Trouble self hosting Penpot

Troubleshooting Self hosted Penpot
1

Howdy! I’m trying to self-host penpot via the docker container, but the backend seems to just be looping:

<snip>
+ exec /opt/jdk/bin/java -Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager -Dlog4j2.configurationFile=log4j2.xml -XX:-OmitStackTraceInFastThrow --enable-preview -jar penpot.jar -m app.main
INFO StatusConsoleListener Registered Log4j as the java.util.logging.LogManager.
[2023-12-06 00:44:32.903] I app.auth.oidc - hint="provider initialized", provider="oidc", method="discover", client-id="<snip>", client-secret="hEbP2***********************************************************", scopes="profile,email,openid", auth-uri="https://auth.incremental.social/oauth/v2/authorize", user-uri="https://auth.incremental.social/oidc/v1/userinfo", token-uri="https://auth.incremental.social/oauth/v2/token", roles-attr=nil, roles=nil, keys="<snip>"
[2023-12-06 00:44:32.940] I app.metrics - action="initialize metrics"
[2023-12-06 00:44:32.973] I app.db - hint="initialize connection pool", name="main", uri="postgresql://penpot-postgres/penpot", read-only=false, with-credentials=true, min-size=0, max-size=60
[2023-12-06 00:44:33.018] I app.migrations - hint="running migrations", module=:app.migrations/migrations
+ exec /opt/jdk/bin/java -Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager -Dlog4j2.configurationFile=log4j2.xml -XX:-OmitStackTraceInFastThrow --enable-preview -jar penpot.jar -m app.main
INFO StatusConsoleListener Registered Log4j as the java.util.logging.LogManager.
[2023-12-06 00:44:50.207] I app.auth.oidc - hint="provider initialized", provider="oidc", method="discover", client-id="<snip>", client-secret="hEbP2***********************************************************", scopes="profile,email,openid", auth-uri="https://auth.incremental.social/oauth/v2/authorize", user-uri="https://auth.incremental.social/oidc/v1/userinfo", token-uri="https://auth.incremental.social/oauth/v2/token", roles-attr=nil, roles=nil, keys="<snip>"
[2023-12-06 00:44:50.209] I app.metrics - action="initialize metrics"
[2023-12-06 00:44:50.231] I app.db - hint="initialize connection pool", name="main", uri="postgresql://penpot-postgres/penpot", read-only=false, with-credentials=true, min-size=0, max-size=60
[2023-12-06 00:44:50.263] I app.migrations - hint="running migrations", module=:app.migrations/migrations
+ exec /opt/jdk/bin/java -Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager -Dlog4j2.configurationFile=log4j2.xml -XX:-OmitStackTraceInFastThrow --enable-preview -jar penpot.jar -m app.main

It’s also really hurting the performance of the server, as each of those java processes aren’t being killed and are consuming a lot of CPU.

2

I’m guessing the issue is just with my configuration, but it’s not clear to me which part. Is there a way to get more verbose logs that clarify why it’s restarting?

For reference, here’s the relevant snippet from my docker-compose:

Summary 
    penpot-frontend:
      image: "penpotapp/frontend:latest"
      container_name: penpot-frontend
      restart: always
      depends_on:
        - penpot-backend
        - penpot-exporter
      labels:
        - traefik.enable=true
        - traefik.http.routers.app.rule=Host(`design.incremental.social`)
        - traefik.http.routers.app.entrypoints=websecure
        - traefik.http.routers.app.tls.certresolver=myresolver
        - traefik.http.services.app.loadbalancer.server.port=80
      environment:
        - PENPOT_FLAGS=disable-registration disable-login-with-password enable-login-with-oidc
    penpot-backend:
      image: "penpotapp/backend:latest"
      container_name: penpot-backend
      restart: always
      depends_on:
        - penpot-postgres
        - penpot-redis
      environment:
        - PENPOT_FLAGS=disable-registration disable-login-with-password enable-login-with-oidc enable-smtp disable-telemetry
        - PENPOT_SECRET_KEY=${PENPOT_SECRET}
        - PENPOT_PUBLIC_URI=<snip>
        - PENPOT_DATABASE_URI=postgresql://penpot-postgres/penpot
        - PENPOT_DATABASE_USERNAME=penpot
        - PENPOT_DATABASE_PASSWORD=penpot
        - PENPOT_REDIS_URI=redis://penpot-redis/0
        - AWS_ACCESS_KEY_ID=${PENPOT_ACCESS_KEY}
        - AWS_SECRET_ACCESS_KEY=${PENPOT_SECRET_KEY}
        - PENPOT_ASSETS_STORAGE_BACKEND=assets-s3
        - PENPOT_STORAGE_ASSETS_S3_ENDPOINT=y0o9.tx21.idrivee2-4.com
        - PENPOT_STORAGE_ASSETS_S3_BUCKET=penpot
        - PENPOT_TELEMETRY_ENABLED=false
        - PENPOT_SMTP_DEFAULT_FROM=noreply@incremental.social
        - PENPOT_SMTP_DEFAULT_REPLY_TO=noreply@incremental.social
        - PENPOT_SMTP_HOST=<snip>
        - PENPOT_SMTP_PORT=587
        - PENPOT_SMTP_USERNAME=noreply@incremental.social
        - PENPOT_SMTP_PASSWORD=${NOREPLY_PASSWD}
        - PENPOT_SMTP_TLS=true
        - PENPOT_SMTP_SSL=false
        - PENPOT_OIDC_CLIENT_ID=${PENPOT_CLIENT_ID}
        - PENPOT_OIDC_BASE_URI=<snip>
        - PENPOT_OIDC_CLIENT_SECRET=${PENPOT_CLIENT_SECRET}
    penpot-exporter:
      image: "penpotapp/exporter:latest"
      container_name: penpot-exporter
      restart: always
      environment:
        - PENPOT_PUBLIC_URI=http://penpot-frontend
        - PENPOT_REDIS_URI=redis://penpot-redis/0
    penpot-postgres:
      image: "postgres:15"
      container_name: penpot-postgres
      restart: always
      stop_signal: SIGINT
      volumes:
        - penpot_data:/var/lib/postgresql/data
      environment:
        - POSTGRES_INITDB_ARGS=--data-checksums
        - POSTGRES_DB=penpot
        - POSTGRES_USER=penpot
        - POSTGRES_PASSWORD=penpot
    penpot-redis:
      image: redis:7
      container_name: penpot-redis
      restart: always

(the snips are just because my trust level doesn’t let me post more than 2 links in a post. I’ve verified the links are correct in the config though)