Error when running cryptomator hub

alfianabdi19 · April 28, 2025, 10:50am

Hi I am trying to setup cryptomator hub (1.4.0), a new setup, not upgrade from previous version. This is the system details

OS: Ubuntu 24.04 (aarch64)
Docker: Docker version 28.1.1

This is part of the docker-compose file configuration for the hub, I only modified few things from the template provided by this page Cryptomator Hub: Self-Hosted

  hub:
    depends_on:
      keycloak:
        condition: service_healthy # Wait for Keycloak
      postgres:
        condition: service_healthy # Wait for DB
    # Pin version (stable or specific tag)
    image: ghcr.io/cryptomator/hub@sha256:86909316f66b0820dbdb6a20c4629c9d887007d5cb9625b184b4723e47ce760a
    container_name: cryptomator_hub_app
    networks:
      # Needs access to DB and Keycloak, reachable by Nginx
      - db
      - app
    volumes:
      # Define a named volume for Hub's persistent data (verify path if needed)
      - hub_data:/data # Assuming /data is used, CHECK HUB DOCS
    # Removed ports - Nginx handles external access
    healthcheck: # Use healthcheck from hub.yaml, adjusted ports
      test: ["CMD-SHELL", "(curl -f http://localhost:9000/q/health/live && curl -f http://localhost:8080/api/config) || exit 1"]
      interval: 10s
      timeout: 3s
      retries: 5
      start_period: 20s # Give Hub time to start
    restart: unless-stopped
    environment:
      # --- Hub specific settings (using .env vars) ---
      # Public root path (usually /)
      - HUB_PUBLIC_ROOT_PATH=/
      # Keycloak URLs (public uses domain, local uses service name)
      - HUB_KEYCLOAK_PUBLIC_URL=https://${HUB_DOMAIN}/kc
      - HUB_KEYCLOAK_LOCAL_URL=http://keycloak_idp:8080/kc # Internal communication
      # Keycloak realm and client details (using .env vars)
      - HUB_KEYCLOAK_REALM=cryptomator
      - HUB_KEYCLOAK_SYSTEM_CLIENT_ID=cryptomatorhub-system
      - HUB_KEYCLOAK_SYSTEM_CLIENT_SECRET=${HUB_KEYCLOAK_SYSTEM_CLIENT_SECRET}
      - HUB_KEYCLOAK_SYNCER_PERIOD=5m
      - HUB_KEYCLOAK_OIDC_CRYPTOMATOR_CLIENT_ID=cryptomator
      # --- Quarkus OIDC Settings (using .env vars) ---
      # Internal URL for OIDC auth server
      - QUARKUS_OIDC_AUTH_SERVER_URL=http://keycloak_idp:8080/kc/realms/cryptomator
      # Public URL for token issuer
      - QUARKUS_OIDC_TOKEN_ISSUER=https://${HUB_DOMAIN}/kc/realms/cryptomator
      - QUARKUS_OIDC_CLIENT_ID=cryptomatorhub
      # --- Quarkus Datasource Settings (using .env vars) ---
      - QUARKUS_DATASOURCE_JDBC_URL=jdbc:postgresql://postgres:5432/${POSTGRES_DB_HUB} # Use service name 'postgres'
      - QUARKUS_DATASOURCE_USERNAME=${POSTGRES_USER_HUB}
      - QUARKUS_DATASOURCE_PASSWORD=${POSTGRES_PASSWORD_HUB}
      # --- Quarkus HTTP Settings ---
      # Trust X-Forwarded-* headers from Nginx
      - QUARKUS_HTTP_PROXY_PROXY_ADDRESS_FORWARDING=true
      # Example Content Security Policy (adjust as needed)
      - QUARKUS_HTTP_HEADER__CONTENT_SECURITY_POLICY__VALUE=default-src 'self'; connect-src 'self' api.cryptomator.org https://${HUB_DOMAIN}/kc/; object-src 'none'; child-src 'self'; img-src * data:; frame-ancestors 'none'
      # Add any other required Hub environment variables here
    security_opt:
      - no-new-privileges:true

all dependencies (postgres and keycloak) are running, but I keep getting error

2025-04-28 10:12:32,312 ERROR [io.qua.sch.com.run.StatusEmitterInvoker] (executor-thread-1) Error occurred while executing task for trigger io.quarkus.quartz.runtime.QuartzSchedulerImpl$QuartzTrigger@33fbe59b: java.util.concurrent.CompletionException: jakarta.ws.rs.ProcessingException: io.netty.channel.AbstractChannel$AnnotatedConnectException: Connection refused: localhost/127.0.0.1:80
        at java.base/java.util.concurrent.CompletableFuture.encodeThrowable(Unknown Source)
        at java.base/java.util.concurrent.CompletableFuture.completeThrowable(Unknown Source)
        at java.base/java.util.concurrent.CompletableFuture.uniWhenComplete(Unknown Source)
        at java.base/java.util.concurrent.CompletableFuture.uniWhenCompleteStage(Unknown Source)
        at java.base/java.util.concurrent.CompletableFuture.whenComplete(Unknown Source)
        at java.base/java.util.concurrent.CompletableFuture$MinimalStage.whenComplete(Unknown Source)
        at io.quarkus.scheduler.common.runtime.DefaultInvoker.invoke(DefaultInvoker.java:25)
        at io.quarkus.scheduler.common.runtime.DelegateInvoker.invokeDelegate(DelegateInvoker.java:28)
        at io.quarkus.scheduler.common.runtime.StatusEmitterInvoker.invoke(StatusEmitterInvoker.java:35)
        at io.quarkus.quartz.runtime.QuartzSchedulerImpl$InvokerJob$2.call(QuartzSchedulerImpl.java:1110)
        at io.vertx.core.impl.ContextImpl.lambda$executeBlocking$4(ContextImpl.java:192)
        at io.vertx.core.impl.ContextInternal.dispatch(ContextInternal.java:270)
        at io.vertx.core.impl.ContextImpl$1.execute(ContextImpl.java:221)
        at io.vertx.core.impl.WorkerTask.run(WorkerTask.java:56)
        at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:640)
        at org.jboss.threads.EnhancedQueueExecutor$Task.doRunWith(EnhancedQueueExecutor.java:2516)
        at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2495)
        at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1521)
        at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:11)
        at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:11)
        at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
        at java.base/java.lang.Thread.run(Unknown Source)
Caused by: jakarta.ws.rs.ProcessingException: io.netty.channel.AbstractChannel$AnnotatedConnectException: Connection refused: localhost/127.0.0.1:80
        at org.jboss.resteasy.reactive.client.handlers.ClientSendRequestHandler$2.accept(ClientSendRequestHandler.java:225)
        at org.jboss.resteasy.reactive.client.handlers.ClientSendRequestHandler$2.accept(ClientSendRequestHandler.java:217)
        at io.smallrye.context.impl.wrappers.SlowContextualConsumer.accept(SlowContextualConsumer.java:21)
        at io.smallrye.mutiny.helpers.UniCallbackSubscriber.onFailure(UniCallbackSubscriber.java:62)
        at io.smallrye.mutiny.operators.uni.UniOperatorProcessor.onFailure(UniOperatorProcessor.java:55)
        at org.jboss.resteasy.reactive.client.AsyncResultUni.lambda$subscribe$1(AsyncResultUni.java:37)
        at io.vertx.core.impl.future.FutureImpl$4.onFailure(FutureImpl.java:188)
        at io.vertx.core.impl.future.FutureBase.lambda$emitFailure$1(FutureBase.java:75)
        at io.vertx.core.impl.ContextImpl.execute(ContextImpl.java:312)
        at io.vertx.core.impl.DuplicatedContext.execute(DuplicatedContext.java:168)
        at io.vertx.core.impl.future.FutureBase.emitFailure(FutureBase.java:72)
        at io.vertx.core.impl.future.FutureImpl.tryFail(FutureImpl.java:278)
        at io.vertx.core.http.impl.HttpClientImpl.lambda$doRequest$4(HttpClientImpl.java:398)
        at io.vertx.core.net.impl.pool.Endpoint.lambda$getConnection$0(Endpoint.java:52)
        at io.vertx.core.http.impl.SharedClientHttpStreamEndpoint$Request.handle(SharedClientHttpStreamEndpoint.java:162)
        at io.vertx.core.http.impl.SharedClientHttpStreamEndpoint$Request.handle(SharedClientHttpStreamEndpoint.java:123)
        at io.vertx.core.impl.ContextImpl.emit(ContextImpl.java:342)
        at io.vertx.core.impl.ContextImpl.emit(ContextImpl.java:335)
        at io.vertx.core.net.impl.pool.SimpleConnectionPool$ConnectFailed$1.run(SimpleConnectionPool.java:380)
        at io.vertx.core.net.impl.pool.Task.runNextTasks(Task.java:43)
        at io.vertx.core.net.impl.pool.CombinerExecutor.submit(CombinerExecutor.java:91)
        at io.vertx.core.net.impl.pool.SimpleConnectionPool.execute(SimpleConnectionPool.java:244)
        at io.vertx.core.net.impl.pool.SimpleConnectionPool.lambda$connect$2(SimpleConnectionPool.java:258)
        at io.vertx.core.http.impl.SharedClientHttpStreamEndpoint.lambda$connect$2(SharedClientHttpStreamEndpoint.java:104)
        at io.vertx.core.impl.future.FutureImpl$4.onFailure(FutureImpl.java:188)
        at io.vertx.core.impl.future.FutureBase.emitFailure(FutureBase.java:81)
        at io.vertx.core.impl.future.FutureImpl.tryFail(FutureImpl.java:278)
        at io.vertx.core.impl.future.Composition$1.onFailure(Composition.java:66)
        at io.vertx.core.impl.future.FutureBase.emitFailure(FutureBase.java:81)
        at io.vertx.core.impl.future.FailedFuture.addListener(FailedFuture.java:98)
        at io.vertx.core.impl.future.Composition.onFailure(Composition.java:55)
        at io.vertx.core.impl.future.FutureBase.emitFailure(FutureBase.java:81)
        at io.vertx.core.impl.future.FutureImpl.tryFail(FutureImpl.java:278)
        at io.vertx.core.impl.ContextImpl.emit(ContextImpl.java:342)
        at io.vertx.core.impl.ContextImpl.emit(ContextImpl.java:335)
        at io.vertx.core.net.impl.NetClientImpl.failed(NetClientImpl.java:351)
        at io.vertx.core.net.impl.NetClientImpl.lambda$connectInternal2$6(NetClientImpl.java:323)
        at io.netty.util.concurrent.DefaultPromise.notifyListener0(DefaultPromise.java:590)
        at io.netty.util.concurrent.DefaultPromise.notifyListenersNow(DefaultPromise.java:557)
        at io.netty.util.concurrent.DefaultPromise.notifyListeners(DefaultPromise.java:492)
        at io.netty.util.concurrent.DefaultPromise.setValue0(DefaultPromise.java:636)
        at io.netty.util.concurrent.DefaultPromise.setFailure0(DefaultPromise.java:629)
        at io.netty.util.concurrent.DefaultPromise.setFailure(DefaultPromise.java:110)
        at io.vertx.core.net.impl.ChannelProvider.lambda$handleConnect$0(ChannelProvider.java:157)
        at io.netty.util.concurrent.DefaultPromise.notifyListener0(DefaultPromise.java:590)
        at io.netty.util.concurrent.DefaultPromise.notifyListeners0(DefaultPromise.java:583)
        at io.netty.util.concurrent.DefaultPromise.notifyListenersNow(DefaultPromise.java:559)
        at io.netty.util.concurrent.DefaultPromise.notifyListeners(DefaultPromise.java:492)
        at io.netty.util.concurrent.DefaultPromise.setValue0(DefaultPromise.java:636)
        at io.netty.util.concurrent.DefaultPromise.setFailure0(DefaultPromise.java:629)
        at io.netty.util.concurrent.DefaultPromise.tryFailure(DefaultPromise.java:118)
        at io.netty.channel.nio.AbstractNioChannel$AbstractNioUnsafe.fulfillConnectPromise(AbstractNioChannel.java:326)
        at io.netty.channel.nio.AbstractNioChannel$AbstractNioUnsafe.finishConnect(AbstractNioChannel.java:342)
        at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:784)
        at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:732)
        at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:658)
        at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:562)
        at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:998)
        at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
        ... 2 more
Caused by: io.netty.channel.AbstractChannel$AnnotatedConnectException: Connection refused: localhost/127.0.0.1:80

What endpoint is this 127.0.0.1:80 it is trying to access? How to configure it? Is there anyone that has the same problem?

alfianabdi19 · May 2, 2025, 1:49am

So the problem was due to special character (like underscore) in container name that will be resolved by quarkus (in this case, the keycloak container). If it has special char, it can not resolve it, then it tries to access localhost