{"id":3148,"date":"2019-10-22T22:16:10","date_gmt":"2019-10-23T03:16:10","guid":{"rendered":"http:\/\/osric.com\/chris\/accidental-developer\/?p=3148"},"modified":"2019-10-27T18:15:00","modified_gmt":"2019-10-27T23:15:00","slug":"running-joomla-on-docker","status":"publish","type":"post","link":"https:\/\/osric.com\/chris\/accidental-developer\/2019\/10\/running-joomla-on-docker\/","title":{"rendered":"Running Joomla on Docker"},"content":{"rendered":"<p>I was looking for a well-known CMS (Content Management System) that I could easily run in a Docker container as a target for information security reconnaissance tools, such as <a href=\"https:\/\/tools.kali.org\/web-applications\/whatweb\">WhatWeb<\/a>.<\/p>\n<p>I found an official Docker image for <a href=\"https:\/\/www.joomla.org\/\">Joomla<\/a>, a CMS that I had used previously some years ago: <a href=\"https:\/\/hub.docker.com\/_\/joomla\">https:\/\/hub.docker.com\/_\/joomla<\/a><br \/>\n<!--more--><\/p>\n<p><strong>Using a backend MySQL database on localhost<\/strong><\/p>\n<p>I had some problems running it at first. I tried to set up a local MariaDB\/MySQL database and have the Joomla container communicate directly with the underlying host:<\/p>\n<pre><code>docker run --name some-joomla -e JOOMLA_DB_HOST=localhost:3306 -e JOOMLA_DB_USER=joomla -e JOOMLA_DB_PASSWORD=joomP455 -d joomla<\/code><\/pre>\n<p>That didn&#8217;t work. The Joomla container crashed shortly after starting. When I looked at the container logs using the following command:<\/p>\n<pre><code>docker logs some-joomla<\/code><\/pre>\n<p>I found the same error message repeated several times:<\/p>\n<pre><code>Warning: mysqli::__construct(): (HY000\/1045): Access denied for user 'joomla'@'localhost' (using password: YES) in \/makedb.php on line 20<\/code><\/pre>\n<p>Of course! Within the context of the container, <code>localhost<\/code> means the container itself!<\/p>\n<p>I was able to get this to work by specifying <code>--network=host<\/code>. (See <a href=\"https:\/\/docs.docker.com\/network\/host\/\">Use Host Networking<\/a> in the Docker documentation.)<\/p>\n<p>Here was the command I used (after creating a joomla database and joomla database user):<\/p>\n<pre><code>docker run --name some-joomla -e JOOMLA_DB_HOST=127.0.0.1 -e JOOMLA_DB_USER=joomla -e JOOMLA_DB_PASSWORD=joomP455 -e JOOMLA_DB_NAME=joomla --network host -d joomla<\/code><\/pre>\n<p><strong>Using a Dockerized MySQL database as the backend<\/strong><\/p>\n<p>That was great progress! But since this was just for a temporary demo, I found an even easier way: using a MySQL Docker container as the backend database: <a href=\"https:\/\/hub.docker.com\/_\/mysql\">https:\/\/hub.docker.com\/_\/mysql<\/a><\/p>\n<p>This is what I tried the first time:<\/p>\n<pre><code>docker run --name some-mysql -e MYSQL_ROOT_PASSWORD=passW0rd -e MYSQL_DATABASE=joomla -e MYSQL_USER=joomla -e MYSQL_PASSWORD=joomP455 -d mysql:latest<\/code><\/pre>\n<p>That didn&#8217;t work, though. When I started the Joomla container using the following command:<\/p>\n<pre><code>docker run --name some-joomla --link some-mysql:mysql -p 8080:80 -d joomla:latest<\/code><\/pre>\n<p>The container would soon stop. I looked at the logs using <code>docker logs some-joomla<\/code> and found the same error message repeated numerous times:<\/p>\n<pre><code>Warning: mysqli::__construct(): The server requested authentication method unknown to the client [caching_sha2_password] in \/makedb.php on line 20<\/code><\/pre>\n<p>I searched for that error message, and found a GitHub issue for another project that suggested downgrading MySQL (<a href=\"https:\/\/github.com\/laradock\/laradock\/issues\/1390\">https:\/\/github.com\/laradock\/laradock\/issues\/1390<\/a>).<\/p>\n<pre><code>docker run --name some-mysql -e MYSQL_ROOT_PASSWORD=passW0rd -e MYSQL_DATABASE=joomla -e MYSQL_USER=joomla -e MYSQL_PASSWORD=joomP455 -d mysql:5\r\n\r\ndocker run --name some-joomla --link some-mysql:mysql -p 8080:80 -d joomla:latest<\/code><\/pre>\n<p>It worked! I was able to access the Joomla setup on http:\/\/localhost:8080<\/p>\n<p>However, I ran into an error on step 2 of the web-based Joomla setup (configuring the database):<\/p>\n<pre><code>Error\r\nCould not connect to the database. Connector returned number: Could not connect to MySQL server.<\/code><\/pre>\n<p>I turns out, I had specified <code>localhost<\/code> as the database host, as suggested. This is, of course, the same problem I had before: <code>localhost<\/code>, on the container, is the container itself! I used the following command:<\/p>\n<pre><code>docker inspect some-mysql<\/code><\/pre>\n<p>From that output I discovered that the <code>some-mysql<\/code> container&#8217;s IP address was 172.17.0.2, which was reachable from the other container.<\/p>\n<p>Unless your Docker installation is substantially different, if you start the <code>some-mysql<\/code> container followed by the <code>some-joomla<\/code> container, you can likely used the same IP address I did. (In my case, the some-joomla container&#8217;s IP address was the next sequential address: 172.17.0.3.)<\/p>\n<p><strong>Scanning the Joomla container<\/strong><\/p>\n<p>Now I had a running Joomla instance that I could target using WhatWeb and other scanners:<\/p>\n<pre><code># whatweb -a 4 localhost:8080\r\n\r\nhttp:\/\/localhost:8080 [200 OK] Apache[2.4.38], Cookies[e6b39c2ef305d5fa34c3ba66a227b8de], HTML5, HTTPServer[Debian Linux][Apache\/2.4.38 (Debian)], HttpOnly[e6b39c2ef305d5fa34c3ba66a227b8de], IP[::1], JQuery, MetaGenerator[Joomla! - Open Source Content Management], OpenSearch[http:\/\/localhost:8080\/index.php\/component\/search\/?layout=blog&amp;amp;id=9&amp;amp;Itemid=101&amp;amp;format=opensearch], PHP[7.2.23], Script, Title[Home], X-Powered-By[PHP\/7.2.23]<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p>I was looking for a well-known CMS (Content Management System) that I could easily run in a Docker container as a target for information security reconnaissance tools, such as WhatWeb. I found an official Docker image for Joomla, a CMS that I had used previously some years ago: https:\/\/hub.docker.com\/_\/joomla<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[451,381],"tags":[449,543,36],"class_list":["post-3148","post","type-post","status-publish","format-standard","hentry","category-docker","category-mysql","tag-docker","tag-joomla","tag-mysql"],"_links":{"self":[{"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/posts\/3148","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/comments?post=3148"}],"version-history":[{"count":10,"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/posts\/3148\/revisions"}],"predecessor-version":[{"id":3166,"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/posts\/3148\/revisions\/3166"}],"wp:attachment":[{"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/media?parent=3148"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/categories?post=3148"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/osric.com\/chris\/accidental-developer\/wp-json\/wp\/v2\/tags?post=3148"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}