Tray Icon does not start after setting a UI password (Service Mode)

Running Duplicati as a Windows Service, I have noticed after setting up a UI password that the tray icon no longer appears. Trying to start it manually (with the --no-hosted-server option), it appears briefly in the task manager, then it disappears without any cue.

Is there a command line argument I can add to specify the password to Duplicati.GUI.TrayIcon.exe?

Running Duplicati - 2.0.3.5_canary_2018-04-13

Thanks for your help

This seems like it might be the same issue as Tray Icon won’t load when I run duplicati as a systemd service except now we have an idea about the cause. To connect it to your report I had to find a workaround for the current Windows Tray Icon not wanting to make output at Command Prompt. Linux is able to make output…

C:\Program Files\Duplicati 2>duplicati.gui.trayicon.exe --no-hosted-server

C:\Program Files\Duplicati 2>duplicati.gui.trayicon.exe --no-hosted-server | more
Unexpected error: System.NullReferenceException: Object reference not set to an instance of an object.
   at Duplicati.GUI.TrayIcon.HttpServerConnection.PerformRequest[T](String method, String urlfragment, Dictionary`2 queryparams)
   at Duplicati.GUI.TrayIcon.HttpServerConnection.UpdateStatus()
   at Duplicati.GUI.TrayIcon.HttpServerConnection..ctor(Uri server, String password, Boolean saltedpassword, PasswordSource passwordSource, Boolean disableTrayIconLogin, Dictionary`2 options)
   at Duplicati.GUI.TrayIcon.Program.RealMain(String[] _args)

C:\Program Files\Duplicati 2>duplicati.gui.trayicon.exe --no-hosted-server | findstr .
Unexpected error: System.NullReferenceException: Object reference not set to an instance of an object.
   at Duplicati.GUI.TrayIcon.HttpServerConnection.PerformRequest[T](String method, String urlfragment, Dictionary`2 queryparams)
   at Duplicati.GUI.TrayIcon.HttpServerConnection.UpdateStatus()
   at Duplicati.GUI.TrayIcon.HttpServerConnection..ctor(Uri server, String password, Boolean saltedpassword, PasswordSource passwordSource, Boolean disableTrayIconLogin, Dictionary`2 options)
   at Duplicati.GUI.TrayIcon.Program.RealMain(String[] _args)

C:\Program Files\Duplicati 2>

I think what’s happening is that the query from the tray icon to get serverstate fails from password protection. Obviously that should get handled better than a crash, but the immediate objective is to find the workaround.

C:\Program Files\Duplicati 2>duplicati.gui.trayicon.exe help

C:\Program Files\Duplicati 2>duplicati.gui.trayicon.exe help | more
Supported commandline arguments:

--toolkit: Choose the toolkit used to generate the TrayIcon, note that it will fail if the selected toolkit is not supported on this machine
    Supported toolkits: winforms

--hosturl: Supply the url that the TrayIcon will connect to and show status for
--no-hosted-server: Set this option to not spawn a local service, use if the TrayIcon should connect to a running service
--read-config-from-db: Set this option to read server connection info for running service from its database (only together with no-hosted-server)
--browser-command: Set this option to override the default browser detection
--detached-process: This option runs the tray-icon in detached mode, meaning that the process will exit immediately and not send output to the console of the caller
Additionally, these server options are also supported:

--tempdir: This option can be used to supply an alternative folder for temporary storage. By default the system default temporary folder is used. Note that also SQLite will put temporary files in this temporary folder.
--help: Displays this help
--parameters-file: This option can be used to store some or all of the options given to the commandline client. The file must be a plain text file, UTF-8 encoding is preferred. Each line in the file should be of the format --option=value. The special options --source and --target can be used to override the localpath and the remote destination uri, respectively. The options in this file take precedence over the options provided on the commandline. You cannot specify filters in both the file and on the commandline. Instead, you can use the special --replace-filter, --append-filter, or --prepend-filter options to specify filters inside the parameter file. Each filter must be prefixed with either a + or a -, and multiple filters must be joined with ;
--unencrypted-database: Disables database encryption
--portable-mode: Activates portable mode where the database is placed below the program executable
--log-file: Outputs log information to the file given
--log-level: Determines the amount of information written in the log file
--webservice-webroot: The path to the folder where the static files for the webserver is present. The folder must be located beneath the installation folder
--webservice-port: The port the webserver listens on. Multiple values may be supplied with a comma in between.
--webservice-sslcertificatefile: The certificate and key file in PKCS #12 format the webserver use for SSL. Only RSA/DSA keys are supported.
--webservice-sslcertificatepassword: The password for decryption of certificate PKCS #12 file.
--webservice-interface: The interface the webserver listens on. The special values "*" and "any" means any interface. The special value "loopback" means the loopback adapter.
--webservice-password: The password required to access the webserver. This option is saved so you do not need to set it on each run. Setting an empty value disables the password.
--webservice-allowed-hostnames: The hostnames that are accepted, separated with semicolons. If any of the hostnames are "*", all hostnames are allowed and the hostname checking is disabled.
--ping-pong-keepalive: When running as a server, the service daemon must verify that the process is responding. If this option is enabled, the server reads stdin and writes a reply to each line read
--log-retention: Set the time after which log data will be purged from the database.
--server-datafolder: Duplicati needs to store a small database with all settings. Use this option to choose where the settings are stored. This option can also be set with the environment variable DUPLICATI_HOME.
--server-encryption-key: This option sets the encryption key used to scramble the local settings database. This option can also be set with the environment variable DUPLICATI_DB_KEY. Use the option --unencrypted-database to disable the database scrambling.


C:\Program Files\Duplicati 2>

shows many options, some of which look attractive but it’s not clear which fit a --no-hosted-server situation.

--read-config-from-db: Set this option to read server connection info for running service from its database (only together with no-hosted-server)

used just as said seems to solve the problem, but comes with a lot of things that could potentially go wrong.
Reaching into Duplicati-server.sqlite requires knowing where it is, then having permission, then there’s the database encryption question. Tray icon reading the server database can inadvertently change encryption.
Only Windows users who use the server --unencrypted-database option (e.g. me…) would even notice this. Easier to notice would be that the Windows service is probably running as SYSTEM with a server database somewhere unusual to interactive users, but in reality it’s just a user profile, except this one is for SYSTEM.

Migrating from User to Service install on Windows gets into the question about where databases should be.

--server-datafolder: Duplicati needs to store a small database with all settings. Use this option to choose where the settings are stored. This option can also be set with the environment variable DUPLICATI_HOME.

seems to be able to tell tray icon to go there. To actually have access might not be possible for a “Standard User” (in Windows account type Setting terminology). One may need to be an “Administrator” to get access, but it doesn’t end there because even an Administrator has to pick “Run as Administrator” to actually do so.

Tray icon bypasses UI password has some useful background information on how Tray Icon interacts with the Windows service server, and @Pectojin posted an interesting comment about alternatives to the database.

While I hope there’s an easier way than the above, let me see if I can write and test a database procedure…

It turns out that there is. It seems documented for some reason, but it WAS mentioned at least here long ago.

One bad thing about this (in addition to the worry that undocumented options may be more prone to change) is that it would probably get put right in the shortcut on the Desktop and/or the shortcut to do startup at login. There’s a manual change needed if the password ever changes, and the password is also more easily found.

The other plan of arranging for the tray icon to get the password from the database also has security issues, because the default database location is not accessible without answering a Windows security popup with an Administrator password. This can be fixed by putting the database in a less secured place than systemprofile or by weakening security in Duplicati’s folder (probably using command line tools not mentioned here before).

About Duplicati Security says why tray icon needs the password, and offers a maybe-still-future improvement.

Perhaps if @SamSirry could comment on security needs and technical willingness (preferably higher for the one who sets this all up, and lower for the end user or whoever might cause mischief), it would help guide me.