I recently came across Pydio and decided to give it a try. I followed the installation instructions for Docker Compose, but I’m encountering the following error in the console, and the frontend isn’t loading:
2025-02-23T22:17:13.986Z ERROR pydio.grpc.oauth ***************************************************************
2025-02-23T22:17:13.986Z ERROR pydio.grpc.oauth Could not ensure that signing keys are correct!
2025-02-23T22:17:13.986Z ERROR pydio.grpc.oauth This may indicate a missing or changed secret config.
2025-02-23T22:17:13.986Z ERROR pydio.grpc.oauth => You have to empty the 'hydra_jwk' SQL table.
2025-02-23T22:17:13.986Z ERROR pydio.grpc.oauth => This will invalidate all existing authentication tokens.
2025-02-23T22:17:13.986Z ERROR pydio.grpc.oauth ***************************************************************
It seems like there’s an issue with the signing keys, and I’m being instructed to clear the hydra_jwk SQL table. However, I can’t seem to find that table in the database. I’m using the default MySQL setup from the provided Docker Compose file.
Has anyone encountered this issue before or could help guide me on how to resolve it? Any insights would be greatly appreciated!
Hello @andrewyernau, normally this error appears when preforming successive installs on an already-installed db, so it this is weird that you do not find this table.
Can you post your docker compose ?
Best
As Charles said, these kind of issues usually happens when you install a new instance on a not clean environment.
I would suggest to clean everything and reinstall carefully from scratch:
# teardown the env
docker compose down -v --remove-orphans
# insure the volumes have been correctly removed
docker volume ls
# maybe start the mysql first and ensure it is ok
docker compose up -d mysql
docker compose logs -f mysql
# and then start cells
docker compose up -d cells
Hi, I wrote what you have told and now appear a new log error:
cells-1 | 2025-02-26T14:35:42.263Z INFO pydio.grpc.oauth Applying migrations for oauth if required
cells-1 | 2025-02-26T14:35:42.264Z INFO pydio.grpc.oauth Checking if legacy migration table exists. {"migration_table": "schema_migration"}
cells-1 | 2025-02-26T14:35:42.264Z INFO pydio.grpc.oauth A migration table exists, checking if it is a transactional migration table. {"migration_table": "schema_migration"}
cells-1 | 2025-02-26T14:35:42.266Z INFO pydio.grpc.oauth Migration has not yet been applied, running migration. {"version": "20190100000001000000"}
cells-1 | 2025-02-26T14:35:42.339Z ERROR pydio.grpc.oauth Could not apply migrations {"error": "error executing migrations/20190100000001000000_client.up.sql, sql: CREATE TABLE IF NOT EXISTS hydra_client (\n\tid \t varchar(255) NOT NULL PRIMARY KEY,\n\tclient_name \t text NOT NULL,\n\tclient_secret \ttext NOT NULL,\n\tredirect_uris \ttext NOT NULL,\n\tgrant_types \ttext NOT NULL,\n\tresponse_types text NOT NULL,\n\tscope \t\t\t text NOT NULL,\n\towner \t\t\t text NOT NULL,\n\tpolicy_uri \t text NOT NULL,\n\ttos_uri \t\t text NOT NULL,\n\tclient_uri \t text NOT NULL,\n\tlogo_uri \t\t text NOT NULL,\n\tcontacts \t\t text NOT NULL,\n\tpublic \t\t boolean NOT NULL\n);\n: Error 1050 (42S01): Table '`cells`.`hydra_client`' already exists", "errorVerbose": "Error 1050 (42S01): Table '`cells`.`hydra_client`' already exists\nerror executing migrations/20190100000001000000_client.up.sql, sql: CREATE TABLE IF NOT EXISTS hydra_client (\n\tid \t varchar(255) NOT NULL PRIMARY KEY,\n\tclient_name \t text NOT NULL,\n\tclient_secret \ttext NOT NULL,\n\tredirect_uris \ttext NOT NULL,\n\tgrant_types \ttext NOT NULL,\n\tresponse_types text NOT NULL,\n\tscope \t\t\t text NOT NULL,\n\towner \t\t\t text NOT NULL,\n\tpolicy_uri \t text NOT NULL,\n\ttos_uri \t\t text NOT NULL,\n\tclient_uri \t text NOT NULL,\n\tlogo_uri \t\t text NOT NULL,\n\tcontacts \t\t text NOT NULL,\n\tpublic \t\t boolean NOT NULL\n);\n\ngithub.com/ory/x/popx.NewMigrationBox.func1.1\n\tgithub.com/ory/x@v0.0.613/popx/migration_box.go:80\ngithub.com/ory/x/popx.Migration.Run\n\tgithub.com/ory/x@v0.0.613/popx/migration_info.go:34\ngithub.com/ory/x/popx.(*Migrator).UpTo.func1.2\n\tgithub.com/ory/x@v0.0.613/popx/migrator.go:139\ngithub.com/ory/x/popx.(*Migrator).isolatedTransaction\n\tgithub.com/ory/x@v0.0.613/popx/migrator.go:314\ngithub.com/ory/x/popx.(*Migrator).UpTo.func1\n\tgithub.com/ory/x@v0.0.613/popx/migrator.go:138\ngithub.com/ory/x/popx.(*Migrator).exec\n\tgithub.com/ory/x@v0.0.613/popx/migrator.go:559\ngithub.com/ory/x/popx.(*Migrator).UpTo\n\tgithub.com/ory/x@v0.0.613/popx/migrator.go:92\ngithub.com/ory/x/popx.(*Migrator).Up\n\tgithub.com/ory/x@v0.0.613/popx/migrator.go:80\ngithub.com/ory/hydra/persistence/sql.(*Persister).MigrateUp\n\tgithub.com/ory/hydra@v1.11.10/persistence/sql/persister_migration.go:40\ngithub.com/pydio/cells/v4/common/auth.InitRegistry.func1.1\n\tgithub.com/pydio/cells/v4/common/auth/registry.go:177\ngithub.com/pydio/cells/v4/common/utils/std.Retry\n\tgithub.com/pydio/cells/v4/common/utils/std/func.go:55\ngithub.com/pydio/cells/v4/common/auth.InitRegistry.func1\n\tgithub.com/pydio/cells/v4/common/auth/registry.go:127\nsync.(*Once).doSlow\n\tsync/once.go:74\nsync.(*Once).Do\n\tsync/once.go:65\ngithub.com/pydio/cells/v4/common/auth.InitRegistry\n\tgithub.com/pydio/cells/v4/common/auth/registry.go:118\ngithub.com/pydio/cells/v4/idm/oauth/grpc.init.0.func1.1\n\tgithub.com/pydio/cells/v4/idm/oauth/grpc/plugins.go:95\ngithub.com/pydio/cells/v4/idm/oauth/grpc.init.0.func1.WithGRPC.9.1\n\tgithub.com/pydio/cells/v4/common/service/grpc.go:42\ngithub.com/pydio/cells/v4/common/service.(*service).Start\n\tgithub.com/pydio/cells/v4/common/service/service.go:233\ngithub.com/pydio/cells/v4/common/server.(*server).Serve.(*server).Serve.func2.func3\n\tgithub.com/pydio/cells/v4/common/server/server.go:111\ngolang.org/x/sync/errgroup.(*Group).Go.func1\n\tgolang.org/x/sync@v0.11.0/errgroup/errgroup.go:78\nruntime.goexit\n\truntime/asm_amd64.s:1695"}
I’m not really sure what to do, the cells database still being empty:
mysql> use cells;
Database changed
mysql> show tables;
Empty set (0.00 sec)
you haven’t hanging “broken” images that are still in your docker environment
=> Do docker ps -a after the down command
the volume have been correctly removed:
=> what is the result of the docker volume ls command
As user:
andrewyernau@andrewhost:/srv/dockerdata/pydio$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fa2dbea2463a lscr.io/linuxserver/wireguard:latest "/init" 8 days ago Created 0.0.0.0:47815->51820/udp, [::]:47815->51820/udp wireguard
438161b91578 caprover/caprover "docker-entrypoint.s…" 10 days ago Created 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp, 0.0.0.0:3000->3000/tcp, :::3000->3000/tcp eloquent_meninsky
6919dc423b86 caprover/caprover "docker-entrypoint.s…" 10 days ago Created frosty_margulis
34db5e2e7cca hello-world "/hello" 4 months ago Exited (0) 4 months ago angry_bell
andrewyernau@andrewhost:/srv/dockerdata/pydio$ docker volume ls
DRIVER VOLUME NAME
As sudo:
andrewyernau@andrewhost:/srv/dockerdata/pydio$ sudo docker volume ls
DRIVER VOLUME NAME
local e97db56ad14dbce5a516bc937a993e627012cd058a4e495005704c56a11ab140
local immich-app_model-cache
andrewyernau@andrewhost:/srv/dockerdata/pydio$ sudo docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2192822e202b ghcr.io/immich-app/immich-server:release "tini -- /bin/bash s…" 2 days ago Up 2 days 0.0.0.0:2283->2283/tcp, :::2283->2283/tcp immich_server
63c832bfb2d5 tensorchord/pgvecto-rs:pg14-v0.2.0 "docker-entrypoint.s…" 2 days ago Up 2 days (healthy) 5432/tcp immich_postgres
77ed7b87a575 redis:6.2-alpine "docker-entrypoint.s…" 2 days ago Up 2 days (healthy) 6379/tcp immich_redis
691afd874cf4 ghcr.io/immich-app/immich-machine-learning:release "tini -- ./start.sh" 2 days ago Up 2 days immich_machine_learning
75341b8b977d portainer/portainer-ce:latest "/portainer" 3 days ago Up 3 days 8000/tcp, 9443/tcp, 0.0.0.0:9000->9000/tcp, :::9000->9000/tcp portainer
acd8c6a2abbe ghcr.io/pterodactyl/yolks:java_21 "/__cacert_entrypoin…" 5 days ago Up 5 days 0.0.0.0:25558->25558/tcp, 0.0.0.0:25558->25558/udp f778044c-899f-4d8d-bd66-999816d9644f
855a211a1da5 ghcr.io/pterodactyl/yolks:java_21 "/__cacert_entrypoin…" 5 days ago Up 5 days 0.0.0.0:25560->25560/tcp, 0.0.0.0:25560->25560/udp a1177288-ad39-4611-80c2-59a1739d49db
bdaf112e2f71 lscr.io/linuxserver/wireguard:latest "/init" 8 days ago Up 8 days 0.0.0.0:47815->51820/udp, [::]:47815->51820/udp wireguard
1a62b807c5fe 6e4d768d0fbd "/__cacert_entrypoin…" 9 days ago Up 9 days 0.0.0.0:25556->25556/tcp, 0.0.0.0:25556->25556/udp a10e5b38-ec01-40bc-8603-1075fcbb289d
8d4355dbdf1e 6e4d768d0fbd "/__cacert_entrypoin…" 9 days ago Up 9 days 0.0.0.0:25555->25555/tcp, 0.0.0.0:25555->25555/udp 981142c2-a6c6-498f-b723-29d07ecf3cfe
b3b3a83dbd7e 6e4d768d0fbd "/__cacert_entrypoin…" 9 days ago Up 9 days 0.0.0.0:25557->25557/tcp, 0.0.0.0:25557->25557/udp befd0000-a169-4e93-83e5-c27481d947ba
5b1303b2fbc6 6e4d768d0fbd "/__cacert_entrypoin…" 9 days ago Up 9 days 0.0.0.0:25559->25559/tcp, 0.0.0.0:25559->25559/udp 3484130a-5192-4113-81c4-43a2242f8e0b
After doing (again), and waited for about 35 minutes on the landing web:
docker compose down -v --remove-orphans
# insure the volumes have been correctly removed
docker volume ls
# maybe start the mysql first and ensure it is ok
docker compose up -d mysql
docker compose logs -f mysql
# and then start cells
docker compose up -d cells
have you started the mysql first?
=> do the logs from mysql seem OK
mysql logs trace:
WARN[0000] /srv/dockerdata/pydio/docker-compose.yml: the attribute `version` is obsolete, it will be ignored, please remove it to avoid potential confusion
mysql-1 | 2025-02-27 13:39:29+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 8.4.4-1.el9 started.
mysql-1 | 2025-02-27 13:39:30+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
mysql-1 | 2025-02-27 13:39:30+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 8.4.4-1.el9 started.
mysql-1 | 2025-02-27 13:39:30+00:00 [Note] [Entrypoint]: Initializing database files
mysql-1 | 2025-02-27T13:39:30.390714Z 0 [System] [MY-015017] [Server] MySQL Server Initialization - start.
mysql-1 | 2025-02-27T13:39:30.392310Z 0 [System] [MY-013169] [Server] /usr/sbin/mysqld (mysqld 8.4.4) initializing of server in progress as process 81
mysql-1 | 2025-02-27T13:39:30.428082Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
mysql-1 | 2025-02-27T13:39:37.637730Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
mysql-1 | 2025-02-27T13:40:03.204505Z 6 [Warning] [MY-010453] [Server] root@localhost is created with an empty password ! Please consider switching off the --initialize-insecure option.
mysql-1 | 2025-02-27T13:40:32.108141Z 0 [System] [MY-015018] [Server] MySQL Server Initialization - end.
mysql-1 | 2025-02-27 13:40:32+00:00 [Note] [Entrypoint]: Database files initialized
mysql-1 | 2025-02-27 13:40:32+00:00 [Note] [Entrypoint]: Starting temporary server
mysql-1 | 2025-02-27T13:40:32.170540Z 0 [System] [MY-015015] [Server] MySQL Server - start.
mysql-1 | 2025-02-27T13:40:32.436562Z 0 [System] [MY-010116] [Server] /usr/sbin/mysqld (mysqld 8.4.4) starting as process 139
mysql-1 | 2025-02-27T13:40:32.507884Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
mysql-1 | 2025-02-27T13:40:40.511850Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
mysql-1 | 2025-02-27T13:40:42.920056Z 0 [Warning] [MY-010068] [Server] CA certificate ca.pem is self signed.
mysql-1 | 2025-02-27T13:40:42.920124Z 0 [System] [MY-013602] [Server] Channel mysql_main configured to support TLS. Encrypted connections are now supported for this channel.
mysql-1 | 2025-02-27T13:40:42.980749Z 0 [Warning] [MY-011810] [Server] Insecure configuration for --pid-file: Location '/var/run/mysqld' in the path is accessible to all OS users. Consider choosing a different directory.
mysql-1 | 2025-02-27T13:40:43.089197Z 0 [System] [MY-011323] [Server] X Plugin ready for connections. Socket: /var/run/mysqld/mysqlx.sock
mysql-1 | 2025-02-27T13:40:43.089350Z 0 [System] [MY-010931] [Server] /usr/sbin/mysqld: ready for connections. Version: '8.4.4' socket: '/var/run/mysqld/mysqld.sock' port: 0 MySQL Community Server - GPL.
mysql-1 | 2025-02-27 13:40:43+00:00 [Note] [Entrypoint]: Temporary server started.
mysql-1 | '/var/lib/mysql/mysql.sock' -> '/var/run/mysqld/mysqld.sock'
mysql-1 | Warning: Unable to load '/usr/share/zoneinfo/iso3166.tab' as time zone. Skipping it.
mysql-1 | Warning: Unable to load '/usr/share/zoneinfo/leap-seconds.list' as time zone. Skipping it.
mysql-1 | Warning: Unable to load '/usr/share/zoneinfo/leapseconds' as time zone. Skipping it.
mysql-1 | Warning: Unable to load '/usr/share/zoneinfo/tzdata.zi' as time zone. Skipping it.
mysql-1 | Warning: Unable to load '/usr/share/zoneinfo/zone.tab' as time zone. Skipping it.
mysql-1 | Warning: Unable to load '/usr/share/zoneinfo/zone1970.tab' as time zone. Skipping it.
mysql-1 | 2025-02-27 13:40:49+00:00 [Note] [Entrypoint]: Creating database cells
mysql-1 | 2025-02-27 13:40:49+00:00 [Note] [Entrypoint]: Creating user pydio
mysql-1 | 2025-02-27 13:40:49+00:00 [Note] [Entrypoint]: Giving user pydio access to schema cells
mysql-1 |
mysql-1 | 2025-02-27 13:40:49+00:00 [Note] [Entrypoint]: Stopping temporary server
mysql-1 | 2025-02-27T13:40:49.623686Z 13 [System] [MY-013172] [Server] Received SHUTDOWN from user root. Shutting down mysqld (Version: 8.4.4).
mysql-1 | 2025-02-27T13:40:51.991582Z 0 [System] [MY-010910] [Server] /usr/sbin/mysqld: Shutdown complete (mysqld 8.4.4) MySQL Community Server - GPL.
mysql-1 | 2025-02-27T13:40:51.991614Z 0 [System] [MY-015016] [Server] MySQL Server - end.
mysql-1 | 2025-02-27 13:40:52+00:00 [Note] [Entrypoint]: Temporary server stopped
mysql-1 |
mysql-1 | 2025-02-27 13:40:52+00:00 [Note] [Entrypoint]: MySQL init process done. Ready for start up.
mysql-1 |
mysql-1 | 2025-02-27T13:40:52.675740Z 0 [System] [MY-015015] [Server] MySQL Server - start.
mysql-1 | 2025-02-27T13:40:52.984366Z 0 [System] [MY-010116] [Server] /usr/sbin/mysqld (mysqld 8.4.4) starting as process 1
mysql-1 | 2025-02-27T13:40:53.153658Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
mysql-1 | 2025-02-27T13:40:59.682679Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
mysql-1 | 2025-02-27T13:41:01.639677Z 0 [Warning] [MY-010068] [Server] CA certificate ca.pem is self signed.
mysql-1 | 2025-02-27T13:41:01.639747Z 0 [System] [MY-013602] [Server] Channel mysql_main configured to support TLS. Encrypted connections are now supported for this channel.
mysql-1 | 2025-02-27T13:41:01.700789Z 0 [Warning] [MY-011810] [Server] Insecure configuration for --pid-file: Location '/var/run/mysqld' in the path is accessible to all OS users. Consider choosing a different directory.
mysql-1 | 2025-02-27T13:41:01.778402Z 0 [System] [MY-011323] [Server] X Plugin ready for connections. Bind-address: '::' port: 33060, socket: /var/run/mysqld/mysqlx.sock
mysql-1 | 2025-02-27T13:41:01.778461Z 0 [System] [MY-010931] [Server] /usr/sbin/mysqld: ready for connections. Version: '8.4.4' socket: '/var/run/mysqld/mysqld.sock' port: 3306 MySQL Community Server - GPL.
can you provide the full cells starting log ?
=> you should land on the web installer once you started the cells image
from your log, it still seems that the base is not empty when you try to re-install.
(BTW: no need to wait 35mm, just check the installation log…)
So you are using the web installation, right ? And it hangs at the last page of the installer once you defined all the parameters ?
Are you sure you specified the correct host in the DB page ?
The default is localhost and to use our standard docker compose, you rather have to change this to “mysql”
If you leave it as it is by default, it tries to connect on the local mysql, which might work in certain setups…
When I install Pydio using Docker Compose, I first create the database user. However, instead of writing ‘user’@‘localhost’, I replace localhost with ‘%’ so I can connect properly (since the Docker container does not share the same IP address as the local machine). Then, on the installation page, I enter the local machine’s IP address (in my case, 192.168.0.16), followed by the database name, username, and password. Apparently, it does connect.
I followed all your instructions and also ran docker system prune to ensure everything was cleaned up.
I just did that, but now I’m getting a “dial tcp 172.19.0.2:3306: connect: connection refused” error.
Now I have the next issue, I’m trying to link my pydio cells container to my domain through Nginx.
I can connect through my browser, but if I try to link my pydio phone app to that domain, it tells me that the domain does not seem to be a pydio server. How can I fix that?
hmmm if it’s the next issue - meaning a new different issue - it would be much better to open a new ticket. Thx.
And much more details to describe your problem - like config file, setup details, expected and actuel results… - would help if you want to get an answer.