I installed PhotoStructure via docker-compose and store my photos + PhotoStructure library remotely on a Synology NAS. The NAS folders are mounted to my Docker host using NFS and I can read/write to the NAS folders directly from the Docker host.
docker-compose up -d successfully starts a healthy PhotoStructure container and I am using user: 1000:1000 for more security as suggested in the docs. 1000:1000 correctly matches the user and group IDs of my Docker host. However, when I try to finish setup at http://localhost:1787, I get the following error:
Failed to save settings: Error: Could not mkdirp /ps/library/.photostructure
I entered the Docker container to check /ps folders and see the following permission issue for the /library folder:
drwxr-xr-x 1 root root 4.0K Jan 25 02:17 .
drwxr-xr-x 1 root root 4.0K Jan 25 02:17 ..
drwxr-xr-x 1 root root 4.0K Nov 8 23:50 app
drwxrwxr-x 4 node node 4.0K Jan 25 02:18 config
drwx------ 1 1027 users 1020 Jan 25 01:33 library
drwxrwxr-x 3 node node 4.0K Jan 25 02:15 logs
drwxrwxr-x 2 node node 4.0K Jan 25 02:14 tmp
Running docker-compose without user: 1000:1000 fixes the permission issue but I’d like to know how to do this without root for more security.
How can I get this working properly with user: 1000:1000?
What version of docker-compose and docker are you running?
Docker version 20.10.2, build 2291f61
docker-compose version 1.25.0, build unknown
If you docker exec -it sh into your running docker container, you can ps -ef and verify that the process is running with the correct uid.
The UID for all running processes is node. When I run it without user: 1000:1000, it’s root across the board.
I’m not running into the same permission errors/failures that the other post had, but will try updating to a later docker-compose version to see if that helps.
Ah: I missed the numeric UID that owns the library directory: your host machine’s 1027 user id owns the bind-mounted /ps/library directory. The container is running as UID 1000, which means it can’t write to that directory.
If you chmod go+rwx the library directory on your host machine, it still won’t be correct: PhotoStructure will be writing files into /ps/library that are owned by UID 1000.
What you need to do is enable Docker’s “username remapping” feature:
I’ll update the docker-compose instructions today with simple instructions.
I appreciate the helpful guidance. I was able to get PhotoStructure for Docker working by changing my host machine UID to 1027 and changing ownership of some folders to my user (they were previously owned by root since I ran the docker-compose without the user flag). I’ll have to look into and learn about the Docker username remapping feature you mentioned.
Looks good so far and I’m excited to put it through its paces
