NGINX not inheriting the right user/group

gigatexel commented 3 months ago

Current Behavior

I am trying to run the container on a Synology DS220 but without any luck.

I use the following compose file

USER_ID and GROUP_ID are corresponding to my personal admin account. When I start the container, it generates the necessary folders on my drive. The folders that are generated, have the corresponding ownership as configured in the above docker-compose:

However, it seems that the NGINX is not inheriting the correct user/group-id. When NGINX starts, it tries to create a file but fails to do:

[nginx       ] nginx: [alert] could not open error log file: open() "/config/log/nginx/error.log" failed (13: Permission denied)
[nginx       ] 2024/07/11 08:28:03 [emerg] 914#914: open() "/config/log/nginx/error.log" failed (13: Permission denied)

Using sudo docker run --rm jlesage/handbrake, it does start.

I remember one using this image that had the same issue: https://github.com/jlesage/docker-nginx-proxy-manager

Expected Behavior

No response

Steps To Reproduce

No response

Environment

No response

Container creation

version: "3.9" services: handbrake: image: jlesage/handbrake:latest container_name: HandBrake hostname: handbrake mem_limit: 4g cpu_shares: 768 security_opt:

no-new-privileges:true healthcheck: test: wget --no-verbose --tries=1 --spider http://localhost:5800 ports:
5821:5800 volumes:
/volume1/Media/handbrake/config:/config:rw
/volume1/Media/handbrake/storage:/storage:ro
/volume1/Media/handbrake/watch:/watch:rw
/volume1/Media/handbrake/output:/output:rw environment: USER_ID: 1026 GROUP_ID: 100 TZ: Europe/Brussels DARK_MODE: 1 VNC_LISTENING_PORT: -1 AUTOMATED_CONVERSION: 0 # Info under: https://github.com/jlesage/docker-handbrake#automatic-video-conversion restart: on-failure:5

Container log

see above

Container inspect

No response

Anything else?

No response

jlesage commented 3 months ago

USER_ID and GROUP_ID are corresponding to my personal admin account.

Is this the stijn account ?

You might want to double check that all files/folders under /volume1/Media/handbrake/config have the correct ownership.

ls -ld /volume1/Media/handbrake/config
ls -l /volume1/Media/handbrake/config/

gigatexel commented 3 months ago

USER_ID and GROUP_ID are corresponding to my personal admin account.

Is this the stijn account ?

You might want to double check that all files/folders under /volume1/Media/handbrake/config have the correct ownership.
ls -ld /volume1/Media/handbrake/config
ls -l /volume1/Media/handbrake/config/

I recently found the cause of this error. With Synology you not only need to check the ownership of the folders you map to the docker account. You also need to set the right permissions in the Permissions tab of the folder. This is not linked to the uid/gid on the folder as displayed in the ssh console. Would you like me to clarify this in a PR for the docs?

jlesage / docker-handbrake