Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docker compose container permission errors #571

Open
LukasRdm opened this issue Jul 18, 2024 · 2 comments
Open

Docker compose container permission errors #571

LukasRdm opened this issue Jul 18, 2024 · 2 comments
Labels
bug

Comments

@LukasRdm
Copy link

Docker container made with compose with bind mounts has many permission issues.

I am using docker compose to start the container.
Here is the docker-compose.yml:

version: "3"

x-logging:
&default-logging
options:
max-size: '50m'
max-file: '10'
driver: json-file

services:
nominatim:
container_name: nominatim
image: mediagis/nominatim:4.4
ports:
- "18080:8080"
environment:
PBF_URL: https://download.geofabrik.de/europe-latest.osm.pbf
REPLICATION_URL: https://download.geofabrik.de/europe-updates/
NOMINATIM_PASSWORD: secret
IMPORT_WIKIPEDIA: "true"
THREADS: 8
UPDATE_MODE: once
volumes:
- type: bind
source: /data/nominatim/db
target: /var/lib/postgresql/14/main
- type: bind
source: /data/nominatim/flatnode
target: /nominatim/flatnode
shm_size: 8gb
logging: *default-logging

First error is met at Postgres DB start up. Error says:
Starting PostgreSQL 14 database server * Error: The cluster is owned by user id 1026 which does not exist
This can be overcome by adding this line to compose file:
command: bash -c "sudo chown -R postgres:postgres /var/lib/postgresql/14/main && /app/start.sh"

Second and third error is met when trying to update the Nominatim data. The daily updates didn't come through, so I tried updating the data manually with command:
docker exec -it nominatim sudo -u nominatim nominatim replication --catch-up

The second error looks like:
PermissionError: [Errno 13] Permission denied: '/app/tokenizer

After manually giving permission with command:
docker exec -it container_id sudo chown nominatim:nominatim /app

I try to manually update again.
I get through the second error, but similar error pops up:
RuntimeError: Open failed for '/nominatim/osmosischange.osc': Permission denied

I am trying the same command:
docker exec -it container_id sudo chown nominatim:nominatim /app
Which should finally finish the update.

Desktop / Server (please complete the following information):

  • OS & Version: Ubuntu 24.04
  • Docker Version: 27.0.3
  • Nominatim Version: 4.4.0
@LukasRdm LukasRdm added the bug label Jul 18, 2024
@LukasRdm
Copy link
Author

Yes, after using command chown on folder /app for the second time, the update has successfully finished.

@LukasRdm LukasRdm reopened this Jul 25, 2024
@LukasRdm
Copy link
Author

I switched to normal volumes which solved the permission issues. Still had trouble with docker exec -it nominatim sudo -u nominatim nominatim replication --catch-up, but after using the --project-dir docker exec -it nominatim sudo -u nominatim nominatim replication --catch-up --project-dir /nominatim all went well. Automatic updates with parameter UPDATE_MODE=once in docker-compose still doesn't work tho.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@LukasRdm