Permission for TrueCharts Compose applications - use app id / group

[mervincm]

I am having difficulty with docker-compose apps having the right permissions. I will keep things extremely simple to start, and look at moving to better practices later after I confirm my issues are not permissions related.
I am thinking using the apps id/group for everything would be the path of least resistance. PUID=568 PGUID=568

I build a dataset "data" for media and usenet/torrents, and perm set like this

I build a dataset "tc-compose" for True Charts Docker Compose apps (managed via portainer)

True Charts Docker Compose app was installed as default, so apps

Every docker container either has PUID/PGID set to 568, or not specified (some don't support it)


Is there anywhere else I should verify is owned by id:apps or is configured to use id:apps?
(EDIT: This is a bad design as the official app (plex at least) does NOT use the apps ID/group, nor use Something in Group-buildin_users)

 

[mervincm]

Even this simplified ... some things do not function as expected.

-My Offical Plex app can not see mounted media in the data dataset. I don't understand how this can be the case as the apps id is a built in user, the built in users group is allow full control

-my sabdnzdb container can not use files in the tc-compose dataset and similarly I can't understand why. it sees the file there but can not read some and can not modify others.

 

[morganL]

Even this simplified ... some things do not function as expected.

-My Offical Plex app can not see mounted media in the data dataset. I don't understand how this can be the case as the apps id is a built in user, the built in users group is allow full control

-my sabdnzdb container can not use files in the tc-compose dataset and similarly I can't understand why. it sees the file there but can not read some and can not modify others.

I changed the title of the thread so that its more clear this is a TrueCharts docker Compose issue

You seem to be indicating that each Docker container has its own issues, regardless of the Docker Compose settings... for example Plex has a default UID of 972. That would make sense, as each application needs to protect its own data.

 

[mervincm]

Plex has a default UID of 972

I don't have an id or a group for plex at all. I am very interested to know what ID the plex official app is using on my system, that might help me determine what permissions to add.

(EDIT: in Scale the official plex app uses UID:1000 PUID:1000)

I changed the title of the thread so that its more clear this is a TrueCharts docker Compose issue

I wasn't sure if it was. Plex, an official app, can not read media from the data dataset.
sure, some docker-compose apps are impacted, but plex and that dataset are pure TrueNAS scale.

 

[morganL]

I don't have an id or a group for plex at all. I am very interested to know what ID the plex official app is using on my system, that might help me determine what permissions to add.

I wasn't sure if it was. Plex, an official app, can not read media from the data dataset.
sure, some docker-compose apps are impacted, but plex and that dataset are pure TrueNAS scale.

Suggest you find the simplest issue.. and then document and resolve it.. One app at a time.
Adding additional app complexity, makes it harder for anyone to diagnose.

I think on SCALE, PLEX is UID of 1000 by default. There are a few threads you can read.

TrueNAS Scale + Plex

So I moved to TrueNAS Scale today after months of hemming and hawing. I expected less to be carried over in regards to settings etc but that portion has been slick. I realize there isn't a reasonable way to migrate jails to Scale so I understand needing to re-set up Plex. The options under the...

www.truenas.com

 

[mervincm]

You are right! I renamed the ID and the groups that were using 1000 to "plex" and then added plex ID and user to my data folder. Now as expected, Plex can access my media.


The issue with the sabnzbd container remains in that despite it using PUID/PGID set to 568 (config via docker log) it still outputs permissions errors that it can't write to a dataset owned by 568/568

 

[morganL]

Is that a TrueCharts app? If so, you might join their discord channel.

 

[mervincm]

Yes I added this container via truechart app “docker compose” unfortunately as this can get complex, they don’t offer official support for this particular application. In any case I have posted there and will clarify once more. Thank you!