Skip to content

Conversation

sbnsec
Copy link

@sbnsec sbnsec commented Jun 18, 2025

Description

Add working docker-compose with data volume

Replace the full source bind-mount (which hid Magma UI assets and caused 'plugins/magma/dist/assets/' startup error) with a named volume mounted to /usr/src/app/data.

CALDERA now starts cleanly via 'docker compose up' and preserves operation data between runs.

Type of change

  • Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

  1. docker compose up --build
user@debian:~$ uname -a
Linux debian 6.1.0-37-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.140-1 (2025-05-22) x86_64 GNU/Linux
user@debian:~$ docker -v
Docker version 28.2.2, build e6534b4
user@debian:~$ lsb_release -a
No LSB modules are available.
Distributor ID:	Debian
Description:	Debian GNU/Linux 12 (bookworm)
Release:	12
Codename:	bookworm

✅ CALDERA starts, UI accessible at http://localhost:8888.

  1. Verified an operation run; data survives docker compose down/up.

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • No changes needed to the documentation
  • No further testing needed as this is a bug fix

- ./:/usr/src/app
command: --log DEBUG
# keeps operation data & uploaded files between runs
- caldera-data:/usr/src/app/data
Copy link
Contributor

@uruwhy uruwhy Aug 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a reason why we're only storing the data directory for Caldera and not all files like before? When testing this locally, I had an issue because my conf/local.yml file was not persisting between docker compose runs, causing issues with loading existing data.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If I change the line to - caldera-data:/usr/src/app, I no longer get the decryption issue due to config file changes

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Basically what was happening is that unless you use the --insecure flag on Caldera startup, Caldera will look for the conf/local.yml config file and generate a new one if one doesn't exist. Since the config file contains the encryption settings for securing Caldera user data, restarting Caldera with a different config file will typically cause decryption issues since the encryption settings will be mismatched. So unless the config files are also included in the persistent volumes, users won't be able to recover previous data even though the data files technically still exist (just encrypted)

@sonarqubecloud
Copy link

sonarqubecloud bot commented Oct 6, 2025

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants