTP=true

# Gin mode, either test, release or debug
GENESIS_GIN_MODE=release

# Zap loggger, either production or development
GENESIS_LOG_MODE=production

# Port to listen on, leave it at 80 if you're using a reverse proxy
GENESIS_PORT=80

# Base url to listen for requests
GENESIS_BASE_URL=/

# Use ! as suffix for the username to indicate that this user
# should be created as an admin. These can add, remove and edit users.
GENESIS_CREATE_USERS=simple_username!:simple_password

# Allowed username pattern
GENESIS_USERNAME_PATTERN=^[\w]{0,32}$

# Allowed key pattern
GENESIS_KEY_PATTERN=^[\w]{0,32}$

# Maximum size of each key in kilobytes
GENESIS_DATA_MAX_SIZE=512

# Maximum amount of datasets per user
GENESIS_KEYS_PER_USER=2

Additional info

This same service has about 30 other containers running, with nginx proxy manager (NPM) as the reverse proxy, so I'm fairly confident there is no issue in my existing proxy/tunnel setup.

The topology flow is something like: Request ---> WAN ---> domain name ---> DNS record for cloudflare tunnel ID ---> home server on the "cf" docker network ---> NPM subdomain entry with "services" docker network ---> downstream service.

Happy to share more details in case I missed something!