Docker - use user: xxxx:xxxx in compose does not work #1923

New Issue

Closed

opened 2026-03-22 13:46:29 -05:00 by GiteaMirror · 2 comments

GiteaMirror commented 2026-03-22 13:46:29 -05:00

Owner

Copy Link

Originally created by @O491dogan on GitHub (Feb 28, 2024).

Description

Deploying the docker container with the provided examples works well.

But I would like to have vikunja run not as user "1000". Here the documentation (https://vikunja.io/docs/full-docker-example/) states, that one should use the --user-flag to accomplish this.

If I do so, vikunja won't start with the following messages:
info: creating the new user vikunja with 1000:1000
groupmod /etc/group.8: Permission denied
groupmod: cannot lock /etc/group; try again later.

On my docker host machine, I have some directories, that are owned by the user 1001 that are mapped to the container (please see the following compose - for testing purposes):

version: "3"
services:
  vikunja:
    image: vikunja/vikunja
    environment:
      VIKUNJA_SERVICE_PUBLICURL: http://192.168.178.59
      VIKUNJA_DATABASE_HOST: db
      VIKUNJA_DATABASE_PASSWORD: vikunjapw
      VIKUNJA_DATABASE_TYPE: mysql
      VIKUNJA_DATABASE_USER: vikunja
      VIKUNJA_DATABASE_DATABASE: vikunja
      VIKUNJA_SERVICE_JWTSECRET: vikunjapwsecret
    ports:
      - 3456:3456
    volumes:
      - /home/dockerApps/vikunja/files:/app/vikunja/files
    user: 1001:1001
    depends_on:
      db:
        condition: service_healthy
    restart: unless-stopped
  db:
    image: mariadb:10
    command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
    environment:
      MYSQL_ROOT_PASSWORD: vikunjadbroot
      MYSQL_USER: vikunja
      MYSQL_PASSWORD: vikunjapw
      MYSQL_DATABASE: vikunja
    volumes:
      - /home/dockerApps/vikunja/database:/var/lib/mysql
    user: 1001:1001
    restart: unless-stopped
    healthcheck:
      test: ["CMD-SHELL", "mysqladmin ping -h localhost -u $$MYSQL_USER --password=$$MYSQL_PASSWORD"]
      interval: 2s
      start_period: 30s

What I see happening on the host is, that the directory /home/dockerApps/vikunja/files/, previously owned by 1001:1001 is owned by 1000:1000 after the start of the container.

It seems like the user: 1001:1001 statement is ignored and vikunja tries to run as the default 1000.

Does anyone ever have this issue, too and can provide some help or solution?

Thank you very much!

Vikunja Version

sha256:25544141064373ce2f1c56aa88a77b5346651e2d0708f8c0cda6fc54c1893f53

Browser and version

not relevant

Can you reproduce the bug on the Vikunja demo site?

No

Screenshots

Not necessary.

Originally created by @O491dogan on GitHub (Feb 28, 2024). ### Description Deploying the docker container with the provided examples works well. But I would like to have vikunja run not as user "1000". Here the documentation (https://vikunja.io/docs/full-docker-example/) states, that one should use the **--user**-flag to accomplish this. If I do so, vikunja won't start with the following messages: `info: creating the new user vikunja with 1000:1000` `groupmod /etc/group.8: Permission denied` `groupmod: cannot lock /etc/group; try again later.` On my docker host machine, I have some directories, that are owned by the user 1001 that are mapped to the container (please see the following compose - for testing purposes): ``` version: "3" services: vikunja: image: vikunja/vikunja environment: VIKUNJA_SERVICE_PUBLICURL: http://192.168.178.59 VIKUNJA_DATABASE_HOST: db VIKUNJA_DATABASE_PASSWORD: vikunjapw VIKUNJA_DATABASE_TYPE: mysql VIKUNJA_DATABASE_USER: vikunja VIKUNJA_DATABASE_DATABASE: vikunja VIKUNJA_SERVICE_JWTSECRET: vikunjapwsecret ports: - 3456:3456 volumes: - /home/dockerApps/vikunja/files:/app/vikunja/files user: 1001:1001 depends_on: db: condition: service_healthy restart: unless-stopped db: image: mariadb:10 command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci environment: MYSQL_ROOT_PASSWORD: vikunjadbroot MYSQL_USER: vikunja MYSQL_PASSWORD: vikunjapw MYSQL_DATABASE: vikunja volumes: - /home/dockerApps/vikunja/database:/var/lib/mysql user: 1001:1001 restart: unless-stopped healthcheck: test: ["CMD-SHELL", "mysqladmin ping -h localhost -u $$MYSQL_USER --password=$$MYSQL_PASSWORD"] interval: 2s start_period: 30s ``` What I see happening on the host is, that the directory **/home/dockerApps/vikunja/files/**, previously owned by 1001:1001 is owned by 1000:1000 after the start of the container. It seems like the **user: 1001:1001** statement is ignored and vikunja tries to run as the default 1000. Does anyone ever have this issue, too and can provide some help or solution? Thank you very much! ### Vikunja Version sha256:25544141064373ce2f1c56aa88a77b5346651e2d0708f8c0cda6fc54c1893f53 ### Browser and version not relevant ### Can you reproduce the bug on the Vikunja demo site? No ### Screenshots Not necessary.

GiteaMirror closed this issue 2026-03-22 13:46:29 -05:00

GiteaMirror commented 2026-03-22 13:46:29 -05:00

Author

Owner

Copy Link

@kolaente commented on GitHub (Feb 28, 2024):

This has been changed lately but not yet released as a stable version. Does it work with an unstable build? (add the :unstable tag to the docker image).

@kolaente commented on GitHub (Feb 28, 2024): This has been changed lately but not yet released as a stable version. Does it work with an unstable build? (add the `:unstable` tag to the docker image).

GiteaMirror commented 2026-03-22 13:46:30 -05:00

Author

Owner

Copy Link

@O491dogan commented on GitHub (Feb 28, 2024):

Hi there!
Thank you for taking the time for a response.

I have tried the current :unstable build and what should I say: It works as expected!

Thank you again - I'm looking forward to the next stable version :-)

@O491dogan commented on GitHub (Feb 28, 2024): Hi there! Thank you for taking the time for a response. I have tried the current `:unstable` build and what should I say: **It works as expected!** Thank you again - I'm looking forward to the next stable version :-)

GiteaMirror referenced this issue 2026-03-22 14:54:16 -05:00

[PR #1923] [MERGED] chore(deps): update cypress/browsers:latest docker digest to ff79e75 #3788

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

claude/review-bot-design-plan-cf5C3

claude/project-scoped-api-tokens-KTqR3

claude/explore-openclaw-integration-KQEzg

claude/project-scoped-api-tokens-yv5KS

fix-totp-reuse

feat-websocket-notifications

feat-caldav-e2e-tests

fix/propagate-is-archived-readall-v2

claude/csv-import-feature-01Kavsoc8Zabn7Q7WwwfVjBh

csv-import-feature

feat-quick-entry

codex/add-task-sorting-functionality

fix-duplicate-close-button

codex/analyze-codebase-for-email-task-feature

feat-list-view-sorting

feat/official-vite-sentry-plugin

feat/highlight-overdue-tasks

feat/add-enter-key-form-submission-handling

feat/TipTap-nits

feat/update-caldavtimetotimestamp-parsing

feat-oauth-server

feat-phosphor-icons

wip-plans

claude/investigate-issue-2173-llKme

poc-yaegi-plugins

fix-description-text-drag

feat-custom-keyboard-shortcuts

pr-1845-ci

codex/fix-drag-and-drop-behavior-inconsistency

copilot/add-clickable-labels-for-filtering

copilot/fix-issue-1786

playwright-migration

fix-kanban-repeating-wip

copilot/fix-1498

feature/replace-axios

codex/upgrade-to-tailwind-4.1.8-using-pnpm

codex/add-cypress-test-for-avatar-types

feature/biome

feature/oxc

codex/update-flexsearch-to-0.8.205

4r6ni9-codex/fix-deprecated-sass-@import-usage

codex/fix-deprecated-sass-@import-usage

codex/add-cypress-test-for-task-list-refresh-fix

codex/fix-quick-add-magic-not-adding-tasks

codex/fix-all-type-errors

codex/fix-mimetype-for-docs.json

feature/caldav-from-scratch

feature/gh-actions-hetzner

fix-ci

feat/new-logger

jyte-better-dev-config

feat/add-team-member-with-enter

fix/button-and-icon-types

fix/notifications-component-name-collision

feature/null-time

renovate/tailwindcss-4.x

feature/unplugin-vue-router

fix/deprecated-import

feature/zod-schema

renovate/golangci-golangci-lint-1.x

fix/tiptap-editor-reactive-destructuring

release/0.24

feat/improve-add-task

fix/saved-filter-search

feat/webp-and-avif-attachment-previews

feature/migrate-back-to-bulma

fix/sass-add-missing-list-import

feature/sticky-demo-bar

fix/gantt-view-switch

feature/typesense-position-join

feature/focus-visible

dependencies/golangci-lint

feature/better-filter-syntax

fix/tiptap-task-list

renovate/github.com-golang-jwt-jwt-v4-5.x

feature/hide-forbidden-related-tasks

renovate/golang-1.x

release/0.20

release/0.17

release/0.16

release/0.15

release/0.14

v2.2.0

v2.1.0

v2.0.0

v1.1.0

v1.0.0

v1.0.0-rc4

v1.0.0-rc3

v1.0.0-rc2

v1.0.0-rc1

v1.0.0-rc0

v0.24.6

v0.24.5

v0.24.4

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.0

v0.22.1

v0.22.0

0.21.0

v0.21.0

v0.20.4

v0.20.5

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.2

v0.19.1

v0.19.0

vue3

v0.18.1

v0.18.0

v0.17.1

v0.17.0

v0.16.1

v0.16.0

v0.15.1

v0.15.0

v0.14.1

v0.14.0

v0.13.1

v0.13

v0.12

v0.11

v0.10

v0.9

v0.8

v0.7

v0.6

v0.5

v0.4

v0.3

v0.2

v0.1

Labels

Clear labels

area/api

area/caldav

area/filters

area/frontend

area/gantt

area/internal-code

area/typesense

bug

changes requested

confirmed

dependencies

enhancement

good first issue

help wanted

kind/bug

kind/feature

needs reproduction

pull-request

Mirrored from GitHub Pull Request

question

security

support

upstream issue

waiting for reply

wontfix

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/vikunja#1923