Setting Admin Password via CFConfig seems to not be working

Communities CommandBox CLI
1

I seem to be having some real trouble with setting up a web administrator password for Lucee 6.0.1.0 running in CommandBox. I have tried just about every solution I could find within the various forum posts here and around the internet, but I’m just not getting any good results.

Some background: I am trying CommandBox for my production server after having manually managed a Lucee+Nginx server for many, many years. I tried moving to Lucee+Apache2 and have encountered unbelievably undiagnosable memory issues and I’m wondering if CommandBox will help to simplify my setup.

This is just a hobbyist’s web application server. I’ve never used CommandBox before and I have heard its praises sung far and wide, but I’ll be honest, it is an all new area for me and I think it’s easy to say I am pretty overwhelmed by it, at least for now.

I had an existing Lucee (6.0.1.0)/Apache2 server running on this machine. I shut down Lucee and Apache and installed ComandBox, went to my web root, located at /web/default/wwwroot, and used box server start. I was able to get things running enough to start the CommandBox web server on port 8080 using a server.json file located at /web/default/wwwroot/server.json. This is my server.json configuration, which is very basic at this time.

{
  "profile": "production",
  "web": {
	"host": "0.0.0.0",
	"http": {
	  "port": 8080
	},
	"welcomeFiles": "default.cfm,index.cfm",
	"blockCFAdmin": false,
  },
  "app": {
	  "cfengine": "lucee@6.0.1+0",
  }
}

In researching this password issue, I looked up using CFConfig, which is now much more confusing since Lucee adopted a .CFConfig.json configuration file. I tried to do an import of the old configuration with this command: box cfconfig import from=/opt/lucee/tomcat/lucee-server/context/.CFConfig.json and it was just errors. I tried manually building out a .CFConfig.json file in my web root /web/default/wwwroot/.CFConfig.json and that didn’t really work.

I tried setting the password via this command (while in my web root at /web/default/wwwroot/): box cfconfig set adminPassword=myPass. That didn’t work. (Please note I also did box server restart after attempting everything, each time.)

I tried editing files in the `/home/ubuntu/.CommandBox/server/{serveridcode}-wwwroot/lucee-6.0.1.0/WEB-INF/’ directories and that did nothing.

So … I’m not sure. Have I started off on the completely wrong foot with my setup here? Am I missing something obvious? Am I approaching this totally wrong? Again: I have no idea.

I’m really interested in CommandBox as a solution, but there is really very limited documentation on how to move from an existing server set up to a new one, nor much help for folks looking for basic, “How do I use CommandBox as a production server?” types of questions. The documentation here is just not really helping me, it’s quite overwhelming and does not contain a lot of specifics about how I can do this.

And, at the core of all of this, is that I just simply can not set a web administrator password, which honestly is step one of a thousand steps I need to be able to complete in order to set this up. That’s why I’m so focused on it.

Any help that could be offered would be greatly appreciated, as I am at a loss. Thank you very much.

2

To add to this: I used cfconfig to add a MySQL datasource, via cfconfig datasource save name=my_datasource .... .

I restarted the server with box server restart. The datasource shows up with the right parameters when I use cfconfig show.

But when I visit a page at `/web/default/wwwroot/test.cfm’ that tries to connect to the datasource, I get an error, “Datasource [my_datasource] doesn’t exist.”

Clearly I have done something very wrong, here, but what? I followed the instructions in “Getting Started” for CommandBox, but something isn’t lining up correctly, here.

I know these are very, very, very, very, very basic things, so they’re probably frustrating, but, if I’m off on the wrong foot on basically Steps 1-5, and I have no idea how to recover, then I am afraid I have to reach out for help.

3

It’s hard to say all the things that may be going on, the biggest issue is probably that you’re using Lucee 6. CFConfig hasn’t really officially added support for Lucee 6 yet and since it’s switched to its own JSON file that’s changed how a number of things work. Hardly anyone is using Lucee 6 at this point and I’ve done very little testing on it.

CFConfig still writes out the XML files which Lucee 6 will read, but ONLY on first start. After the first start, Lucee 6 will convert any XML files over to the JSON format and ignore any XML configs on subsequent starts. This makes CFConfig only really useful on first start :confused: So all those commands you were trying to run were probably importing settings into an XML file that Lucee 6 was simply ignoring!

Lucee 6 was just released a few weeks ago. Unless you have a specific requirement for it you may want to hang out on Lucee 5.4 for a bit until things stabilize for Lucee 6 a bit more.

Ortus is good at tracking down memory leaks. Check out our consulting plans.

There’s a million ways to setup CF/Lucee servers and half a million ways to setup a CommandBox server, so writing a comprehensive guide for any possible setup isn’t very easy. One of the big determining factors is if you just have a single web site (web root) or multiple.

Generally speaking, just like you’d use it for dev, but

  • use production profile (which is the default when bound to an external IP)
  • bind to 0.0.0.0 so its external UNLESS you’re proxying it behind another web server, in which case it can be bound to localhost.
  • I recommend checking out our CommandBox Service Manager module which makes configuring Mac/Windows/Linux services easy
4

OK, I’ll maybe go back to the original title here. I have reverted to Lucee 5.4.3+2.

I have tried to set the web administrator password using CFConfig in all of these ways (from the CommandBox:wwwroot> prompt):

cfconfig set cfconfig_adminPassword=bitepass124
cfconfig set cfconfig_adminPassword=mypassword
cfconfig set admin_password=mypassword to=server.json

None of these have worked.

I also tried another setting, like this:

cfconfig set directoryBrowing=true
cfconfig set directoryBrowing=true to=server.json

That also didn’t do anything to server.json. I open it up – no changes. Is there something wrong with my set up, here? I am running CommandBox from my webroot as ‘ubuntu’. I have server.json in my webroot, owned by the same user running the CommandBox.

I will admit that this, this exact situation right here, is where I get really lost in CommandBox and have real trouble reconciling the supposed simplicity with the reality I’m facing. I don’t think this server was set up to run CommandBox as a service, though it will be, eventually. I may have started the server for the first time with box server start from the Unix shell, but I stopped it by running box server stop and then just box to go in to the CommandBox shell and server start after that.

I could really use help in understanding this stuff.

5

If you are running the command with cfconfig, then the syntax is

cfconfig set adminPassword=mypassword

The cfconfig_ prefix is only used if those are in the environment ( which cfconfig picks up and recognizes as its own )

1 Like
6

What Jon said.

This is not a real command, or at least not one you’d want to run. You’re mixing a couple concepts here. The cfconfig commands modify a server’s config, or perhaps a CFConfig file holding a server’s config. However, directoryBrowsing is not a part of CFConfig, that’s not even the correct name for it. That setting goes in your server.json and you use the server set command to modify it. I recommend using tab completion as you type to make sure you’ve got the right name.

server set web.directoryBrowsing=true

which will modify your server.json to look like this

{
  "web" : {
    "directoryBrowsing" : true
  }
}

as shown here and here in the docs.

Generally speaking any command run from your OS shell such as

$> box foobar

is the same as running box and entering the interactive shell and then runnning

CommandBox> foobar

I highly recommend using CommandBox’s interactive shell where you have instant responses to commands, tab completion, color highlighting, and options such as the commandbox-bullet-train prompt customizer. When you run box command you have to wait longer for each command and you have to guess if you’re typing the command correctly since there’s no tab complete or syntax highlighting to guide you.

For commands such as server start which behave differently based on what folder, you’d obviously need to be in the correct/same working directory for those commands to behave the same.

7

OK, I just did that:

CommandBox:wwwroot> cfconfig set adminPassword=mypassword

[adminPassword] set

I am unable to log in to both the server and web admin pages with that password. There is nothing in my /web/default/wwwroot/server.json about the password.

I just tried to run a server restart command from the Box shell, and got this error:

CommandBox:wwwroot> server restart

Trying to stop server...
> server stop 'wwwroot'
Stopping wwwroot...
ERROR
Error stopping server[ERROR] runwar.context: java.net.ConnectException: Connection refused (Connection refused)
[ERROR] runwar.context: at java.base/java.net.PlainSocketImpl.socketConnect(Native Method)
[ERROR] runwar.context: at java.base/java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:412)
[ERROR] runwar.context: at java.base/java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:255)
[ERROR] runwar.context: at java.base/java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:237)
[ERROR] runwar.context: at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
[ERROR] runwar.context: at java.base/java.net.Socket.connect(Socket.java:609)
[ERROR] runwar.context: at java.base/java.net.Socket.connect(Socket.java:558)
[ERROR] runwar.context: at java.base/java.net.Socket.<init>(Socket.java:454)
[ERROR] runwar.context: at java.base/java.net.Socket.<init>(Socket.java:264)
[ERROR] runwar.context: at runwar.Stop.stopServer(Stop.java:26)
[ERROR] runwar.context: at runwar.Server.startServer(Server.java:210)
[ERROR] runwar.context: at runwar.Start.main(Start.java:51)
[INFO ] runwar.context: Could not stop server. Are you sure it is running, and listing for stop requests on port 39395?

Waiting for server ports to become available again...

I will again note that my first interaction with CommandBox - very first run - was when I was in the /web/default/wwwroot/ folder, and ran box server start. Then I ran box server stop. Then I ran box. Then, inside the CommandBox, I ran server start.

I really could use help here understanding these things.

8

Yeah, I am not running Unix shell commands through box anymore. I did one time, because that’s what the startup “guide” I found online told me to do, but then I realized I couldn’t change settings anywhere, so I ran it one other time to stop it.

Every single other command I’ve issued has been through the CommandBox shell.

9

There’s a number of things that could be at play, and without seeing your setup and knowing exactly everything you’ve run, from what directory, in what order it’s very hard to guess.

Things to check for:

  • Lucee needs to be restarted to pick up any changes made to its XML files by CFConfig
  • Check you don’t have more than one server started in the current directory with the server list and/or server list --local commands.
  • Make sure you’re running that command in the correct folder where the server lives. Should be the server details that show either in CommandBox Bullet Train or when you run server info in that folder.
  • that command, as you ran it, would only modify the server context of Lucee. Setting the web context password would require a slightly different command as documented here.

There wouldn’t be. The server.json file has nothing to do with where CFConfig stores settings. The change would have been made to the XML file inside the Lucee server home that stored the server context settings.

I’d start new threads for this stuff or this thread will just become unmanageable. Your error may be getting in the way of your password woes, but it’s sort of another issue entirely.

As to what he error means-- it basically says you tried to stop a server (which involves connecting on a “stop port” and shutting down the server process) but the stop port stored for this server wasn’t bound anywhere, so CommandBox isn’t really sure how to proceed. If you know the server is running, then it could be hung, or perhaps you’ve been switching back and forth between running commands as root and running commands as non-root users which will get things mixed up quite fast as every user you run CommandBox gets their own separate CommandBox home under their user directory which different settings, different servers, different config, etc, etc. If you’re mixing and matching users, I recommend “pinning” the CommandBox server home to a single folder shared by all users as documented here with the commandbox.properties.

I don’t understand what that means. What settings exactly couldn’t you change?

10

I have only one server. As mentioned in my post, I am running box from the Unix shell at /web/default/wwwroot which is my web root.

I’m clearly missing something here about the relationship between server.json, CFConfig, XML files for server setup, .CFConfig.json … I’ve seen a lot of these floating around and I’m not really understanding what the differences are between them, particularly in relation to how settings are set through CFConfig in the CommandBox shell. Maybe this will make more sense as I continue to problem solve?

I just completely rebooted my entire machine. Here’s an example of a set of commands I just ran:

ubuntu@ip :/web/default/wwwroot$ box

CommandBox:wwwroot> server list
Processing (1) servers, please wait...

wwwroot (stopped)
  http://127.0.0.1:8080
  CF Engine: lucee 5.4.3+2
  Webroot: /web/default/wwwroot/
  Last Started: 15-Dec-2023 21:20:10

CommandBox:wwwroot> server start
 √ | Starting Server   | √ | Setting Server Profile to [production]   | √ | Loading CFConfig into server 

CommandBox:wwwroot> server listProcessing (1) servers, please wait...wwwroot (running)
  http://127.0.0.1:8080
  CF Engine: lucee 5.4.3+2
  Webroot: /web/default/wwwroot/
  Last Started: 15-Dec-2023 22:15:20

CommandBox:wwwroot> cfconfig set adminPassword=mypassword
[adminPassword] set.
CommandBox:wwwroot> server restart
Trying to stop server...
> server stop 'wwwroot'
Stopping wwwroot...
Stopped


Trying to start server...
> server start name='wwwroot' openBrowser=false debug=false --!saveSettings
 √ | Starting Server
   | √ | Setting Server Profile to [production]
   | √ | Loading CFConfig into server CommandBox:wwwroot>

When I now go to the server admin page, the password works, but when I enter, I get to a page that says, “Error - requested action does not exist” and when I click any other link in the administrator, I’m spit back out to the login page.

  • that command, as you ran it, would only modify the server context of Lucee. Setting the web context password would require a slightly different command as documented here.

I’m afraid there is nothing at that link about setting the web context password.

Just to clarify some things:

  • I have not and never will run CommandBox as root.
  • I have never run Commandbox anywhere but in the /web/default/wwwroot folder.
  • I am also using Nginx as a reverse proxy (as I learned from you yesterday that this is the only option available for serving port 80.)
  • I am attempting to access the admin pages externally through port 80 as I am on a GUIless server and can not administer them internally.

I also want to note that one of my chief concerns is what appears (to be clear, appears to me) to be the ephemeral nature of CommandBox server instances. Something that really scares me about CommandBox is that it seems like the server just sort of disappears forever when a server stop command comes through. So I worry a lot about how all the configurations are being saved permanently so that I don’t have to, say, set a new Web administrator password every time the Lucee server – or the Ubuntu machine – has to stop and restart. This is where I am really unclear on the CFConfig/.CFConfig.json/server.json point from earlier. Perhaps it would help to note that my end goal is a stable, public, production web server for just one website that runs as a service on Ubuntu that I leave alone and update only as needed?

11
  • server.json is the primary config file for CommandBox that sets up how the server starts, what ports, what CF engine, what web root, rewrites, lockdown, etc
  • CFConfig is a CommandBox module that helps you set the actual CF configuration that you see in the Lucee or Adobe CF web admin such as datasources or mail servers.
  • The XML files are files stored inside the Lucee or Adobe server home where they store settings such as datasources or mail servers.
  • .cfconfig.json is a file that if found by convention, will automatically get imported when starting a server. This allows you to configure things like datasources or mail servers in that JSON file and the first time you ever run server start all the config is just pulled into the CF administrator and ready to go without needing to manually configure anything.

So, it sounds like this thread is done, and a new thread should be started for any new questions/issues?

This is a known bug in Lucee, completely unrelated to anything else being discussed.
https://luceeserver.atlassian.net/browse/LDEV-4675
It was fixed in Lucee version 5.4.3.4 but for some reason you chose an older Lucee version (5.4.3.2) so you don’t have the fix. I would recommend you upgrade Lucee.

I never said there would be. I said there would be information in that link about modifying settings in the Lucee web context. The docs aren’t going to contain every single possible command that can ever be run on every server ever for every setting ever. You’ve got to piece some of this stuff to together. What there are docs for are:

  • how to set a setting (in general)
  • all the setting names you can set
  • how to make a command target the Lucee web context

It’s up to you to piece these together to find the command you need to run today on your server for your needs.

That missed my point. Forget about root. If you run CommandBox as different users regardless of what those users are called my statement will apply to you. So if you start a server as the bob user and try to stop it as the tom user, you will have issues.

This is not true. We’ve told you that a simple port forwarding is also available and the most recommended approach I’ve seen when I google this issue in general.

That’s not the case and I’m not sure what would make you say that. Even though, you’ve stopped a server

  • the Lucee server home (and its config files) still live under the CommandBox home dir
  • the server and it’s settings should still be visible in any of the commands such as server list and server info
  • The server home and it’s XML config files will not be deleted unless you run the server forget command and answer “yes” to the “are you sure” prompt.

Other than the actual server process stopping and releasing its ports, are you seeing something else “disappearing”?

All Lucee settings will survive both a CommandBox server restart and an operating system reboot.

Now, that said-- CommandBox IS designed for the servers themselves to be something don’t have to worry about going away. One of the goals is you CAN “forget” a server at anytime and a simple “server start” will bring everything right back and ready to go. That is why we have the config files such as servrer.json and .cfconfig.json to store all your settings so it can all be loaded back in and setup with zero effort.

12

@GoOutside I have an Ubuntu server I just launched from scratch with NGINX + CommandBox running and can show you what I did. That may help clear up some things. If you have Zoom and want to jump on for 15-20 minutes, let me know. I’ll be online for about another hour. I sent you a DM with the link. And if not, no problem. :slight_smile:

13

I can’t update the version until I get into the server admin page. Unless – and this is where I’m still trying to learn about CFConfig – there’s a way to do it in CFConfig? I searched the CFConfig documents for “version” and found nothing about how to set the Lucee server version. (There seems to be stuff about the version of CFConfig?) Look, I’m not trying to be a jerk here, honestly, I just don’t know how this stuff works. I really want to use it! I’m not seeing any examples of how to use it, the examples are just so, so, so, so, so important to me.

That’s not the case and I’m not sure what would make you say that.

I maybe should be more clear that it only seems like the server disappears because, for me, a Lucee user who has had a traditional lucee/nginx server setup for many, many years, the way that CommandBox just sort of starts and stops servers seems very weird and hard to understand. To me, CommandBox looks like another Unix shell that just sort of sits over the top of an existing Unix shell and runs as a server. It feels weird. The server seems very attached to this shell, and the shell can go away, and when I look for evidence of the server, like a configuration file or something, it’s really quite hard to see where that is, permanently. This isn’t a criticism of your design, it’s just deeply confusing to me because I’ve never encountered it before and it’s hard to understand (and there is almost nothing available out there to help me understand it).

Also, again, to clarify, I am not running CommandBox as anything but the only user that I have access to running things on this Unix shell as: ubuntu. So, it’s always and forever just one user: ubuntu.

  • server.json is the primary config file for CommandBox that sets up how the server starts, what ports, what CF engine, what web root, rewrites, lockdown, etc
  • The XML files are files stored inside the Lucee or Adobe server home where they store settings such as datasources or mail servers.

That is why we have the config files such as servrer.json and .cfconfig.json to store all your settings so it can all be loaded back in and setup with zero effort.

  • .cfconfig.json is a file that if found by convention, will automatically get imported when starting a server. This allows you to configure things like datasources or mail servers in that JSON file and the first time you ever run server start all the config is just pulled into the CF administrator and ready to go without needing to manually configure anything.

OK, again, mega-mega confused here. I hope you are not going to be angry at me if I say that this all sounds like you’re telling me they all do the same thing. If server.json sets up the server, and .cfconfig.json sets up the server, what’s the difference? Which ones do CFConfig alter? Both? Do I need to alter them in order for things like Datasources and Web roots to be permanent when CommandBox restarts? But I thought CFConfig altered the XML files, instead? Now there’s two different JSON files that alter the XML? You don’t have to answer all of these individually, I’m just writing them because they’re indicative of the sort of questions I’m trying to go through in understanding how I can use these really amazing tools in a way that is lasting and makes the most sense.

If, for example, I want to have a server and web administration password set, do I set that in both the server.json and the .CFConfig.json? Or just once through CFConfig in the Box shell? What about datasources and logging details?

Just some really, realllllllly basic examples of how to use CFConfig to change settings like this would just be enormously useful. I know you have all put a huge amount of time into your documentation, and I am sure it is deeply insightful to people who know how to use the software, but I don’t, and that’s where none of it really seems to make sense to me.

14

BTW, I tried to use CFConfig to set the server version and this happened:

CommandBox:wwwroot> cfconfig set server.defaults.engineVersion=5.4.4.38
[server.defaults.engineVersion] set.
CommandBox:wwwroot> server restart
Trying to stop server...
> server stop 'wwwroot'
Stopping wwwroot...
Stopped


Trying to start server...
> server start name='wwwroot' openBrowser=false debug=false --!saveSettings
 √ | Starting Server
   | √ | Setting Server Profile to [production]
   | √ | Loading CFConfig into server

CommandBox:wwwroot> server listProcessing (1) servers, please wait...
  wwwroot (running)
  http://127.0.0.1:8080
  CF Engine: lucee 5.4.3+2
  Webroot: /web/default/wwwroot/
  Last Started: 15-Dec-2023 23:30:02

Same version as before.

15

@GoOutside You don’t use CFCONFIG to set the Lucee version.

The docs for setting the version are here: Server Versions - CommandBox : CLI, Package Manager, REPL & More.

You need to do

server start name='wwwroot' cfengine=lucee@5.4.4.38 openBrowser=false debug=false --!saveSettings

Also, why are you using ‘–!saveSettings’? If you remove that from your command, all of these settings you are passing will be saved to a server.json file and used anytime going forward when you start/stop the server.

16

I"m not using !-saveSettings? I … don’t know how or why that would be showing up? When I run “box” from /web/default/wwwroot/ – I’m not sure why that shows up? I never added it.

17

Oh, I think the restart automatically adds it to ensure that no configuration changes happen on restart. If you run this, you should get the result you want.

server start name='wwwroot' cfengine=lucee@5.4.4.38
18

Will future restarts always automatically add that? How can I check to see if it’s enabled? This may have something to do with what I was saying earlier about how ephemeral and transitory CommandBox can feel.

19

By the way, I’ve tried using the material in this blog post as a guide for how to add a password to both the server and web administrators, since it is literally the only straightforward guide on how to do this that I could find on the internet.

I guess, suffice to say, it doesn’t work. These instructions set the server password, but not the web password.

20

@GoOutside Yes, but doing server restart isn’t going to cause any issues. And it isn’t going to make the server disappear - nothing like that at all. CommandBox is doing some awesome stuff for you that you might not be aware of yet.

When you run commands like these…

server start cfengine=lucee@be

CommandBox will store those values in a server.json. It looks like this:

{
    "app":{
        "cfengine":"lucee@be"
    },
    "web":{
        "http":{
            "port":"8080"
        },
        "rewrites":{
            "enable":"true"
        }
    }
}

Now here’s the cool part - everytime you stop/start or restart your server, before CommandBox launches your CFML engine, it checks for a server.json configuration file and if it exists, it uses it to start the CFML engine. Think of this as happening a layer above where CFCONFIG comes in. Things like port settings, Lucee version, disabling directoryBrowsing, security, and more are configured in server.json - and CommandBox is managing that file for you automatically - although you can easily edit the file yourself also.

The next layer is CFCONFIG. CFCONFIG is where you can configure specifics about the CFML engine: datasources, requestTimeout, etc. When using CFCONFIG, you can save the configuration to a JSON file, and CommandBox will automatically apply what you’ve set in ./cfconfig.json to your server.

./cfconfig.json

{
    "adminPassword":"${ADMIN_PASSWORD}",
    "cacheDefaultObject":"coldbox",
    "caches":{
        "coldbox":{
            "class":"lucee.runtime.cache.ram.RamCache",
            "custom":{
                "timeToIdleSeconds":"1800",
                "timeToLiveSeconds":"3600"
            },
            "readOnly":"false",
            "storage":"true",
            "type":"RAM"
        }
    },
    "datasources":{
        "somedatasource":{
            "class":"${DB_CLASS}",
            "connectionLimit":"100",
            "connectionTimeout":"1",
            "custom":"useUnicode=true&characterEncoding=UTF-8&useLegacyDatetimeCode=true&autoReconnect=true&allowMultiQueries=true",
            "database":"${DB_DATABASE}",
            "dbdriver":"${DB_DRIVER}",

Let’s talk about the next layer - environment variables. Did you notice them above in .cfconfig.json?

.cfconfig.json

"adminPassword":"${ADMIN_PASSWORD}",

CommandBox will check to see if you’ve defined environment variables in a .env file. If you have, it will load those when it’s configuring your server with CFCONFIG, and it will load them into Lucee also.

So I can create a .env file to set my Lucee admin password.

.env

ADMIN_PASSWORD=secret

The point is that CommandBox is abstracting a lot of the difficult stuff that we use to deal with in the past with traditional hosting, and it’s making it much easier to manage your servers - both in configuring them and running them.

And that doesn’t cover all the other stuff CommandBox does.

If you are new to these concepts, it can take time to get used to them but once you do, I think you’ll find them to greatly simplify your server environments.