search

ep1cman / unifi-protect-backup

Python tool to backup unifi event clips in realtime
MIT License
577 stars 25 forks source link

Failed to run: 'rclone rcat - permission denied #80

Closed bamartinez2 closed 1 year ago

bamartinez2 commented 1 year ago

Description

Attempting to spin up unifi-protect-backup on my Synology NAS via portainer into docker. I am trying to read Protect recordings from my UDM SE, and store them locally on my NAS in its own Shared Folder.

What I Did

Attempted different iterations of a docker-compose stack deployment via portainer. The logs attached and docker-compose config shown is as close as I can get to working - but keep getting this permission denied error against what I think is activities looking for rclone. I installed rclone onto my NAS.. still getting the same errors. Looking for some advice/assistance with this one.

2023-03-05 01:35:07 [ DEBUG ] unifi_protect_backup.downloader : [63f90675035cd603e4003bc4] Camera: G4 Doorbell 2023-03-05 01:35:07 [ DEBUG ] unifi_protect_backup.downloader : [63f90675035cd603e4003bc4] Type: smartDetectZone (vehicle) 2023-03-05 01:35:07 [ DEBUG ] unifi_protect_backup.downloader : [63f90675035cd603e4003bc4] Start: 2023-02-24T13-48-15 (1677264495.373) 2023-03-05 01:35:07 [ DEBUG ] unifi_protect_backup.downloader : [63f90675035cd603e4003bc4] End: 2023-02-24T13-48-30 (1677264510.276) 2023-03-05 01:35:07 [ DEBUG ] unifi_protect_backup.downloader : [63f90675035cd603e4003bc4] Duration: 14.903s 2023-03-05 01:35:07 [ DEBUG ] unifi_protect_backup.downloader : [63f90675035cd603e4003bc4] Downloading video... 2023-03-05 01:35:07 [ WARNING ] unifi_protect_backup.utils : Failed to run: 'rclone rcat -vv "local:/data/G4 Doorbell/2023-02-23/2023-02-23T11-25-04 smartDetectZone (vehicle).mp4" 2023-03-05 01:35:07 [ WARNING ] unifi_protect_backup.utils : stdout: 2023-03-05 01:35:07 [ WARNING ] unifi_protect_backup.utils : stderr: 2023/03/05 01:35:07 DEBUG : Setting --config "/config/rclone/rclone.conf" from environment variable RCLONE_CONFIG="/config/rclone/rclone.conf" 2023/03/05 01:35:07 DEBUG : rclone: Version "v1.58.1-DEV" starting with parameters ["rclone" "rcat" "-vv" "local:/data/G4 Doorbell/2023-02-23/2023-02-23T11-25-04 smartDetectZone (vehicle).mp4"] 2023/03/05 01:35:07 DEBUG : Creating backend with remote "local:/data/G4 Doorbell/2023-02-23/" 2023/03/05 01:35:07 DEBUG : Using config file from "/config/rclone/rclone.conf" 2023/03/05 01:35:07 DEBUG : fs cache: renaming cache item "local:/data/G4 Doorbell/2023-02-23/" to be canonical "/data/G4 Doorbell/2023-02-23/" 2023/03/05 01:35:07 ERROR : 2023-02-23T11-25-04 smartDetectZone (vehicle).mp4: Post request rcat error: mkdir /data/G4 Doorbell: permission denied 2023/03/05 01:35:07 DEBUG : 4 go routines active 2023/03/05 01:35:07 Failed to rcat with 2 errors: last error was: mkdir /data/G4 Doorbell: permission denied 2023-03-05 01:35:07 [ WARNING ] unifi_protect_backup.uploader : [63f7935602d1d603e40030be] Failed to upload file: 'local:/data/G4 Doorbell/2023-02-23/2023-02-23T11-25-04 smartDetectZone (vehicle).mp4' 2023-03-05 01:35:07 [ DEBUG ] unifi_protect_backup.downloader : [63f90675035cd603e4003bc4] Downloaded video size: 2.7MiBs 2023-03-05 01:35:07 [ DEBUG ] unifi_protect_backup.downloader : [63f90675035cd603e4003bc4] Downloaded video length: 16.000s(+1.097s) 2023-03-05 01:35:07 [ DEBUG ] unifi_protect_backup.uploader : [63f7935602d1d603e40030be] Uploaded 2023-03-05 01:35:07 [ INFO ] unifi_protect_backup.uploader : [63f7742b0274d603e4002fcf] Uploading event: 63f7742b0274d603e4002fcf 2023-03-05 01:35:07 [ DEBUG ] unifi_protect_backup.uploader : [63f7742b0274d603e4002fcf] Remaining Upload Queue: 124 (507.7MiB) 2023-03-05 01:35:07 [ DEBUG ] unifi_protect_backup.uploader : [63f7742b0274d603e4002fcf] Destination: local:/data/G4 Doorbell/2023-02-23/2023-02-23T09-12-02 smartDetectZone (vehicle).mp4 2023-03-05 01:35:07 [ DEBUG ] unifi_protect_backup.downloader : [63f90675035cd603e4003bc4] Added to upload queue 2023-03-05 01:35:07 [ INFO ] unifi_protect_backup.downloader : [63f23bb70146d603e4000b77] Downloading event: 63f23bb70146d603e4000b77 2023-03-05 01:35:07 [ DEBUG ] unifi_protect_backup.downloader : [63f23bb70146d603e4000b77] Remaining Download Queue: 170 2023-03-05 01:35:07 [ DEBUG ] unifi_protect_backup.downloader : [63f23bb70146d603e4000b77] Video Download Buffer: 510.4MiB/512.0MiB

version: '3.3'
services:
    unifi-protect-backup:
        container_name: unifi-protect-backup
        hostname: unifi-protect-backup
        image: ghcr.io/ep1cman/unifi-protect-backup
        restart: always
        user: root
        environment:
            - 'UFP_USERNAME=protect_backup'
            - 'UFP_PASSWORD=REDACTED'
            - 'UFP_ADDRESS=10.10.20.1'
            - UFP_SSL_VERIFY=false
            - 'TZ=America/New_York'
            - RCLONE_RETENTION=90d
            #- 'RCLONE_DESTINATION=local:/data'
        volumes:
            #- '/volume1/Protect Backups/clips:/data'
            #- '/volume1/Protect Backups/database:/config/database/'
            #- '/volume1/Protect Backups/rclone.conf:/config/rclone/rclone.conf'
            - '/volume1/Protect Backups:/data'
ep1cman commented 1 year ago

Looks like the error is:

mkdir /data/G4 Doorbell: permission denied

which means that rclone does not have permissions to write to /data, as per your compose file that looks like its /volume1/Protect Backups on your host machine. Can you make sure that this directory is R/W for all users?

bamartinez2 commented 1 year ago

That was it - I expanded permissions on /volume1/Protect Backups to allow 'Everyone' R/W permissions. I was trying to have the container run as a specific user but was receiving an error that the account was not found in the passwd file... but it was in there. Which is why you see user: root in the docker-compose file. Super strange.

This will work for now I will work on limiting access at a later date perhaps! Thanks much!

bamartinez2 commented 1 year ago

Narrowed down to be a permissions issue with the shared folder in my NAS. Expanded to Everyone and alls working now.

ep1cman commented 1 year ago

This is a common issue with containers. It is caused by the user/group IDs not being consistent between the host OS and the container.

Please see here for details on fixing this: https://docs.linuxserver.io/general/understanding-puid-and-pgid