docker compose always starts install

[crosenbe]

I started the container a first time to configure it and switched to compose later on. Starting the container with "docker run" still works, but not with compose. /data is the same volume, it seems there are no differences.

volumes:
  freeipa-data:

services:
  server:
    image: freeipa/freeipa-server:almalinux-9
    container_name: freeipa
    hostname: ipa.foo.bar
    tty: true
    stdin_open: true
    environment:
      IPA_SERVER_HOSTNAME: ipa.foo.bar
      TZ: "Europe/Paris"
    read_only: true
    sysctls:
      - net.ipv6.conf.all.disable_ipv6=0
      - net.ipv6.conf.lo.disable_ipv6=0
    cgroup: host
    restart: always
    cap_add:
      - SYS_TIME
      - NET_ADMIN
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /sys/fs/cgroup/freeipa.scope:/sys/fs/cgroup
      - freeipa-data:/data:Z
    ports:
      - "53:53/udp"
      - "53:53"
      - "80:80"
      - "10443:443"
      - "389:389"
      - "636:636"
      - "88:88/udp"
      - "88:88"
      - "464:464/udp"
      - "464:464"
      - "123:123/udp"
    security_opt:
      - "seccomp:unconfined"

[adelton]

I will assume that when you say "always starts install", you mean it always starts ipa-server-install.

You might want to use the DEBUG_TRACE environment variable to 1 to see in more detail what the init-data does and whether it finds you volume already populated or not.

The logic in https://github.com/freeipa/freeipa-container/blob/master/init-data#L234-L257

if [ -f "$DATA/build-id" ] ; then
[...]
        if [ -f /etc/ipa/ca.crt ] ; then
                rm -f "$DATA/etc/systemd/system/multi-user.target.wants/ipa-server-configure-first.service"
        fi
fi

looks for build-id and /etc/ipa/ca.crt files to determine if the data volume already has the FreeIPA installation configured.

[crosenbe]

I restarted from scratch and it worked now. I assume the naming of the volumes didn't match and i didn't mention that.

[adelton]

OK, thanks for reporting back.