Hi,

I’m trying my best to setup Nextcloud on my mediaserver, but I cannot work out the permissions to my data folder.

My setup is as follows: proxmox server openmediavault VM with 8tb disk and nfs shares debian mediaserver with docker compose (including nextcloud docker)

the nfs share is set to 775. I linked it in my debian server through /etc/fstab. I can write to the folder without a problem.

In my docker compose file i linked /mnt/photos:/photos to the nextcloud container. When i login to my container i cannot write files to the folder.

When i change the share to 777, i can write files, but nextcloud setup stops and says my permissions are wide open, so it won’t continue the setup.

I turn it back to other:read/execute and the container cannot write to the folder anymore.

What am i doing wrong?

  • atzanteol@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Nextcloud uses the www-data user internally. Id is 33. You should be able to “chown 33 dirname” on the nfs server. That may work?

    • atek@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I want to try that, but i’ve got to add: i want to access this folder from my desktop too. i added it the same way in /etc/fstab and it worked instantly

      • atzanteol@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        4
        ·
        edit-2
        1 year ago

        That’s what group permissions are for. You can add yourself to the www-data group and chown www-data:www-data path. Then you and the container should be able to operate on the contents.

        • med@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Do not forget to log out and log back in after you add yourself to a new group. Your desktop environment is a program, and it won’t know about the update until you spawn a new graphical shell with the updated permissions.

  • Possibly linux@lemmy.zip
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    1 year ago

    You need to allow nextcloud to control the file permissions. You can do this with the no_root_squash option in the /etc config file

    • atek@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I added this! Your solution + chmod 0770 on my folder made it work. Thanks for helping!

  • ninjan@lemmy.mildgrim.com
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    1 year ago

    Try telling Docker its rw explicitly:

    • /mnt/photos:/photos:rw

    It should be rw by default but I can’t see what else could be happening. What account runs docker? What account runs nextcloud inside the container?

    • atek@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      how can i check which accounts are used? I think my normal user account sets up docker, with uid & gid = 1000. I don’t think i created an account in the container so probably root.

      • JASN_DE@feddit.de
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        The official NC docker container uses the “www-data” internally to run the services. This will get important if you ever want to run tasks via “docker compose exec”.

        • atek@lemm.eeOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          When I run: docker exec -it nextcloud bash I get: root@nextcloud:/var/www/html#, does this mean it uses www?

          • tvcvt@lemmy.ml
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            From that prompt, type ls -l. That will show you a listing of the items in the /var/www/html directory and there will be columns for the user and group that own each file. It will most likely say www-data.