Here is a simple dummy docker-compose :

version: '2.4'
services:
  webserver:
    image: "webserver:latest" // apache, nginx, caddy, whatever
  volumes:
    - "shared_storage:/app/storage/shared"

  analyser:
    image: "custom:latest" // any custom script doing stuff on a volume
  volumes:
    - "shared_storage:/local/storage/shared"

volumes:
  shared_storage

The problem is, the shared_storage is mounted as own by root with rights 644 (or any user I can set using user:) but the webserver is internally running as www-data user (whose I cannot know the id in advance). How can I grant the webserver the access to the shared_storage volume ?

Cheers

CodePudding user response：

Ok, I read dorin's resources and ended up with this working file:

version: '2.4'
services:
  grant:
    image: "webserver:latest" // apache, nginx, caddy, whatever
    volumes:
      - "shared_storage:/app/storage/shared"
    entrypoint: "bin/chown"
    command: ["www-data:www-data", "/app/storage/shared"]
  
  webserver:
    image: "webserver:latest" // apache, nginx, caddy, whatever
    depends_on: grant
    volumes:
      - "shared_storage:/app/storage/shared"

  analyser:
    image: "custom:latest" // any custom script doing stuff on a volume
    volumes:
      - "shared_storage:/local/storage/shared"

volumes:
  shared_storage

CodePudding user response：

With this setup Webserver and Analyzer should have write permissions into the shared volume. If there are files copied into the volume during build you can change ownership during build in the dockerfile like this:

COPY /someDirectory /app/storage/shared
RUN chown www-data:www-data /app/storage/shared -R

You should do this of course in the build of the container, that copys the files with the respective file path.