Docker (compose) Permission denied

miuramiura
in Secrets Automation

I'm having trouble getting Connect up and running with Docker Compose. I believe my problems is somewhere related to a user and/or its rights. I am running Docker on my Synology NAS where I created a specific 'Shared Folder' named 1password. I also created an user (with has UID 1042) for further trial/error testing.

I currently have the following compose file:

version: "3.4"

services:
  1password-connect-api:
    image: 1password/connect-api:latest
    #user: "1042"
    ports:
      - "8888:8080"
    volumes:
      - /volume1/1password/1password-credentials.json:/home/opuser/.op/1password-credentials.json:ro
      - /volume1/1password/data:/home/opuser/.op/data
    restart: unless-stopped

  1password-connect-sync:
    image: 1password/connect-sync:latest
    #user: "1042"
    ports:
      - "8881:8080"
    volumes:
      - /volume1/1password/1password-credentials.json:/home/opuser/.op/1password-credentials.json:ro
      - /volume1/1password/data:/home/opuser/.op/data
    restart: unless-stopped

This gives me the following error from both containers:

unspecified err: stat /home/opuser/.op/data/1password.sqlite: permission denied

This led me to configure a '1password' user (UID 1042) and tell the containers to run as that user using:

user: 1042

This does get me through the permission denied problems (which makes me assume the 'user' does indeed work and 'do something'). But now it doesn't seem to be able and/or create the database:

1password-connect-api_1 | {"log_message":"(I) no database found, will retry in 1s","timestamp":"2022-01-14T13:13:28.600675519Z","level":3}
1password-connect-sync_1 | {"log_message":"(I) no existing database found, will initialize at /.op/data/1password.sqlite","timestamp":"2022-01-14T13:13:27.719489908Z","level":3}
1password-connect-sync_1 | Error: Server: (failed to OpenDefault), Wrapped: (failed to open db), unable to open database file: no such file or directory

I also tried to change the permissions of the Shared Folder and it's subfolder in order for 'Everyone' to have read/write, but then I get an error like 'Permissions too broad' (which seems quite fair and indeed very unwanted)

I am currently out of ideas on how to get this running. Anyone who can point me in the right direction?

1Password Version: 7.9.2
Extension Version: Not Provided
OS Version: macOS 12.1

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Format
Heading 1Heading 2
QuoteCodeSpoiler
Emoji
:):(;):p:'(:|8-)>_<
Url
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file
Home Secrets AutomationComment As ...