Hey, I've been tinkering with proxmox for a couple of weeks now and I think I have a good working setup.
I have a zpool with 2 datasets. 1 dataset for media and personal stuff mounted on 2 containers (NAS (300) and webserver (310)). I mounted the dataset to the webserver lxc with its config file on the host cause I could not mount the NAS's samba share (operation not permitted) inside the lxc. 1 dataset for pictures mounted on a container running Immich (410). These are the config files.
(This is also wierd no?)
However something started bothering me. The home folders inside the containers of the users are owned by nobody:nobody and I can't change this. Is the purpose that we only make users for access to the mounts and use root to run everything? How can a user run anything if it doesn't have access to its home folder to store config files? I think I'm missing something.
Thanks.
I have a zpool with 2 datasets. 1 dataset for media and personal stuff mounted on 2 containers (NAS (300) and webserver (310)). I mounted the dataset to the webserver lxc with its config file on the host cause I could not mount the NAS's samba share (operation not permitted) inside the lxc. 1 dataset for pictures mounted on a container running Immich (410). These are the config files.
Code:
root@pve:~# cat /etc/pve/lxc/300.conf
arch: amd64
cores: 1
features: nesting=1
hostname: NAS
memory: 512
mp0: /mnt/share/media,mp=/mnt/share/media
mp1: /mnt/personal/steve,mp=/mnt/personal/steve
net0: name=eth0,bridge=vmbr0,firewall=1,gw=192.168.0.1,hwaddr=BC:24:11:61:0E:D4,ip=192.168.0.130/24,type=veth
onboot: 1
ostype: alpine
rootfs: local-lvm:vm-300-disk-0,size=8G
swap: 512
unprivileged: 1
lxc.idmap: u 0 100000 1300
lxc.idmap: g 0 100000 1300
lxc.idmap: u 1300 1300 1
lxc.idmap: g 1300 1300 1
lxc.idmap: u 1301 101301 64235
lxc.idmap: g 1301 101301 64235
Code:
root@pve:~# cat /etc/pve/lxc/310.conf
arch: amd64
cores: 1
features: nesting=1
hostname: Webserver
memory: 512
mp0: /mnt/share/media/,mp=/mnt/media
net0: name=eth0,bridge=vmbr0,firewall=1,gw=192.168.0.1,hwaddr=BC:24:11:38:47:99,ip=192.168.0.131/24,type=veth
ostype: alpine
rootfs: local-lvm:vm-310-disk-0,size=8G
swap: 512
unprivileged: 1
lxc.idmap: u 0 100000 1310
lxc.idmap: g 0 100000 1310
lxc.idmap: u 1310 1300 1
lxc.idmap: g 1310 1300 1
lxc.idmap: u 1311 101311 64225
lxc.idmap: g 1311 101311 64225
Code:
root@pve:~# cat /etc/pve/lxc/410.conf
arch: amd64
cores: 6
features: nesting=1
hostname: Immich
memory: 6144
mp0: /mnt/personal/pictures,mp=/mnt/pictures
net0: name=eth0,bridge=vmbr0,firewall=1,gw=192.168.0.1,hwaddr=BC:24:11:D3:C1:97,ip=192.168.0.141/24,type=veth
onboot: 1
ostype: alpine
rootfs: local-lvm:vm-410-disk-0,size=8G
swap: 512
unprivileged: 1
lxc.idmap: u 0 100000 1410
lxc.idmap: g 0 100000 1410
lxc.idmap: u 1410 1410 1
lxc.idmap: g 1410 1410 1
lxc.idmap: u 1411 101411 64125
lxc.idmap: g 1411 101411 64125
Code:
root@pve:~# cat /etc/subuid
root:100000:65536
root:1300:1
root:1310:1
root:1410:1
Code:
root@pve:~# cat /etc/subgid
root:100000:65536
root:1300:1
root:1310:1
root:1410:1
Code:
root@pve:~# ls -l /mnt/personal/
total 13
drwx------ 7 1410 1410 7 Jul 21 19:17 pictures
drwxr-xr-x 2 1300 1300 2 Jul 21 18:13 steve
Code:
root@pve:~# ls -l /mnt/personal/pictures/
total 2
drwxr-xr-x 3 100000 100000 3 Jul 21 19:17 encoded-video
drwxr-xr-x 3 100000 100000 3 Jul 21 19:35 library
drwxr-xr-x 3 100000 100000 3 Jul 21 19:13 thumbs
drwxr-xr-x 3 100000 100000 3 Jul 21 19:13 uploadHowever something started bothering me. The home folders inside the containers of the users are owned by nobody:nobody and I can't change this. Is the purpose that we only make users for access to the mounts and use root to run everything? How can a user run anything if it doesn't have access to its home folder to store config files? I think I'm missing something.
Thanks.
Last edited:
