fix: resolve config.yml.tmpl templating #4

Open

jaeger123 wants to merge 2 commits from jaeger123/miniflux:fix/config-templating into main

pull from: jaeger123/miniflux:fix/config-templating

merge into: coop-cloud:main

coop-cloud:main

coop-cloud:renovate/configure

coop-cloud:test_recipe_updates

Conversation 0 Commits 2 Files Changed 3 +10 -31

jaeger123 commented 2026-04-18 12:45:39 +00:00

First-time contributor

Copy Link

What

config.yml.tmpl is now aligned with Miniflux's actual config format (flat KEY=VALUE, real Miniflux keys), all {{ env "..." }} / {{ secret "..." }} directives resolve, and the container actually loads the file via -c.

Changes

• config.yml.tmpl — rewritten from TOML-style (which Miniflux ignores) to flat KEY=VALUE with real Miniflux keys: DATABASE_URL, LISTEN_ADDR, BASE_URL, RUN_MIGRATIONS, CREATE_ADMIN, ADMIN_USERNAME, ADMIN_PASSWORD. Infra constants (LISTEN_ADDR=0.0.0.0:8080, sslmode=disable, db hostname, RUN_MIGRATIONS=1, CREATE_ADMIN=1) hardcoded in the template since they don't vary per deploy.
• .env.sample — only user-tunable values (DOMAIN, DB_NAME, DB_USER, MINIFLUX_ADMIN_USERNAME) + version pins. No more pre-filled defaults for infra constants like DB_HOST=db or PORT=8080.
• compose.yml — add command: ["-c", "/etc/miniflux/config.yml"]; remove 5 env entries that previously shadowed the config (DATABASE_URL, ADMIN_USERNAME, ADMIN_PASSWORD, BASE_URL, RUN_MIGRATIONS). Config file is now authoritative.
• compose.postgres.yml — healthcheck had {{ env 'DB_USER' }} (single quotes, rejected by Go templates). Fixed to escaped double quotes.

Usage

# scaffold + generate secrets
abra app new miniflux --secrets

# edit env file — set at minimum DOMAIN, DB_NAME, DB_USER, MINIFLUX_ADMIN_USERNAME, STACK_NAME
abra app config <app>

# deploy
abra app deploy <app>

How templating resolves: abra reads .env → Docker Swarm's template_driver: golang (see compose.yml configs: block) renders config.yml.tmpl, substituting {{ env "X" }} from the env file and {{ secret "X" }} from Swarm secrets → mounted read-only at /etc/miniflux/config.yml → loaded by Miniflux via the -c flag.

Verify:

docker config inspect <stack>_config_yml_v1 --pretty

Expected output:

DATABASE_URL=postgres://miniflux:<pw>@db/miniflux?sslmode=disable
LISTEN_ADDR=0.0.0.0:8080
BASE_URL=https://rss.example.com
RUN_MIGRATIONS=1
CREATE_ADMIN=1
ADMIN_USERNAME=admin
ADMIN_PASSWORD=<pw>

No leftover {{ ... }} directives.

Version bumps: any change to config.yml.tmpl requires bumping CONFIG_VERSION in .env (Swarm configs are immutable by name). Rotating a secret requires bumping its SECRET_*_VERSION.

Note

secret_key is still declared in compose.yml secrets block but not referenced in the template — Miniflux has no matching config key. Left the mount in place rather than deleting the secret definition; can be cleaned up in a follow-up if confirmed unused.

## What `config.yml.tmpl` is now aligned with Miniflux's actual config format (flat `KEY=VALUE`, real Miniflux keys), all `{{ env "..." }}` / `{{ secret "..." }}` directives resolve, and the container actually loads the file via `-c`. ## Changes - **`config.yml.tmpl`** — rewritten from TOML-style (which Miniflux ignores) to flat `KEY=VALUE` with real Miniflux keys: `DATABASE_URL`, `LISTEN_ADDR`, `BASE_URL`, `RUN_MIGRATIONS`, `CREATE_ADMIN`, `ADMIN_USERNAME`, `ADMIN_PASSWORD`. Infra constants (`LISTEN_ADDR=0.0.0.0:8080`, `sslmode=disable`, `db` hostname, `RUN_MIGRATIONS=1`, `CREATE_ADMIN=1`) hardcoded in the template since they don't vary per deploy. - **`.env.sample`** — only user-tunable values (`DOMAIN`, `DB_NAME`, `DB_USER`, `MINIFLUX_ADMIN_USERNAME`) + version pins. No more pre-filled defaults for infra constants like `DB_HOST=db` or `PORT=8080`. - **`compose.yml`** — add `command: ["-c", "/etc/miniflux/config.yml"]`; remove 5 env entries that previously shadowed the config (`DATABASE_URL`, `ADMIN_USERNAME`, `ADMIN_PASSWORD`, `BASE_URL`, `RUN_MIGRATIONS`). Config file is now authoritative. - **`compose.postgres.yml`** — healthcheck had `{{ env 'DB_USER' }}` (single quotes, rejected by Go templates). Fixed to escaped double quotes. ## Usage ```sh # scaffold + generate secrets abra app new miniflux --secrets # edit env file — set at minimum DOMAIN, DB_NAME, DB_USER, MINIFLUX_ADMIN_USERNAME, STACK_NAME abra app config <app> # deploy abra app deploy <app> ``` **How templating resolves:** abra reads `.env` → Docker Swarm's `template_driver: golang` (see `compose.yml` `configs:` block) renders `config.yml.tmpl`, substituting `{{ env "X" }}` from the env file and `{{ secret "X" }}` from Swarm secrets → mounted read-only at `/etc/miniflux/config.yml` → loaded by Miniflux via the `-c` flag. **Verify:** ```sh docker config inspect <stack>_config_yml_v1 --pretty ``` Expected output: ``` DATABASE_URL=postgres://miniflux:<pw>@db/miniflux?sslmode=disable LISTEN_ADDR=0.0.0.0:8080 BASE_URL=https://rss.example.com RUN_MIGRATIONS=1 CREATE_ADMIN=1 ADMIN_USERNAME=admin ADMIN_PASSWORD=<pw> ``` No leftover `{{ ... }}` directives. **Version bumps:** any change to `config.yml.tmpl` requires bumping `CONFIG_VERSION` in `.env` (Swarm configs are immutable by name). Rotating a secret requires bumping its `SECRET_*_VERSION`. ## Note `secret_key` is still declared in `compose.yml` secrets block but not referenced in the template — Miniflux has no matching config key. Left the mount in place rather than deleting the secret definition; can be cleaned up in a follow-up if confirmed unused.

jaeger123 added 1 commit 2026-04-18 12:45:40 +00:00

Fix config.yml.tmpl templating ... 944f32b776

- Add missing MINIFLUX_* env vars referenced by config.yml.tmpl
- Tell miniflux to actually load the config file via -c flag
- Remove redundant env-var injection that shadowed config values
- Fix invalid single-quoted Go template literal in postgres healthcheck

jaeger123 added 1 commit 2026-04-18 12:56:20 +00:00

Align config.yml.tmpl with Miniflux's real config format ... 1ca30782ca

- Rewrite template to flat KEY=VALUE (DATABASE_URL, LISTEN_ADDR,
  BASE_URL, etc.) -- the TOML-style sections Miniflux would ignore
- Hardcode deploy-time infra constants (LISTEN_ADDR, sslmode, db host,
  RUN_MIGRATIONS, CREATE_ADMIN) directly in the template literal
- Drop the 7 MINIFLUX_* defaults from .env.sample (they were
  hardcoded non-user-tunable values shoehorned into the env file)
- Remove now-redundant RUN_MIGRATIONS env var from compose.yml

This pull request can be merged automatically.

You are not authorized to merge this pull request.

View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u fix/config-templating:jaeger123-fix/config-templating

git checkout jaeger123-fix/config-templating

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

No items

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

3wordchant aadil abra-bot ammaratef45 amras Apfelwurm appletalk arjan basebuilder BornDeleuze Brooke carla cas codegod100 coopcloud cyrnel decentral1se dede devydave fauno flancian Frando iexos jade javielico jjsfunhouse jmakdah2 joe-irving kawaiipunk knoflook kolaente lambdabundesverband linnealovespie marlon mayel mirsal moosemower moritz nicksellen notplants oxaliq p4u1 pau pharaohgraphy PhiNatalie renovate-bot ripclap rix rscmbbng sef simon sixsmith stevensting tobias trav val vaznasty virtualboys wolcen wykwit xynosis yksflip

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: coop-cloud/miniflux#4

Allow edits from maintainers

No description provided.