search

key-networks / ztncui

ZeroTier network controller UI
GNU General Public License v3.0
1.56k stars 230 forks source link

Perms? #26

Closed justinglock40 closed 4 years ago

justinglock40 commented 4 years ago

What permissions are needed when running in docker? 775 for user gives write access error. and setting to 777 gives SSL cert error.

Running the basic docker command it comes up fine?

key-networks commented 4 years ago

At what point do you get this error?

Have you had a look at https://github.com/key-networks/ztncui-containerized ?

justinglock40 commented 4 years ago

Yes I have. I set the volume to this --volume ztncui:/opt/key-networks/ztncui/etc/

But when the actually container is trying to boot it gives the error mkdir permissions could not create /opt/key-networks/ztncui/etc/storage

However, If I chmod that directory to 777. It makes it further into the install to at which point its looks for a SSL cert in the container. Should the container make its own SSL cert or does one need to be made and provided to the container?

justinglock40 commented 4 years ago

What permissions should it be run with. My default is with the 1000:1000 user and 775 for file/directory

key-networks commented 4 years ago

I forget the details and it would take some time for me to check out how I did it. I suggest that you clone https://github.com/key-networks/ztncui-containerized and use that as the basis for what you are trying to do.

justinglock40 commented 4 years ago

Got it figured out

axemann commented 4 years ago

Hi @justinglock40,

What did you end up having to do to remedy the issue? I'm running into the same thing using separate bind mounts for the zt1 and ztncui data, and I tried setting the ztncui directory to the same owner as zt1 (999:998), but that had no effect.

TIA

justinglock40 commented 4 years ago

    - name: 'Setting {{role}} Volumes'       set_fact:         role_volumes:           - '/opt/appdata/{{role}}/var:/var/lib/zerotier-one'           - '/etc/localtime:/etc/localtime:ro'     - name: 'Setting {{role}} ENV'       set_fact:         role_env:           PUID: '1000'           PGID: '1000'           HTTP_ALL_INTERFACES: 'XXX'     - name: 'Deploying Container for {{role}}'       docker_container:         name: '{{role}}'         image: '{{image}}'         pull: yes         volumes: '{{role_volumes}}'         env: '{{role_env}}'         restart_policy: always         devices:           - '/dev/net/tun:/dev/net/tun'         capabilities:           - NET_ADMIN         network_mode: host         state: started On Mar 22, 2020, 14:05 -0400, axemann notifications@github.com, wrote:

Hi @justinglock40, What did you end up having to do to remedy the issue? I'm running into the same thing using separate bind mounts for the zt1 and ztncui data, and I tried setting the ztncui directory to the same owner as zt1 (999:998), but that had no effect. TIA — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or unsubscribe.