fix(docker): fix multiline entrypoint YAML bug + searxng entrypoint path

YAML '>' block scalar preserves newlines for over-indented lines, causing 'exec binary' to run without its arguments. Fix: use JSON array format for all entrypoints to avoid YAML folding entirely. Also fixes SearXNG entrypoint path: image updated from dockerfiles/docker-entrypoint.sh to entrypoint.sh. Affected: victoriametrics, loki, vmalert, alertmanager, searxng, synapse Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-14 21:41:09 +02:00 · 2026-03-30 18:29:44 +02:00 · 2026-03-30 18:29:44 +02:00 · d0c2302d39
commit d0c2302d39
parent ff19c7f062
1 changed files with 6 additions and 42 deletions
--- a/docker-compose.macmini.yml
+++ b/docker-compose.macmini.yml
@ -463,10 +463,7 @@ services:
    mem_limit: 256m
    volumes:
      - ./services/mana-search/searxng:/mnt/searxng-config:ro
-    entrypoint: >
-      sh -c "cp /mnt/searxng-config/settings.yml /etc/searxng/settings.yml &&
-             cp /mnt/searxng-config/limiter.toml /etc/searxng/limiter.toml 2>/dev/null;
-             exec /usr/local/searxng/dockerfiles/docker-entrypoint.sh"
+    entrypoint: ["sh", "-c", "cp /mnt/searxng-config/settings.yml /etc/searxng/settings.yml && cp /mnt/searxng-config/limiter.toml /etc/searxng/limiter.toml 2>/dev/null; exec /usr/local/searxng/entrypoint.sh"]
    environment:
      SEARXNG_BASE_URL: http://searxng:8080
      SEARXNG_SECRET: ${SEARXNG_SECRET:-change-me-searxng-secret}
@ -696,11 +693,7 @@ services:
    depends_on:
      postgres:
        condition: service_healthy
-    entrypoint: >
-      sh -c "mkdir -p /config &&
-             cp /mnt/synapse-config/*.yaml /config/ 2>/dev/null;
-             cp -r /mnt/synapse-config/appservices /config/ 2>/dev/null;
-             exec python -m synapse.app.homeserver -c /config/homeserver.yaml"
+    entrypoint: ["sh", "-c", "mkdir -p /config && cp /mnt/synapse-config/*.yaml /config/ 2>/dev/null; cp -r /mnt/synapse-config/appservices /config/ 2>/dev/null; exec python -m synapse.app.homeserver -c /config/homeserver.yaml"]
    environment:
      TZ: Europe/Berlin
      SYNAPSE_DB_PASSWORD: ${SYNAPSE_DB_PASSWORD:-synapse-secure-password}
@ -1591,17 +1584,7 @@ services:
    container_name: mana-mon-victoria
    restart: always
    mem_limit: 256m
-    entrypoint: >
-      sh -c "mkdir -p /etc/prometheus &&
-             cp /mnt/prometheus-config/*.yml /etc/prometheus/ 2>/dev/null;
-             exec /victoria-metrics-prod
-             -storageDataPath=/storage
-             -retentionPeriod=2y
-             -httpListenAddr=:9090
-             -promscrape.config=/etc/prometheus/prometheus.yml
-             -promscrape.config.strictParse=false
-             -selfScrapeInterval=15s
-             -search.latencyOffset=0s"
+    entrypoint: ["sh", "-c", "mkdir -p /etc/prometheus && cp /mnt/prometheus-config/*.yml /etc/prometheus/ 2>/dev/null; exec /victoria-metrics-prod -storageDataPath=/storage -retentionPeriod=2y -httpListenAddr=:9090 -promscrape.config=/etc/prometheus/prometheus.yml -promscrape.config.strictParse=false -selfScrapeInterval=15s -search.latencyOffset=0s"]
    volumes:
      - ./docker/prometheus:/mnt/prometheus-config:ro
      - victoriametrics_data:/storage
@ -1619,10 +1602,7 @@ services:
    container_name: mana-mon-loki
    restart: always
    mem_limit: 192m
-    entrypoint: >
-      sh -c "mkdir -p /etc/loki &&
-             cp /mnt/loki-config/*.yaml /etc/loki/ 2>/dev/null;
-             exec /usr/bin/loki -config.file=/etc/loki/local-config.yaml"
+    entrypoint: ["sh", "-c", "mkdir -p /etc/loki && cp /mnt/loki-config/*.yaml /etc/loki/ 2>/dev/null; exec /usr/bin/loki -config.file=/etc/loki/local-config.yaml"]
    volumes:
      - ./docker/loki:/mnt/loki-config:ro
      - loki_data:/loki
@ -1756,17 +1736,7 @@ services:
        condition: service_healthy
      alertmanager:
        condition: service_healthy
-    entrypoint: >
-      sh -c "mkdir -p /etc/alerts &&
-             cp /mnt/alerts-config/*.yml /etc/alerts/ 2>/dev/null;
-             exec /vmalert-prod
-             -datasource.url=http://victoriametrics:9090
-             -notifier.url=http://alertmanager:9093
-             -remoteWrite.url=http://victoriametrics:9090
-             -remoteRead.url=http://victoriametrics:9090
-             -rule='/etc/alerts/*.yml'
-             -evaluationInterval=30s
-             -httpListenAddr=:8880"
+    entrypoint: ["sh", "-c", "mkdir -p /etc/alerts && cp /mnt/alerts-config/*.yml /etc/alerts/ 2>/dev/null; exec /vmalert-prod -datasource.url=http://victoriametrics:9090 -notifier.url=http://alertmanager:9093 -remoteWrite.url=http://victoriametrics:9090 -remoteRead.url=http://victoriametrics:9090 -rule='/etc/alerts/*.yml' -evaluationInterval=30s -httpListenAddr=:8880"]
    volumes:
      - ./docker/prometheus:/mnt/alerts-config:ro
    ports:
@ -1786,13 +1756,7 @@ services:
    depends_on:
      alert-notifier:
        condition: service_healthy
-    entrypoint: >
-      sh -c "mkdir -p /tmp/am-config &&
-             cp /mnt/alertmanager-config/*.yml /tmp/am-config/ 2>/dev/null;
-             exec /bin/alertmanager
-             --config.file=/tmp/am-config/alertmanager.yml
-             --storage.path=/alertmanager
-             --web.listen-address=:9093"
+    entrypoint: ["sh", "-c", "mkdir -p /tmp/am-config && cp /mnt/alertmanager-config/*.yml /tmp/am-config/ 2>/dev/null; exec /bin/alertmanager --config.file=/tmp/am-config/alertmanager.yml --storage.path=/alertmanager --web.listen-address=:9093"]
    volumes:
      - ./docker/alertmanager:/mnt/alertmanager-config:ro
      - alertmanager_data:/alertmanager