From d0c2302d3917a9a1a6d04016d6fb15e7fc9276ca Mon Sep 17 00:00:00 2001 From: Till JS Date: Mon, 30 Mar 2026 18:29:44 +0200 Subject: [PATCH] fix(docker): fix multiline entrypoint YAML bug + searxng entrypoint path YAML '>' block scalar preserves newlines for over-indented lines, causing 'exec binary' to run without its arguments. Fix: use JSON array format for all entrypoints to avoid YAML folding entirely. Also fixes SearXNG entrypoint path: image updated from dockerfiles/docker-entrypoint.sh to entrypoint.sh. Affected: victoriametrics, loki, vmalert, alertmanager, searxng, synapse Co-Authored-By: Claude Opus 4.6 --- docker-compose.macmini.yml | 48 +++++--------------------------------- 1 file changed, 6 insertions(+), 42 deletions(-) diff --git a/docker-compose.macmini.yml b/docker-compose.macmini.yml index 1d19115cc..52301b5a7 100644 --- a/docker-compose.macmini.yml +++ b/docker-compose.macmini.yml @@ -463,10 +463,7 @@ services: mem_limit: 256m volumes: - ./services/mana-search/searxng:/mnt/searxng-config:ro - entrypoint: > - sh -c "cp /mnt/searxng-config/settings.yml /etc/searxng/settings.yml && - cp /mnt/searxng-config/limiter.toml /etc/searxng/limiter.toml 2>/dev/null; - exec /usr/local/searxng/dockerfiles/docker-entrypoint.sh" + entrypoint: ["sh", "-c", "cp /mnt/searxng-config/settings.yml /etc/searxng/settings.yml && cp /mnt/searxng-config/limiter.toml /etc/searxng/limiter.toml 2>/dev/null; exec /usr/local/searxng/entrypoint.sh"] environment: SEARXNG_BASE_URL: http://searxng:8080 SEARXNG_SECRET: ${SEARXNG_SECRET:-change-me-searxng-secret} @@ -696,11 +693,7 @@ services: depends_on: postgres: condition: service_healthy - entrypoint: > - sh -c "mkdir -p /config && - cp /mnt/synapse-config/*.yaml /config/ 2>/dev/null; - cp -r /mnt/synapse-config/appservices /config/ 2>/dev/null; - exec python -m synapse.app.homeserver -c /config/homeserver.yaml" + entrypoint: ["sh", "-c", "mkdir -p /config && cp /mnt/synapse-config/*.yaml /config/ 2>/dev/null; cp -r /mnt/synapse-config/appservices /config/ 2>/dev/null; exec python -m synapse.app.homeserver -c /config/homeserver.yaml"] environment: TZ: Europe/Berlin SYNAPSE_DB_PASSWORD: ${SYNAPSE_DB_PASSWORD:-synapse-secure-password} @@ -1591,17 +1584,7 @@ services: container_name: mana-mon-victoria restart: always mem_limit: 256m - entrypoint: > - sh -c "mkdir -p /etc/prometheus && - cp /mnt/prometheus-config/*.yml /etc/prometheus/ 2>/dev/null; - exec /victoria-metrics-prod - -storageDataPath=/storage - -retentionPeriod=2y - -httpListenAddr=:9090 - -promscrape.config=/etc/prometheus/prometheus.yml - -promscrape.config.strictParse=false - -selfScrapeInterval=15s - -search.latencyOffset=0s" + entrypoint: ["sh", "-c", "mkdir -p /etc/prometheus && cp /mnt/prometheus-config/*.yml /etc/prometheus/ 2>/dev/null; exec /victoria-metrics-prod -storageDataPath=/storage -retentionPeriod=2y -httpListenAddr=:9090 -promscrape.config=/etc/prometheus/prometheus.yml -promscrape.config.strictParse=false -selfScrapeInterval=15s -search.latencyOffset=0s"] volumes: - ./docker/prometheus:/mnt/prometheus-config:ro - victoriametrics_data:/storage @@ -1619,10 +1602,7 @@ services: container_name: mana-mon-loki restart: always mem_limit: 192m - entrypoint: > - sh -c "mkdir -p /etc/loki && - cp /mnt/loki-config/*.yaml /etc/loki/ 2>/dev/null; - exec /usr/bin/loki -config.file=/etc/loki/local-config.yaml" + entrypoint: ["sh", "-c", "mkdir -p /etc/loki && cp /mnt/loki-config/*.yaml /etc/loki/ 2>/dev/null; exec /usr/bin/loki -config.file=/etc/loki/local-config.yaml"] volumes: - ./docker/loki:/mnt/loki-config:ro - loki_data:/loki @@ -1756,17 +1736,7 @@ services: condition: service_healthy alertmanager: condition: service_healthy - entrypoint: > - sh -c "mkdir -p /etc/alerts && - cp /mnt/alerts-config/*.yml /etc/alerts/ 2>/dev/null; - exec /vmalert-prod - -datasource.url=http://victoriametrics:9090 - -notifier.url=http://alertmanager:9093 - -remoteWrite.url=http://victoriametrics:9090 - -remoteRead.url=http://victoriametrics:9090 - -rule='/etc/alerts/*.yml' - -evaluationInterval=30s - -httpListenAddr=:8880" + entrypoint: ["sh", "-c", "mkdir -p /etc/alerts && cp /mnt/alerts-config/*.yml /etc/alerts/ 2>/dev/null; exec /vmalert-prod -datasource.url=http://victoriametrics:9090 -notifier.url=http://alertmanager:9093 -remoteWrite.url=http://victoriametrics:9090 -remoteRead.url=http://victoriametrics:9090 -rule='/etc/alerts/*.yml' -evaluationInterval=30s -httpListenAddr=:8880"] volumes: - ./docker/prometheus:/mnt/alerts-config:ro ports: @@ -1786,13 +1756,7 @@ services: depends_on: alert-notifier: condition: service_healthy - entrypoint: > - sh -c "mkdir -p /tmp/am-config && - cp /mnt/alertmanager-config/*.yml /tmp/am-config/ 2>/dev/null; - exec /bin/alertmanager - --config.file=/tmp/am-config/alertmanager.yml - --storage.path=/alertmanager - --web.listen-address=:9093" + entrypoint: ["sh", "-c", "mkdir -p /tmp/am-config && cp /mnt/alertmanager-config/*.yml /tmp/am-config/ 2>/dev/null; exec /bin/alertmanager --config.file=/tmp/am-config/alertmanager.yml --storage.path=/alertmanager --web.listen-address=:9093"] volumes: - ./docker/alertmanager:/mnt/alertmanager-config:ro - alertmanager_data:/alertmanager