Docker Self-Hosted Migration failed lookup db no such host, unable to find the IP address for the container \"/vikunja\"

Support
1

Hello! New to Vikunja, and pretty green in self-hosting.

I was following the docker example in Full docker example. However, I want to do 2 things differently:

  1. Reverse proxy configured via Traefik.
  2. Use an already existing pg database (not strictly necessary).

I am however getting errors from vikunja and traefik:

  • INFO :arrow_forward: 001 No config file found, using default or config from environment variables.
  • CRITICAL :arrow_forward: 004 Migration failed: dial tcp: lookup db on 127.0.0.11:53: no such host
  • ERR github.com/traefik/traefik/v3/pkg/provider/docker/config.go:81 > error=“service "vikunja-svc" error: unable to find the IP address for the container "/vikunja": the server is ignored” cont

These are the relevant parts in my Docker Compose:

networks:
  # added for vikunja
  web:
    external: true
  personal_vnet:
    name: personal_vnet
    driver: bridge
    ipam:
      config:
        - subnet: 192.xxx.xxx.xxx/24

services:

  traefik:
    container_name: traefik
    image: traefik:3.1.5
    restart: unless-stopped
    command:
      # CLI variables
      - --entryPoints.http.address=:80
      - --entryPoints.https.address=:443
      - --entryPoints.sftp.address=:22
      - --entryPoints.tcp.address=:1433
      - --entryPoints.traefik.address=:8080
      - --api=true
      - --providers.docker=true
      - --providers.docker.endpoint=unix:///var/run/docker.sock
      - --providers.docker.exposedByDefault=false
      - --providers.docker.network=personal_vnet
      - --api.insecure=true
      - --log=true
      - --log.level=DEBUG # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC
      - --providers.file.directory=/rules # Load dynamic configuration from one or more .toml or .yml files in a directory
      - --providers.file.watch=true # Only works on top level files in the rules folder
      - --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json
      - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare
      - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.resolvers=1.1.1.1:53,1.0.0.1:53
      - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.delayBeforeCheck=90 # To delay DNS check and reduce LE hitrate
      - --accessLog=true
      - --accessLog.filePath=/traefik.log
      - --accessLog.bufferingSize=100 # Configuring a buffer of 100 lines
      - --accessLog.filters.statusCodes=400-499
      - --entrypoints.https.forwardedHeaders.trustedIPs=$CLOUDFLARE_IPS,$LOCAL_IPS
    networks:
      - "personal_vnet"
    security_opt:
      - no-new-privileges:true
    ports:
        #HTTP
      - target: 80
        published: 80
        protocol: tcp
        mode: host
        # HTTPS
      - target: 443
        published: 443
        protocol: tcp
        mode: host
        # admin page
      - target: 8080
        published: 8080
        protocol: tcp
        mode: host
    volumes:
      - $DOCKERDIR/appdata/traefik2/rules:/rules
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - $DOCKERDIR/appdata/traefik2/acme/acme.json:/acme.json
      - $DOCKERDIR/appdata/traefik2/traefik.log:/traefik.log
      - $DOCKERDIR/appdata/shared:/shared
    environment:
      - CF_DNS_API_TOKEN=$CLOUDFLARE_API_TOKEN
    labels:
      - "traefik.enable=true"
      # HTTP-to-HTTPS Redirect
      - "traefik.http.routers.http-catchall.entrypoints=http"
      - "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"
      - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
      # HTTP Routers
      - "traefik.http.routers.traefik-rtr.entrypoints=https"
      - "traefik.http.routers.traefik-rtr.rule=Host(`traefik.$DOMAINNAME`)"
      - "traefik.http.routers.traefik-rtr.tls=true"
      - "traefik.http.routers.traefik-rtr.tls.domains[0].main=$DOMAINNAME"
      - "traefik.http.routers.traefik-rtr.tls.domains[0].sans=*.$DOMAINNAME"
      - "traefik.http.routers.traefik-rtr.service=api@internal"

  vikunja:
    container_name: vikunja
    image: vikunja/vikunja
    environment:
      # changed
      VIKUNJA_SERVICE_PUBLICURL: http://vikunja.$DOMAINNAME
      VIKUNJA_DATABASE_HOST: db
      #VIKUNJA_DATABASE_HOST: pg_db
      VIKUNJA_DATABASE_PASSWORD: changeme
      #VIKUNJA_DATABASE_TYPE: mysql
      VIKUNJA_DATABASE_TYPE: postgres
      VIKUNJA_DATABASE_USER: vikunja
      VIKUNJA_DATABASE_DATABASE: vikunja
      VIKUNJA_SERVICE_JWTSECRET: secret
    volumes: 
      - ./files:/app/vikunja/files
      - ./db:/db
    networks:
      - personal_vnet
      #- web
      #- default
    depends_on:
      db:
      #pg_db:
        condition: service_healthy
    restart: unless-stopped
    labels:
      - "traefik.enable=true"
      #- "traefik.docker.network=web"
      - "traefik.docker.network=personal_vnet"
      # changed host to vikunja.domainname
      - "traefik.http.routers.vikunja.rule=Host(`vikunja.$DOMAINNAME`)"
      - "traefik.http.routers.vikunja.entrypoints=https"
      # added
      - "traefik.http.routers.trilium-rtr.tls=true"
      - "traefik.http.services.vikunja-svc.loadbalancer.server.port=8080"
      # changed from acme
      - "traefik.http.routers.vikunja.tls.certResolver=dns-cloudflare"

  db:
    image: postgres:16
    environment:
      POSTGRES_PASSWORD: changeme
      POSTGRES_USER: vikunja
    volumes:
      - ./db:/var/lib/postgresql/data
    restart: unless-stopped
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -h localhost -U $$POSTGRES_USER"]
      interval: 2s

  pg_db:
    image: postgres
    container_name : pg_db
    restart: always
    shm_size: 128mb
    environment:
      POSTGRES_DB: "my_db"
      POSTGRES_USER: "username"
      POSTGRES_PASSWORD: "changeme"
    healthcheck:
      test: ["CMD-SHELL", "pg_isready", "-d", "db_prod"]
      interval: 30s
      timeout: 60s
      retries: 5
      start_period: 80s
    volumes:
      - "~/postgres-data:/val/lib/postgresql/data"
    ports:
    # "hostport:dockerport"
      - "5431:5432"
    networks:
      - "personal_vnet"

Would anyone have any insights about the issue with my DB?

2

I had same issue. I guess it was because of some networking stuff or MariaDB version.
Here’s my docker-compose.yml for Vikunja and for Caddy (reverse proxy) so you can compare with your setup. Don’t have time to compare myself at the moment.

The problem is most likely not in reverse proxy to vikunja setup, but in how networks are named and referenced OR in DB image.

Vikunja: vikunja_docker_compose.yml · GitHub
Caddy: caddy_vikunja_docker_compose.yml · GitHub

3

I noticed an 2 errors in the VIkunja labels:

-"traefik.http.routers.trilium-rtr.tls=true"
should be
- "traefik.http.routers.vikunja-rtr.tls=true"

and
- "traefik.http.services.vikunja-svc.loadbalancer.server.port=8080"
was already in use so:
- "traefik.http.services.vikunja-svc.loadbalancer.server.port=3305"

Beyond that I noticed the directory in volumes didn’t actually exist:

    volumes: 
      - /home/admin/docker/vikunja/files:/app/vikunja/files

I now see different messages:

pg_db      | 2024-12-30 11:04:53.992 UTC [47] FATAL:  password authentication failed for user "vikunja"
pg_db      | 2024-12-30 11:04:53.992 UTC [47] DETAIL:  Role "vikunja" does not exist.
pg_db      |    Connection matched file "/var/lib/postgresql/data/pg_hba.conf" line 128: "host all all all scram-sha-256"
vikunja    | 2024-12-30T11:04:53Z: CRITICAL     ▶ 004 Migration failed: pq: password authentication failed for user "vikunja"

So it seems I failed to provide a user for Vikunja to use.
As I said: this is quite new to me. But if I understand correctly, the Vikunja container configuration basically declares that:

  • there is a user called “vikunja” VIKUNJA_DATABASE_USER: vikunja
  • there is a database called “vikunja” VIKUNJA_DATABASE_DATABASE: vikunja
  • password for the database must match, of course

I’m assuming that from there Vikunja will create the required tables and insert the required data? I’m not sure how this works.

I’ll take a closer look later when I have some more time.

4

Update:

I added my VNET to the db, which fixed the issue of failed migration.

  vikunja_db:
    image: postgres
    container_name: vikunja_db
    environment:
      POSTGRES_PASSWORD: changeme
      POSTGRES_USER: vikunja
    volumes:
      - ./db:/var/lib/postgresql/data
    restart: unless-stopped
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -h localhost -U $$POSTGRES_USER"]
      interval: 2s
    networks:
      - "personal_vnet"

At least Vikunja now starts up. However, now I’m getting new erors:
502 Bad Gateway error="dial tcp 172.20.0.8:3535: connect: connection refused"

I commented 2 lines:

      #VIKUNJA_SERVICE_PUBLICURL: https://vikunja.$DOMAINNAME
      #- "traefik.docker.network=pjvd_vnet"

and changed the order of these two:

      - "traefik.http.routers.vikunja.entrypoints=https"
      - "traefik.http.routers.vikunja.rule=Host(`vikunja.$DOMAINNAME`)"

In the Vikunja service.

These didn’t do the trick - however I noticed these lines in the Docker CLI:

vikunja     | 2024-12-30T19:31:38Z: INFO        ▶ 06a Ran all migrations successfully.
vikunja     | 2024-12-30T19:31:38Z: INFO        ▶ 06b Mailer is disabled, not sending reminders per mail
vikunja     | 2024-12-30T19:31:38Z: INFO        ▶ 06c Mailer is disabled, not sending overdue per mail
vikunja     | 2024-12-30T19:31:38Z: INFO        ▶ 06d Vikunja version v0.24.6
vikunja     | ⇨ http server started on [::]:3456

Changing
- "traefik.http.services.vikunja-svc.loadbalancer.server.port=8080"
to
- "traefik.http.services.vikunja-svc.loadbalancer.server.port=3456"
fixed the issue. Somewhere this port is defined, maybe as some hardcoded value as it’s the same port number found in Vikunja’s own docker example. At any rate I can now use Vikunja from a self-hosted solution!