I’m getting an permission error after running this docker-compose file:
services:
db:
#image: mariadb:latest
image: tobi312/rpi-mariadb:10.6-alpine
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW #--innodb-file-per-table=1 --skip-innodb-read-only-compressed
restart: always
volumes:
- db-nextcl:/var/lib/mysql
env_file:
- db.env
redis:
image: redis:alpine
restart: always
app:
#image: nextcloud:fpm-alpine
build: ./app
restart: always
#ports:
# - 9000:9000
volumes:
- nextcloud:/var/www/html
- ./app/config:/var/www/html/config:rw
- ./app/custom_apps:/var/www/html/custom_apps
- ./app/data:/var/www/html/data
- ./app/themes:/var/www/html/themes
- /etc/localtime:/etc/localtime:ro
environment:
- MYSQL_HOST=db
- REDIS_HOST=redis
env_file:
- db.env
depends_on:
- db
- redis
web:
build: ./web
restart: always
volumes:
- nextcloud:/var/www/html:rw
environment:
- VIRTUAL_HOST=<mydomain>
- LETSENCRYPT_HOST=<mydomain>
- LETSENCRYPT_EMAIL=<myail>
depends_on:
- app
networks:
- proxy-tier
- default
cron:
build: ./app
restart: always
volumes:
- nextcloud:/var/www/html
entrypoint: /cron.sh
depends_on:
- db
- redis
proxy:
image: jwilder/nginx-proxy:alpine
labels:
- "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy=true"
container_name: nextcloud-proxy
networks:
- proxy-tier
dns:
- 192.168.178.15
ports:
- 443:443
- 80:80
volumes:
- ./proxy/conf.d:/etc/nginx/conf.d:rw
- ./proxy/vhost.d:/etc/nginx/vhost.d:rw
- ./proxy/html:/usr/share/nginx/html:rw
- ./proxy/certs:/etc/nginx/certs:rw
- /var/run/docker.sock:/tmp/docker.sock:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
restart: unless-stopped
letsencrypt-companion:
image: jrcs/letsencrypt-nginx-proxy-companion
restart: always
dns:
- 192.168.178.15
volumes:
- ./proxy/conf.d:/etc/nginx/conf.d:rw
- ./proxy/vhost.d:/etc/nginx/vhost.d:rw
- ./proxy/html:/usr/share/nginx/html:rw
- ./proxy/certs:/etc/nginx/certs:rw
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- proxy-tier
depends_on:
- proxy
volumes:
db-nextcl:
nextcloud:
newlive_certs:
newlive_vhost.d:
html:
networks:
proxy-tier:
driver: bridge
The logs for the running containers seem all to be fine, except the ‘web’ container which throws permission denied. This should be easily fixable, but everything I’ve tried did fail so far.
So first question: Is this error originating in web or app container?
I tried setting permission for www-data user in both container and for the path
/var/www/html
First creating www-data user:
docker-compose exec --user root web adduser -D -H -u 1000 -s /bin/bash www-data -G www-data
docker-compose exec --user root app adduser -D -H -u 1000 -s /bin/bash www-data -G www-data
Make owner
docker-compose exec --user root web chown -R www-data:www-data /var/www/html
docker-compose exec --user root app chown -R www-data:www-data /var/www/html
Set 0775 permissions:
docker-compose exec --user root web chmod -R 0775 var/www
docker-compose exec --user root app chmod -R 0775 var/www
And this is the current state:
App-Container:
nuc:/Nextcloud 2.0/new_live # docker-compose exec --user www-data app ls -al /var/www/html
total 112
drwxrwxr-x 1 775 www-data 412 Dec 17 17:07 .
drwxr-xr-x 1 www-data www-data 16 Dec 22 2021 ..
-rwxrwxr-x 1 775 www-data 3296 Dec 26 2021 .htaccess
-rwxrwxr-x 1 775 www-data 101 Dec 26 2021 .user.ini
drwxrwxr-x 1 775 www-data 840 Dec 26 2021 3rdparty
-rwxrwxr-x 1 775 www-data 19327 Dec 26 2021 AUTHORS
-rwxrwxr-x 1 775 www-data 34520 Dec 26 2021 COPYING
drwxrwxr-x 1 775 www-data 1112 Dec 26 2021 apps
drwxrwxr-x 1 www-data www-data 300 Dec 26 2021 config
-rwxrwxr-x 1 775 www-data 3924 Dec 26 2021 console.php
drwxrwxr-x 1 775 www-data 428 Dec 26 2021 core
-rwxrwxr-x 1 775 www-data 5226 Dec 26 2021 cron.php
drwxrwxr-x 1 www-data www-data 0 Dec 26 2021 custom_apps
drwxrwxr-x 1 www-data www-data 136 Dec 26 2021 data
-rwxrwxr-x 1 775 www-data 156 Dec 26 2021 index.html
-rwxrwxr-x 1 775 www-data 3455 Dec 26 2021 index.php
drwxrwxr-x 1 775 www-data 126 Dec 26 2021 lib
-rwxrwxr-x 1 775 www-data 283 Dec 26 2021 occ
drwxrwxr-x 1 775 www-data 18 Dec 26 2021 ocm-provider
drwxrwxr-x 1 775 www-data 50 Dec 26 2021 ocs
drwxrwxr-x 1 775 www-data 18 Dec 26 2021 ocs-provider
-rwxrwxr-x 1 775 www-data 3139 Dec 26 2021 public.php
-rwxrwxr-x 1 775 www-data 5340 Dec 26 2021 remote.php
drwxrwxr-x 1 775 www-data 158 Dec 26 2021 resources
-rwxrwxr-x 1 775 www-data 26 Dec 26 2021 robots.txt
-rwxrwxr-x 1 775 www-data 2452 Dec 26 2021 status.php
drwxrwxr-x 1 www-data www-data 26 Dec 26 2021 themes
-rwxrwxr-x 1 775 www-data 383 Dec 26 2021 version.php
Web-Container:
nuc:/Nextcloud 2.0/new_live # docker-compose exec --user www-data web ls -al /var/www/html
total 112
drwxrwxr-x 1 775 xfs 412 Dec 17 16:07 .
drwxr-xr-x 1 www-data www-data 8 Dec 17 18:48 ..
-rwxrwxr-x 1 775 xfs 3296 Dec 26 2021 .htaccess
-rwxrwxr-x 1 775 xfs 101 Dec 26 2021 .user.ini
drwxrwxr-x 1 775 xfs 840 Dec 26 2021 3rdparty
-rwxrwxr-x 1 775 xfs 19327 Dec 26 2021 AUTHORS
-rwxrwxr-x 1 775 xfs 34520 Dec 26 2021 COPYING
drwxrwxr-x 1 775 xfs 1112 Dec 26 2021 apps
drwxrwxr-x 1 775 www-data 0 Dec 26 2021 config
-rwxrwxr-x 1 775 xfs 3924 Dec 26 2021 console.php
drwxrwxr-x 1 775 xfs 428 Dec 26 2021 core
-rwxrwxr-x 1 775 xfs 5226 Dec 26 2021 cron.php
drwxrwxr-x 1 775 www-data 0 Dec 26 2021 custom_apps
drwxrwxr-x 1 775 www-data 0 Dec 26 2021 data
-rwxrwxr-x 1 775 xfs 156 Dec 26 2021 index.html
-rwxrwxr-x 1 775 xfs 3455 Dec 26 2021 index.php
drwxrwxr-x 1 775 xfs 126 Dec 26 2021 lib
-rwxrwxr-x 1 775 xfs 283 Dec 26 2021 occ
drwxrwxr-x 1 775 xfs 18 Dec 26 2021 ocm-provider
drwxrwxr-x 1 775 xfs 50 Dec 26 2021 ocs
drwxrwxr-x 1 775 xfs 18 Dec 26 2021 ocs-provider
-rwxrwxr-x 1 775 xfs 3139 Dec 26 2021 public.php
-rwxrwxr-x 1 775 xfs 5340 Dec 26 2021 remote.php
drwxrwxr-x 1 775 xfs 158 Dec 26 2021 resources
-rwxrwxr-x 1 775 xfs 26 Dec 26 2021 robots.txt
-rwxrwxr-x 1 775 xfs 2452 Dec 26 2021 status.php
drwxrwxr-x 1 775 www-data 0 Dec 26 2021 themes
-rwxrwxr-x 1 775 xfs 383 Dec 26 2021 version.php
But If I set the permissions fro the ‘web’ container side:
the result is this:
docker-compose exec --user root web chown -R www-data:www-data /var/www/html
nuc:/Nextcloud 2.0/new_live # docker-compose exec --user www-data web ls -al /var/www/html
total 112
drwxrwxr-x 1 www-data www-data 412 Dec 17 16:07 .
drwxr-xr-x 1 www-data www-data 8 Dec 17 18:48 ..
-rwxrwxr-x 1 www-data www-data 3296 Dec 26 2021 .htaccess
-rwxrwxr-x 1 www-data www-data 101 Dec 26 2021 .user.ini
drwxrwxr-x 1 www-data www-data 840 Dec 26 2021 3rdparty
-rwxrwxr-x 1 www-data www-data 19327 Dec 26 2021 AUTHORS
-rwxrwxr-x 1 www-data www-data 34520 Dec 26 2021 COPYING
drwxrwxr-x 1 www-data www-data 1112 Dec 26 2021 apps
drwxrwxr-x 1 www-data www-data 0 Dec 26 2021 config
-rwxrwxr-x 1 www-data www-data 3924 Dec 26 2021 console.php
drwxrwxr-x 1 www-data www-data 428 Dec 26 2021 core
-rwxrwxr-x 1 www-data www-data 5226 Dec 26 2021 cron.php
drwxrwxr-x 1 www-data www-data 0 Dec 26 2021 custom_apps
drwxrwxr-x 1 www-data www-data 0 Dec 26 2021 data
-rwxrwxr-x 1 www-data www-data 156 Dec 26 2021 index.html
-rwxrwxr-x 1 www-data www-data 3455 Dec 26 2021 index.php
drwxrwxr-x 1 www-data www-data 126 Dec 26 2021 lib
-rwxrwxr-x 1 www-data www-data 283 Dec 26 2021 occ
drwxrwxr-x 1 www-data www-data 18 Dec 26 2021 ocm-provider
drwxrwxr-x 1 www-data www-data 50 Dec 26 2021 ocs
drwxrwxr-x 1 www-data www-data 18 Dec 26 2021 ocs-provider
-rwxrwxr-x 1 www-data www-data 3139 Dec 26 2021 public.php
-rwxrwxr-x 1 www-data www-data 5340 Dec 26 2021 remote.php
drwxrwxr-x 1 www-data www-data 158 Dec 26 2021 resources
-rwxrwxr-x 1 www-data www-data 26 Dec 26 2021 robots.txt
-rwxrwxr-x 1 www-data www-data 2452 Dec 26 2021 status.php
drwxrwxr-x 1 www-data www-data 0 Dec 26 2021 themes
-rwxrwxr-x 1 www-data www-data 383 Dec 26 2021 version.php
nuc:/Nextcloud 2.0/new_live # docker-compose exec --user www-data app ls -al /var/www/html
total 112
drwxrwxr-x 1 1000 82 412 Dec 17 17:07 .
drwxr-xr-x 1 www-data www-data 16 Dec 22 2021 ..
-rwxrwxr-x 1 1000 82 3296 Dec 26 2021 .htaccess
-rwxrwxr-x 1 1000 82 101 Dec 26 2021 .user.ini
drwxrwxr-x 1 1000 82 840 Dec 26 2021 3rdparty
-rwxrwxr-x 1 1000 82 19327 Dec 26 2021 AUTHORS
-rwxrwxr-x 1 1000 82 34520 Dec 26 2021 COPYING
drwxrwxr-x 1 1000 82 1112 Dec 26 2021 apps
drwxrwxr-x 1 www-data www-data 300 Dec 26 2021 config
-rwxrwxr-x 1 1000 82 3924 Dec 26 2021 console.php
drwxrwxr-x 1 1000 82 428 Dec 26 2021 core
-rwxrwxr-x 1 1000 82 5226 Dec 26 2021 cron.php
drwxrwxr-x 1 www-data www-data 0 Dec 26 2021 custom_apps
drwxrwxr-x 1 www-data www-data 136 Dec 26 2021 data
-rwxrwxr-x 1 1000 82 156 Dec 26 2021 index.html
-rwxrwxr-x 1 1000 82 3455 Dec 26 2021 index.php
drwxrwxr-x 1 1000 82 126 Dec 26 2021 lib
-rwxrwxr-x 1 1000 82 283 Dec 26 2021 occ
drwxrwxr-x 1 1000 82 18 Dec 26 2021 ocm-provider
drwxrwxr-x 1 1000 82 50 Dec 26 2021 ocs
drwxrwxr-x 1 1000 82 18 Dec 26 2021 ocs-provider
-rwxrwxr-x 1 1000 82 3139 Dec 26 2021 public.php
-rwxrwxr-x 1 1000 82 5340 Dec 26 2021 remote.php
drwxrwxr-x 1 1000 82 158 Dec 26 2021 resources
-rwxrwxr-x 1 1000 82 26 Dec 26 2021 robots.txt
-rwxrwxr-x 1 1000 82 2452 Dec 26 2021 status.php
drwxrwxr-x 1 www-data www-data 26 Dec 26 2021 themes
-rwxrwxr-x 1 1000 82 383 Dec 26 2021 version.php
Both approaches still do not work.
All images in use are up to date.
Is there anything i am doing wrong here?
Cheers!