this post was submitted on 20 Nov 2023
7 points (81.8% liked)

Selfhosted

40132 readers
546 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Hi,

I'm trying my best to setup Nextcloud on my mediaserver, but I cannot work out the permissions to my data folder.

My setup is as follows: proxmox server openmediavault VM with 8tb disk and nfs shares debian mediaserver with docker compose (including nextcloud docker)

the nfs share is set to 775. I linked it in my debian server through /etc/fstab. I can write to the folder without a problem.

In my docker compose file i linked /mnt/photos:/photos to the nextcloud container. When i login to my container i cannot write files to the folder.

When i change the share to 777, i can write files, but nextcloud setup stops and says my permissions are wide open, so it won't continue the setup.

I turn it back to other:read/execute and the container cannot write to the folder anymore.

What am i doing wrong?

all 14 comments
sorted by: hot top controversial new old
[–] [email protected] 4 points 11 months ago (2 children)

Nextcloud uses the www-data user internally. Id is 33. You should be able to "chown 33 dirname" on the nfs server. That may work?

[–] [email protected] 1 points 11 months ago (1 children)

I want to try that, but i've got to add: i want to access this folder from my desktop too. i added it the same way in /etc/fstab and it worked instantly

[–] [email protected] 4 points 11 months ago* (last edited 11 months ago) (1 children)

That's what group permissions are for. You can add yourself to the www-data group and chown www-data:www-data path. Then you and the container should be able to operate on the contents.

[–] [email protected] 2 points 11 months ago (1 children)

Do not forget to log out and log back in after you add yourself to a new group. Your desktop environment is a program, and it won’t know about the update until you spawn a new graphical shell with the updated permissions.

[–] [email protected] 2 points 11 months ago

Or just start a new login shell.

[–] [email protected] 1 points 11 months ago* (last edited 11 months ago) (1 children)

You need to allow nextcloud to control the file permissions. You can do this with the no_root_squash option in the /etc config file

[–] [email protected] 1 points 11 months ago

I added this! Your solution + chmod 0770 on my folder made it work. Thanks for helping!

[–] [email protected] 0 points 11 months ago (2 children)

Try telling Docker its rw explicitly:

  • /mnt/photos:/photos:rw

It should be rw by default but I can't see what else could be happening. What account runs docker? What account runs nextcloud inside the container?

[–] [email protected] 1 points 11 months ago

That won't fix it because its a permission issue at the NFS level

[–] [email protected] 1 points 11 months ago (1 children)

how can i check which accounts are used? I think my normal user account sets up docker, with uid & gid = 1000. I don't think i created an account in the container so probably root.

[–] [email protected] 1 points 11 months ago* (last edited 11 months ago) (1 children)

The official NC docker container uses the "www-data" internally to run the services. This will get important if you ever want to run tasks via "docker compose exec".

[–] [email protected] 1 points 11 months ago (1 children)

When I run: docker exec -it nextcloud bash I get: root@nextcloud:/var/www/html#, does this mean it uses www?

[–] [email protected] 1 points 11 months ago

From that prompt, type ls -l. That will show you a listing of the items in the /var/www/html directory and there will be columns for the user and group that own each file. It will most likely say www-data.