I run a proxmox server and inside use a lot of little LXC containers running alpine with docker installed.
Until now I ran all these as root users (within the LXC container).
But to improve security, I created a separate docker user, added this user to the docker group and fixed the socket permissions:
Here is the output of
After this I created a docker-compose.yml file and added the following content:
And finally I ran the
But the container always gets a permission denied error, when it tries to access the mounted volumes (which it create itself, but apparently as root user):
Why are the files created as root user and why does the container not have any permissions to the folders? The
When I run the docker as a command instead of the compose file, I have the same issue
Bash:
apk add docker
apk add docker-compose
rc-update add docker bootUntil now I ran all these as root users (within the LXC container).
But to improve security, I created a separate docker user, added this user to the docker group and fixed the socket permissions:
Bash:
addgroup -g 1000 docker
adduser -u 1000 -G docker docker
chmod 666 /var/run/docker.sockHere is the output of
id docker:
After this I created a docker-compose.yml file and added the following content:
YAML:
version: '3.8'
services:
npm:
image: jlesage/nginx-proxy-manager
container_name: NPM
restart: always
user: 1000:1000
ports:
- 80:8080/tcp
- 81:8181/tcp
- 443:4443/tcp
volumes:
- ~/files/npm:/configAnd finally I ran the
docker-compose up command.But the container always gets a permission denied error, when it tries to access the mounted volumes (which it create itself, but apparently as root user):
Why are the files created as root user and why does the container not have any permissions to the folders? The
user: 1000:1000 option in the compose file should do the trick, right?When I run the docker as a command instead of the compose file, I have the same issue
