kopia / kopia

Cross-platform backup tool for Windows, macOS & Linux with fast, incremental backups, client-side end-to-end encryption, compression and data deduplication. CLI and GUI included.
https://kopia.io
Apache License 2.0
7.79k stars 393 forks source link

ERROR unable to create format manager: invalid repository password #2679

Closed eduardomarcos closed 1 year ago

eduardomarcos commented 1 year ago

Hi kopia team.

First, thanks for this tool.

I found out that when I configure a repository in Azure Storage, and I set a password and a different user name other than root or the repository, the first time the docker container is up everything is ok. But, when the container restarts for whatever reason (update, management...), the Kopia container is not running properly and the logs says:

ERROR unable to initialize repository: unable to initialize repository: error opening repository: unable to open repository: unable to create format manager: invalid repository password

And I cannot even access the UI.

If I remove the repository settings from the docker volume and I start the container, it works...I just need to configure again the Azure repository settings with the password, etc and it works and I can see the previous created policies and snapshots. Again, if the container restarts...it breaks again with the same error.

I'm running the 0.12.1 version of Kopia in a Docker container with the following docker-compose:

kopia: image: kopia/kopia:latest container_name: kopia hostname: "kopia" user: "0:0" restart: "unless-stopped" privileged: true command:

Any clue?

Thanks in advance

bstaeheli commented 1 year ago

It seems, that we have the same issue here. We get the same error message after a restart of the container

sziyan commented 1 year ago

I had the same issue and fixed it by adding --password=REPO_Password to docker compose command

bstaeheli commented 1 year ago

Thank you @sziyan

I was confused with the passwords. It is important to setup the repo with the same password like $KOPIA_REPO_PASSWORD This works for me:

  kopia:
    image: kopia/kopia:latest
    container_name: kopia
    hostname: kopia
    restart: unless-stopped
    networks:
      - t2_proxy
    command:
      - server
      - start
      - --insecure
      - --address=0.0.0.0:51515
      - --server-username=root
      - --server-password=$KOPIA_USER_PASSWORD
    volumes:
      - $CONFIGDIR/kopia/config:/app/config
      - $CONFIGDIR/kopia/logs:/app/logs
      - /mnt/cache/tmp/kopia_cache:/app/cache
      - /:/data/hive_root:ro
      - /some/path:/data/backup-target
    environment:
      TZ: $TZ    
      USER: $PUID
      KOPIA_PASSWORD: $KOPIA_REPO_PASSWORD
      KOPIA_PERSIST_CREDENTIALS_ON_CONNECT: "true"
    labels:
      - "com.centurylinklabs.watchtower.enable=true"
      # Traefik
      - "traefik.enable=true"
      ## HTTP Routers
      - "traefik.http.routers.kopia-rtr.entrypoints=https"
      - "traefik.http.routers.kopia-rtr.rule=Host(`kopia.$DOMAINNAME`)"
      ## Middlewares
      - "traefik.http.routers.kopia-rtr.middlewares=chain-authelia@file"
      # - "traefik.http.routers.kopia-rtr.middlewares=chain-no-auth@file"
      ## HTTP Services
      - "traefik.http.routers.kopia-rtr.service=kopia-svc"
      - "traefik.http.services.kopia-svc.loadbalancer.server.port=51515"
      ## Unraid
      - "net.unraid.docker.icon=https://raw.githubusercontent.com/kopia/kopia/master/icons/kopia.svg"
      - "net.unraid.docker.webui=https://kopia.$DOMAINNAME"
eduardomarcos commented 1 year ago

Thank you @sziyan, adding that parameter to the docker-compose works fine. I was not aware about the functionality of KOPIA_PASSWORD (and USER).

louwers commented 1 year ago

This is very confusing!

Maybe the docs can be updated?

Cantello commented 1 year ago

One thing to add might be this case: I provided repo & credentials in the docker-compose.yml but still git the error above. Then I remembered that I tried to connect to a different repo (off-site storage) and that repo was still stored in repository.config that was used on container start. After deleting the config file, everything worked smoothly.

That said, it would be nice to provide for easier switching of repos as I have several and do not know if kopia will really back up to all of them or only the one that is connected.

ManiMatter commented 1 year ago

Update: solved below Solution: The error about the password being wrong is actually misleading. My remote location looks like this, which works: dropbox: Test Folder

I had written the following (putting colons around the folder name), in the UI when I got below error. dropbox: 'Test Folder'

Hope this may help somebody else in the future.


hi all,

I am struggling, too, with setting up Kopia in Docker Compose.

Would you have any pointers what is going on here?

11:20:56.815 generating new TLS certificate 11:20:58.021 adding alternative IP to certificate: 127.0.0.1 11:20:58.032 starting /usr/bin/rclone 11:20:58.825 detected webdav address: https://127.0.0.1:43517/ 11:21:01.265 Creating cache directory '/app/cache' with max size 5242880000 11:21:01.369 generating new TLS certificate 11:21:02.030 adding alternative IP to certificate: 127.0.0.1 11:21:02.042 starting /usr/bin/rclone 11:21:02.825 detected webdav address: https://127.0.0.1:39177/ 11:21:06.675 no writes in this session, no need to wait 11:21:06.675 killing rclone 11:21:06.682 failed to open repository: unable to create format manager: invalid repository password 11:21:06.683 unable to remove cache directory: unlinkat /app/cache: device or resource busy 11:21:06.683 no writes in this session, no need to wait 11:21:06.683 killing rclone

Here's my Docker-compose:

kopia:
   <<: *common-keys-core # See EXTENSION FIELDS at the top
   image: kopia/kopia:latest
   container_name: kopia
   networks:
     t2_proxy:
       ipv4_address: 192.168.89.251 # You can specify a static IP
   environment:
     USER: $PUID
     KOPIA_PASSWORD: $KOPIA_REPO_PASSWORD
     KOPIA_PERSIST_CREDENTIALS_ON_CONNECT: "true"
     <<: *default-tz-puid-pgid
   command:
     - server
     - start
     - --disable-csrf-token-checks
     - --insecure
     - --address=0.0.0.0:51515
     - --without-password 
   volumes:
     - $DOCKERDIR/appdata/kopia/config:/app/config 
     - $DOCKERDIR/appdata/kopia/cache:/app/cache 
     - $DOCKERDIR/logs/kopia:/logs
     - $DOCKERDIR:/data:ro
     - /home/pik/.config/rclone:/app/rclone:ro
   labels:
     - "traefik.enable=true"
     ## HTTP Routers
     - "traefik.http.routers.kopia-rtr.entrypoints=https"
     - "traefik.http.routers.kopia-rtr.rule=Host(`kopia.$DOMAINNAME_CLOUD_SERVER`)"
     - "traefik.http.routers.kopia-rtr.tls=true"
     ## Middlewares
     - "traefik.http.routers.kopia-rtr.middlewares=chain-oauth@file"
     ## HTTP Services
     - "traefik.http.routers.kopia-rtr.service=kopia-svc"
     - "traefik.http.services.kopia-svc.loadbalancer.server.port=51515"