0

I'm just learning Docker and took on a little pet project and wondering if something is possible permission wise with docker/nginx/php. I'm attempting to convert an old IIS-Windows/php/MySql project of mine to Docker/nginx/php/mysql

I'm most of the way there and have the 3 containers linked and all is working well EXCEPT, this system has a file upload/view/delete component to it. I want the "files" stored outside of the root html folder which is "/usr/share/nginx/html" in this case.

My Linux box has a 120 gb ssd where my os and docker solution live. I have a ~9 TB raid (4 3TB drive mdadm raid 5) mounted to the system as well, and that is where I'd like to store a folder "files" and allow my docker solution to read/write to it from the PHP web interface. I can't seem to get this to work.

I've added these volume maps to my docker-compose:

volume:
  - ./code:/usr/share/nginx/html
  - /mnt/md0/files:/usr/share/nginx/html/files

where "code" is my php code of course and it seems to work as far as the "files" folder being visible in the folder structure, but I can't write to it, php permission denied error. I've run:

docker exec -it [myNginxContainer] chown -Rf www-data.www-data /usr/share/nginx/html/files

and that does change the actual ownership of my folder on the raid to that, but can't write to it still from php. (doing this does work as I want it to if I put the actual "files" folder inside the code directory: /usr/share/nginx/html/ and remove the volume map in docker-compose, but I want it on the raid)

I even tried setting the folder permissions wide open:

chmod 777 /mnt/md0/files/

just so see if that would help and it doesn't. The permissions on that folder on the raid look like this after all this:

drwxrwxrwx 2 www-data www-data  4096 Jan 17 23:41 files

seems like that should be writable?

before I tear my hair out any more, is something like this even possible? And at some point I may even want that "files" location to be a mounted network location, but at least an "external-to-my-html" folder location for now.

MinnesotaSlim
  • 86
  • 4
  • Can you write to it manually via the www-data or root user from within the docker container? – Terry Sposato Jan 18 '21 at 04:36
  • Also what are the permissions of the folder on your host and what user are you running your containers from? – Terry Sposato Jan 18 '21 at 04:42
  • I am able to write to the "files" folder from within the container as root which is the only user available in a container that I know of. exec -it /bin/bash drops you into that container as root, and I can "touch" a file into that directory from that root prompt. Permissions on folder on host are in the original post - www-data user as owner (nginx web user), with write permissions wide open. I run the containers from my regular user account. – MinnesotaSlim Jan 18 '21 at 05:29
  • Can you show your Dockerfile and how you are invoking it when you run it normally? – Terry Sposato Jan 18 '21 at 06:01
  • Thank you @TerrySposato for your help I figured it out I think. I hadn't added the volume to my php docker service as well as my nginx service. After doing that, everything worked as I laid it out in my question. – MinnesotaSlim Jan 18 '21 at 15:39

1 Answers1

1

Consider running docker with your current host user. Here are some links that you can take a look at.:

How to run docker with current host user, when users are managed with Linux NIS (Network Information Service) Running as a host user within a Docker container https://jtreminio.com/blog/running-docker-containers-as-current-host-user/

brane
  • 585
  • 6
  • 20