starred/cloudbeaver

Fork 0

mirror of https://github.com/dbeaver/cloudbeaver.git synced 2026-04-25 05:36:14 +03:00

[GH-ISSUE #826] Cant define `CB_ADMIN_NAME` and `CB_ADMIN_PASSWORD` correctly with a predefine `.cloudbeaver.runtime.conf` #207

New issue

Closed

opened 2026-03-07 20:46:11 +03:00 by kerem · 12 comments

kerem commented

2026-03-07 20:46:11 +03:00

Owner

Originally created by @crkcni on GitHub (May 12, 2022).
Original GitHub issue: https://github.com/dbeaver/cloudbeaver/issues/826

Describe the bug

Into a container, with dbeaver/cloudbeaver:prod image, when I try to define CB_ADMIN_NAME and CB_ADMIN_PASSWORD as environment variable, and also mount /opt/cloudbeaver/workspace/.data/.cloudbeaver.runtime.conf as a read-only volume : I can't connect. When I take a look, CB_ADMIN_NAME exist but CB_ADMIN_PASSWORD doesn't seem to be the same because I can't connect with my defined password.
My user/password seems to be defined in database.

To Reproduce
Steps to reproduce the behavior:

Add CB_ADMIN_NAME and CB_ADMIN_PASSWORD as a environment variable
mount .cloudbeaver.runtime.conf file as a volume into your container with the following content (or any content, as long as you define server.database values

{
  "server": {
    "serverName": "CloudBeaver Server",
    "serverURL": "https://yyy.xxx.com",
    "expireSessionAfterPeriod": 1800000,
    "database": {
      "createDatabase": true,
      "password": "0123456789xyz",
      "driver": "postgres-jdbc",
      "pool": {
        "minIdleConnections": 4.0,
        "maxIdleConnections": 10.0,
        "maxConnections": 100.0,
        "validationQuery": "SELECT 1"
      },
      "initialDataConfiguration": "conf/initial-data.conf",
      "user": "xxx@yyy",
      "url": "jdbc:postgresql://yyy.xxx.com:5432/cloudbeaver"
    }
  },
  "app": {
    "anonymousAccessEnabled": true,
    "supportsCustomConnections": false,
    "publicCredentialsSaveEnabled": false,
    "adminCredentialsSaveEnabled": true,
    "enableReverseProxyAuth": false,
    "resourceQuotas": {
      "dataExportFileSizeLimit": 1.0E7,
      "resourceManagerFileSizeLimit": 500000.0,
      "sqlMaxRunningQueries": 100.0,
      "sqlResultSetRowsLimit": 100000.0,
      "sqlResultSetMemoryLimit": 2000000.0,
      "sqlTextPreviewMaxLength": 4096.0,
      "sqlBinaryPreviewMaxLength": 261120.0
    },
    "defaultNavigatorSettings": {},
    "enabledFeatures": [],
    "enabledAuthProviders": [
      "local",
      "reverseProxy"
    ],
    "enabledDrivers": [],
    "disabledDrivers": [
      "sqlite:sqlite_jdbc",
      "h2:h2_embedded",
      "clickhouse:yandex_clickhouse",
      "oracle:oracle_thin",
      "db2:db2",
      "generic:trino_jdbc",
      "jaybird:jaybird",
      "clickhouse:com_clickhouse",
      "generic:derby_server",
      "db2_i:db2_iseries"
    ]
  }
}

try to connect with your admin credentials once this is available

Additional context
Environment : Kubernetes, using image dbeaver/cloudbeaver:prod

Originally created by @crkcni on GitHub (May 12, 2022). Original GitHub issue: https://github.com/dbeaver/cloudbeaver/issues/826 **Describe the bug** Into a container, with `dbeaver/cloudbeaver:prod` image, when I try to define `CB_ADMIN_NAME` and `CB_ADMIN_PASSWORD` as environment variable, and also mount `/opt/cloudbeaver/workspace/.data/.cloudbeaver.runtime.conf` as a read-only volume : I can't connect. When I take a look, `CB_ADMIN_NAME` exist but `CB_ADMIN_PASSWORD` doesn't seem to be the same because I can't connect with my defined password. My user/password seems to be defined in database. **To Reproduce** Steps to reproduce the behavior: 1. Add `CB_ADMIN_NAME` and `CB_ADMIN_PASSWORD` as a environment variable 2. mount `.cloudbeaver.runtime.conf` file as a volume into your container with the following content (or any content, as long as you define `server.database` values ```JSON { "server": { "serverName": "CloudBeaver Server", "serverURL": "https://yyy.xxx.com", "expireSessionAfterPeriod": 1800000, "database": { "createDatabase": true, "password": "0123456789xyz", "driver": "postgres-jdbc", "pool": { "minIdleConnections": 4.0, "maxIdleConnections": 10.0, "maxConnections": 100.0, "validationQuery": "SELECT 1" }, "initialDataConfiguration": "conf/initial-data.conf", "user": "xxx@yyy", "url": "jdbc:postgresql://yyy.xxx.com:5432/cloudbeaver" } }, "app": { "anonymousAccessEnabled": true, "supportsCustomConnections": false, "publicCredentialsSaveEnabled": false, "adminCredentialsSaveEnabled": true, "enableReverseProxyAuth": false, "resourceQuotas": { "dataExportFileSizeLimit": 1.0E7, "resourceManagerFileSizeLimit": 500000.0, "sqlMaxRunningQueries": 100.0, "sqlResultSetRowsLimit": 100000.0, "sqlResultSetMemoryLimit": 2000000.0, "sqlTextPreviewMaxLength": 4096.0, "sqlBinaryPreviewMaxLength": 261120.0 }, "defaultNavigatorSettings": {}, "enabledFeatures": [], "enabledAuthProviders": [ "local", "reverseProxy" ], "enabledDrivers": [], "disabledDrivers": [ "sqlite:sqlite_jdbc", "h2:h2_embedded", "clickhouse:yandex_clickhouse", "oracle:oracle_thin", "db2:db2", "generic:trino_jdbc", "jaybird:jaybird", "clickhouse:com_clickhouse", "generic:derby_server", "db2_i:db2_iseries" ] } } ``` 3. try to connect with your admin credentials once this is available **Additional context** Environment : Kubernetes, using image `dbeaver/cloudbeaver:prod`

kerem

2026-03-07 20:46:11 +03:00

closed this issue
added the
xf:local config
label

kerem commented

2026-03-07 20:46:12 +03:00

Author

Owner

@kseniiaguzeeva commented on GitHub (May 18, 2022):

Could you please try to:

remove "serverName": "CloudBeaver Server" from .cloudbeaver.runtime.conf
set serverName also as environment variable.

Then run your Cloudbeaver instance.

@kseniiaguzeeva commented on GitHub (May 18, 2022): Could you please try to: 1. remove `"serverName": "CloudBeaver Server"` from `.cloudbeaver.runtime.conf` 2. set serverName also as [environment variable](https://github.com/dbeaver/cloudbeaver/wiki/Server-configuration#automatic-server-configuration). Then run your Cloudbeaver instance.

kerem commented

2026-03-07 20:46:12 +03:00

Author

Owner

@riccardomessineo commented on GitHub (May 23, 2022):

I'm struggling with this bug too.
There is currently no way of skipping the initial setup and I've tried everything... documented and undocumented features.

The only success I had was loading the .cloudbeaver.runtime.conf, but... without defining any user, so I can't login...
And if I start to play with "CB_ADMIN_XXX" (env variables in docker, .cloudbeaver.auto.conf) it starts again with the setup phase. Before you ask: yes I drop "serverName" in runtime config...

Please, help us!

@riccardomessineo commented on GitHub (May 23, 2022): I'm struggling with this bug too. There is currently no way of skipping the initial setup and I've tried everything... documented and undocumented features. The only success I had was loading the .cloudbeaver.runtime.conf, but... without defining any user, so I can't login... And if I start to play with "CB_ADMIN_XXX" (env variables in docker, .cloudbeaver.auto.conf) it starts again with the setup phase. Before you ask: yes I drop "serverName" in runtime config... Please, help us!

kerem commented

2026-03-07 20:46:12 +03:00

Author

Owner

@kseniiaguzeeva commented on GitHub (May 23, 2022):

Thank you for the description of the problem. Server name has to be explicitely set in run command (you can skip only Server base URL). Could you try to use following comand to skip the Easy Config of a new CloudBeaver instance:
docker run --name {some_name} --rm -ti -p {some_local_port}:8978 -e CB_SERVER_NAME=test -e CB_ADMIN_NAME=test -e CB_ADMIN_PASSWORD=test -v {way_to_empty_local_storage}:/opt/cloudbeaver/workspace dbeaver/cloudbeaver:22.0.4

@kseniiaguzeeva commented on GitHub (May 23, 2022): Thank you for the description of the problem. Server name has to be explicitely set in run command (you can skip only Server base URL). Could you try to use following comand to skip the Easy Config of a new CloudBeaver instance: `docker run --name {some_name} --rm -ti -p {some_local_port}:8978 -e CB_SERVER_NAME=test -e CB_ADMIN_NAME=test -e CB_ADMIN_PASSWORD=test -v {way_to_empty_local_storage}:/opt/cloudbeaver/workspace dbeaver/cloudbeaver:22.0.4`

kerem commented

2026-03-07 20:46:13 +03:00

Author

Owner

@riccardomessineo commented on GitHub (May 23, 2022):

Hi @kseniiaguzeeva ,
using only the environment variables (as you suggested) it works as expected: it skips the setup phase and it's possible to login with the user declared in the variables.
But... the problem arises when I try to mount a runtime config and setup the admin user via env.
I need to disable some drivers and set "simple view" as default, to give you an exact example of my use case.

Is there a way to define the admin user in the runtime config?
Is there a way to define runtime settings in the env variables?
How can I achieve my goal?

@riccardomessineo commented on GitHub (May 23, 2022): Hi @kseniiaguzeeva , using only the environment variables (as you suggested) it works as expected: it skips the setup phase and it's possible to login with the user declared in the variables. But... the problem arises when I try to mount a runtime config and setup the admin user via env. I need to disable some drivers and set "simple view" as default, to give you an exact example of my use case. Is there a way to define the admin user in the runtime config? Is there a way to define runtime settings in the env variables? How can I achieve my goal?

kerem commented

2026-03-07 20:46:13 +03:00

Author

Owner

@kseniiaguzeeva commented on GitHub (May 25, 2022):

We will investigate a better way to define admin via variable and implement it.
Regarding the second question: you already can set variables in the runtime config. If you've already tried without success, could you please give me a config example?

@kseniiaguzeeva commented on GitHub (May 25, 2022): We will investigate a better way to define admin via variable and implement it. Regarding the second question: you already can set variables in the runtime config. If you've already tried without success, could you please give me a config example?

kerem commented

2026-03-07 20:46:13 +03:00

Author

Owner

@riccardomessineo commented on GitHub (May 25, 2022):

I'm sorry... I didn't understand the question, maybe because I wasn't clear in the first place!

The main problem I have is using both env variables and the runtime config.
So I was wondering if there is there a way to define runtime settings (such as "authProvider", "anonymousAccessEnabled", ...) via env variables such as CB_SERVER_NAME.
I do not think it's possible.

@riccardomessineo commented on GitHub (May 25, 2022): I'm sorry... I didn't understand the question, maybe because I wasn't clear in the first place! The main problem I have is using both env variables and the runtime config. So I was wondering if there is there a way to define runtime settings (such as "authProvider", "anonymousAccessEnabled", ...) via env variables such as CB_SERVER_NAME. I do not think it's possible.

kerem commented

2026-03-07 20:46:13 +03:00

Author

Owner

@kseniiaguzeeva commented on GitHub (May 25, 2022):

We will discuss what can be done.

@kseniiaguzeeva commented on GitHub (May 25, 2022): We will discuss what can be done.

kerem commented

2026-03-07 20:46:13 +03:00

Author

Owner

@Wroud commented on GitHub (Jun 18, 2022):

How i can see, problem is: you want to skip easy-config, but some settings from .cloudbeaver.runtime.conf is overridden and you want to find the way to configure server without easy-config?

@Wroud commented on GitHub (Jun 18, 2022): How i can see, problem is: you want to skip easy-config, but some settings from `.cloudbeaver.runtime.conf` is overridden and you want to find the way to configure server without easy-config?

kerem commented

2026-03-07 20:46:13 +03:00

Author

Owner

@riccardomessineo commented on GitHub (Jun 21, 2022):

@Wroud I would like to skip initial setup and set custom options.

My use case is: I need to disable some drivers and set "simple view" as default AND setup the admin user, skipping the initial config phase

@riccardomessineo commented on GitHub (Jun 21, 2022): @Wroud I would like to skip initial setup and set custom options. My use case is: I need to disable some drivers and set "simple view" as default AND setup the admin user, skipping the initial config phase

kerem commented

2026-03-07 20:46:13 +03:00

Author

Owner

@jonpalle commented on GitHub (Sep 6, 2022):

I have also been struggling with something similar. I want to run Cloudbeaver on Kubernetes (Openshift) with some preconfigured settings such as a database connection. But when I map a configmap into one of the folders under /opt/cloudbeaver/workspace it becomes read-only and Cloudbeaver fails to start up.

Based on the documentation I started out with mapping to /opt/cloudbeaver/workspace/.data/.cloudbeaver.runtime.conf as described in https://cloudbeaver.io/docs/Server-configuration/ also with the result that the server could not start up so I changed to mapping into /opt/cloudbeaver/conf/cloudbeaver.conf and then it worked! Except that Cloudbeaver now seemed to ignore the environment variables such as CB_ADMIN_NAME so I couldn't log in. So then I put the admin username and password(!) in a configmap and mapped that to /opt/cloudbeaver/conf/initial-data.conf and it worked again. Until I added the mapping to /opt/cloudbeaver/workspace/GlobalConfiguration/.dbeaver/data-sources.json.

In the following example I have mounted configmaps as files in /opt/cloudbeaver/conf/cloudbeaver.conf and /opt/cloudbeaver/conf/initial-data.conf to overwrite the default settings. I have also mounted /opt/cloudbeaver/workspace/GlobalConfiguration/.dbeaver/data-sources.json in an attempt to create a predefined connection as described in https://cloudbeaver.io/docs/Configuring-server-datasources/ but alas then the server won't start up:

apiVersion: apps/v1
kind: Deploymentspec:
spec:
    template:
        spec:
            containers:
            - name: cloudbeaver
                image: 'xxx/cloudbeaver:22.1.4'
                ports:
                    -   containerPort: 8978
                        protocol: TCP
                env:
                    -   name: CB_SERVER_NAME
                        value: xxx
                    -   name: CB_SERVER_URL
                        value: xxx
                    -   name: CB_ADMIN_NAME
                        value: xxx
                envFrom:
                    - secretRef:
                        name: cb-admin-password
                volumeMounts:
                    - name: conf
                      mountPath: "/opt/cloudbeaver/conf/cloudbeaver.conf"
                      subPath: "cloudbeaver.conf"
                    - name: initial-data
                      mountPath: "/opt/cloudbeaver/conf/initial-data.conf"
                      subPath: "initial-data.conf"
                    - name: data-sources
                      mountPath: "/opt/cloudbeaver/workspace/GlobalConfiguration/.dbeaver/data-sources.json"
                      subPath: "data-sources.json"
        volumes:
            - name: conf
              configMap:
                  name: cb-config
            - name: initial-data
              configMap:
                  name: cb-initial-data
            - name: data-sources
              configMap:
                  name: cb-data-sources

The server logs include this when it fails to start up:

13:04:16.533 [main] DEBUG o.j.d.registry.EclipseWorkspaceImpl - Refreshing workspace contents
13:04:16.643 [main] ERROR o.j.d.registry.EclipseWorkspaceImpl - Can't create default project
org.eclipse.core.runtime.CoreException: Parent of resource: /opt/cloudbeaver/workspace/GlobalConfiguration/.project is marked as read-only.

Maybe I'm reading the documentation wrong or maybe this was just not meant for k8s where configmap volumes are read-only?

What is the best way to configure predefined settings on k8s? Please also consider that it would be best to have passwords stored as secrets.

UPDATE: The server does actually start up fine when mapping to /opt/cloudbeaver/workspace/GlobalConfiguration/.dbeaver/data-sources.json in spite of the error message.

@jonpalle commented on GitHub (Sep 6, 2022): I have also been struggling with something similar. I want to run Cloudbeaver on Kubernetes (Openshift) with some preconfigured settings such as a database connection. But when I map a configmap into one of the folders under `/opt/cloudbeaver/workspace` it becomes read-only and Cloudbeaver fails to start up. Based on the documentation I started out with mapping to `/opt/cloudbeaver/workspace/.data/.cloudbeaver.runtime.conf` as described in https://cloudbeaver.io/docs/Server-configuration/ also with the result that the server could not start up so I changed to mapping into `/opt/cloudbeaver/conf/cloudbeaver.conf` and then it worked! Except that Cloudbeaver now seemed to ignore the environment variables such as `CB_ADMIN_NAME` so I couldn't log in. So then I put the admin username and password(!) in a configmap and mapped that to `/opt/cloudbeaver/conf/initial-data.conf` and it worked again. Until I added the mapping to `/opt/cloudbeaver/workspace/GlobalConfiguration/.dbeaver/data-sources.json`. In the following example I have mounted configmaps as files in `/opt/cloudbeaver/conf/cloudbeaver.conf` and `/opt/cloudbeaver/conf/initial-data.conf` to overwrite the default settings. I have also mounted `/opt/cloudbeaver/workspace/GlobalConfiguration/.dbeaver/data-sources.json` in an attempt to create a predefined connection as described in https://cloudbeaver.io/docs/Configuring-server-datasources/ but alas then the server won't start up: apiVersion: apps/v1 kind: Deploymentspec: spec: template: spec: containers: - name: cloudbeaver image: 'xxx/cloudbeaver:22.1.4' ports: - containerPort: 8978 protocol: TCP env: - name: CB_SERVER_NAME value: xxx - name: CB_SERVER_URL value: xxx - name: CB_ADMIN_NAME value: xxx envFrom: - secretRef: name: cb-admin-password volumeMounts: - name: conf mountPath: "/opt/cloudbeaver/conf/cloudbeaver.conf" subPath: "cloudbeaver.conf" - name: initial-data mountPath: "/opt/cloudbeaver/conf/initial-data.conf" subPath: "initial-data.conf" - name: data-sources mountPath: "/opt/cloudbeaver/workspace/GlobalConfiguration/.dbeaver/data-sources.json" subPath: "data-sources.json" volumes: - name: conf configMap: name: cb-config - name: initial-data configMap: name: cb-initial-data - name: data-sources configMap: name: cb-data-sources The server logs include this when it fails to start up: 13:04:16.533 [main] DEBUG o.j.d.registry.EclipseWorkspaceImpl - Refreshing workspace contents 13:04:16.643 [main] ERROR o.j.d.registry.EclipseWorkspaceImpl - Can't create default project org.eclipse.core.runtime.CoreException: Parent of resource: /opt/cloudbeaver/workspace/GlobalConfiguration/.project is marked as read-only. Maybe I'm reading the documentation wrong or maybe this was just not meant for k8s where configmap volumes are read-only? What is the best way to configure predefined settings on k8s? Please also consider that it would be best to have passwords stored as secrets. UPDATE: The server does actually start up fine when mapping to `/opt/cloudbeaver/workspace/GlobalConfiguration/.dbeaver/data-sources.json` in spite of the error message.

kerem commented

2026-03-07 20:46:13 +03:00

Author

Owner

@kseniaguzeeva commented on GitHub (Sep 7, 2022):

@riccardomessineo we will make possible to set admin via the configuration file.

@jonpalle Thank you for the report. It looks like another issue. Could you please create a separate ticket? We will give an answer or fix the bug after its investigation.

@kseniaguzeeva commented on GitHub (Sep 7, 2022): @riccardomessineo we will make possible to set admin via the configuration file. @jonpalle Thank you for the report. It looks like another issue. Could you please create a separate ticket? We will give an answer or fix the bug after its investigation.

kerem commented

2026-03-07 20:46:13 +03:00

Author

Owner

@kseniaguzeeva commented on GitHub (Oct 24, 2022):

The request is implemented.
I. Variables can be set in .cloudbeaver.runtime.conf.
II. In order to set a Navigator view, available drivers, anonymous access and admin credentials do following:

Create .cloudbeaver.runtime.conf in .data folder in your workspace and set there

Available drivers
Anonymous access
Navigator view
Do not set the server name in the file

run your Cloudbeaver instance with following parameters:

server name
admin name
admin password
e.g. docker run --name cloudbeaver --rm -ti -p 8978:8978 -e CB_SERVER_NAME=test -e CB_ADMIN_NAME=test -e CB_ADMIN_PASSWORD=test -v C:\var\cloudbeaver\workspace:/opt/cloudbeaver/workspace dbeaver/cloudbeaver:22.2.3

@kseniaguzeeva commented on GitHub (Oct 24, 2022): The request is implemented. I. Variables can be set in `.cloudbeaver.runtime.conf`. II. In order to set a Navigator view, available drivers, anonymous access and admin credentials do following: 1. Create [.cloudbeaver.runtime.conf](https://github.com/dbeaver/cloudbeaver/wiki/Server-configuration) in .data folder in your workspace and set there - Available drivers - Anonymous access - [Navigator view](https://github.com/dbeaver/cloudbeaver/wiki/Server-configuration#navigator-settings) - **Do not set the server name in the file** 2. [run your Cloudbeaver instance with following parameters](https://github.com/dbeaver/cloudbeaver/wiki/Server-configuration#automatic-server-configuration): - server name - admin name - admin password e.g. `docker run --name cloudbeaver --rm -ti -p 8978:8978 -e CB_SERVER_NAME=test -e CB_ADMIN_NAME=test -e CB_ADMIN_PASSWORD=test -v C:\var\cloudbeaver\workspace:/opt/cloudbeaver/workspace dbeaver/cloudbeaver:22.2.3`

kerem referenced this issue

2026-03-07 21:04:27 +03:00

[PR #207] [MERGED] Feat/aws connection edit create #1532