Reputation: 11356
docker-compose mongo needs read permissions for all
The mongo image has this nice mount option to initialize a database. You can mount ./initdb.d/ and *.js will be executed.
However, my project files and directories are 600 and 700 respectively, owned by redsandro:redsandro. The mongo image cannot read them.
It doesn't matter if I add group read + execute (dir) (i.e. 640 and 750). Only when I add read permissions for all on the file, and read + execute permissions for all on the directory (i.e. 644 and 755, let's call that "plan C"), will the mongo image execute the script.
Is there a way I can keep my files private on my machine (e.g. no permissions for all AKA umask 007) and still have the mongo image read them?
Update: I'm looking for a way to do this with docker-compose options, variables, environment etc. Not with building a custom image. E.g. some images that have similar problems allow me to simply set user: 1000 (uid for local user). This doesn't work with the mongo image.
Upvotes: 2
Views: 447
Answers (1)
Reputation: 37048
You can copy files instead of mounting the directory. E.g. your Dockerfile can be something like that:
FROM mongo
COPY --chown=mongodb:mongodb /host/path/to/scripts/* /docker-entrypoint-initdb.d/
It means each time you change the scripts you will need to rebuild the image, not just re-create the container. It's a tiny layer on top of the base image so it shouldn't take much time to build the image.
Upvotes: 1
Related Questions
- Permission error with mongo when running docker
- start Mongodb container as non root user
- My local volume for mongodb gets permission denied when running docker-compose up
- Cannot access mongodb inside docker container
- Run Mongo in Docker with read-only FS
- Can't access to docker mongo without being root
- Docker compose:
- Authentication issue in Docker-MongoDB
- Permissions issue with Docker and Mac OSX
- Mongo docker with volume get error