search

nextcloud / helm

A community maintained helm chart for deploying Nextcloud on Kubernetes.
GNU Affero General Public License v3.0
325 stars 264 forks source link

chown permission in nfs pvc #588

Open moisesf10 opened 3 months ago

moisesf10 commented 3 months ago

Describe your Issue

When starting the container, remove the script that performs chown and chmod operations in the /var/www/html directory. I use an nfs server for persistence and even though I configure it with chmod 777 and groups nobody:nogroup, the container fails due to an attempt to change permissions. Remove this and let users take care of file permissions, or add an entry to values.yaml so we can disable this functionality.

Another solution is to unlink "persistence.nextcloudData.enabled" from "persistence.enabled", as currently data persistence can only be activated if source code persistence is enabled. Unlink these options so that we can only activate data persistence and no longer have this problem

Logs and Errors

Initializing nextcloud 29.0.3.4 ...
rsync: [generator] chown "/var/www/html/." failed: Operation not permitted (1)
rsync: [generator] chown "/var/www/html/3rdparty" failed: Operation not permitted (1)
rsync: [generator] chown "/var/www/html/3rdparty/.patches" failed: Operation not permitted (1)
rsync: [generator] chown "/var/www/html/3rdparty/aws" failed: Operation not permitted (1)
rsync: [generator] chown "/var/www/html/3rdparty/aws/aws-crt-php" failed: Operation not permitted (1)
rsync: [generator] chown "/var/www/html/3rdparty/aws/aws-crt-php/ext" failed: Operation not permitted (1)
rsync: [generator] chown "/var/www/html/3rdparty/aws/aws-crt-php/src" failed: Operation not permitted (1)
rsync: [generator] chown "/var/www/html/3rdparty/aws/aws-crt-php/src/AWS" failed: Operation not permitted (1)
rsync: [generator] chown "/var/www/html/3rdparty/aws/aws-crt-php/src/AWS/CRT" failed: Operation not permitted (1)
rsync: [generator] chown "/var/www/html/3rdparty/aws/aws-crt-php/src/AWS/CRT/Auth" failed: Operation not permitted (1)
rsync: [generator] chown "/var/www/html/3rdparty/aws/aws-crt-php/src/AWS/CRT/HTTP" failed: Operation not permitted (1)
rsync: [generator] chown "/var/www/html/3rdparty/aws/aws-crt-php/src/AWS/CRT/IO" failed: Operation not permitted (1)
rsync: [generator] chown "/var/www/html/3rdparty/aws/aws-crt-php/src/AWS/CRT/Internal" failed: Operation not permitted (1)

Describe your Environment

helm install ..........
--set persistence.enabled=true \ #enabled just to make "persistence.nextcloudData.enabled" work
--set persistence.storageClass="nfs-client-production" \
--set persistence.accessMode="ReadWriteMany" \
--set persistence.nextcloudData.enabled=true \
--set persistence.nextcloudData.size="50Gi" \
--set persistence.nextcloudData.accessMode="ReadWriteMany" \
--set persistence.nextcloudData.storageClass="nfs-client-producao" \
jessebot commented 3 months ago

Hi @moisesf10, thanks for submitting an Issue. 🙏

When starting the container, remove the script that performs chown and chmod operations in the /var/www/html directory. I use an nfs server for persistence and even though I configure it with chmod 777 and groups nobody:nogroup, the container fails due to an attempt to change permissions. Remove this and let users take care of file permissions, or add an entry to values.yaml so we can disable this functionality.

Could you point to where this is happening? Are you referring to the docker container? If so, that is controlled upstream at the nextcloud/docker repo here and here:

You'd need to open an Issue/PR for that repo if you'd like to change the container.

Another solution is to unlink "persistence.nextcloudData.enabled" from "persistence.enabled", as currently data persistence can only be activated if source code persistence is enabled. Unlink these options so that we can only activate data persistence and no longer have this problem

This has been requested before, and we're happy to review a PR for this if you'd like to submit one.

Syntax3rror404 commented 1 month ago

This is not relevant for this helm chart. This is specific to your storage.

For example in the nfs-csi https://github.com/kubernetes-csi/csi-driver-nfs/blob/master/docs/driver-parameters.md You can simply enable a changemod before mounting it the first time.

Other CSIs like Trident makes a chmod and chown by default

This is not a problem in nextcloud, its a problem with you're storage configuration.