version: "3.7"
services:
### other services
bitwarden:
image: bitwardenrs/server
restart: always
environment:
ROCKET_PORT: '8080'
WEBSOCKET_ENABLED: 'true' # Required to use websockets
SIGNUPS_ALLOWED: 'true' # set to false to disable signups
DOMAIN: '<my.domain.tld>'
ADMIN_TOKEN: 'temptoken'
user: "1000:1000"
networks:
lan:
ipv4_address: "10.100.0.4"
networks:
lan:
ipam:
config:
- subnet: '10.100.0.0/24'
driver: 'default'
I spun up a docker container the other day, worked out reverse proxying w/ tls, my backup solution, and now trying to do some basic hardening. The default config works without issue, but the second I try to assign user/group the container seizes with:
[2020-09-18 17:43:59.897][panic][ERROR] thread 'main' panicked at 'Can't connect to DB: BadConnection("Unable to open the database file")': src/main.rs:229
Things I’ve tried:
I originally had a data volume; I tried using chown to change ownership to the 1000:1000 user:group. When that didn’t work I tried with a different user/group 1001:1001. I’ve since started with a scratch contianer and nuking between config changes via:
docker container stop testing_bitwarden_1 && echo 'y' | docker container prune && docker-compose up bitwarden
If I comment out user: "1000:1000"
then the container launches fine.
Minor edit: with and without quotes around 1000:1000
yields that same issue, I’ve added quotes because IIRC yml does some funky interpretation for octal numbers or some such and strings are safe.