This change stops committed Docker Compose files from leaking environment-specific or sensitive values by adding docker-compose.yml to .gitignore and renaming the tracked file to docker-compose.yml.template. Developers still get a complete starting point for local setup, but are expected to copy and customize it outside the repo. The practical effect is safer local configuration with less risk of accidentally committing secrets.

The Docker entrypoint script has been updated to automatically create a default organization and user during the initial taskd server setup. It leverages new TASKORG and TASKUSER environment variables in docker-compose.yml to drive this process. It also automatically generates client certificates for this new user, dropping them straight into the /var/taskd/pki/ directory. This streamlines the container's first-time setup, ensuring the server spins up immediately ready to accept authenticated client connections.

This change switches the taskd service in docker-compose.yml from using x4121/taskd:latest to building directly from the repository’s local docker context, and explicitly names the container. That makes the setup easier to customize, test, and keep in sync with local Dockerfile changes without relying on an external image being updated first. The practical effect is a more reproducible and developer-friendly local container workflow.

Updated the docker-compose.yml configuration to use a managed named volume (taskd-data) for persisting taskd data, replacing the previous local directory bind mount. Along with explicit service definitions, this change aligns the deployment with Docker best practices. It makes data persistence, management, and backups more robust while helping avoid common local file permission issues.

This change modernizes the container image by moving from Alpine 3.3 to the rolling Alpine 3 tag and upgrading gosu from 1.7 to 1.11, including a more current signature verification flow with hkps and explicit binary validation. It also cleans up the entrypoint script by consistently quoting paths and tightening the root-check conditional, which reduces the chance of shell breakage when paths or environment values are unexpected. The practical effect is a more reliable and maintainable Docker setup with safer privilege dropping at runtime.

This change adds Docker Compose's restart: always policy to the taskd service. It improves operational resilience by having the container come back up automatically instead of requiring manual intervention after crashes or system restarts. In practice, the service should stay available with less babysitting.

The docker-compose.yml configuration has been updated to pull the x4121/taskd:latest image directly from Docker Hub instead of building it locally from source. This streamlines the setup process, allowing users to spin up their Taskwarrior server faster without an initial build step. The README has also been updated with helpful links to the official Docker Hub repository and dependency documentation.

This change fixes the documented certificate generation step for taskd by running ./generate.client through gosu taskd instead of invoking it directly. That makes the setup instructions better match how the container is meant to be used and helps avoid permission or ownership issues when creating client credentials. The practical effect is a smoother, less error-prone onboarding flow for anyone setting up taskd users.

We've transitioned the core Dockerfile from Debian Jessie to Alpine Linux. Instead of pulling down a bunch of build dependencies and compiling taskd from source with CMake, the image now cleanly installs taskd and taskd-pki directly from Alpine's package manager. This simplifies the Docker setup, speeds up build times, and significantly reduces the final image size.

The Docker entrypoint script had a few issues which could cause the taskd container startup to fail, including a malformed variable assignment and improper linking of PKI directories. These changes correct the PKI variable assignment, replace symlinking the PKI directory with a proper copy (cp -a), and ensure consistent taskd user ownership across the data directory. This makes the container initialization and certificate generation more robust out-of-the-box.

This update introduces gosu to the Docker configuration to handle file permissions more cleanly—allowing the container to start as root to set up directories before safely stepping down to the taskd user. Build dependencies are now automatically removed after compilation, which significantly trims down the final Docker image size. We also introduced a docker-compose.yml, making local testing and deployment with customizable environments a breeze.

Setting up a Taskserver instance just got a lot easier with the introduction of a complete Dockerfile based on Debian Jessie. This update automatically fetches, builds, and configures taskd-1.1.0, ensuring all dependencies are neatly packaged. It also includes an entrypoint script that generates self-signed certificates on the first run, taking the hassle out of initial PKI setup. Getting your local or cloud Taskwarrior sync server running is now virtually a one-line command.