Private key is already decrypted

I have Dockerized the steps to run a seeder node, however when running the container I get this error:

❯ docker run --env-file .env -it qdii/radicle:latest

Initializing your radicle 👾  identity


✓ Creating your Ed25519 keypair...
✓ Your Radicle DID is did:key:z6MkwJLedEnL3J9YihZxb83TxJpEsb3dhWJ3vUM69UCNmF4i. This identifies your device. Run `rad self` to show it at all times.
✓ You're all set.

To create a Radicle repository, run `rad init` from a Git repository with at least one commit.
To clone a repository, run `rad clone <rid>`. For example, `rad clone rad:z3gqcJUoA1n9HaHKufZs5FCSGazv5` clones the Radicle 'heartwood' repository.
To get a list of all commands, run `rad`.
Node is stopped.
To start it, run `rad node start`.
✗ Node starting.. (13) <canceled>
✗ Error: node failed to start. Try running it with `rad node start --foreground`, or check the logs with `rad node logs`
2024-07-03T22:18:04.321Z INFO  node     Starting node..
2024-07-03T22:18:04.321Z INFO  node     Version 1.0.0-rc.12 (f7d8f1b8)
2024-07-03T22:18:04.321Z INFO  node     Unlocking node keystore..
2024-07-03T22:18:04.321Z ERROR node     Fatal: couldn't load secret key: ssh keygen: private key is already decrypted

Any clue what could be going on here?

I noticed that unsetting the RAD_PASSPHRASE environment variable makes the issue go away.

This could be in a bug, since the documentation says it is possible to set up a passphrase for seed nodes in Radicle Seeder's Guide

@cloudhead @fintohaps @sebastinez

@qdii I believe you’ve also got support via Zulip, right? :slight_smile:

FYI, I think @yorgos has worked on Dockerizing the components. If you search for Docker on the Zulip it should show up :ok_hand:

Nice to hear you’re planning to run radicle in containers @qdii - and good to see you’ve already got something working!

For posterity, here is the zulip topic that has links to the work I’ve done around this.

With the podman/docker compose in place, I was going to work on the kubernetes deployment next, but it was time for some much-needed summer vacation first!

If you’ve already got the kubernetes deployment manifests ready @qdii perhaps we can avoid duplicating the effort and we can work together on what you’ve started ?