cancel
Showing results for 
Search instead for 
Did you mean: 

Head's Up! These forums are read-only. All users and content have migrated. Please join us at community.neo4j.com.

Setting of NEO4J_AUTH does not work in extended docker container

Hi,
I need to run the neo4j database in Amazon ECS with initially loaded data and so I extend the docker image, download data and import them using neo4j-admin import tool and then run the original entrypoint. Problem is that setting of NEO4J_AUTH does not work and the neo4j user retains the initial password (neo4j) and so I cannot query the database from outside.

The Dockerfile looks like this:

FROM neo4j
ENV NEO4J_AUTH=neo4j/graphPass
ENV JAVA_OPTS='-server -Xms2g -Xmx2g'

RUN curl -sL https://deb.nodesource.com/setup_13.x | bash -
RUN curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
RUN echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
RUN apt -y update && \
  apt -y upgrade && \
  apt-get install -y nodejs yarn tar

WORKDIR /code

COPY ./ /code

RUN chown -R neo4j:neo4j /code

RUN yarn install
RUN ./node_modules/.bin/webpack --config ./webpack.config.js

And the container is run with this bash script:

#!/bin/bash

node ./dist/init-data.js

/sbin/tini -gs -- /docker-entrypoint.sh neo4j

(The node script downloads the data and executes neo4j-admin import). But the password remains default despite setting of the NEO4J_AUTH env var. My usage of the Dockerfile probably broke it but I don't know how to do it right. (I also cannot change the password by adding cypher-shell -u neo4j -p neo4j "CALL dbms.security.changePassword('graphPass');" to the script because the neo4j engine isn't started yet.)

2 REPLIES 2

Take a look at https://github.com/neo4j/docker-neo4j/blob/master/docker-image-src/3.5/docker-entrypoint.sh#L367-L39... to understand how NEO4J_AUTH is handled in the original docker-entrypoint script.

Basically it uses neo4j-admin set-initial-password.

It works great, thanks Stefan.