fix(docker): exit container when a process crashes; pass all env vars through compose#75
Merged
Merged
Conversation
… through compose Self-hosted install verification revealed two issues and doc gaps: - entrypoint.sh relied on `wait -n pid1 pid2`, but busybox ash waits for ALL listed pids (-n is not honoured). If the API crashed (e.g. missing SERVER_ENCRYPTION_KEY) the container stayed "running" but broken instead of exiting so Docker's restart policy could surface the failure. Replaced with a kill -0 polling loop that exits as soon as either process dies. - docker-compose.yml only whitelisted part of the documented env vars. Branding (APP_DESCRIPTION, APP_PRIMARY_COLOR, APP_LOGO_URL, ...), API_KEY/API_KEY_N, CAP_*, TRUSTED_PROXIES, MAX_TEXT_SIZE, CLEANUP_INTERVAL_MS and DEBUG set in .env were silently ignored. All documented variables are now passed through (empty values are filtered by the API, so the defaults stay safe). Docs: - README: one-click deploy table (Render button, Coolify, Portainer, Synology), clearer PORT semantics, troubleshooting link. - docs/self-hosting.md: new Troubleshooting section (restart loop, .env changes needing --force-recreate, port conflicts, bind-mount permissions, unhealthy container, proxy upload limits), Deploy-to-Render button, note that Render disks require a paid plan. Verified against ghcr.io/largerio/secret:latest with Docker: quick start, docker run one-liner, Portainer-style stack deploy (no .env file), note create/read, persistence across restarts, graceful shutdown, and crash-exit behaviour with the patched entrypoint. https://claude.ai/code/session_01NrzYX4SD2wdrJetorUU48S
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Self-hosted install verification revealed two issues and doc gaps:
entrypoint.sh relied on
wait -n pid1 pid2, but busybox ash waits forALL listed pids (-n is not honoured). If the API crashed (e.g. missing
SERVER_ENCRYPTION_KEY) the container stayed "running" but broken instead
of exiting so Docker's restart policy could surface the failure. Replaced
with a kill -0 polling loop that exits as soon as either process dies.
docker-compose.yml only whitelisted part of the documented env vars.
Branding (APP_DESCRIPTION, APP_PRIMARY_COLOR, APP_LOGO_URL, ...),
API_KEY/API_KEY_N, CAP_*, TRUSTED_PROXIES, MAX_TEXT_SIZE,
CLEANUP_INTERVAL_MS and DEBUG set in .env were silently ignored.
All documented variables are now passed through (empty values are
filtered by the API, so the defaults stay safe).
Docs:
Synology), clearer PORT semantics, troubleshooting link.
changes needing --force-recreate, port conflicts, bind-mount
permissions, unhealthy container, proxy upload limits), Deploy-to-Render
button, note that Render disks require a paid plan.
Verified against ghcr.io/largerio/secret:latest with Docker: quick start,
docker run one-liner, Portainer-style stack deploy (no .env file),
note create/read, persistence across restarts, graceful shutdown, and
crash-exit behaviour with the patched entrypoint.
https://claude.ai/code/session_01NrzYX4SD2wdrJetorUU48S