search

apache / couchdb-docker

Semi-official Apache CouchDB Docker images
https://github.com/apache/couchdb-docker
Apache License 2.0
263 stars 136 forks source link

Issue in starting up CouchDB using Docker compose file #253

Closed raunakkbanerjee closed 1 month ago

raunakkbanerjee commented 9 months ago

I have this docker compose file for starting up a CouchDB instance. This doesn't seem to work though.

version: "3.8"

services:  
  couchdb_dev:
    image: couchdb
    hostname: couchdb_dev
    ports:
      - "5984:5984"
    environment:
      COUCHDB_PASSWORD_FILE: run/secrets/db_password
      COUCHDB_USER: admin

    secrets:      
      - db_password

secrets:
  db_password:
    file: couchdb_password.txt

The error message from logs,

ERROR: CouchDB 3.0+ will no longer run in "Admin Party"
       mode. You *MUST* specify an admin user and
       password, either via your own .ini file mapped
       into the container at /opt/couchdb/etc/local.ini
       or inside /opt/couchdb/etc/local.d, or with
       "-e COUCHDB_USER=admin -e COUCHDB_PASSWORD=password"
       to set it via "docker run".

It suggests that I must have an .ini file with the credentials. So, I tried another way as shown below.

version: "3.8"

services:  
  couchdb_dev:
    image: couchdb
    hostname: couchdb_dev
    ports:
      - "5984:5984"
    secrets:
      - source: couchdb_dev_ini
        target: /opt/couchdb/etc/local.d/local.ini

secrets:
  couchdb_dev_ini:
    file: ./config/local.ini

But I get the same error message. I would greatly appreciate any help. Thank you.

davidgeary commented 8 months ago

IIRC, the username and password are only required for the initial connection/setup, so you could just use:

version: "3.8"

services:  
  couchdb_dev:
    image: couchdb
    hostname: couchdb_dev
    ports:
      - "5984:5984"
    environment:
      COUCHDB_USER: admin
      COUCHDB_PASSWORD: password

Then log in to the server with admin/password and immediately change the admin user's password to something more secure. The new credentials will then be encrypted and stored in the server's config file, overriding the values in the docker-compose file.

raunakkbanerjee commented 8 months ago

Thank you for the suggestion! Is having the environment variable COUCHDB_PASSWORD unavoidable for the initial setup? I was hoping to use docker secrets instead.

davidgeary commented 8 months ago

I'm sure there will be other ways, but that's just the way I've done it so I know it works.

I'm really not sure why you feel you need/want to use docker secrets for this, given that the values are only valid credentials until you login and change them, which I would expect you to do immediately. (You could then remove them from the docker-compose file, if you really wanted to.)

janl commented 1 month ago

there is no other way atm, but you can put the value for those secrets into your .env file so it is not inside your compose file. See also https://github.com/apache/couchdb-docker/issues/256