Last Updated: 2025-01-15
This guide provides solutions to common issues encountered when deploying, configuring, and operating Ofelia. Issues are organized by category for quick reference.
# Check overall health
curl http://localhost:8080/health
# Check readiness (503 if unhealthy)
curl http://localhost:8080/ready
# Check liveness (always 200 if running)
curl http://localhost:8080/live# Docker logs
docker logs ofelia
# Follow logs
docker logs -f ofelia
# Last 100 lines
docker logs --tail 100 ofelia
# With timestamps
docker logs -t ofelia# Validate config file
ofelia validate --config=/etc/ofelia/config.ini
# Test specific job
ofelia test --config=/etc/ofelia/config.ini --job=backup
# Dry run
ofelia daemon --config=/etc/ofelia/config.ini --dry-runSymptoms:
Error: Cannot connect to Docker daemon
Error: dial unix /var/run/docker.sock: connect: permission denied
Diagnosis:
# Check Docker daemon status
systemctl status docker
# Test Docker connection
docker ps
# Check socket permissions
ls -la /var/run/docker.sockSolutions:
-
Docker daemon not running:
sudo systemctl start docker sudo systemctl enable docker -
Permission denied:
# Add user to docker group sudo usermod -aG docker $USER newgrp docker # Or run with proper permissions sudo chown root:docker /var/run/docker.sock sudo chmod 660 /var/run/docker.sock
-
Docker socket path incorrect:
[global] docker-host = unix:///var/run/docker.sock
-
Docker Desktop not started (macOS/Windows):
- Start Docker Desktop application
- Wait for "Docker Desktop is running" status
Symptoms:
Error: dial unix /var/run/docker.sock: connect: permission denied
This occurs when Docker is configured with user namespace remapping ("userns-remap": "default" in /etc/docker/daemon.json), which remaps container UIDs/GIDs for security isolation.
Root Cause:
User namespace remapping creates a mapping between container users and host users. The Ofelia container runs as a different effective UID on the host, which may not have permission to access the Docker socket.
Diagnosis:
# Check if userns-remap is enabled
docker info | grep "Docker Root Dir"
# If it shows /var/lib/docker/100000.100000, userns-remap is active
# Check the remapped user
grep dockremap /etc/subuid /etc/subgid
# Check socket ownership
ls -la /var/run/docker.sock
# Check Ofelia's effective UID in the container
docker exec ofelia idSolutions:
-
Match socket permissions to remapped user:
# Find the remapped UID (typically 100000 for dockremap) REMAP_UID=$(grep dockremap /etc/subuid | cut -d: -f2) # Grant access via ACL sudo setfacl -m u:$REMAP_UID:rwx /var/run/docker.sock
-
Run Ofelia outside namespace remapping:
# docker-compose.yml services: ofelia: image: ghcr.io/netresearch/ofelia:latest userns_mode: "host" # Bypass namespace remapping volumes: - /var/run/docker.sock:/var/run/docker.sock:ro
-
Use Docker TCP socket instead (development only):
WARNING: This exposes the Docker daemon API without authentication. Any local process can gain full Docker control, enabling privilege escalation to root. Only use in isolated development environments, never in production.
[global] docker-host = tcp://localhost:2375
Enable TCP in Docker daemon:
{ "hosts": ["unix:///var/run/docker.sock", "tcp://127.0.0.1:2375"] } -
Disable userns-remap for development:
// /etc/docker/daemon.json { "userns-remap": "" }
Then restart Docker:
sudo systemctl restart docker
Security Considerations:
userns_mode: "host"reduces container isolation- TCP socket should only bind to localhost, not 0.0.0.0
- Consider the security implications before disabling userns-remap in production
Symptoms:
Error: protocol error
Error: connection refused
Error: failed to connect to Docker daemon
Affected Versions: v0.11.0 only (fixed in v0.11.1+)
Diagnosis:
# Check Ofelia version
ofelia version
# Check Docker connection type
echo $DOCKER_HOST
# Common values:
# - unix:///var/run/docker.sock (default)
# - tcp://localhost:2375 (cleartext)
# - https://host:2376 (TLS)Root Cause: v0.11.0 introduced OptimizedDockerClient that incorrectly enabled HTTP/2 on all connections. Docker daemon only supports HTTP/2 over TLS (https://), not on:
- Unix domain sockets (unix://)
- TCP cleartext (tcp://)
- HTTP cleartext (http://)
Solutions:
-
Upgrade to v0.11.1+ (Recommended):
# docker-compose.yml services: ofelia: image: mcuadros/ofelia:latest
-
Downgrade to v0.10.2 (Temporary workaround):
services: ofelia: image: mcuadros/ofelia:v0.10.2
-
Use HTTPS connection (If possible):
export DOCKER_HOST=https://docker-host:2376 export DOCKER_CERT_PATH=/path/to/certs
References:
- Issue: #266
- Fix: #267
- Affected: Unix sockets, tcp://, http:// connections
- Working: https:// connections only
Symptoms:
Error: No such container: postgres
Error: Container postgres not found
Diagnosis:
# List all containers
docker ps -a
# Search for container
docker ps -a | grep postgresSolutions:
-
Container not running:
docker start postgres
-
Wrong container name:
# Use exact container name or ID container = postgres_db_1 # Or container ID container = abc123def456
-
Container name changed:
# Check current name docker ps --format "{{.Names}}" # Update configuration [job-exec "backup"] container = new_postgres_name
Symptoms:
Error: Error response from daemon: pull access denied
Error: Error pulling image: manifest unknown
Diagnosis:
# Manual pull test
docker pull nginx:latest
# Check image name format
docker images | grep nginxSolutions:
-
Image not found:
# Verify image name image = nginx:1.21-alpine # Correct # Not: image = nginx:invalid-tag
-
Private registry authentication:
# Login to registry docker login registry.example.com # Or use credentials in config docker login -u username -p password registry.example.com
-
Network connectivity:
# Test registry connectivity curl https://registry-1.docker.io/v2/ # Check DNS resolution nslookup registry-1.docker.io
-
Rate limiting (Docker Hub):
Error: toomanyrequests: You have reached your pull rate limit Solution: - Login with Docker Hub account (increases limit) - Use alternative registry - Implement pull caching
Symptoms:
Error: Config validation error: invalid syntax at line 15
Error: Unknown field 'schedual' in section [job-exec "backup"]
Diagnosis:
# Validate configuration
ofelia validate --config=/etc/ofelia/config.ini
# Check for typos
grep -i "schedual" /etc/ofelia/config.iniSolutions:
-
Typo in field name:
# Wrong schedual = @daily # Correct schedule = @daily
-
Invalid INI syntax:
# Wrong - missing quotes [job-exec backup] # Correct [job-exec "backup"]
-
Invalid value format:
# Wrong smtp-port = "587" # Should be number, not string # Correct smtp-port = 587
Symptoms:
Error: Config validation error for field 'schedule': invalid cron expression
Error: Cron expression '0 */6 * *' is invalid: expected 5 or 6 fields
Diagnosis:
# Test cron expression
# Use online validator: crontab.guruCommon Errors:
| Invalid | Correct | Reason |
|---|---|---|
0 */6 * * |
0 */6 * * * |
Missing weekday field |
60 * * * * |
0 * * * * |
Minutes: 0-59, not 60 |
* * 32 * * |
* * 31 * * |
Day: 1-31, not 32 |
* * * 13 * |
* * * 12 * |
Month: 1-12, not 13 |
Solutions:
-
Standard cron (5 fields):
schedule = 0 */6 * * * # Every 6 hours schedule = 30 2 * * 0 # 2:30 AM every Sunday schedule = 0 0 1 * * # Midnight on 1st of month
-
Extended cron (6 fields with seconds):
schedule = 0 0 */6 * * * # Every 6 hours with seconds
-
Special expressions:
schedule = @daily # Once a day schedule = @hourly # Once an hour schedule = @every 5m # Every 5 minutes
Symptoms:
Error: JWT secret key must be at least 32 characters long
Warning: Using placeholder value "${JWT_SECRET}"
Diagnosis:
# Check environment variable
echo $JWT_SECRET
# Check in container
docker exec ofelia env | grep JWT_SECRETSolutions:
-
Environment variable not set:
# Set environment variable export JWT_SECRET="your-secret-key-here-min-32-chars" # Restart Ofelia docker restart ofelia
-
Docker compose environment:
services: ofelia: environment: - JWT_SECRET=${JWT_SECRET} # Or from .env file env_file: - .env
-
Verify in container:
docker exec ofelia env | grep JWT_SECRET
Symptoms:
Error: unable to start a empty scheduler
Labels configured on application containers (nginx, postgres, etc.) with job-run jobs are not being detected by Ofelia.
Root Cause:
Different job types have different label placement requirements:
| Job Type | Label Placement | Reason |
|---|---|---|
job-exec |
Target container | Executes commands inside the labeled container |
job-run |
Ofelia container | Creates new containers, not tied to any specific existing container |
job-local |
Ofelia container | Runs on host, labels must be on Ofelia itself |
job-service-run |
Ofelia container | Creates Swarm services, not tied to existing containers |
Incorrect Configuration (Labels on nginx, not discovered):
services:
nginx:
image: nginx:latest
labels:
ofelia.enabled: "true"
# ❌ WRONG: job-run labels on nginx won't be discovered
ofelia.job-run.backup.schedule: "@daily"
ofelia.job-run.backup.image: "postgres:15"
ofelia.job-run.backup.command: "pg_dump mydb"Correct Configuration (Labels on Ofelia container):
services:
ofelia:
image: netresearch/ofelia:latest
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
labels:
ofelia.enabled: "true"
# ✅ CORRECT: job-run labels on Ofelia container
ofelia.job-run.backup.schedule: "@daily"
ofelia.job-run.backup.image: "postgres:15"
ofelia.job-run.backup.command: "pg_dump mydb"
nginx:
image: nginx:latest
labels:
ofelia.enabled: "true"
# ✅ CORRECT: job-exec labels on target container
ofelia.job-exec.reload.schedule: "@hourly"
ofelia.job-exec.reload.command: "nginx -s reload"Key Distinction:
job-execrequires acontainerparameter (implicit when using labels on target container)job-runrequires animageparameter (creates new container, no existing container needed)
Alternative: Use INI configuration file instead of labels for job-run jobs, which avoids this confusion entirely.
Symptoms:
Error: JWT secret key must be at least 32 characters long
Fatal: Cannot start server: invalid JWT configuration
Solutions:
-
Generate proper secret:
# Generate 48-character base64 secret openssl rand -base64 48 # Set in environment export OFELIA_JWT_SECRET="generated-secret-here"
-
Configuration:
[global] jwt-secret = ${JWT_SECRET} # Minimum 32 characters jwt-expiry-hours = 24
Symptoms:
HTTP 401 Unauthorized
Error: Invalid or expired token
Diagnosis:
# Check token expiry
curl -H "Authorization: Bearer $TOKEN" http://localhost:8080/api/jobsSolutions:
-
Token expired:
# Generate new token curl -X POST http://localhost:8080/api/login \ -H "Content-Type: application/json" \ -d '{"username":"admin","password":"your-password"}'
-
Token refresh:
# Refresh existing token curl -X POST http://localhost:8080/api/refresh \ -H "Authorization: Bearer $OLD_TOKEN"
-
Increase token expiry:
[global] jwt-expiry-hours = 168 # 1 week instead of 24 hours
Symptoms:
HTTP 429 Too Many Requests
Error: Too many authentication attempts
Diagnosis:
# Check rate limit status
curl -I http://localhost:8080/api/loginSolutions:
-
Wait for rate limit reset (default: 1 minute)
-
Adjust rate limit:
// In configuration (if exposed) max-login-attempts = 10 # Increase from 5
-
Check for brute force attack:
# Review authentication logs docker logs ofelia | grep "Authentication failed"
Symptoms:
- Job scheduled but never executes
- No execution history
- No errors in logs
Diagnosis:
# List all jobs
curl http://localhost:8080/api/jobs
# Check job status
curl http://localhost:8080/api/jobs/backup-db
# Check scheduler logs
docker logs ofelia | grep "backup-db"Solutions:
-
Schedule not reached yet:
# Manual trigger for testing curl -X POST http://localhost:8080/api/jobs/run \ -H "Content-Type: application/json" \ -d '{"name":"backup-db"}'
-
Invalid schedule format:
# Check cron expression schedule = 0 */6 * * * # Valid
-
Job disabled:
# Enable job curl -X POST http://localhost:8080/api/jobs/enable \ -d '{"name":"backup-db"}'
-
Overlap prevention blocking execution:
# Previous job still running overlap = false # Remove or set to true
Symptoms:
- Jobs run initially but start getting skipped after some time
- Log shows "skipping job - already running"
- Scheduled executions are missed without errors
Root Cause:
When overlap = false (or no-overlap: 'true' in Docker labels), Ofelia prevents concurrent executions of the same job. If a previous execution appears to still be running (e.g., a hung process that never terminated), subsequent scheduled runs will be skipped.
Common causes of "stuck" jobs:
- Node.js: Unhandled promise rejections don't exit by default
- Python: Background threads keeping process alive
- Shell scripts: Backgrounded processes or orphaned subprocesses
- Deadlocks: Application waiting for resources indefinitely
Diagnosis:
# Check if previous job is still "running"
docker logs ofelia 2>&1 | grep -i "already running\|skipping"
# Check container processes
docker exec <container> ps aux
# Check for zombie processes
docker exec <container> ps aux | grep defunctSolutions:
-
Ensure proper process exit for Node.js:
# Force exit on unhandled rejections node --unhandled-rejections=strict index.js -
Add explicit exit handling:
// Node.js process.on('uncaughtException', (err) => { console.error('Uncaught exception:', err); process.exit(1); });
# Python import sys import atexit atexit.register(lambda: sys.exit(0))
-
Set command timeout:
[job-exec "my-job"] schedule = @hourly container = app command = timeout 300 ./my-script.sh # 5-minute timeout
-
Temporarily disable overlap protection:
# For debugging - allows concurrent runs overlap = true
-
Use shell wrapper with timeout:
#!/bin/bash set -e # Exit on error timeout 600 ./actual-command.sh || exit $?
Prevention:
- Always use
set -ein shell scripts - Implement proper signal handling in long-running processes
- Add timeouts to external API calls and database queries
- Use process supervisors for complex jobs
Symptoms:
Error: Job execution failed with exit code 1
Error: Command not found
Diagnosis:
# Get job history
curl http://localhost:8080/api/jobs/backup-db/history
# Check execution logs
docker logs ofelia | grep "backup-db"Solutions:
-
Command not found:
# Use absolute path command = /usr/local/bin/backup.sh # Not: backup.sh # Or ensure PATH is set environment = PATH=/usr/local/bin:/usr/bin:/bin
-
Permission denied:
# Run as correct user user = root # Or user with permissions # Check file permissions # chmod +x /usr/local/bin/backup.sh
-
Container not ready:
# Add delay before execution delay = 10s
-
Script errors:
# Test script manually docker exec postgres /usr/local/bin/backup.sh # Check script logs docker exec postgres cat /var/log/backup.log
Symptoms:
Error: Container execution timeout after 300s
Error: Container failed to respond
Solutions:
-
Increase timeout:
[job-exec "long-task"] timeout = 600s # 10 minutes
-
Optimize task:
- Break into smaller sub-tasks
- Improve script performance
- Add progress logging
-
Background execution:
# For very long tasks, run in background command = nohup long-task.sh &
Symptoms:
Error: Container killed due to memory limit
Error: OOMKilled
Diagnosis:
# Check container stats
docker stats ofelia
# Check memory usage
docker inspect ofelia | grep MemorySolutions:
-
Increase memory limit:
services: ofelia: deploy: resources: limits: memory: 1G # Increase from 512M
-
Optimize memory usage:
# Limit concurrent jobs max-concurrent-jobs = 3 # Clean up after execution delete = true
-
Monitor memory usage:
# Real-time monitoring watch docker stats ofelia
Symptoms:
{
"status": "degraded",
"checks": {
"system": {
"status": "degraded",
"message": "Memory usage >75%"
}
}
}Solutions:
-
Check resource usage:
# System memory free -h # Container resources docker stats
-
Cleanup:
# Remove stopped containers docker container prune -f # Remove unused images docker image prune -a -f # Remove unused volumes docker volume prune -f
-
Adjust limits:
services: ofelia: deploy: resources: limits: cpus: '2' memory: 2G reservations: cpus: '1' memory: 512M
Symptoms:
Error: Mail error: dial tcp: lookup smtp.gmail.com: no such host
Error: 535 Authentication failed
Diagnosis:
# Test SMTP connectivity
telnet smtp.gmail.com 587
# Check DNS resolution
nslookup smtp.gmail.comSolutions:
-
Network connectivity:
# Test from container docker exec ofelia ping smtp.gmail.com # Check firewall rules sudo iptables -L | grep 587
-
Authentication failed:
[global] smtp-user = your-email@gmail.com smtp-password = ${SMTP_PASSWORD} # For Gmail: use App Password, not account password # Generate at: https://myaccount.google.com/apppasswords
-
TLS/SSL issues:
# Skip TLS verification (not recommended for production) smtp-tls-skip-verify = true # Or use proper TLS smtp-port = 587 # STARTTLS # Or smtp-port = 465 # SSL/TLS
-
Email address validation:
# Ensure valid email format email-to = admin@example.com, ops@example.com email-from = ofelia@example.com
Symptoms:
Error: Slack webhook URL is invalid
Error: Post request timeout
Diagnosis:
# Test webhook manually
curl -X POST $SLACK_WEBHOOK \
-H "Content-Type: application/json" \
-d '{"text":"Test message"}'Solutions:
-
Invalid webhook URL:
# Ensure full URL with https:// slack-webhook = https://hooks.slack.com/services/XXX/YYY/ZZZ
-
Network timeout:
# Test connectivity docker exec ofelia curl -I https://hooks.slack.com # Check proxy settings if needed
-
Webhook expired or revoked:
- Generate new webhook in Slack settings
- Update configuration with new URL
Symptoms:
- Webhooks not firing after job execution
- No webhook-related log messages
- "Unknown job type webhook" warnings in logs
Diagnosis:
# Check logs for webhook-related messages
docker logs ofelia 2>&1 | grep -i webhook
# Verify webhook labels are on the service container
docker inspect --format '{{json .Config.Labels}}' ofelia-service | jq 'to_entries[] | select(.key | startswith("ofelia.webhook"))'Solutions:
-
Webhook labels on wrong container: Webhook labels (
ofelia.webhook.*) are only processed from the service container (withofelia.service=true). Move webhook labels to the Ofelia service container:ofelia: labels: ofelia.service: "true" ofelia.enabled: "true" ofelia.webhook.slack.preset: slack ofelia.webhook.slack.id: "T00/B00" ofelia.webhook.slack.secret: "secret"
-
Missing webhook assignment on job: Define which webhooks a job should use:
worker: labels: ofelia.job-exec.backup.webhooks: "slack"
-
INI webhook overriding label webhook: If a webhook with the same name exists in both the INI file and Docker labels, the INI version takes precedence. Use a different name for the label-defined webhook or remove the INI definition.
-
Trigger mismatch: Verify the webhook's
triggermatches the job outcome:error— only fires when the job failssuccess— only fires when the job succeedsalways— fires on every execution
Symptoms:
Error: invalid save folder: path traversal detected
Error: permission denied
Solutions:
-
Path traversal attempt:
# Use absolute path without .. or ~ save-folder = /var/log/ofelia # Correct # Not: save-folder = ../../etc
-
Permission denied:
# Create directory with proper permissions sudo mkdir -p /var/log/ofelia sudo chown 1000:1000 /var/log/ofelia sudo chmod 755 /var/log/ofelia -
Volume not mounted:
services: ofelia: volumes: - ./logs:/var/log/ofelia
Symptoms:
ERR_CONNECTION_REFUSEDConnection timeout
Diagnosis:
# Check if server is running
curl http://localhost:8080/health
# Check port binding
netstat -tulpn | grep 8080
# Check container ports
docker port ofeliaSolutions:
-
Web UI not enabled:
[global] enable-web = true web-address = :8080
-
Port conflict:
# Check what's using port 8080 sudo lsof -i :8080 # Use different port web-address = :9090
-
Firewall blocking:
# Allow port through firewall sudo ufw allow 8080/tcp # Or iptables sudo iptables -A INPUT -p tcp --dport 8080 -j ACCEPT
-
Docker port mapping:
services: ofelia: ports: - "8080:8080" # host:container
Symptoms:
HTTP 429 Too Many Requests
Error: Rate limit exceeded
Solutions:
- Reduce request rate
- Wait for rate limit window to reset (default: 1 minute)
- Increase rate limit (if configurable):
// Default: 100 requests/minute per IP // Adjust in server configuration if exposed
Symptoms:
{
"checks": {
"docker": {
"status": "unhealthy",
"message": "Docker daemon not accessible"
}
}
}Solutions:
-
Docker daemon not running:
sudo systemctl start docker
-
Docker socket permission:
sudo chmod 666 /var/run/docker.sock
-
Wrong Docker host:
[global] docker-host = unix:///var/run/docker.sock
Symptoms:
{
"checks": {
"scheduler": {
"status": "unhealthy",
"message": "Scheduler not operational"
}
}
}Solutions:
-
Scheduler not started:
# Restart Ofelia docker restart ofelia -
Configuration error:
# Validate configuration ofelia validate --config=/etc/ofelia/config.ini
Symptoms:
Error: lookup smtp.gmail.com: no such host
Error: dial tcp: lookup registry-1.docker.io: Temporary failure in name resolution
Solutions:
-
Container DNS configuration:
services: ofelia: dns: - 8.8.8.8 - 8.8.4.4
-
Host DNS issues:
# Test DNS from host nslookup smtp.gmail.com # Check /etc/resolv.conf cat /etc/resolv.conf
-
Docker daemon DNS:
// /etc/docker/daemon.json { "dns": ["8.8.8.8", "8.8.4.4"] }
Symptoms:
Error: dial tcp: i/o timeout
Error: no route to host
Solutions:
-
Check network connectivity:
# From container docker exec ofelia ping google.com # From host ping google.com
-
Docker network inspection:
# List networks docker network ls # Inspect network docker network inspect bridge
-
Firewall rules:
# Check iptables sudo iptables -L # Allow Docker networks sudo iptables -A FORWARD -i docker0 -j ACCEPT
Symptoms:
- Jobs take longer than expected
- High CPU/memory usage
Diagnosis:
# Monitor resource usage
docker stats ofelia
# Check job execution time
curl http://localhost:8080/api/jobs/slow-job/history
# Profile application
# Enable pprof if configured
curl http://localhost:6060/debug/pprof/profile?seconds=30 > profile.outSolutions:
-
Resource constraints:
# Increase limits services: ofelia: deploy: resources: limits: cpus: '2' memory: 2G
-
Optimize jobs:
- Reduce concurrent jobs
- Add job priorities
- Optimize scripts
-
Container overhead:
# For LocalJobs (if allowed) # Bypass container overhead [job-local "fast-task"] command = /usr/local/bin/fast-script.sh
Symptoms:
Memory usage consistently >90%
OOMKilled errors
Solutions:
-
Memory leak investigation:
# Enable pprof enable-pprof = true pprof-address = :6060 # Capture heap profile curl http://localhost:6060/debug/pprof/heap > heap.out go tool pprof heap.out
-
Limit concurrent execution:
# Reduce parallel jobs max-concurrent-jobs = 5
-
Monitor and alert:
# Set up Prometheus alerts # Alert when memory usage >80% for 5 minutes
[global]
log-level = debugOr via environment:
export OFELIA_LOG_LEVEL=debug
docker restart ofelia#!/bin/bash
# debug-info.sh - Collect debugging information
echo "=== Ofelia Version ==="
docker exec ofelia ofelia version
echo "=== Docker Info ==="
docker info
echo "=== Container Status ==="
docker ps -a | grep ofelia
echo "=== Container Logs (last 100 lines) ==="
docker logs --tail 100 ofelia
echo "=== Container Stats ==="
docker stats --no-stream ofelia
echo "=== Health Check ==="
curl -s http://localhost:8080/health | jq .
echo "=== Jobs Status ==="
curl -s http://localhost:8080/api/jobs | jq .
echo "=== Configuration ==="
docker exec ofelia cat /etc/ofelia/config.ini
echo "=== System Resources ==="
free -h
df -h# Enable profiling
[global]
enable-pprof = true
pprof-address = :6060
# Capture profiles
curl http://localhost:6060/debug/pprof/goroutine > goroutine.out
curl http://localhost:6060/debug/pprof/heap > heap.out
curl http://localhost:6060/debug/pprof/profile?seconds=30 > cpu.out
# Analyze
go tool pprof heap.out- ✅ Check this troubleshooting guide
- ✅ Review logs with debug level enabled
- ✅ Validate configuration
- ✅ Test with minimal configuration
- ✅ Collect debug information
- ✅ Search existing GitHub issues
Include the following information:
-
Environment:
- Ofelia version:
ofelia version - Docker version:
docker version - OS:
uname -a
- Ofelia version:
-
Configuration: Sanitized config file (remove secrets)
-
Logs: Relevant log snippets with debug enabled
-
Reproduction Steps: Minimal example to reproduce
-
Expected vs Actual: What you expected vs what happened
- GitHub Issues: https://github.com/netresearch/ofelia/issues
- Documentation: https://github.com/netresearch/ofelia/docs
- Security Issues: security@netresearch.de
- Configuration Guide - Configuration reference
- Web Package - API and authentication
- Security Guide - Security best practices
- PROJECT_INDEX - Overall system architecture
For urgent security issues, contact: security@netresearch.de