search

invoiceninja / dockerfiles

Docker files for Invoice Ninja
https://hub.docker.com/r/invoiceninja/invoiceninja
GNU General Public License v2.0
419 stars 268 forks source link

"rm: can't remove '/var/www/app/docker-backup-storage/" when using NFS share #393

Closed justsomebody42 closed 3 years ago

justsomebody42 commented 3 years ago

Hi!

I'm trying to run InvoiceNinja via Helm Chart. The node invoiceninja is scheduled on runs on Ubuntu.

I'm using an existing claim that uses an NFS volume (which resides on a Synology NAS):

---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: invoiceninja-storage
  labels:
    app: invoiceninja-storage
spec:
  capacity:
    storage: 10Gi
  accessModes:
    - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  storageClassName: manual
  claimRef:
    name: invoiceninja-storage
    namespace: invoiceninja
  nfs:
    server: 192.168.1.110
    path: "/volume1/Kubernetes/invoiceninja/storage"

I have double checked permissions and tried the volumePermissions init container without success. All I get in the logs of the invoiceninja container is:

rm: can't remove '/var/www/app/docker-backup-storage/framework/sessions/.gitignore': Permission denied
rm: can't remove '/var/www/app/docker-backup-storage/framework/.gitignore': Permission denied
rm: can't remove '/var/www/app/docker-backup-storage/framework/views/.gitignore': Permission denied
rm: can't remove '/var/www/app/docker-backup-storage/framework/cache/.gitignore': Permission denied
rm: can't remove '/var/www/app/docker-backup-storage/framework/testing/.gitignore': Permission denied
rm: can't remove '/var/www/app/docker-backup-storage/app/.gitignore': Permission denied
rm: can't remove '/var/www/app/docker-backup-storage/logs/.gitignore': Permission denied

Even when I delete these files manually, the container won't continue...

I have set:

podSecurityContext:
  fsGroup: 65537

containerSecurityContext:
  runAsNonRoot: true
  runAsUser: 1032
  runAsGroup: 65537

The files and folders belong to the correct user which has all permissions... I tried without runAsNonRoot: true, which failed as well.

Any suggestions where I might have overlooked something? Or is this an issue with the NFS mounts?

Thanks in advance!

lwj5 commented 3 years ago

Right now you cannot change run as user. As the files are owned by 1500

justsomebody42 commented 3 years ago

And it now runs like a charm... Yikes. Thanks a lot for the hint!