[GH-ISSUE #2173] Startup reproducibly fails with "failed to create test file" in docker rootless mode on current unstable #6575

New Issue

Closed

opened 2026-04-20 17:10:27 -05:00 by GiteaMirror · 13 comments

GiteaMirror commented 2026-04-20 17:10:27 -05:00

Owner

Copy Link

Originally created by @liquidat on GitHub (Jan 28, 2026).
Original GitHub issue: https://github.com/go-vikunja/vikunja/issues/2173

Pre-submission checklist

• I have searched for existing open or closed issue reports with the same problem.

Description

The error in #2162 persists even with newest :unstable, and is easily reproducible on other systems as well. The fix posted there does not solve the problem.

(I would have reopened the issue #2162, but that is not possible, hence the new bug report.)

Summary

If running in docker rootless, container fails to start with error message:

  ✗ Initialization: storage validation failed: failed to create test file at /app/vikunja/files/.vikunja-check-1769586313070962331: open /app/vikunja/files/.vikunja-check-1769586313070962331: permission denied

Steps to reproduce

Tested on Ubunuo 20.04, Rocky 9.7

1. sudo adduser testuser
2. sudo machinectl shell testuser@
3. /bin/dockerd-rootless-setuptool.sh install
4. systemctl --user start docker
5. docker run -it --rm -p 3456:3456 -v local-volume:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" -e "VIKUNJA_DATABASE_HOST=localhost" -e "VIKUNJA_DATABASE_PASSWORD=Something-Something-Something" -e "VIKUNJA_DATABASE_TYPE=postgres" -e "VIKUNJA_DATABASE_USER=vikunja" -e "VIKUNJA_DATABASE_DATABASE=vikunja" vikunja/vikunja:unstable doctor

Actual output

Unable to find image 'vikunja/vikunja:unstable' locally
unstable: Pulling from vikunja/vikunja
7240c81e815e: Pull complete 
d4f41f27d85d: Pull complete 
6b833b237fc4: Pull complete 
5cefd88baefe: Download complete 
Digest: sha256:75fcfcf3820134b1a02a39b2f21cf53b0b70ab230b9bd5b0d8078c6608ab162a
Status: Downloaded newer image for vikunja/vikunja:unstable
2026/01/28 07:45:13 failed to create modcache index dir: mkdir /.cache: permission denied
time=2026-01-28T07:45:13.067Z level=INFO msg="No config file found, using default or config from environment variables."
time=2026-01-28T07:45:13.069Z level=ERROR msg="could not check for paradedb extension: dial tcp [::1]:5432: connect: connection refused"
Vikunja Doctor
==============

System
  ✓ Version: v1.0.0
  ✓ Go: go1.25.6
  ✓ OS: linux/amd64
  ✓ User: unknown (uid=1000)
  ✓ Working directory: /app/vikunja

Configuration
  ✓ Config file: none (using defaults/environment)
  ✓ Public URL: https://vikunja.something.com/
  ✓ JWT secret: configured (auto-generated)
  ✓ CORS origins: http://127.0.0.1:*
      http://localhost:*
      https://vikunja.something.com

Database (postgres)
  ✗ Connection: dial tcp [::1]:5432: connect: connection refused
  ✗ Server version: dial tcp [::1]:5432: connect: connection refused

Files (local)
  ✗ Initialization: storage validation failed: failed to create test file at /app/vikunja/files/.vikunja-check-1769586313070962331: open /app/vikunja/files/.vikunja-check-1769586313070962331: permission denied

3 check(s) failed

Vikunja Version

unstable, sha256:75fcfcf3820134b1a02a39b2f21cf53b0b70ab230b9bd5b0d8078c6608ab162a

Browser and version

No response

Can you reproduce the bug on the Vikunja demo site?

No

Screenshots

No response

Originally created by @liquidat on GitHub (Jan 28, 2026). Original GitHub issue: https://github.com/go-vikunja/vikunja/issues/2173 ### Pre-submission checklist - [x] I have searched for existing open or closed issue reports with the same problem. ### Description The error in #2162 persists even with newest `:unstable`, and is easily reproducible on other systems as well. The fix posted there does not solve the problem. (I would have reopened the issue #2162, but that is not possible, hence the new bug report.) ### Summary If running in docker rootless, container fails to start with error message: ``` ✗ Initialization: storage validation failed: failed to create test file at /app/vikunja/files/.vikunja-check-1769586313070962331: open /app/vikunja/files/.vikunja-check-1769586313070962331: permission denied ``` ### Steps to reproduce Tested on Ubunuo 20.04, Rocky 9.7 1. `sudo adduser testuser` 2. `sudo machinectl shell testuser@` 3. `/bin/dockerd-rootless-setuptool.sh install` 4. `systemctl --user start docker` 5. `docker run -it --rm -p 3456:3456 -v local-volume:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" -e "VIKUNJA_DATABASE_HOST=localhost" -e "VIKUNJA_DATABASE_PASSWORD=Something-Something-Something" -e "VIKUNJA_DATABASE_TYPE=postgres" -e "VIKUNJA_DATABASE_USER=vikunja" -e "VIKUNJA_DATABASE_DATABASE=vikunja" vikunja/vikunja:unstable doctor` ### Actual output ``` Unable to find image 'vikunja/vikunja:unstable' locally unstable: Pulling from vikunja/vikunja 7240c81e815e: Pull complete d4f41f27d85d: Pull complete 6b833b237fc4: Pull complete 5cefd88baefe: Download complete Digest: sha256:75fcfcf3820134b1a02a39b2f21cf53b0b70ab230b9bd5b0d8078c6608ab162a Status: Downloaded newer image for vikunja/vikunja:unstable 2026/01/28 07:45:13 failed to create modcache index dir: mkdir /.cache: permission denied time=2026-01-28T07:45:13.067Z level=INFO msg="No config file found, using default or config from environment variables." time=2026-01-28T07:45:13.069Z level=ERROR msg="could not check for paradedb extension: dial tcp [::1]:5432: connect: connection refused" Vikunja Doctor ============== System ✓ Version: v1.0.0 ✓ Go: go1.25.6 ✓ OS: linux/amd64 ✓ User: unknown (uid=1000) ✓ Working directory: /app/vikunja Configuration ✓ Config file: none (using defaults/environment) ✓ Public URL: https://vikunja.something.com/ ✓ JWT secret: configured (auto-generated) ✓ CORS origins: http://127.0.0.1:* http://localhost:* https://vikunja.something.com Database (postgres) ✗ Connection: dial tcp [::1]:5432: connect: connection refused ✗ Server version: dial tcp [::1]:5432: connect: connection refused Files (local) ✗ Initialization: storage validation failed: failed to create test file at /app/vikunja/files/.vikunja-check-1769586313070962331: open /app/vikunja/files/.vikunja-check-1769586313070962331: permission denied 3 check(s) failed ``` ### Vikunja Version unstable, sha256:75fcfcf3820134b1a02a39b2f21cf53b0b70ab230b9bd5b0d8078c6608ab162a ### Browser and version _No response_ ### Can you reproduce the bug on the Vikunja demo site? No ### Screenshots _No response_

GiteaMirror closed this issue 2026-04-20 17:10:29 -05:00

GiteaMirror commented 2026-04-20 17:10:30 -05:00

Author

Owner

Copy Link

@BloosT1337 commented on GitHub (Jan 28, 2026):

Same here.

<!-- gh-comment-id:3809694766 --> @BloosT1337 commented on GitHub (Jan 28, 2026): Same here.

GiteaMirror commented 2026-04-20 17:10:30 -05:00

Author

Owner

Copy Link

@kolaente commented on GitHub (Jan 28, 2026):

Can you check:

• Are you using a non-standard (not 1000) user to run Vikunja?
• That user is set in the docker compose config?
• That user owns the folder for files on the host?

<!-- gh-comment-id:3809921128 --> @kolaente commented on GitHub (Jan 28, 2026): Can you check: - Are you using a non-standard (not 1000) user to run Vikunja? - That user is set in the docker compose config? - That user owns the folder for files on the host?

GiteaMirror commented 2026-04-20 17:10:31 -05:00

Author

Owner

Copy Link

@BloosT1337 commented on GitHub (Jan 28, 2026):

I added the user: "0:0" to the compose file. It Worked. Thank you very much !

<!-- gh-comment-id:3809992958 --> @BloosT1337 commented on GitHub (Jan 28, 2026): I added the user: "0:0" to the compose file. It Worked. Thank you very much !

GiteaMirror commented 2026-04-20 17:10:31 -05:00

Author

Owner

Copy Link

@liquidat commented on GitHub (Jan 28, 2026):

@kolaente

Can you check:

* Are you using a non-standard (not 1000) user to run Vikunja?

Yes, as indicated above, this is a rootless docker environment.

* That user is set in the docker compose config?

I launched the container not with docker compose in this example, but directly. But even then, or with Docker Compose, the problem persists:

$ id
uid=1001(testuser) gid=1001(testuser) groups=1001(testuser),100(users)

$ docker run -it --rm -p 3456:3456 -u 1001:1001 -v ./test-file:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" -e "VIKUNJA_DATABASE_HOST=localhost" -e "VIKUNJA_DATABASE_PASSWORD=Something-Something-Something" -e "VIKUNJA_DATABASE_TYPE=postgres" -e "VIKUNJA_DATABASE_USER=vikunja" -e "VIKUNJA_DATABASE_DATABASE=vikunja" vikunja/vikunja:unstable doctor

[...]

Files (local)
  ✗ Initialization: storage validation failed: failed to create test file at /app/vikunja/files/.vikunja-check-1769599097183479015: open /app/vikunja/files/.vikunja-check-1769599097183479015: permission denied

3 check(s) failed

* That user owns the folder for files on the host?

I tested with both named volume and a directory in the home dir of the user, it does not work.

$ ls -lan  vikunja-files/
total 8
drwxrwxr-x 2 1001 1001 4096 Jan 28 12:19 .
drwxr-x--- 7 1001 1001 4096 Jan 28 12:19 ..

$ docker run -it --rm -p 3456:3456 -u 1001:1001 -v vikunja-files:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" -e "VIKUNJA_DATABASE_HOST=localhost" -e "VIKUNJA_DATABASE_PASSWORD=Something-Something-Something" -e "VIKUNJA_DATABASE_TYPE=postgres" -e "VIKUNJA_DATABASE_USER=vikunja" -e "VIKUNJA_DATABASE_DATABASE=vikunja" vikunja/vikunja:unstable doctor

[...]

Files (local)
  ✗ Initialization: storage validation failed: failed to create test file at /app/vikunja/files/.vikunja-check-1769599226826223461: open /app/vikunja/files/.vikunja-check-1769599226826223461: permission denied

3 check(s) failed

What did solve the problem was indeed, as mentioned by @BloosT1337 , to set the user to 0:0:

$ docker run -it --rm -p 3456:3456 -u 0:0 -v /home/testuser/vikunja-files:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" -e "VIKUNJA_DATABASE_HOST=localhost" -e "VIKUNJA_DATABASE_PASSWORD=Something-Something-Something" -e "VIKUNJA_DATABASE_TYPE=postgres" -e "VIKUNJA_DATABASE_USER=vikunja" -e "VIKUNJA_DATABASE_DATABASE=vikunja" vikunja/vikunja:unstable doctor

[...]

Files (local)
  ✓ Path: /app/vikunja/files
  ✓ Writable: yes
  ✓ Disk space: 260.0 GB available

2 check(s) failed

<!-- gh-comment-id:3810728986 --> @liquidat commented on GitHub (Jan 28, 2026): @kolaente > Can you check: > > * Are you using a non-standard (not 1000) user to run Vikunja? Yes, as indicated above, this is a rootless docker environment. > * That user is set in the docker compose config? I launched the container not with docker compose in this example, but directly. But even then, or with Docker Compose, the problem persists: ``` $ id uid=1001(testuser) gid=1001(testuser) groups=1001(testuser),100(users) $ docker run -it --rm -p 3456:3456 -u 1001:1001 -v ./test-file:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" -e "VIKUNJA_DATABASE_HOST=localhost" -e "VIKUNJA_DATABASE_PASSWORD=Something-Something-Something" -e "VIKUNJA_DATABASE_TYPE=postgres" -e "VIKUNJA_DATABASE_USER=vikunja" -e "VIKUNJA_DATABASE_DATABASE=vikunja" vikunja/vikunja:unstable doctor [...] Files (local) ✗ Initialization: storage validation failed: failed to create test file at /app/vikunja/files/.vikunja-check-1769599097183479015: open /app/vikunja/files/.vikunja-check-1769599097183479015: permission denied 3 check(s) failed ``` > * That user owns the folder for files on the host? I tested with both named volume and a directory in the home dir of the user, it does not work. ``` $ ls -lan vikunja-files/ total 8 drwxrwxr-x 2 1001 1001 4096 Jan 28 12:19 . drwxr-x--- 7 1001 1001 4096 Jan 28 12:19 .. $ docker run -it --rm -p 3456:3456 -u 1001:1001 -v vikunja-files:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" -e "VIKUNJA_DATABASE_HOST=localhost" -e "VIKUNJA_DATABASE_PASSWORD=Something-Something-Something" -e "VIKUNJA_DATABASE_TYPE=postgres" -e "VIKUNJA_DATABASE_USER=vikunja" -e "VIKUNJA_DATABASE_DATABASE=vikunja" vikunja/vikunja:unstable doctor [...] Files (local) ✗ Initialization: storage validation failed: failed to create test file at /app/vikunja/files/.vikunja-check-1769599226826223461: open /app/vikunja/files/.vikunja-check-1769599226826223461: permission denied 3 check(s) failed ``` **What did solve the problem** was indeed, as mentioned by @BloosT1337 , to set the user to `0:0`: ``` $ docker run -it --rm -p 3456:3456 -u 0:0 -v /home/testuser/vikunja-files:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" -e "VIKUNJA_DATABASE_HOST=localhost" -e "VIKUNJA_DATABASE_PASSWORD=Something-Something-Something" -e "VIKUNJA_DATABASE_TYPE=postgres" -e "VIKUNJA_DATABASE_USER=vikunja" -e "VIKUNJA_DATABASE_DATABASE=vikunja" vikunja/vikunja:unstable doctor [...] Files (local) ✓ Path: /app/vikunja/files ✓ Writable: yes ✓ Disk space: 260.0 GB available 2 check(s) failed ```

GiteaMirror commented 2026-04-20 17:10:32 -05:00

Author

Owner

Copy Link

@kolaente commented on GitHub (Jan 28, 2026):

I tested with both named volume and a directory in the home dir of the user, it does not work.

The command $ docker run -it --rm -p 3456:3456 -u 1001:1001 -v vikunja-files:/app/vikunja/files ... creates a named volume vikunja-files, it's not using the folder you created earlier. Vikunja can't change the ownership on these volumes, you need to use the bind mount, create the folder first and chown it.

This worked for me:

$ mkdir /tmp/vikunja-files-test
$ sudo chown 1001:1001 /tmp/vikunja-files-test -R
$ docker run -it --rm -u 1001:1001 -v /tmp/vikunja-files-test:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" vikunja/vikunja:1.0.0 doctor

Unable to find image 'vikunja/vikunja:1.0.0' locally
1.0.0: Pulling from vikunja/vikunja
7240c81e815e: Pull complete
d4f41f27d85d: Pull complete
6b833b237fc4: Pull complete
Digest: sha256:096e8d4067483b770f3899e20655d6235b0b4c6c9c6ec5ef39bae5b270e1a92a
Status: Downloaded newer image for vikunja/vikunja:1.0.0
2026/01/28 22:09:05 failed to create modcache index dir: mkdir /.cache: permission denied
time=2026-01-28T22:09:05.229Z level=INFO msg="No config file found, using default or config from environment variables."
time=2026-01-28T22:09:05.230Z level=INFO msg="Using SQLite database at: /db/vikunja.db"
Vikunja Doctor
==============

System
  ✓ Version: v1.0.0
  ✓ Go: go1.25.6
  ✓ OS: linux/amd64
  ✓ User: unknown (uid=1001)
  ✓ Working directory: /app/vikunja

Configuration
  ✓ Config file: none (using defaults/environment)
  ✓ Public URL: https://vikunja.something.com/
  ✓ JWT secret: configured (auto-generated)
  ✓ CORS origins: http://127.0.0.1:*
      http://localhost:*
      https://vikunja.something.com

Database (sqlite)
  ✗ Connection: could not open database file [uid=1001, gid=1001]: open /db/vikunja.db: no such file or directory

Files (local)
  ✓ Path: /app/vikunja/files
  ✓ Writable: yes
  ✓ Disk space: 47.6 GB available

1 check(s) failed

<!-- gh-comment-id:3814187256 --> @kolaente commented on GitHub (Jan 28, 2026): > I tested with both named volume and a directory in the home dir of the user, it does not work. The command `$ docker run -it --rm -p 3456:3456 -u 1001:1001 -v vikunja-files:/app/vikunja/files ...` creates a named volume `vikunja-files`, it's not using the folder you created earlier. Vikunja can't change the ownership on these volumes, you need to use the bind mount, create the folder first and chown it. This worked for me: ``` $ mkdir /tmp/vikunja-files-test $ sudo chown 1001:1001 /tmp/vikunja-files-test -R $ docker run -it --rm -u 1001:1001 -v /tmp/vikunja-files-test:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" vikunja/vikunja:1.0.0 doctor Unable to find image 'vikunja/vikunja:1.0.0' locally 1.0.0: Pulling from vikunja/vikunja 7240c81e815e: Pull complete d4f41f27d85d: Pull complete 6b833b237fc4: Pull complete Digest: sha256:096e8d4067483b770f3899e20655d6235b0b4c6c9c6ec5ef39bae5b270e1a92a Status: Downloaded newer image for vikunja/vikunja:1.0.0 2026/01/28 22:09:05 failed to create modcache index dir: mkdir /.cache: permission denied time=2026-01-28T22:09:05.229Z level=INFO msg="No config file found, using default or config from environment variables." time=2026-01-28T22:09:05.230Z level=INFO msg="Using SQLite database at: /db/vikunja.db" Vikunja Doctor ============== System ✓ Version: v1.0.0 ✓ Go: go1.25.6 ✓ OS: linux/amd64 ✓ User: unknown (uid=1001) ✓ Working directory: /app/vikunja Configuration ✓ Config file: none (using defaults/environment) ✓ Public URL: https://vikunja.something.com/ ✓ JWT secret: configured (auto-generated) ✓ CORS origins: http://127.0.0.1:* http://localhost:* https://vikunja.something.com Database (sqlite) ✗ Connection: could not open database file [uid=1001, gid=1001]: open /db/vikunja.db: no such file or directory Files (local) ✓ Path: /app/vikunja/files ✓ Writable: yes ✓ Disk space: 47.6 GB available 1 check(s) failed

GiteaMirror commented 2026-04-20 17:10:33 -05:00

Author

Owner

Copy Link

@liquidat commented on GitHub (Jan 29, 2026):

The command $ docker run -it --rm -p 3456:3456 -u 1001:1001 -v vikunja-files:/app/vikunja/files ... creates a named volume vikunja-files, it's not using the folder you created earlier. Vikunja can't change the ownership on these volumes, you need to use the bind mount, create the folder first and chown it.

Indeed. But as mentioned right above that command, I tested it both, with named volumes, or with the folder created earlier. In fails in both cases for me, reproducibly with the steps mentioned at the top of this issue.

Since the very same command that fails for me does work for you: what Linux distribution are you using? And is this docker rootless you are running there?

<!-- gh-comment-id:3820958418 --> @liquidat commented on GitHub (Jan 29, 2026): > The command $ docker run -it --rm -p 3456:3456 -u 1001:1001 -v vikunja-files:/app/vikunja/files ... creates a named volume vikunja-files, it's not using the folder you created earlier. Vikunja can't change the ownership on these volumes, you need to use the bind mount, create the folder first and chown it. Indeed. But as mentioned right above that command, I tested it both, with named volumes, or with the folder created earlier. In fails in both cases for me, reproducibly with the steps mentioned at the top of this issue. Since the very same command that fails for me does work for you: what Linux distribution are you using? And is this docker rootless you are running there?

GiteaMirror commented 2026-04-20 17:10:34 -05:00

Author

Owner

Copy Link

@kolaente commented on GitHub (Jan 30, 2026):

I'm on NixOS, but I haven't changed anything about the docker host config. I guess that means it's not rootless?

<!-- gh-comment-id:3822561456 --> @kolaente commented on GitHub (Jan 30, 2026): I'm on NixOS, but I haven't changed anything about the docker host config. I guess that means it's not rootless?

GiteaMirror commented 2026-04-20 17:10:35 -05:00

Author

Owner

Copy Link

@kolaente commented on GitHub (Jan 30, 2026):

I've just merged https://github.com/go-vikunja/vikunja/pull/2179 which adds more diagnostics around this to the doctor command. Can you check with the next unstable build (should be ready in ~30min) what the output is?

<!-- gh-comment-id:3823047015 --> @kolaente commented on GitHub (Jan 30, 2026): I've just merged https://github.com/go-vikunja/vikunja/pull/2179 which adds more diagnostics around this to the `doctor` command. Can you check with the next unstable build (should be ready in ~30min) what the output is?

GiteaMirror commented 2026-04-20 17:10:35 -05:00

Author

Owner

Copy Link

@kolaente commented on GitHub (Jan 30, 2026):

Did some more digging and it seems to be docker remapping user ids using userns-remap - basically running rootless docker means the process in the container assumes the id that you pass with the -u flag which on the kernel level, it's something entirely different. Because the file permissions are checked on the kernel level, that makes it fail with -u 1000 and work with -u 0:0. I'll check how we can detect and document this better.

See https://github.com/mamba-org/micromamba-docker/issues/407#issuecomment-2088523507

<!-- gh-comment-id:3823196765 --> @kolaente commented on GitHub (Jan 30, 2026): Did some more digging and it seems to be docker remapping user ids using userns-remap - basically running rootless docker means the process in the container assumes the id that you pass with the `-u` flag which on the kernel level, it's something entirely different. Because the file permissions are checked on the kernel level, that makes it fail with `-u 1000` and work with `-u 0:0`. I'll check how we can detect and document this better. See https://github.com/mamba-org/micromamba-docker/issues/407#issuecomment-2088523507

GiteaMirror commented 2026-04-20 17:10:36 -05:00

Author

Owner

Copy Link

@liquidat commented on GitHub (Jan 30, 2026):

@kolaente Wow, thanks for digging that much into it, I really appreciate it!
Let me know if I can be of any help.

For the record, I executed the doctor command with the latest unstable:

$ sudo adduser testuser
[...]
$ /bin/dockerd-rootless-setuptool.sh install
[...]
$ mkdir /tmp/vikunja-files-test
$ sudo chown -R 1001:1001 /tmp/vikunja-files-test
$ sudo machinectl shell testuser@
[...]
$ docker run -it --rm -u 1001:1001 -v /tmp/vikunja-files-test:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" vikunja/vikunja:unstable doctor
Unable to find image 'vikunja/vikunja:unstable' locally
unstable: Pulling from vikunja/vikunja
28ee7120016d: Pull complete 
f270650de9d9: Pull complete 
762fa3b57e9d: Pull complete 
2b0135788817: Download complete 
Digest: sha256:e3225b8b89516af6ab6ec5b0777a692530f8364b6dfe9e0f86256539cf1ee9ab
Status: Downloaded newer image for vikunja/vikunja:unstable
2026/01/30 16:19:12 failed to create modcache index dir: mkdir /.cache: permission denied
time=2026-01-30T16:19:12.561Z level=INFO msg="No config file found, using default or config from environment variables."
time=2026-01-30T16:19:12.561Z level=INFO msg="Using SQLite database at: /db/vikunja.db"
Vikunja Doctor
==============

System
  ✓ Version: v1.0.0-5-cf029cef
  ✓ Go: go1.25.6
  ✓ OS: linux/amd64
  ✓ User: unknown (uid=1001)
  ✓ Working directory: /app/vikunja

Configuration
  ✓ Config file: none (using defaults/environment)
  ✓ Public URL: https://vikunja.something.com/
  ✓ JWT secret: configured (auto-generated)
  ✓ CORS origins: http://127.0.0.1:*
      http://localhost:*
      https://vikunja.something.com

Database (sqlite)
  ✗ Connection: could not open database file [uid=1001, gid=1001]: open /db/vikunja.db: no such file or directory

Files (local)
  ✗ Initialization: storage validation failed: failed to create test file at /app/vikunja/files/.vikunja-check-1769789952561906056: open /app/vikunja/files/.vikunja-check-1769789952561906056: permission denied

2 check(s) failed

<!-- gh-comment-id:3824558830 --> @liquidat commented on GitHub (Jan 30, 2026): @kolaente Wow, thanks for digging that much into it, I really appreciate it! Let me know if I can be of any help. For the record, I executed the doctor command with the latest unstable: ``` $ sudo adduser testuser [...] $ /bin/dockerd-rootless-setuptool.sh install [...] $ mkdir /tmp/vikunja-files-test $ sudo chown -R 1001:1001 /tmp/vikunja-files-test $ sudo machinectl shell testuser@ [...] $ docker run -it --rm -u 1001:1001 -v /tmp/vikunja-files-test:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" vikunja/vikunja:unstable doctor Unable to find image 'vikunja/vikunja:unstable' locally unstable: Pulling from vikunja/vikunja 28ee7120016d: Pull complete f270650de9d9: Pull complete 762fa3b57e9d: Pull complete 2b0135788817: Download complete Digest: sha256:e3225b8b89516af6ab6ec5b0777a692530f8364b6dfe9e0f86256539cf1ee9ab Status: Downloaded newer image for vikunja/vikunja:unstable 2026/01/30 16:19:12 failed to create modcache index dir: mkdir /.cache: permission denied time=2026-01-30T16:19:12.561Z level=INFO msg="No config file found, using default or config from environment variables." time=2026-01-30T16:19:12.561Z level=INFO msg="Using SQLite database at: /db/vikunja.db" Vikunja Doctor ============== System ✓ Version: v1.0.0-5-cf029cef ✓ Go: go1.25.6 ✓ OS: linux/amd64 ✓ User: unknown (uid=1001) ✓ Working directory: /app/vikunja Configuration ✓ Config file: none (using defaults/environment) ✓ Public URL: https://vikunja.something.com/ ✓ JWT secret: configured (auto-generated) ✓ CORS origins: http://127.0.0.1:* http://localhost:* https://vikunja.something.com Database (sqlite) ✗ Connection: could not open database file [uid=1001, gid=1001]: open /db/vikunja.db: no such file or directory Files (local) ✗ Initialization: storage validation failed: failed to create test file at /app/vikunja/files/.vikunja-check-1769789952561906056: open /app/vikunja/files/.vikunja-check-1769789952561906056: permission denied 2 check(s) failed ```

GiteaMirror commented 2026-04-20 17:10:37 -05:00

Author

Owner

Copy Link

@kolaente commented on GitHub (Jan 30, 2026):

Here's a PR that adds more logic to the doctor command to detect if the docker container runs with namespace remapping: https://github.com/go-vikunja/vikunja/pull/2180 and docs https://github.com/go-vikunja/website/pull/289

I'll ping here once that's merged so that you can check it.

<!-- gh-comment-id:3825198590 --> @kolaente commented on GitHub (Jan 30, 2026): Here's a PR that adds more logic to the doctor command to detect if the docker container runs with namespace remapping: https://github.com/go-vikunja/vikunja/pull/2180 and docs https://github.com/go-vikunja/website/pull/289 I'll ping here once that's merged so that you can check it.

GiteaMirror commented 2026-04-20 17:10:37 -05:00

Author

Owner

Copy Link

@kolaente commented on GitHub (Feb 1, 2026):

Merged the PR, please pull the new unstable build when the CI is done, ~30min. Some docs are here: https://vikunja.io/docs/full-docker-example/#rootless-docker

<!-- gh-comment-id:3830881795 --> @kolaente commented on GitHub (Feb 1, 2026): Merged the PR, please pull the new unstable build when the CI is done, ~30min. Some docs are here: https://vikunja.io/docs/full-docker-example/#rootless-docker

GiteaMirror commented 2026-04-20 17:10:38 -05:00

Author

Owner

Copy Link

@liquidat commented on GitHub (Feb 1, 2026):

Here you go.
The UID and tmp file ownership:

$ id
uid=1001(testuser) gid=1001(testuser) groups=1001(testuser),100(users)
$ ls -lan /tmp/vikunja-files-test
total 16
drwxrwxr-x  2 1001 1001  4096 Feb  1 22:33 .
drwxrwxrwt 22    0    0 12288 Feb  1 22:34 ..

The first run with no given user flag:

$ docker run -it --rm -v /tmp/vikunja-files-test:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" vikunja/vikunja:unstable doctor
2026/02/01 21:33:34 failed to create modcache index dir: mkdir /.cache: permission denied
time=2026-02-01T21:33:34.446Z level=INFO msg="No config file found, using default or config from environment variables."
time=2026-02-01T21:33:34.447Z level=INFO msg="Using SQLite database at: /db/vikunja.db"
Vikunja Doctor
==============

System
  ✓ Version: v1.0.0-8-acbf751b
  ✓ Go: go1.25.6
  ✓ OS: linux/amd64
  ✓ User: unknown (uid=1000)
  ✓ Working directory: /app/vikunja
  ✓ User namespace: active (0→1001, 1-65536→165536-231071)
      UIDs inside this container are remapped. See directory ownership check for details.

Configuration
  ✓ Config file: none (using defaults/environment)
  ✓ Public URL: https://vikunja.something.com/
  ✓ JWT secret: configured (auto-generated)
  ✓ CORS origins: http://127.0.0.1:*
      http://localhost:*
      https://vikunja.something.com

Database (sqlite)
  ✗ Connection: could not open database file [uid=1000, gid=0]: open /db/vikunja.db: no such file or directory

Files (local)
  ✓ Path: /app/vikunja/files
  ✓ Directory exists: yes
  ✓ Directory permissions: 0775
  ✓ Directory owner: 0:0 (uid=0, gid=0)
  ✗ Ownership match: directory owned by uid 0 but Vikunja runs as uid 1000 (user namespace active, host uid=166535)
  ✓ Writable: yes
  ✓ Disk space: 264.0 GB available
  ✓ Stored files: 0 files, 0 B total

Second test run, this time with -u 1001:1001 :

$ docker run -it --rm -u 1001:1001 -v /tmp/vikunja-files-test:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" vikunja/vikunja:unstable doctor
Unable to find image 'vikunja/vikunja:unstable' locally
unstable: Pulling from vikunja/vikunja
aba9d218a98b: Pull complete 
762fa3b57e9d: Pull complete 
eddbb0f318fe: Pull complete 
eda29e6c33dc: Download complete 
Digest: sha256:7d40eb167c0478f7f6196eeb0e5cac056b417089e923da7a0e37ae2e88099469
Status: Downloaded newer image for vikunja/vikunja:unstable
2026/02/01 21:32:33 failed to create modcache index dir: mkdir /.cache: permission denied
time=2026-02-01T21:32:33.810Z level=INFO msg="No config file found, using default or config from environment variables."
time=2026-02-01T21:32:33.810Z level=INFO msg="Using SQLite database at: /db/vikunja.db"
Vikunja Doctor
==============

System
  ✓ Version: v1.0.0-8-acbf751b
  ✓ Go: go1.25.6
  ✓ OS: linux/amd64
  ✓ User: unknown (uid=1001)
  ✓ Working directory: /app/vikunja
  ✓ User namespace: active (0→1001, 1-65536→165536-231071)
      UIDs inside this container are remapped. See directory ownership check for details.

Configuration
  ✓ Config file: none (using defaults/environment)
  ✓ Public URL: https://vikunja.something.com/
  ✓ JWT secret: configured (auto-generated)
  ✓ CORS origins: http://127.0.0.1:*
      http://localhost:*
      https://vikunja.something.com

Database (sqlite)
  ✗ Connection: could not open database file [uid=1001, gid=1001]: open /db/vikunja.db: no such file or directory

Files (local)
  ✗ Initialization: storage validation failed: failed to create test file at /app/vikunja/files/.vikunja-check-1769981553810876463: open /app/vikunja/files/.vikunja-check-1769981553810876463: permission denied
[process uid=1001 gid=1001, dir owner uid=0 gid=0, user namespace ACTIVE (0→1001, 1-65536→165536-231071), process host uid=166536]
  Hint: A user namespace is active (common in rootless Docker). The process appears as uid 1001 inside the container but maps to uid 166536 on the host. Ensure the host directory is owned by uid 166536, or run the container with --user 0:0.

2 check(s) failed

Last run, successful, with -u 0:0:

$ docker run -it --rm -u 0:0 -v /tmp/vikunja-files-test:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" vikunja/vikunja:unstable doctor
time=2026-02-01T21:33:13.335Z level=INFO msg="No config file found, using default or config from environment variables."
time=2026-02-01T21:33:13.335Z level=INFO msg="Using SQLite database at: /db/vikunja.db"
Vikunja Doctor
==============

System
  ✓ Version: v1.0.0-8-acbf751b
  ✓ Go: go1.25.6
  ✓ OS: linux/amd64
  ✓ User: unknown (uid=0)
  ✓ Working directory: /app/vikunja
  ✓ User namespace: active (0→1001, 1-65536→165536-231071)
      UIDs inside this container are remapped. See directory ownership check for details.

Configuration
  ✓ Config file: none (using defaults/environment)
  ✓ Public URL: https://vikunja.something.com/
  ✓ JWT secret: configured (auto-generated)
  ✓ CORS origins: http://127.0.0.1:*
      http://localhost:*
      https://vikunja.something.com

Database (sqlite)
  ✗ Connection: could not open database file [uid=0, gid=0]: open /db/vikunja.db: no such file or directory

Files (local)
  ✓ Path: /app/vikunja/files
  ✓ Directory exists: yes
  ✓ Directory permissions: 0775
  ✓ Directory owner: 0:0 (uid=0, gid=0)
  ✓ Writable: yes
  ✓ Disk space: 264.0 GB available
  ✓ Stored files: 0 files, 0 B total

1 check(s) failed

I am fine running the container for now with -u 0:0, but hopefully this helps debugging things :)

<!-- gh-comment-id:3832104438 --> @liquidat commented on GitHub (Feb 1, 2026): Here you go. The UID and tmp file ownership: ``` $ id uid=1001(testuser) gid=1001(testuser) groups=1001(testuser),100(users) $ ls -lan /tmp/vikunja-files-test total 16 drwxrwxr-x 2 1001 1001 4096 Feb 1 22:33 . drwxrwxrwt 22 0 0 12288 Feb 1 22:34 .. ``` The first run with no given user flag: ``` $ docker run -it --rm -v /tmp/vikunja-files-test:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" vikunja/vikunja:unstable doctor 2026/02/01 21:33:34 failed to create modcache index dir: mkdir /.cache: permission denied time=2026-02-01T21:33:34.446Z level=INFO msg="No config file found, using default or config from environment variables." time=2026-02-01T21:33:34.447Z level=INFO msg="Using SQLite database at: /db/vikunja.db" Vikunja Doctor ============== System ✓ Version: v1.0.0-8-acbf751b ✓ Go: go1.25.6 ✓ OS: linux/amd64 ✓ User: unknown (uid=1000) ✓ Working directory: /app/vikunja ✓ User namespace: active (0→1001, 1-65536→165536-231071) UIDs inside this container are remapped. See directory ownership check for details. Configuration ✓ Config file: none (using defaults/environment) ✓ Public URL: https://vikunja.something.com/ ✓ JWT secret: configured (auto-generated) ✓ CORS origins: http://127.0.0.1:* http://localhost:* https://vikunja.something.com Database (sqlite) ✗ Connection: could not open database file [uid=1000, gid=0]: open /db/vikunja.db: no such file or directory Files (local) ✓ Path: /app/vikunja/files ✓ Directory exists: yes ✓ Directory permissions: 0775 ✓ Directory owner: 0:0 (uid=0, gid=0) ✗ Ownership match: directory owned by uid 0 but Vikunja runs as uid 1000 (user namespace active, host uid=166535) ✓ Writable: yes ✓ Disk space: 264.0 GB available ✓ Stored files: 0 files, 0 B total ``` Second test run, this time with `-u 1001:1001 `: ``` $ docker run -it --rm -u 1001:1001 -v /tmp/vikunja-files-test:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" vikunja/vikunja:unstable doctor Unable to find image 'vikunja/vikunja:unstable' locally unstable: Pulling from vikunja/vikunja aba9d218a98b: Pull complete 762fa3b57e9d: Pull complete eddbb0f318fe: Pull complete eda29e6c33dc: Download complete Digest: sha256:7d40eb167c0478f7f6196eeb0e5cac056b417089e923da7a0e37ae2e88099469 Status: Downloaded newer image for vikunja/vikunja:unstable 2026/02/01 21:32:33 failed to create modcache index dir: mkdir /.cache: permission denied time=2026-02-01T21:32:33.810Z level=INFO msg="No config file found, using default or config from environment variables." time=2026-02-01T21:32:33.810Z level=INFO msg="Using SQLite database at: /db/vikunja.db" Vikunja Doctor ============== System ✓ Version: v1.0.0-8-acbf751b ✓ Go: go1.25.6 ✓ OS: linux/amd64 ✓ User: unknown (uid=1001) ✓ Working directory: /app/vikunja ✓ User namespace: active (0→1001, 1-65536→165536-231071) UIDs inside this container are remapped. See directory ownership check for details. Configuration ✓ Config file: none (using defaults/environment) ✓ Public URL: https://vikunja.something.com/ ✓ JWT secret: configured (auto-generated) ✓ CORS origins: http://127.0.0.1:* http://localhost:* https://vikunja.something.com Database (sqlite) ✗ Connection: could not open database file [uid=1001, gid=1001]: open /db/vikunja.db: no such file or directory Files (local) ✗ Initialization: storage validation failed: failed to create test file at /app/vikunja/files/.vikunja-check-1769981553810876463: open /app/vikunja/files/.vikunja-check-1769981553810876463: permission denied [process uid=1001 gid=1001, dir owner uid=0 gid=0, user namespace ACTIVE (0→1001, 1-65536→165536-231071), process host uid=166536] Hint: A user namespace is active (common in rootless Docker). The process appears as uid 1001 inside the container but maps to uid 166536 on the host. Ensure the host directory is owned by uid 166536, or run the container with --user 0:0. 2 check(s) failed ``` Last run, successful, with `-u 0:0`: ``` $ docker run -it --rm -u 0:0 -v /tmp/vikunja-files-test:/app/vikunja/files -e "VIKUNJA_SERVICE_PUBLICURL=https://vikunja.something.com" vikunja/vikunja:unstable doctor time=2026-02-01T21:33:13.335Z level=INFO msg="No config file found, using default or config from environment variables." time=2026-02-01T21:33:13.335Z level=INFO msg="Using SQLite database at: /db/vikunja.db" Vikunja Doctor ============== System ✓ Version: v1.0.0-8-acbf751b ✓ Go: go1.25.6 ✓ OS: linux/amd64 ✓ User: unknown (uid=0) ✓ Working directory: /app/vikunja ✓ User namespace: active (0→1001, 1-65536→165536-231071) UIDs inside this container are remapped. See directory ownership check for details. Configuration ✓ Config file: none (using defaults/environment) ✓ Public URL: https://vikunja.something.com/ ✓ JWT secret: configured (auto-generated) ✓ CORS origins: http://127.0.0.1:* http://localhost:* https://vikunja.something.com Database (sqlite) ✗ Connection: could not open database file [uid=0, gid=0]: open /db/vikunja.db: no such file or directory Files (local) ✓ Path: /app/vikunja/files ✓ Directory exists: yes ✓ Directory permissions: 0775 ✓ Directory owner: 0:0 (uid=0, gid=0) ✓ Writable: yes ✓ Disk space: 264.0 GB available ✓ Stored files: 0 files, 0 B total 1 check(s) failed ``` I am fine running the container for now with `-u 0:0`, but hopefully this helps debugging things :)

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

renovate/dev-dependencies

feat-v2-foundation

dependabot/npm_and_yarn/frontend/axios-1.15.2

spike-huma-openapi3

claude/investigate-swagger3-support-nyyUa

feat-list-view-buckets

ci-mysql-8-test

codex/analyze-codebase-for-email-task-feature

feat-project-templates

csv-import-feature

claude/email-reply-comments-wpdcQ

fix-oidc-pkce-support

fix/overview-subtasks-expand

feat/bucket-select-task-detail

feat-soft-delete-projects

claude/review-bot-design-plan-cf5C3

claude/project-scoped-api-tokens-KTqR3

claude/explore-openclaw-integration-KQEzg

claude/project-scoped-api-tokens-yv5KS

fix-duplicate-close-button

feat-list-view-sorting

feat/official-vite-sentry-plugin

feat/highlight-overdue-tasks

feat/add-enter-key-form-submission-handling

feat/TipTap-nits

feat/update-caldavtimetotimestamp-parsing

feat-phosphor-icons

wip-plans

claude/investigate-issue-2173-llKme

fix-description-text-drag

feat-custom-keyboard-shortcuts

pr-1845-ci

codex/fix-drag-and-drop-behavior-inconsistency

copilot/add-clickable-labels-for-filtering

copilot/fix-issue-1786

playwright-migration

fix-kanban-repeating-wip

copilot/fix-1498

feature/replace-axios

codex/upgrade-to-tailwind-4.1.8-using-pnpm

codex/add-cypress-test-for-avatar-types

feature/biome

feature/oxc

codex/update-flexsearch-to-0.8.205

4r6ni9-codex/fix-deprecated-sass-@import-usage

codex/fix-deprecated-sass-@import-usage

codex/add-cypress-test-for-task-list-refresh-fix

codex/fix-quick-add-magic-not-adding-tasks

codex/fix-all-type-errors

codex/fix-mimetype-for-docs.json

feature/caldav-from-scratch

feature/gh-actions-hetzner

fix-ci

feat/new-logger

jyte-better-dev-config

feat/add-team-member-with-enter

fix/button-and-icon-types

fix/notifications-component-name-collision

feature/null-time

renovate/tailwindcss-4.x

feature/unplugin-vue-router

fix/deprecated-import

feature/zod-schema

renovate/golangci-golangci-lint-1.x

fix/tiptap-editor-reactive-destructuring

release/0.24

feat/improve-add-task

fix/saved-filter-search

feat/webp-and-avif-attachment-previews

feature/migrate-back-to-bulma

fix/sass-add-missing-list-import

feature/sticky-demo-bar

fix/gantt-view-switch

feature/typesense-position-join

feature/focus-visible

dependencies/golangci-lint

feature/better-filter-syntax

fix/tiptap-task-list

renovate/github.com-golang-jwt-jwt-v4-5.x

feature/hide-forbidden-related-tasks

renovate/golang-1.x

release/0.20

release/0.17

release/0.16

release/0.15

release/0.14

v2.3.0

v2.2.2

v2.2.1

v2.2.0

v2.1.0

v2.0.0

v1.1.0

v1.0.0

v1.0.0-rc4

v1.0.0-rc3

v1.0.0-rc2

v1.0.0-rc1

v1.0.0-rc0

v0.24.6

v0.24.5

v0.24.4

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.0

v0.22.1

v0.22.0

0.21.0

v0.21.0

v0.20.4

v0.20.5

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.2

v0.19.1

v0.19.0

vue3

v0.18.1

v0.18.0

v0.17.1

v0.17.0

v0.16.1

v0.16.0

v0.15.1

v0.15.0

v0.14.1

v0.14.0

v0.13.1

v0.13

v0.12

v0.11

v0.10

v0.9

v0.8

v0.7

v0.6

v0.5

v0.4

v0.3

v0.2

v0.1

Labels

Clear labels

area/api

area/attachments

area/auth

area/avatars

area/backup-restore

area/caldav

area/calendar-view

area/comments

area/config

area/database

area/desktop

area/docker

area/email

area/favorites

area/filters

area/frontend

area/gantt

area/i18n

area/import-export

area/internal-code

area/kanban

area/labels

area/list-view

area/mobile

area/notifications

area/permissions

area/projects

area/pwa

area/recurring-tasks

area/reminders

area/search

area/shortcuts

area/subtasks

area/sync

area/table-view

area/task-editor

area/task-metadata

area/task-relations

area/teams

area/theming

area/time-tracking

area/typesense

area/views

area/webhooks

bug

changes requested

concern/accessibility

concern/performance

concern/regression

concern/ux

confirmed

db/mysql

dependencies

enhancement

good first issue

help wanted

integration/inbound

integration/outbound

kind/bug

kind/feature

needs reproduction

pull-request

Mirrored from GitHub Pull Request

question

security

support

upstream issue

waiting for reply

wontfix

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/vikunja#6575