Most SparkyFitness deployment problems fall into a handful of predictable categories: misconfigured environment variables, database connectivity, authentication setup, and mobile/HTTPS requirements. This guide walks through each category with specific symptoms, root causes, and step-by-step fixes. Start with the server logs — they contain the error message that points you to the right section below.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/CodeWithCJ/SparkyFitness/llms.txt
Use this file to discover all available pages before exploring further.
Startup Errors
"Invalid key length" error on startup
"Invalid key length" error on startup
Invalid key length or a similar cryptographic message.Cause: The SPARKY_FITNESS_API_ENCRYPTION_KEY environment variable is either missing, too short, or not a valid 64-character hexadecimal string. The encryption layer requires exactly 32 random bytes expressed as 64 hex characters.Fix: Generate a valid key and update your .env file or Docker Compose environment:SPARKY_FITNESS_API_ENCRYPTION_KEY. Restart the server container.Server fails to start — missing required environment variables
Server fails to start — missing required environment variables
required environment variable not set or a database connection error on first boot.Cause: One or more required environment variables are absent. The minimum required set is:SPARKY_FITNESS_DB_NAMESPARKY_FITNESS_DB_USERSPARKY_FITNESS_DB_PASSWORDBETTER_AUTH_SECRET(must be a strong random string; used to sign sessions)SPARKY_FITNESS_API_ENCRYPTION_KEY(64-char hex)
.env file against the example provided in the repository:Database connection refused on startup
Database connection refused on startup
ECONNREFUSED, could not connect to server, or Connection refused pointing at the database host.Cause: The database container is not yet ready, SPARKY_FITNESS_DB_HOST is pointing at the wrong hostname, or the port is wrong. In Docker Compose the correct host is the service name (sparkyfitness-db), not localhost.Fix:- Check that the database container is running:
- Verify the environment variable values. The default Compose service name is
sparkyfitness-dbon port5432:
- If the database container starts slowly, add a
healthcheck+depends_oncondition in yourdocker-compose.ymlor simply restart the server container after the database is fully up:
Authentication Issues
OIDC / SSO login not working
OIDC / SSO login not working
-
Redirect URI mismatch — The URI registered with your identity provider must exactly match
https://your-domain.com/api/auth/callback/<provider>. Check for trailing slashes or HTTP vs. HTTPS mismatches. - Wrong Client ID or Client Secret — Double-check the values in Settings → Authentication → OIDC Providers against what your identity provider issued.
-
Issuer URL unreachable — The server must be able to reach the OIDC discovery endpoint (
<issuer>/.well-known/openid-configuration). Test from inside the server container:
- Clock skew — JWT validation is time-sensitive. Ensure both the SparkyFitness server and the identity provider have their system clocks synchronised (NTP).
Locked out of all accounts after enabling 2FA (TOTP)
Locked out of all accounts after enabling 2FA (TOTP)
BETTER_AUTH_SECRET.Cause: BETTER_AUTH_SECRET is used to derive TOTP secrets. If this value changes, all existing TOTP enrollments become invalid and users are locked out.Fix: Restore email + password login as a recovery path:Cannot create a new account (sign-up disabled)
Cannot create a new account (sign-up disabled)
SPARKY_FITNESS_DISABLE_SIGNUP=true has been set, which prevents new user registrations. This is intentional for single-user or family deployments where the administrator wants to control who has access.Fix: Either remove the variable (or set it to false) to re-enable sign-ups, or have the administrator create accounts manually through the admin panel.Data Not Syncing
External device / provider not syncing
External device / provider not syncing
- Navigate to Settings → External Providers.
- Find the affected provider and click Disconnect (or Reconnect).
- Re-authorise the connection by completing the OAuth flow again.
Apple Health / Google Health sync not working on mobile
Apple Health / Google Health sync not working on mobile
https:// and not http://.API health data POST returns 401 or 403
API health data POST returns 401 or 403
POST /api/health-data returns 401 Unauthorized or 403 Forbidden.401 fix: The Authorization header is missing or malformed. Ensure you are sending:Mobile App Issues
Mobile app cannot connect to server
Mobile app cannot connect to server
- Set up a reverse proxy (Nginx, Caddy, Traefik) in front of SparkyFitness on port 443.
- Obtain a TLS certificate from Let’s Encrypt or your internal CA.
- Update the server URL in the mobile app to
https://your-domain.com.
Certificate errors on iOS or Android
Certificate errors on iOS or Android
- Use a CA-signed certificate (e.g. Let’s Encrypt) — the easiest solution for internet-accessible servers.
- For LAN-only deployments, install your self-signed CA certificate as a trusted root on each device. The process varies by platform (iOS: Settings → General → VPN & Device Management; Android: Settings → Security → Install from storage).
CORS errors when connecting from a custom origin
CORS errors when connecting from a custom origin
CORS policy: No 'Access-Control-Allow-Origin' header is present.Cause: The request is coming from an origin not listed in SparkyFitness’s allowed-origins configuration.Fix: Add your origin to the trusted list using the environment variable:AI Assistant Issues
OpenRouter returns 404 "No allowed providers"
OpenRouter returns 404 "No allowed providers"
URL doubled — "/chat/completions" appears twice in error
URL doubled — "/chat/completions" appears twice in error
/chat/completions/chat/completions or similar duplication.Cause: The base URL configured in AI Settings already ends with /chat/completions. SparkyFitness appends this path automatically.Fix: In Settings → AI Settings, update the base URL to end at the domain and version only — for example:Food photo analysis fails or returns an error
Food photo analysis fails or returns an error
gpt-4oorgpt-4o-mini(OpenAI)claude-3-5-sonnet(Anthropic via OpenRouter)google/gemini-flash-1.5(Google via OpenRouter)
Local AI server (Ollama / LM Studio) not connecting
Local AI server (Ollama / LM Studio) not connecting
- Leave the API key blank. Local servers do not require an API key. If a placeholder value is set, some local servers will reject the request.
-
Set the base URL correctly. The URL should end in
/v1— the OpenAI-compatible endpoint:
- Check network accessibility. If SparkyFitness runs in Docker and the AI server runs on the host, use the Docker host gateway IP instead of
localhost:
- Verify the model is pulled and running. For Ollama:
ollama listto see available models,ollama pull <model>if missing.
Debugging Tips
Follow server logs
Enable verbose logging
SPARKY_FITNESS_LOG_LEVEL=DEBUG in your environment and restart the server for highly detailed output including database queries and request traces.Inspect the database
Enable Swagger UI
SPARKY_FITNESS_PUBLIC_API_DOCS=true and restart. Browse to /api/api-docs to explore and test every endpoint interactively.Useful Database Queries
Once connected to PostgreSQL, these queries help verify data integrity:Getting Community Help
If these steps don’t resolve your issue, the SparkyFitness community is active and helpful:- Discord: discord.gg/vcnMT5cPEA — fastest response for deployment questions
- GitHub Issues: Use the issue templates for bug reports; include Docker version, server logs (sanitised), and your environment variable list (with secrets redacted)
- Your operating system and Docker version
- The exact error message from
docker compose logs sparkyfitness-server - The relevant section of your
docker-compose.ymland.env(with passwords/secrets replaced by placeholders) - Steps to reproduce the problem