Running containers that aren't root if Nectar is in use because of SQLite #40
Description
Honestly i've had to revert the thing which caused this (trying to run as a different user in the docker) because it broke a shit ton of other stuff, but I'm putting it here in case this is relevant.
The issue is that when you run the container with user: "${UID}:${GID}", the nectar library tries to create its SQLite configuration store at /.local/share/nectar because there's no proper HOME environment variable set for that user in the container.
Let me check how the Hive client is being instantiated in your code:
Read , lines 70 to 90
I see the issue - the Hive client is instantiated at class definition time (line 78) without a custom config store. The nectar library defaults to using SQLite storage in ~/.local/share/nectar.
You have two solutions:
Solution 1: Set HOME environment variable in docker-compose (Recommended)
Add a HOME environment variable to your services that use nectar:
hive-monitor:
# ... other config ...
environment:
- HOME=/tmp
# ...This tells nectar to use /tmp/.local/share/nectar which the container user can write to.
Solution 2: Fix the code to use in-memory config store
You can modify the code to avoid SQLite storage entirely by passing config_store=InRamConfigurationStore():
Searched for regex InRamConfigurationStore|config_store (**/*.py), no results
Searched for regex Hive\s*\(, 20 results
The simplest fix is Solution 1 - add the HOME environment variable to your docker-compose.yaml. Update your hive-monitor service like this:
hive-monitor:
depends_on:
- redis-local
image: brianoflondon/v4vapp-backend-v2:develop
user: "${UID}:${GID}"
environment:
- HOME=/tmp
volumes:
# ... rest of configAnd similarly for hive-vsc-monitor (note it doesn't have user: set, but should also have HOME for consistency).
However, I notice hive-vsc-monitor doesn't have user: "${UID}:${GID}" set - that's why it's still running (though with other errors). The hive-monitor with the user setting is failing.
Quick fix for your docker-compose.yaml:
For every service that uses nectar/Hive and has user: "${UID}:${GID}", add:
environment:
- HOME=/tmpThis allows the nectar library to create its SQLite config store at /tmp/.local/share/nectar which is writable.
Alternatively, if you want a more permanent fix in the code itself to avoid SQLite storage entirely, you could modify op_base_counters.py to use an in-memory config store:
from nectar.storage import InRamConfigurationStore
hive_client: Hive = field(default_factory=lambda: Hive(
node=DEFAULT_GOOD_NODES[0],
config_store=InRamConfigurationStore()
))Would you like me to implement the code fix, or will the HOME=/tmp environment variable work for you?