Internal Server Error: with the ADMIN_PASSWORD hash and docker compose

[kelvinauta]

Description

When using docker compose, it seems that "ADMIN_PASSWORD" cannot be used because the "$" character in the ADMIN_PASSWORD hash cannot be properly scoped. Even when the docker compose scope is successfully set, ihatemoney does not seem to recognize this scope correctly.

Problem Reproduction

• Generate a password hash with the command cited in the documentation: docker run -it --rm --entrypoint ihatemoney ihatemoney/ihatemoney generate_password_hash
• It will ask you to create a password (this is the one used on the /admin page); for this example, we will use "password".
• You will get a password similar to this: pbkdf2:sha256:260000$hdbWxovTDO877ElH$e6817cc068d07455c7182a085af7930f572f6d2efa7ca02c49bde8b60cc7af14.
• As we can see, there are two "$" characters.
• Now, create a docker compose similar to this:

version: "3.9"

services:
  ihatemoney:
    image: ihatemoney/ihatemoney:latest
    container_name: ihatemoney
    environment:
      - ACTIVATE_ADMIN_DASHBOARD=True
      - ADMIN_PASSWORD= "pbkdf2:sha256:260000$hdbWxovTDO877ElH$e6817cc068d07455c7182a085af7930f572f6d2efa7ca02c49bde8b60cc7af14"
    volumes:
      - ./database:/database
    ports:
      - "8000:8000"

• For simplicity, we will focus only on changing the ADMIN_PASSWORD env.
• Variable inspection: if we run docker compose up -d && docker exec -it ihatemoney sh and then execute echo $ADMIN_PASSWORD, we will simply get the result: pbkdf2:sha256:260000. That is, we do not get the full hash, and therefore our /admin page always responds that the password is incorrect.
• If we try to use double quotes, single quotes, or escape with "\$", it also does not work.
• This is more of a docker compose issue; however, the part where ihatemoney has the problem is as follows.
• The way to escape this is to put quotes and double "$$" signs; that is, it would look like this: pbkdf2:sha256:260000$hdbWxovTDO877ElH$e6817cc068d07455c7182a085af7930f572f6d2efa7ca02c49bde8b60cc7af14.
• Now, if we inspect the variable again docker compose up -d && docker exec -it ihatemoney sh echo $ADMIN_PASSWORD, we get the correct result.
• However, when we go to our /admin page and enter our password, we do not get a password error message; instead, we get a 500 Internal Server error.

Solution:

The only way I was able to solve it was to use the normal docker run command with single quotes, but I have not managed to make it work with docker compose.

[almet]

Heya.

It seems you can use a double $$ sign, which will be evaluated to a single one.

Because this is not a limitation of ihatemoney, I'm taking the liberty to close the issue here.

Hope you have a fun journey on this :+1: