Cannot start Docker

I have now uninstalled apache.

I can still log in to openemr.

And

robert@robert-ideacentre-AIO-520-22IKU:~$ docker exec -it $(docker ps | grep _openemr | cut -f 1 -d " ") ls -lrt sites/default/documents/logs_and_misc/methods

total 4
-rwx------    1 apache   1000            63 Sep 30  2018 README.md
robert@robert-ideacentre-AIO-520-22IKU:~$

I am particularly interested in this now because I am thinking that a good solution for me would be to have, as you suggested, a single instance of openemr running as a server, but on my home computer, which I could log into from my work computer. I think it would probably be better to start a separate thread for that set up, but first I need to make sure that the instance running on my home computer is free of problems.

I believe @stephenwaite is suggesting that there is a different OpenEMR instance running on your home computer than the one without keys. You can run that port listening command to know for sure:

sudo ss -ltpn

I used this command once without openemr loaded and once with openemr loaded. The output was the exactly the same:

robert@robert-ideacentre-AIO-520-22IKU:~$ sudo ss -ltpn
[sudo] password for robert:       
State    Recv-Q    Send-Q        Local Address:Port        Peer Address:Port                                                                                    
LISTEN   0         128               127.0.0.1:33383            0.0.0.0:*        users:(("containerd",pid=1010,fd=12))                                          
LISTEN   0         50                  0.0.0.0:139              0.0.0.0:*        users:(("smbd",pid=1897,fd=35))                                                
LISTEN   0         128                 0.0.0.0:80               0.0.0.0:*        users:(("docker-proxy",pid=2712,fd=4))                                         
LISTEN   0         10             192.168.1.48:53               0.0.0.0:*        users:(("named",pid=1001,fd=28))                                               
LISTEN   0         10               172.17.0.1:53               0.0.0.0:*        users:(("named",pid=1001,fd=27))                                               
LISTEN   0         10               172.18.0.1:53               0.0.0.0:*        users:(("named",pid=1001,fd=26))                                               
LISTEN   0         10             192.168.1.49:53               0.0.0.0:*        users:(("named",pid=1001,fd=25))                                               
LISTEN   0         10                127.0.0.1:53               0.0.0.0:*        users:(("named",pid=1001,fd=22))                                               
LISTEN   0         128           127.0.0.53%lo:53               0.0.0.0:*        users:(("systemd-resolve",pid=673,fd=13))                                      
LISTEN   0         5                 127.0.0.1:631              0.0.0.0:*        users:(("cupsd",pid=747,fd=8))                                                 
LISTEN   0         128               127.0.0.1:953              0.0.0.0:*        users:(("named",pid=1001,fd=23))                                               
LISTEN   0         128                 0.0.0.0:443              0.0.0.0:*        users:(("docker-proxy",pid=2691,fd=4))                                         
LISTEN   0         50                  0.0.0.0:445              0.0.0.0:*        users:(("smbd",pid=1897,fd=34))                                                
LISTEN   0         50                     [::]:139                 [::]:*        users:(("smbd",pid=1897,fd=33))                                                
LISTEN   0         128                    [::]:80                  [::]:*        users:(("docker-proxy",pid=2718,fd=4))                                         
LISTEN   0         32                        *:21                     *:*        users:(("proftpd",pid=1944,fd=0))                                              
LISTEN   0         10                     [::]:53                  [::]:*        users:(("named",pid=1001,fd=21))                                               
LISTEN   0         5                     [::1]:631                 [::]:*        users:(("cupsd",pid=747,fd=7))                                                 
LISTEN   0         128                   [::1]:953                 [::]:*        users:(("named",pid=1001,fd=24))                                               
LISTEN   0         128                    [::]:443                 [::]:*        users:(("docker-proxy",pid=2698,fd=4))                                         
LISTEN   0         50                     [::]:445                 [::]:*        users:(("smbd",pid=1897,fd=32))                                                
robert@robert-ideacentre-AIO-520-22IKU:~$

try logging into openemr on the home computer and while logged in run the docker exec command that will list the keys in that folder

robert@robert-ideacentre-AIO-520-22IKU:~$ docker exec -it $(docker ps | grep _openemr | cut -f 1 -d " ") ls -lrt sites/default/documents/logs_and_misc/methods
total 4
-rwx------    1 apache   1000            63 Sep 30  2018 README.md
robert@robert-ideacentre-AIO-520-22IKU:~$

we can try debugging by using the nano text editor which is hopefully installed in your docker

  1. logout of openemr
  2. in terminal : docker exec -it $(docker ps | grep _openemr | cut -f 1 -d " ") nano src/Common/Crypto/CryptoGen.php
  3. hold the <Ctrl> key and hit the / (forward slash)
  4. type 466 and hit enter to go to that line #
  5. insert this debugging line above that line
error_log("about to decrypt drive key " . file_get_contents($GLOBALS['OE_SITE_DIR'] . "/documents/logs_and_misc/methods/" . $label));
  1. <Ctrl> x to save, Y to save modified buffer, enter to use the file name
  2. refresh openemr login page ( this will look for keys)
  3. back to terminal and look in error log with this command
docker exec -it $(docker ps | grep _openemr | cut -f 1 -d " ") tail /var/log/apache2/error.log

robert@robert-ideacentre-AIO-520-22IKU:~$ docker exec -it $(docker ps | grep _openemr | cut -f 1 -d " ") nano src/Common/Crypto/CryptoGen.php
OCI runtime exec failed: exec failed: container_linux.go:380: starting container process caused: exec: “nano”: executable file not found in $PATH: unknown
robert@robert-ideacentre-AIO-520-22IKU:~$

The default openemr container only has vi, not nano :(.

how about

docker exec -it $(docker ps | grep _openemr | cut -f 1 -d " ") apk add nano

Debugging line successfully inserted.

robert@robert-ideacentre-AIO-520-22IKU:~$ docker exec -it $(docker ps | grep _openemr | cut -f 1 -d " ") tail /var/log/apache2/error.log

AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.18.0.2. Set the 'ServerName' directive globally to suppress this message
[Thu Sep 01 16:15:10.773522 2022] [core:warn] [pid 12] AH00098: pid file /run/apache2/httpd.pid overwritten -- Unclean shutdown of previous Apache run?
[Thu Sep 01 16:15:10.856124 2022] [mpm_prefork:notice] [pid 12] AH00163: Apache/2.4.54 (Unix) OpenSSL/1.1.1q configured -- resuming normal operations
[Thu Sep 01 16:15:10.856179 2022] [core:notice] [pid 12] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.18.0.2. Set the 'ServerName' directive globally to suppress this message
[Fri Sep 02 05:15:19.859319 2022] [mpm_prefork:notice] [pid 13] AH00163: Apache/2.4.54 (Unix) OpenSSL/1.1.1q configured -- resuming normal operations
[Fri Sep 02 05:15:19.859394 2022] [core:notice] [pid 13] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.18.0.2. Set the 'ServerName' directive globally to suppress this message
[Fri Sep 02 14:40:01.794233 2022] [mpm_prefork:notice] [pid 12] AH00163: Apache/2.4.54 (Unix) OpenSSL/1.1.1q configured -- resuming normal operations
[Fri Sep 02 14:40:01.794268 2022] [core:notice] [pid 12] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
robert@robert-ideacentre-AIO-520-22IKU:~$

how about

        error_log("testing crypto constructor " . $this->encryptionVersion . " " . $this->keyVersion);

in btw lines 57 and 58 in the CryptoGen.php file?

        error_log("testing crypto constructor " . $this->encryptionVersion . " " . $this->keyVersion);

inserted in btw lines 57 and 58 in the CryptoGen.php file.

robert@robert-ideacentre-AIO-520-22IKU:~$ docker exec -it $(docker ps | grep _openemr | cut -f 1 -d " ") tail /var/log/apache2/error.log

AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.18.0.2. Set the 'ServerName' directive globally to suppress this message
[Fri Sep 02 05:15:19.859319 2022] [mpm_prefork:notice] [pid 13] AH00163: Apache/2.4.54 (Unix) OpenSSL/1.1.1q configured -- resuming normal operations
[Fri Sep 02 05:15:19.859394 2022] [core:notice] [pid 13] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.18.0.2. Set the 'ServerName' directive globally to suppress this message
[Fri Sep 02 14:40:01.794233 2022] [mpm_prefork:notice] [pid 12] AH00163: Apache/2.4.54 (Unix) OpenSSL/1.1.1q configured -- resuming normal operations
[Fri Sep 02 14:40:01.794268 2022] [core:notice] [pid 12] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.18.0.3. Set the 'ServerName' directive globally to suppress this message
[Fri Sep 02 18:47:57.104845 2022] [core:warn] [pid 12] AH00098: pid file /run/apache2/httpd.pid overwritten -- Unclean shutdown of previous Apache run?
[Fri Sep 02 18:47:57.135810 2022] [mpm_prefork:notice] [pid 12] AH00163: Apache/2.4.54 (Unix) OpenSSL/1.1.1q configured -- resuming normal operations
[Fri Sep 02 18:47:57.135948 2022] [core:notice] [pid 12] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
robert@robert-ideacentre-AIO-520-22IKU:~$

what about docker ps -a?

robert@robert-ideacentre-AIO-520-22IKU:~$ docker ps -a
CONTAINER ID   IMAGE                   COMMAND                  CREATED         STATUS         PORTS                                                                      NAMES
852f705d50c8   openemr/openemr:7.0.0   "./openemr.sh"           13 days ago     Up 8 minutes   0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp   openemr_openemr_1
ae8693b8a741   mariadb:10.4            "docker-entrypoint.s…"   10 months ago   Up 8 minutes   3306/tcp                                                                   openemr_mysql_1
robert@robert-ideacentre-AIO-520-22IKU:~$

Should I perhaps wipe it and set it all up again from scratch?

Or try the regular installation again?

So I still do not know:

(1) Why the restore procedure fails to restore the keys to their proper directory.

(2) How it is that I can log into and use openemr normally when the keys are missing.

(3) Whether this is a problem or not.

(4) Whether this is just a chance idiosyncrasy or whether it is a bug in openemr that needs fixing by developers.

Does anybody know?

And importantly to me, what should I do?

Again, thank you.

  1. maybe the backup didn’t have keys to copy in

  2. you can log in and the keys will be created if missing, trying to find where those keys are has been difficult remotely

  3. the keys on the drive would only be a problem if you’re saving sensitive data in globals or need to view the log later on down the road

  4. not seeing anything that needs fixing yet

a good strategy is to move to a single instance that can be accessed remotely

  1. I checked this. sixa and sixb are present in the backup I restored from, in sites/default/documents/logs_and_misc/methods in openemr.tar.gz.

  2. I notice that the keys are packaged with documents. Does this mean that before I brought in my documents, no keys were needed?

Yes, as previously explained, I would like to move to a single instance that can be accessed remotely. And I would like that to be on my home computer. I would just like some reassurance that I can go ahead and do that despite the “missing” keys issue.

the keys aren’t missing since you wouldn’t be able to log in at all

we just haven’t been able to properly execute the command to list them through this channel

So I can safely use this instance as my unique instance to access remotely?