Default config.json cannot be parsed due to invalid entry

[BeauregardTA]

Describe the bug
Attempting to start a Mesh Central docker container with an unedited config.json file fails with error: "ERROR: Unable to parse /opt/meshcentral/meshcentral-data/config.json."

To Reproduce
Steps to reproduce the behavior:

1. Follow the steps listed in https://github.com/Ylianst/MeshCentral/tree/master/docker#readme using the docker-compose.yml, not the mongodb version
2. run 'docker compose up meshcentral'
3. See error

Expected behavior
A successful build of the docker container

Server Software (please complete the following information):

• OS: Openmediavault 6.1.4 (it's Debian for all intents and purposes)
• Virtualization: Docker
• Network: Intending to be LAN only
• Version: the image is sha256:e14ad9a8c1f4975d7c01e209fe8578d45d9047f3ba674e81dc9c48daf88edba4

Additional context
Pasting the json into DuckDuckGo's json validator returns:
Error: Parse error on line 9:
... "sessionKey": "`xc"_sessionKey": "MyRea
-----------------------^
Expecting 'EOF', '}', ':', ',', ']', got 'undefined'

Your config.json file

{
  "$schema": "https://raw.githubusercontent.com/Ylianst/MeshCentral/master/meshcentral-config-schema.json",
  "settings": {
    "plugins":{"enabled": false},
    "_mongoDb": null,
    "cert": "benderopolis.local",
    "_WANonly": true,
    "_LANonly": true,
    "sessionKey": "`xc"_sessionKey": "MyReallySecretPassword1"(fOn[LR:;Wiw`-6F6:Up,A|!?)QI",
    "port": 443,
    "_aliasPort": 443,
    "redirPort": 80,
    "_redirAliasPort": 80,
    "AgentPong": 300,
    "TLSOffload": false,
    "SelfUpdate": false,
    "AllowFraming": false,
    "WebRTC": false
  },
  "domains": {
    "": {
      "_title": "MyServer",
      "_title2": "Servername",
      "minify": true,
      "NewAccounts": true,
      "localSessionRecording": true,
      "_userNameIsEmail": true,
      "_certUrl": "my.reverse.proxy"
    }
  },
  "_letsencrypt": {
    "__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before>",
    "_email": "myemail@mydomain.com",
    "_names": "myserver.mydomain.com",
    "production": false
  }
}

[blaine07]

Syntax on line 9 isn’t right.

"sessionKey": "xc"_sessionKey": "MyReallySecretPassword1"(fOn[LR:;Wiw-6F6:Up,A|!?)QI",

Can’t have two sets of “quotes” etc. Not sure what your wanting session key but it should be

"sessionKey": "WhateverYourWantingKeyToAcruallyBe",

[BeauregardTA]

Thank you @blaine07, making that change allows the config to be parsed and I should be able to get everything working beyond that; I appreciate your help.

I guess I understated my 'expected behavior' in the OP. The expected behavior would be one of the following, in order of preference:

1. That the config.json generated would contain a 'meaningful default' session key that could be used without being changed by the user
2. The session key is set during the generation of the docker container, perhaps as an environmental variable
3. The readme linked above contain instructions to edit config.json to manually set the session key

I am not particularly knowledgeable in git(hub) but if it is determined that we just want to edit the readme I'd be willing to submit that PR myself. I would, however, prefer to see a more robust solution implemented.

[CompuRoot]

@BeauregardTA

1. That the config.json generated would contain a 'meaningful default' session key that could be used without being changed by the user

If you simply remove this key "sessionKey", then Meshcentral will automatically generate random, secure session key.

This

"`xc"_sessionKey": "MyReallySecretPassword1"(fOn[LR:;Wiw`-6F6:Up,A|!?)QI"

isn't default value (you can verify it by cloning meshcontrol repository to your computer to check).

I can't see this issue as bug but question (where user using invalid JSON value: use of unescaped " in string ).

I would, however, prefer to see a more robust solution implemented.

Its already robust and documented

[natechoiniere]

Just ran into this myself after running the example docker-compose file. Looks like a bug or mistake in the documentation?

[si458]

Just ran into this myself after running the example docker-compose file. Looks like a bug or mistake in the documentation?

The error is self explanatory, it can't read the json because it's invalid

Can you share ur config.json?

Also which docker image are you using?

As i know there is 2 and the unofficial one is on docker hub and the one we made is on github

[natechoiniere]

So I was just able to recreate the problem. Went straight to this page https://hub.docker.com/r/typhonragewind/meshcentral and copied/pasted the "docker-compose.yml example" and spun it up after changing the hostname to be my IP address. Looks like it is using the "latest" tag. Here is the resulting config.json (sensitive info removed):

{
  "$schema": "http://info.meshcentral.com/downloads/meshcentral-config-schema.json",
  "settings": {
    "cert": "2x.xx.xx.x8",
    "_WANonly": true,
    "_LANonly": true,
    "sessionKey": "%-$GEdm[(@IzzGg}MV"_sessionKey": "MyReallySecretPassword1"7-sqi7bz-@CZ3",
    "port": 443,
    "_aliasPort": 443,
    "redirPort": 80,
    "_redirAliasPort": 80,
    "AgentPong": 300,
    "TLSOffload": false,
    "SelfUpdate": false,
    "AllowFraming": "false",
    "WebRTC": "false",
    "AutoBackup": {
      "backupPath": "/opt/meshcentral/meshcentral-backups",
      "backupInvervalHours": "24",
      "keepLastDaysBackup": "10",
      "zippassword": "MyAwesomePasswordPleaseChangeMe"
    }
  },
  "domains": {
        "": {
        "_title": "MyServer",
    "_title2": "Servername",
    "_minify": true,
    "NewAccounts": "true",
        "_userNameIsEmail": true,
    "_certUrl": "my.reverse.proxy"
        }
  },
  "_letsencrypt": {
    "__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before>",
    "_email": "myemail@mydomain.com",
    "_names": "myserver.mydomain.com",
        "production": false
  }
}

[si458]

https://hub.docker.com/r/typhonragewind/meshcentral is a third party docker image,
nothing to do with us, you need to contact them sorry,
OR
use the offical docker image - https://github.com/Ylianst/MeshCentral/tree/master/docker

P.S: if you just copied and pasted the output of config.json, then the issue is the sessionkey as its listing it twice
"sessionKey": "%-$GEdm[(@IzzGg}MV"_sessionKey": "MyReallySecretPassword1"7-sqi7bz-@CZ3"

[natechoiniere]

https://hub.docker.com/r/typhonragewind/meshcentral is a third party docker image, nothing to do with us, you need to contact them sorry, OR use the offical docker image - https://github.com/Ylianst/MeshCentral/tree/master/docker

Right, I totally forgot I was using tphonragewind's image. Oops. I'll switch over to the official image. I fixed this issue hours ago, just wanted to give a heads up here but I guess it wasn't needed. Thanks!

[si458]

https://hub.docker.com/r/typhonragewind/meshcentral is a third party docker image, nothing to do with us, you need to contact them sorry, OR use the offical docker image - https://github.com/Ylianst/MeshCentral/tree/master/docker

Right, I totally forgot I was using tphonragewind's image. Oops. I'll switch over to the official image. Thanks!

no worries! the repo for the third party seems to be here - https://github.com/Typhonragewind/meshcentral-docker

P.S we dont add any environment values to change config.json values, it generates a basic config.json,
then you change it yourself from within your volume!

P.S.S: oh wow i lied sorry my bad! we do change the sessionkey value but im guessing the regex for generating the key is including invalid characters?
https://github.com/Typhonragewind/meshcentral-docker/blob/1270a29f2117f3e91c9aaf53637777403f30a9cc/builds/regular/startup.sh#L27-L30

[natechoiniere]

https://hub.docker.com/r/typhonragewind/meshcentral is a third party docker image, nothing to do with us, you need to contact them sorry, OR use the offical docker image - https://github.com/Ylianst/MeshCentral/tree/master/docker

Right, I totally forgot I was using tphonragewind's image. Oops. I'll switch over to the official image. Thanks!

no worries! the repo for the third party seems to be here - https://github.com/Typhonragewind/meshcentral-docker

P.S we dont add any environment values to change config.json values, it generates a basic config.json, then you change it yourself from within your volume!

P.S.S: oh wow i lied sorry my bad! we do change the sessionkey value but im guessing the regex for generating the key is including invalid characters? https://github.com/Typhonragewind/meshcentral-docker/blob/1270a29f2117f3e91c9aaf53637777403f30a9cc/builds/regular/startup.sh#L27-L30

Are you able to reproduce the issue yourself on the official image? I'll give it a go here in a few min.
EDIT: Nevermind, I see the link you sent is still for the 3rd party repo

[si458]

@natechoiniere i do think i found a bug however tho?
the scripts are ment to create a session_key if one is not set as an environment variable on first run, then set the value in the config.json but it doesnt seem to do that haha

[CompuRoot]

"sessionKey": "%-$GEdm[(@IzzGg}MV"_sessionKey": "MyReallySecretPassword1"7-sqi7bz-@cz3",

This is not correct JSON record. It should be in form:

"key":"value"

or

"key":12345

where value only numbers, but in your case, value has extra " (double quote) inside of value which make it illegal JSON.

[si458]

ooo the is a boo boo in the docker image! i got it to do the same thing!
`"sessionKey": ""_sessionKey": "MyReallySecretPassword1""_sessionKey": "MyReallySecretPassword1"QaNl{M:;LWRq-}<6tW9My3ny*M{aG6",

[natechoiniere]

I tried the exact same steps I did earlier to recreate this issue with the latest official image. It worked just fine, no issue w/ the sessionKey.

[si458]

can you create a new issue for me plz @natechoiniere as i was about to reproduce it.
remove all volumes and images
compose up, it starts ok,
compose down, then delete config.json,
compose up, you get the error...

[natechoiniere]

can you create a new issue for me plz @natechoiniere as i was about to reproduce it. remove all volumes and images compose up, it starts ok, compose down, then delete config.json, compose up, you get the error...

I'll see if I can reproduce this on the official image a bit later today once I get off work, and if I can, I'll open an issue.

[si458]

@natechoiniere no worries i already created a PR #5333 which fixes the issue for the moment,
we just generate a sessionkey the same as how meshcentral does it if you dont specify one
(only letters n numbers uppercase x 48)

[natechoiniere]

"sessionKey": "%-$GEdm[(@IzzGg}MV"_sessionKey": "MyReallySecretPassword1"7-sqi7bz-@cz3",

This is not correct JSON record. It should be in form:

"key":"value"

or

"key":12345

where value only numbers, but in your case, value has extra " (double quote) inside of value which make it illegal JSON.

Exactly, there's no reason this should be in the default config.json. Bug fixed after 8 months! Thanks @si458

[ssTibaltss]

Greetings. Can you show me what the config should look like if I want to deploy it in Docker on a white IP without certificates.
My config and it doesn't work
{
"settings": {
"mongoDb": "mongodb://meshcentral-db:27017",
"mongoDbName": "meshcentral",
"dbEncryptKey": "MY PASS"
"cert": «WHITE IP",
"WANonly": true,
"_LANonly": true,
"sessionKey": "MY PASS",
"port": 3443,
"aliasPort": 443,
"redirPort": 880,
"redirAliasPort": 80,
}
}

docker-compose-example-2.yaml

version: '2'

This is example 2 from the documentation

services:
meshcentral:
container_name: meshcentral
image: ghcr.io/gurucomputing/meshcentral-docker:latest
restart: "always"
volumes:
- ./container-data/meshcentral-data:/meshcentral/meshcentral-data
- ./container-data/meshcentral-files:/meshcentral/meshcentral-files
- ./container-data/meshcentral-backup:/meshcentral/meshcentral-backup
- /etc/localtime:/etc/localtime:ro
environment:
- MONGODB_URL=mongodb://meshcentral-db:27017
- MONGODB_NAME=meshcentral
- DB_ENCRYPT_KEY=${DB_ENCRYPT_KEY}
ports:
- 880:80
- 3443:443
networks:
- meshcentral-nw
meshcentral-db:
container_name: meshcentral-db
image: mongo:latest
restart: "always"
volumes:
- ./container-data/db:/data/db
- /etc/localtime:/etc/localtime:ro
ports:
- 27017:27017
networks:
- meshcentral-nw

networks:
meshcentral-nw:

[si458]

@ssTibaltss, meshcentral requires the use of certificates for security like the intel AMT
also note a message from node

ERR: (node:3010443) [DEP0123] DeprecationWarning: Setting the TLS ServerName to an IP address is not permitted by RFC 6066. This will be ignored in a future version.
(Use `node --trace-deprecation ...` to show where the warning was created)