Hi everyone,
I’m trying to setup Vikunja on an AmberPRO via docker (I’m a noob at it, first experience), but I just can’t make it work. Even with the default docker-compose.yml from the wiki (here), I keep getting this:
2025-05-02 8:07:12 151 [Warning] Access denied for user 'vikunja'@'localhost' (using password: YES)
Sometimes alternated by this error:
2025-05-02 8:07:22 156 [Warning] Aborted connection 156 to db: 'unconnected' user: 'unauthenticated' host: '192.168.144.3' (This connection closed normally without authentication)
The frontend keeps restarting and I can’t do anything. I found a similar thread that suggested to switch to postgres or sqlite, but:
- With Postgres, the .yml creates only the database, which runs but I have no frontend.
- With sqlite, everything works.. but after a while the frontend randomly stops, with no errors in the logs for the db or the frontend. I should also add that this seems to happen faster if I use Vikunja.. If I don’t, the frontend seems to run for quite more time without any issue, even though it stops in the end. On the other hand, the db never stops working.
In all three cases I’m using the .yml configuration provided in the official wiki, modified accordingly. Below you can see the last one I’m using. Any ideas?
version: "3"
services:
vikunja:
image: vikunja/vikunja
environment:
VIKUNJA_SERVICE_JWTSECRET: <a super secure random secret>
VIKUNJA_SERVICE_PUBLICURL: http://192.168.68.70
# Note the default path is /app/vikunja/vikunja.db.
# This config variable moves it to a different folder so you can use a volume and
# store the database file outside the container so state is persisted even if the container is destroyed.
VIKUNJA_DATABASE_PATH: /db/vikunja.db
ports:
- 3456:3456
volumes:
- ./files:/app/vikunja/files
- ./db:/db
restart: unless-stopped
db:
image: mariadb:10
command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
environment:
MYSQL_ROOT_PASSWORD: supersecret
MYSQL_USER: vikunja
MYSQL_PASSWORD: changeme
MYSQL_DATABASE: vikunja
volumes:
- ./db:/var/lib/mysql
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "mysqladmin ping -h localhost -u $$MYSQL_USER --password=$$MYSQL_PASSWORD"]
interval: 2s
start_period: 30s
Referencing my config for comparison:
vikunja docker-compose.yml
networks:
vikunja_net:
name: vikunja_net
driver: bridge
typesense_vikunja_net:
external: true
services:
vikunja:
image: vikunja/vikunja:unstable
container_name: vikunja
environment:
VIKUNJA_DATABASE_HOST: vikunja_db
VIKUNJA_DATABASE_PASSWORD: 12345
VIKUNJA_DATABASE_TYPE: mysql
VIKUNJA_DATABASE_USER: myusername_vikunja_user
VIKUNJA_DATABASE_DATABASE: vikunja-test-db-12345
VIKUNJA_SERVICE_JWTSECRET: 58560eeadkposakdopsakdopsakodksaopdkasopdkasopkdblablabla5f73e
VIKUNJA_REDIS_ENABLED: 1
VIKUNJA_REDIS_HOST: 'vikunja_redis:6379'
VIKUNJA_CACHE_ENABLED: 1
VIKUNJA_CACHE_TYPE: redis
VIKUNJA_REDIS_PASSWORD: 12345
VIKUNJA_TYPESENSE_ENABLED: 1
VIKUNJA_TYPESENSE_URL: 'http://typesense:8108'
VIKUNJA_TYPESENSE_APIKEY: '12345'
VIKUNJA_SERVICE_MAXITEMSPERPAGE: 1000
# Email
VIKUNJA_SERVICE_ENABLEEMAILREMINDERS: 1
VIKUNJA_DEFAULTSETTINGS_EMAIL_REMINDERS_ENABLED: 1
VIKUNJA_MAILER_ENABLED: 1
VIKUNJA_MAILER_HOST: smtp.gmail.com
VIKUNJA_MAILER_PORT: 465
VIKUNJA_MAILER_AUTHTYPE: plain
VIKUNJA_MAILER_USERNAME: whatever.gmail.user
VIKUNJA_MAILER_PASSWORD: 1234 5678 9101
VIKUNJA_MAILER_SKIPTLSVERIFY: 0
VIKUNJA_MAILER_FROMEMAIL: whoknows@example.com
VIKUNJA_MAILER_QUEUELENGTH: 100
VIKUNJA_MAILER_QUEUETIMEOUT: 30
VIKUNJA_MAILER_FORCESSL: 1
# Logs
VIKUNJA_LOG_LEVEL: INFO
VIKUNJA_LOG_DATABASE: stdout
VIKUNJA_LOG_DATABASELEVEL: INFO
VIKUNJA_LOG_HTTP: stdout
VIKUNJA_LOG_ECHO: stdout
VIKUNJA_LOG_EVENTS: stdout
VIKUNJA_LOG_EVENTSLEVEL: INFO
VIKUNJA_LOG_MAIL: stdout
VIKUNJA_LOG_MAILLEVEL: INFO
# Default settings
VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_NAME: 1
VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_EMAIL: 0
VIKUNJA_DEFAULTSETTINGS_OVERDUE_TASKS_REMINDERS_ENABLED: 1
VIKUNJA_DEFAULTSETTINGS_OVERDUE_TASKS_REMINDERS_TIME: 11:00
VIKUNJA_DEFAULTSETTINGS_WEEK_START: 1
# DEVELOPMENT!
VIKUNJA_CORS_ENABLE: 1
# ports still need to be exposed so that hass checks them - firewall should block these
ports:
- 3456:3456
- 43456:43456
volumes:
- /home/myusername/Documents/vikunja/files:/app/vikunja/files
depends_on:
- vikunja_db
- vikunja_redis
security_opt:
- no-new-privileges:true
restart: always
pull_policy: always
networks:
- vikunja_net
- typesense_vikunja_net
vikunja_db:
image: mariadb:lts
container_name: vikunja_db
#command: --character-set-server=utf8bmb4 --collation-server=utf8mb4_unicode_ci
environment:
MARIADB_AUTO_UPGRADE: 1
MARIADB_DISABLE_UPGRADE_BACKUP: 0
MYSQL_ROOT_PASSWORD: blabla12345blabla
MYSQL_USER: myusername_vikunja_user
MYSQL_PASSWORD: 12345
MYSQL_DATABASE: vikunja-test-db-12345
volumes:
- /home/myusername/Documents/vikunja/db:/var/lib/mysql
ports:
- 3306:3306
restart: always
pull_policy: always
networks:
- vikunja_net
vikunja_redis:
image: redis:7.4.0-alpine
container_name: vikunja_redis
restart: always
pull_policy: always
security_opt:
- no-new-privileges:true
secrets:
- VIKUNJA_REDIS_PASSWORD
command: /bin/sh -c 'redis-server --requirepass "12345"'
networks:
- vikunja_net
typesense docker-compose.yml
networks:
typesense_vikunja_net:
name: typesense_vikunja_net
services:
typesense:
image: typesense/typesense:27.1
container_name: typesense
restart: always
pull_policy: always
user: "9902:9902"
ports:
- "8108:8108"
volumes:
- /home/myusername/Documents/typesense/data:/data
command: '--data-dir /data --api-key=12345 --enable-cors'
networks:
- typesense_vikunja_net
This setup is tricky in terms of security, I have such to-do in my list:
to-do
Whatever I meant by this when I wrote it - I don’t fully get it know..
We enabled CORS in docker-compose for DEV purposes.
Need to leave enabled, but also limit allowed origins.
See another env var that needs to be added to compose which is VIKUNJA_CORS_ORIGINS
Configuration options
Also in my setup this is exposed via Caddy reverse proxy (did not mention it in attached configs) and all ports exposed here are banned on firewall level.