(Raspberry Pi 4 - Rocky Linux) Nextcloud Docker Container can't write to external SSD (403 Forbidden)

Support intro

Sorry to hear you’re facing problems :slightly_frowning_face:

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

longer
example
here

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version (eg, 20.0.5): 23.0.0.10
Operating system and version (eg, Ubuntu 20.04): Rocky Linux 8.5
Apache or nginx version (eg, Apache 2.4.25): Apache/2.4.51
PHP version (eg, 7.4): 8.0.13

The issue you are facing:

Hi all, I started to set up my Nextcloud yesterday and everything works, but I can’t actually write on my external SSD (neither via webinterface, nor via Nextcloud Client on windows 10), I always get a 403 Forbidden Error. On the normal root folder of Nextcloud it works though.

I set my Nextcloud up with docker-compose. It uses a Mariadb of version 10.5.

Is this the first time you’ve seen this error? (Y/N): Y

Steps to replicate it:

  1. Have an external SSD (format ext4) mounted on /media/krane-cloud
    lsblk:
NAME        MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sda           8:0    0 465.8G  0 disk 
└─sda1        8:1    0 465.8G  0 part /media/krane-cloud
mmcblk0     179:0    0  14.9G  0 disk 
├─mmcblk0p1 179:1    0   286M  0 part /boot
├─mmcblk0p2 179:2    0   488M  0 part [SWAP]
└─mmcblk0p3 179:3    0  14.1G  0 part /
  1. Create a few folders with permissions 755
    ll /media/krane-cloud:
drwxr-xr-x. 3 root root  4096 Dec 26 19:39 backup
drwxr-xr-x. 2 root root  4096 Dec 27 21:31 development
drwxr-xr-x. 2 root root  4096 Dec 27 21:31 education
drwxr-xr-x. 2 root root  4096 Dec 27 21:31 employment
drwxr-xr-x. 2 root root  4096 Dec 27 21:31 gaming
drwx------. 2 root root 16384 Dec 26 19:34 lost+found
drwxr-xr-x. 2 root root  4096 Dec 27 21:31 other
  1. Create a Dockerfile which installs smbclient
    cat Dockerfile:
FROM nextcloud:apache
RUN apt-get update && apt-get install -y procps smbclient && rm -rf /var/lib/apt/lists/*
  1. Create a Docker Compose file
    cat docker-compose.yml:
version: "3.8"
services:
	db:
		container_name: krane-cloud-mariadb
		image: mariadb:10.5
		restart: always
		command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
		env_file:
			- .db.env
		volumes:
			- db:/var/lib/mysql
		networks:
			- krane-cloud

	nextcloud:
		container_name: krane-cloud-nextcloud
		build: .
		restart: always
		env_file:
			- .db.env
		volumes:
			- /development/nextcloud/nextcloud-volume:/var/www/html
			- /media/krane-cloud:/opt/krane-cloud
		ports:
			- 8000:80
		networks:
			- krane-cloud
		depends_on:
			- db

networks:
	krane-cloud:
		driver: bridge

volumes:
	db:
  1. docker-compose up -d --build
  2. Finish Installation via webinterface
  3. Enable “external storage support” app and configure the folders in the Settings:
    2021-12-28_15-31
  4. Connect the desktop nextcloud client (windows 10) and login.

The user on my client is in the group “user”, so that shouldn’t be the problem. (Also the user is admin)

The output of your Nextcloud log in Admin > Logging:

[no app in context] Error: Could not create path

POST /ocs/v2.php/apps/files/api/v1/templates/create
from 172.18.0.1 by krane-admin at 2021-12-27T23:06:03+00:00

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'htaccess.RewriteBase' => '/',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'apps_paths' => 
  array (
    0 => 
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 => 
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
    ),
  ),
  'instanceid' => '...',
  'passwordsalt' => '...',
  'secret' => '...',
  'trusted_domains' => 
  array (
          0 => '192.168.1.113:8000',
          1 => '<my-domain>',
  ),
  'datadirectory' => '/var/www/html/data',
  'dbtype' => 'mysql',
  'version' => '23.0.0.10',
  'overwrite.cli.url' => 'http://192.168.1.113:8000',
  'overwriteprotocol' => 'https',
  'dbname' => 'kranecloud',
  'dbhost' => 'krane-cloud-mariadb',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'krane',
  'dbpassword' => '...',
  'installed' => true,
  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'smtp',
);

The output of your Apache/nginx/system log in /var/log/____:

172.18.0.1 - - [28/Dec/2021:14:37:44 +0000] "POST /ocs/v2.php/apps/files/api/v1/templates/create HTTP/1.1" 403 901 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0"

Update for all those who experience the same problem in the future:

I did sudo chmod 777 on one folder and then created a new folder via the webinterface. From there I saw, that the permissions from the newly created folder were the following:

drwxr-xr-x. 2 33 tape 4096 Dec 28 16:30 test

Notice the 33 tape? This is it. Afterwards I just did the following on my external ssd and it worked:

sudo chown -R 33:tape /media/krane-cloud/

Remember to sudo chmod 755 again on the folder you gave 777 permissions earlier.