Hi, I wanted to add another container to my stack and well, it got broken on the way. Now I am trying to fix one by one, starting with a minimal config of swag.
I am running on x86 with OMV and portainer, tried to deploy using docker-compose.yml on a stack that worked for 180 days.
I’ve seen the “ifelse: fatal: unable to exec : Permission denied” problem earlier, and must’ve fixed it somehow, but currently I am running out of ideas.
docker-compose
version: "3"
services:
nginx:
cap_add:
- NET_ADMIN
command:
- ""
container_name: nginx
entrypoint:
- /init
environment:
- PUID=1000
- PGID=100
- TZ=Europe/Berlin
- URL=myURL.duckdns.org
- VALIDATION=duckdns
- EMAIL=email
- PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
- HOME=/config
- TERM=xterm
- DUCKDNSTOKEN=abc123
- SUBDOMAINS=wildcard
- DHLEVEL=2048
- ONLY_SUBDOMAINS=false
- CRYPTOGRAPHY_DONT_BUILD_RUST=true
hostname: nginx
image: ghcr.io/linuxserver/swag:latest
ipc: private
networks:
- lsio
ports:
- 5443:443/tcp
- 5080:80/tcp
restart: unless-stopped
volumes:
- /home/aburczyk/dockerconfig/nginx:/config:rw
networks:
lsio:
# Use a custom driver
external: true
name: lsio
and the output:
aburczyk@vault:~$ docker-compose up
Building with native build. Learn about native build in Compose here: https://docs.docker.com/go/compose-native-build/
Creating nginx ... done
Attaching to nginx
nginx | [s6-init] making user provided files available at /var/run/s6/etc...exited 0.
nginx | [s6-init] ensuring user provided files have correct perms...exited 0.
nginx | [fix-attrs.d] applying ownership & permissions fixes...
nginx | [fix-attrs.d] done.
nginx | [cont-init.d] executing container initialization scripts...
nginx | [cont-init.d] 01-envfile: executing...
nginx | [cont-init.d] 01-envfile: exited 0.
nginx | [cont-init.d] 10-adduser: executing...
nginx |
nginx | -------------------------------------
nginx | _ ()
nginx | | | ___ _ __
nginx | | | / __| | | / \
nginx | | | \__ \ | | | () |
nginx | |_| |___/ |_| \__/
nginx |
nginx |
nginx | Brought to you by linuxserver.io
nginx | -------------------------------------
nginx |
nginx | To support the app dev(s) visit:
nginx | Certbot: https://supporters.eff.org/donate/support-work-on-certbot
nginx |
nginx | To support LSIO projects visit:
nginx | https://www.linuxserver.io/donate/
nginx | -------------------------------------
nginx | GID/UID
nginx | -------------------------------------
nginx |
nginx | User uid: 1000
nginx | User gid: 100
nginx | -------------------------------------
nginx |
nginx | [cont-init.d] 10-adduser: exited 0.
nginx | [cont-init.d] 20-config: executing...
nginx | [cont-init.d] 20-config: exited 0.
nginx | [cont-init.d] 30-keygen: executing...
nginx | using keys found in /config/keys
nginx | [cont-init.d] 30-keygen: exited 0.
nginx | [cont-init.d] 50-config: executing...
nginx | Variables set:
nginx | PUID=1000
nginx | PGID=100
nginx | TZ=Europe/Berlin
nginx | URL=---.duckdns.org
nginx | SUBDOMAINS=wildcard
nginx | EXTRA_DOMAINS=
nginx | ONLY_SUBDOMAINS=false
nginx | VALIDATION=duckdns
nginx | CERTPROVIDER=
nginx | DNSPLUGIN=
nginx | EMAIL=mail
nginx | STAGING=
nginx |
nginx | Using Let's Encrypt as the cert provider
nginx | SUBDOMAINS entered, processing
nginx | Wildcard cert for eiswerder.duckdns.org will be requested
nginx | E-mail address entered: burczyk6488@googlemail.com
nginx | duckdns validation is selected
nginx | the resulting certificate will only cover the subdomains due to a limitation of duckdns, so it is advised to set the root location to use www.subdomain.duckdns.org
nginx | Certificate exists; parameters unchanged; starting nginx
nginx | [cont-init.d] 50-config: exited 0.
nginx | [cont-init.d] 60-renew: executing...
nginx | The cert does not expire within the next day. Letting the cron script handle the renewal attempts overnight (2:08am).
nginx | [cont-init.d] 60-renew: exited 0.
nginx | [cont-init.d] 70-templates: executing...
nginx | [cont-init.d] 70-templates: exited 0.
nginx | [cont-init.d] 90-custom-folders: executing...
nginx | [cont-init.d] 90-custom-folders: exited 0.
nginx | [cont-init.d] 99-custom-files: executing...
nginx | [custom-init] no custom files found exiting...
nginx | [cont-init.d] 99-custom-files: exited 0.
nginx | [cont-init.d] done.
nginx | [services.d] starting services
nginx | [services.d] done.
nginx | ifelse: fatal: unable to exec : Permission denied
nginx | [cmd] exited 126
nginx | [cont-finish.d] executing container finish scripts...
nginx | [cont-finish.d] done.
nginx | [s6-finish] waiting for services.
nginx | [s6-finish] sending all processes the TERM signal.
nginx | [s6-finish] sending all processes the KILL signal and exiting.
aburczyk@vault:~$
and permissions:
aburczyk@vault:~$ ls -l dockerconfig/nginx/
drwxr-xr-x 2 aburczyk users 4096 Dez 28 14:15 crontabs
drwxr-xr-x 2 root root 4096 Dez 28 14:17 custom-cont-init.d
drwxr-xr-x 2 root root 4096 Dez 28 14:17 custom-services.d
drwxr-xr-x 2 aburczyk users 4096 Dez 28 14:39 dns-conf
drwxr-xr-x 3 aburczyk users 4096 Dez 28 14:15 etc
drwxr-xr-x 4 aburczyk users 4096 Dez 28 14:15 fail2ban
drwxr-xr-x 2 aburczyk users 4096 Dez 28 14:15 geoip2db
drwxr-xr-x 2 aburczyk users 4096 Dez 28 14:39 keys
drwxr-xr-x 6 aburczyk users 4096 Dez 28 14:15 log
drwxrwxr-x 4 aburczyk users 4096 Dez 28 14:15 nginx
drwxr-xr-x 2 aburczyk users 4096 Dez 28 14:15 php
drwxrwxr-x 2 aburczyk users 4096 Dez 28 14:15 www
aburczyk@vault:~$
my GID is 100 and UID is 1000 for user aburczyk. I am in docker group.
What else can I do?