Setting of NEO4J_AUTH does not work in extended docker container

I need to run the neo4j database in Amazon ECS with initially loaded data and so I extend the docker image, download data and import them using neo4j-admin import tool and then run the original entrypoint. Problem is that setting of NEO4J_AUTH does not work and the neo4j user retains the initial password (neo4j) and so I cannot query the database from outside.

The Dockerfile looks like this:

FROM neo4j
ENV NEO4J_AUTH=neo4j/graphPass
ENV JAVA_OPTS='-server -Xms2g -Xmx2g'

RUN curl -sL | bash -
RUN curl -sL | apt-key add -
RUN echo "deb stable main" | tee /etc/apt/sources.list.d/yarn.list
RUN apt -y update && \
  apt -y upgrade && \
  apt-get install -y nodejs yarn tar


COPY ./ /code

RUN chown -R neo4j:neo4j /code

RUN yarn install
RUN ./node_modules/.bin/webpack --config ./webpack.config.js

And the container is run with this bash script:


node ./dist/init-data.js

/sbin/tini -gs -- / neo4j

(The node script downloads the data and executes neo4j-admin import). But the password remains default despite setting of the NEO4J_AUTH env var. My usage of the Dockerfile probably broke it but I don't know how to do it right. (I also cannot change the password by adding cypher-shell -u neo4j -p neo4j "CALL'graphPass');" to the script because the neo4j engine isn't started yet.)

Take a look at docker-neo4j/ at master · neo4j/docker-neo4j · GitHub to understand how NEO4J_AUTH is handled in the original docker-entrypoint script.

Basically it uses neo4j-admin set-initial-password.

It works great, thanks Stefan.

1 Like