I am trying to install nodered using rootless Podman
(which should be compatible with Docker) with Bind Mount, but I am running into some permission issues where the converter crashes/exits at startup.
This is my compose.yml
version: "3.7"
services:
node-red:
container_name: node-red
image: nodered/node-red:latest
environment:
- TZ=Europe/Copenhagen
# ports:
# - "1880:1880"
networks:
- traefik
volumes:
- ~/data/node-red:/data
user: node-red # Tried podman:node-red, podman, ...
labels:
- "traefik.enable=true"
- "traefik.http.routers.node-red.rule=Host(`node-red.MYDOMAIN.TLD`)"
- "traefik.http.services.node-red.loadbalancer.server.port=1880"
- "traefik.docker.network=traefik"
networks:
traefik:
external: true
And this is the error I get from podman logs node-red
node:internal/fs/utils:347
throw err;
^
Error: EACCES: permission denied, copyfile '/usr/src/node-red/node_modules/node-red/settings.js' -> '/data/settings.js'
at Object.copyFileSync (node:fs:2847:3)
at copyFile (/usr/src/node-red/node_modules/fs-extra/lib/copy/copy-sync.js:64:6)
at onFile (/usr/src/node-red/node_modules/fs-extra/lib/copy/copy-sync.js:50:25)
at getStats (/usr/src/node-red/node_modules/fs-extra/lib/copy/copy-sync.js:42:44)
at Object.copySync (/usr/src/node-red/node_modules/fs-extra/lib/copy/copy-sync.js:32:10)
at Object.<anonymous> (/usr/src/node-red/node_modules/node-red/red.js:129:20)
at Module._compile (node:internal/modules/cjs/loader:1198:14)
at Object.Module._extensions..js (node:internal/modules/cjs/loader:1252:10)
at Module.load (node:internal/modules/cjs/loader:1076:32)
at Function.Module._load (node:internal/modules/cjs/loader:911:12) {
errno: -13,
syscall: 'copyfile',
code: 'EACCES',
path: '/usr/src/node-red/node_modules/node-red/settings.js',
dest: '/data/settings.js'
}
node:internal/fs/utils:347
throw err;
^
Error: EACCES: permission denied, copyfile '/usr/src/node-red/node_modules/node-red/settings.js' -> '/data/settings.js'
at Object.copyFileSync (node:fs:2847:3)
at copyFile (/usr/src/node-red/node_modules/fs-extra/lib/copy/copy-sync.js:64:6)
at onFile (/usr/src/node-red/node_modules/fs-extra/lib/copy/copy-sync.js:50:25)
at getStats (/usr/src/node-red/node_modules/fs-extra/lib/copy/copy-sync.js:42:44)
at Object.copySync (/usr/src/node-red/node_modules/fs-extra/lib/copy/copy-sync.js:32:10)
at Object.<anonymous> (/usr/src/node-red/node_modules/node-red/red.js:129:20)
at Module._compile (node:internal/modules/cjs/loader:1198:14)
at Object.Module._extensions..js (node:internal/modules/cjs/loader:1252:10)
at Module.load (node:internal/modules/cjs/loader:1076:32)
at Function.Module._load (node:internal/modules/cjs/loader:911:12) {
errno: -13,
syscall: 'copyfile',
code: 'EACCES',
path: '/usr/src/node-red/node_modules/node-red/settings.js',
dest: '/data/settings.js'
}
I read Running under Docker : Node-RED, but I still cannot understand what's so "special" about node-red that causes so many permissions issues with Bind Mounts. I am running several containers and either they run as "podman" (my Podman user) or a subuid/subgid of it configured in /etc/subuid and /etc/subgid.
What is so different that the nodered container cannot handle this kind of permissions for Bind mounts ?