Open mk53202 opened 4 years ago
Thanks for pointing this out. Sorry, I didn't adjust that after my recent refactoring.
This is due to the fact, that the fileshelter container now runs as read-only. So when the application starts up, it tries to create an uploads directory at /var/fileshelter which fails. To get around this, you can mount a host folder / volume to this container directory.
Example: Add the following to your volumes:
section in your compose file:
- ./application/uploads/:/var/fileshelter/
I should probably refactor the default compose file. Hope this is of help.
I'm using the current master where the docker-compose.production.yml
already includes that volume mount. I still see that same error. Plus does caddy need an update maybe?
docker-compose -f docker-compose.yml -f docker-compose.production.yml up
Starting fileshelter ...
Starting fileshelter ... done
Starting caddy ...
Starting caddy ... done
Attaching to fileshelter, caddy
fileshelter | Caught std::exception: filesystem error: cannot create directories: Permission denied [/var/fileshelter/files]
caddy | Activating privacy features...2020/04/24 07:49:50 registration error: acme: Error 403 - urn:acme:error:unauthorized - Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555. See https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430 for details.
Thanks for reporting this issue. I have just updated the Compose workflow with a new Caddy image. Also moved the volume mount to the regular docker-compose.yml
.
I tested this setup running a local testing environment with docker-compose up
on macOS 10.15.4 and Docker Desktop for Mac v2.2.0.5.
Hope this fixes your problems.
Thank you for the update! I still got the error afterwards, so I looked more into it. For me the problem appears to have triggered if the applications/uploads
subdir did not exist before starting the services the first time. The container actually creates the dir in the volume mount then, but still errors out. I've proposed a solution to prevent this in #3
Edit: The caddy issue also went away ofc
Thanks for your suggestions. Funny enough, I have been looking into the issue more over the weekend and have come to the same realisation. I think this will solve this issue for most situations.
Additionally I have tried to make the workflow more resilient should anyone decide to bind mount a different folder other than the initial uploads folder. I went with a docker-entrypoint.sh
script to take care of potential issues with folder permissions before handing over execution of the fileshelter process to an unprivileged user.
Hi,
I am too facing a permission problem:
Caught std::exception: filesystem error: cannot create directories: Permission denied [files]
I use this simple docker compose:
version: "3"
services:
fileshelter:
image: paulgalow/fileshelter
read_only: true # I have tried omitting this part
container_name: fileshelter
volumes:
- ./config/fileshelter.conf:/etc/fileshelter.conf:ro # I have tried omitting ":ro"
- ./data:/var/fileshelter
restart: unless-stopped
labels:
# Labels for Traefik reverse proxy, do not worry about these
- "traefik.enable=true"
- "traefik.http.routers.fileshelter.service=fileshelter"
- "traefik.http.routers.fileshelter.tls=true"
- "traefik.http.routers.fileshelter.tls.certresolver=dns-cloudflare"
- "traefik.http.routers.fileshelter.entrypoints=websecure"
- "traefik.http.services.fileshelter.loadbalancer.server.port=5091"
networks:
- web_proxy
# I have also tried omitting the following cap_drop
cap_drop:
- ALL
cap_add:
- CHOWN
- SETUID
- SETGID
networks:
web_proxy:
external:
name: web_proxy
I have tried creating the ./data
folder manually and I have chowned every folder with the user running the container but it still does not work.
Hi @paolobasso99,
it seems like you are using the FileShelter image that has been published to Docker Hub previously. I should probably remove that at some point. I have later changed the workflow to build the Docker image locally mainly for maintenance reasons. What happens if you clone this repo and build the Docker image yourself, i.e. replacing …
image: paulgalow/fileshelter
… with …
image: fileshelter
build:
context: ./application
dockerfile: Dockerfile
?
I've just tried and the same error persist.
Sounds like a permissions issue with your local filesystem. Perhaps it might be worth trying to persist data using a Docker volume instead of a bind mount?
Every time I run:
docker-compose up
I receive the following error:
fileshelter | Caught std::exception: filesystem error: cannot create directories: Permission denied [/var/fileshelter/files]
Any ideas? Mk...