github-starred/vikunja
2
0
Fork 0
mirror of https://github.com/go-vikunja/vikunja.git synced 2026-05-07 03:58:09 -05:00
Code Issues 690 Packages Projects Releases 11 Wiki Activity

API docker container doesn't start when config.yml is imported as a secret #140

New Issue
Closed
opened 2025-11-01 20:48:33 -05:00 by GiteaMirror · 2 comments
GiteaMirror commented 2025-11-01 20:48:33 -05:00
Owner
Copy Link

Originally created by @5p4k on GitHub (Jun 11, 2023).

Description

When /app/vikunja/config.yml is provided as a docker secret (or, I presume, a docker config would amount to the same), it is part of the read-only filesystem. Therefore the API container fails here at chown vikunja:vikunja . with

info: creating the new user vikunja with 1000:1000
usermod: no changes
chown: ./config.yml: Read-only file system

and is instantly restarted. Setting uid and gid to 1000 on the file does not work because chown is executed nonetheless.

Not all options in the config.yml can be configured via environment variables, e.g. OpenID, therefore it is not possible to work around this issue without customizing the entry point or setting PGID/PUID.

I'm attaching a MVE docker-compose.yml:

version: '3'

services:
  api:
    image: vikunja/api
    secrets:
      - source: vikunja-config
        target: /app/vikunja/config.yml
        uid: "1000"
        gid: "1000"

secrets:
  vikunja-config:
    file: vikunja-config.yml

You can test that the container fails with

# In the folder where the compose file is:
touch vikunja-config.yml
docker compose up

Vikunja Frontend Version

0.20.5

Vikunja API Version

0.20.4

Browser and version

n/a

Can you reproduce the bug on the Vikunja demo site?

No

Screenshots

No response

Originally created by @5p4k on GitHub (Jun 11, 2023). ### Description When `/app/vikunja/config.yml` is provided as a docker secret (or, I presume, a docker config would amount to the same), it is part of the read-only filesystem. Therefore the API container fails [here](https://github.com/go-vikunja/api/blob/4a4ba041e0f3e9c71dd4844d5191c9cbe4e4e3b7/docker/entrypoint.sh#L10) at `chown vikunja:vikunja .` with ``` info: creating the new user vikunja with 1000:1000 usermod: no changes chown: ./config.yml: Read-only file system ``` and is instantly restarted. Setting `uid` and `gid` to 1000 on the file does not work because chown is executed nonetheless. Not all options in the `config.yml` can be configured via environment variables, e.g. [OpenID](https://community.vikunja.io/t/configure-openid-via-environment/628/3), therefore it is not possible to work around this issue without customizing the entry point or setting `PGID`/`PUID`. --- I'm attaching a MVE `docker-compose.yml`: ```yaml version: '3' services: api: image: vikunja/api secrets: - source: vikunja-config target: /app/vikunja/config.yml uid: "1000" gid: "1000" secrets: vikunja-config: file: vikunja-config.yml ``` You can test that the container fails with ```shell # In the folder where the compose file is: touch vikunja-config.yml docker compose up ``` ### Vikunja Frontend Version 0.20.5 ### Vikunja API Version 0.20.4 ### Browser and version n/a ### Can you reproduce the bug on the Vikunja demo site? No ### Screenshots _No response_
GiteaMirror commented 2025-11-01 20:48:34 -05:00
Author
Owner
Copy Link

@kolaente commented on GitHub (Jun 11, 2023):

Does it work with the unstable image? (Make a backup first)

@kolaente commented on GitHub (Jun 11, 2023): Does it work with the unstable image? (Make a backup first)
GiteaMirror commented 2025-11-01 20:48:34 -05:00
Author
Owner
Copy Link

@5p4k commented on GitHub (Jun 11, 2023):

vikunja/api:unstable works! I see now 80266d1, that seems to fix the issue.

Sorry for the noise -- closing as fixed by 80266d1.

@5p4k commented on GitHub (Jun 11, 2023): `vikunja/api:unstable` works! I see now 80266d1, that seems to fix the issue. Sorry for the noise -- closing as fixed by 80266d1.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
area/api
area/attachments
area/auth
area/avatars
area/backup-restore
area/caldav
area/calendar-view
area/comments
area/config
area/database
area/desktop
area/docker
area/email
area/favorites
area/filters
area/frontend
area/gantt
area/i18n
area/import-export
area/internal-code
area/kanban
area/labels
area/list-view
area/mobile
area/notifications
area/permissions
area/projects
area/pwa
area/recurring-tasks
area/reminders
area/search
area/shortcuts
area/subtasks
area/sync
area/table-view
area/task-editor
area/task-metadata
area/task-relations
area/teams
area/theming
area/time-tracking
area/typesense
area/views
area/webhooks
bug
changes requested
concern/accessibility
concern/performance
concern/regression
concern/ux
confirmed
db/mysql
dependencies
enhancement
good first issue
help wanted
integration/inbound
integration/outbound
kind/bug
kind/feature
needs reproduction
pull-request
Mirrored from GitHub Pull Request
 question
security
support
upstream issue
waiting for reply
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/vikunja#140
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?