I’m trying to setup a vikunja instance on my server. Since the server has mariadb running anyway for a nextcloud instance, I figured that using the mysql backend made the most sense. However, it seems that I’m running into authentication issues with this setup. My guess is that this is due to vikunja running under a dynamic systemd user instead of a permanent system user which the mysql socket authentication cannot authenticate. This might also be totally off the mark, I don’t have much experience with database servers yet.
Has anyone here managed to get a similar setup to work? Or am I the only one trying this madness? I’m using the current stable branch (nixos-25.11) updated last week.
That’s a pretty good guess. The solution to this problem is to add the dynamic user to a group with SupplementaryGroups. If the socket remains invisible, you may need to add it to the visible paths with ReadWritePaths, or do some fenangling with systemd socket passing via file descriptors that most services seem incapable of supporting.
Do you have any idea what group that be? Actually, I don’t think the issue is the socket being invisible. To me it is looking like this:
When I try to list all vikunja users (which should be none currently, because it’s a fresh install) with the command vikunja user list I get
time=2026-04-13T13:05:25.706+02:00 level=INFO msg="Using config file: /etc/vikunja/config.yaml"
time=2026-04-13T13:05:25.708+02:00 level=ERROR msg="Could not init file handler: storage validation failed: failed to access file storage directory at /var/lib/vikunja/files: stat /var/lib/vikunja/files: permission denied\n[process uid=1000 gid=100]"
The directory /var/lib/vikunja is a symlink to /var/lib/private/vikunja and file permissions are
ls -la /var/lib
lrwxrwxrwx root root vikunja -> private/vikunja
sudo ls -la /var/lib/private
drwxr-xr-x nobody nogroup vikunja
Here nobody and nogroup stem from the fact that the vikunja server is running under the dynamic systemd user. It looks like the vikunja binary is trying to access the directory with the wrong user (maybe my private login user?).
When I try the same with sudo I get a different error message
Now the binary cannot access the database as the vikunja user (which I created inside mariadb with unix socket authentication.
In both cases it seems like the binary tries to access data with the wrong permissions. I don’t know which of the two cases is actually failing earlier because I have not looked at the vikunja source code yet. And I can’t run the command as the vikunja user because that user doesn’t exist outside of systemd.
The only solution I can think of right now is to update nixpkgs to create a vikunja system user that runs the server instead of using the dynamic user feature. However, I wanted to check here for advice before opening an issue and/or a PR.