Docker Ubuntu permissions. Moved from Docker on mac

cburggraafeagerly · September 27, 2021, 6:35am

I just recently moved from Mac to Ubuntu. I’m a front-end developer and have a docker setup with a simple lemp.
Everything from my mac setup works on ubuntu, only i have problems with permissions on items that are created by a docker container(as example, mariadb files). I need sudo commands to remove them, also git don’t like this. Mac uses a fuse middleware that solves this problem

I searched a lot but i cant find an easy solution. Security wise opening everything up is no problem, i only use docker for development. But changing the permissions to my home user creates problems to the container it self. For maria-db i found a solution, using this image (Docker Hub) then i cant set the user and group id.

Is there any other solution?(also for the other containers)

My stack:

version: '3.7'
services:
  nginx:
    image: nginx:latest
    container_name: ${APP_NAME}-nginx
    volumes:
      - "./nginx/:/etc/nginx/templates/"
      - ./src:/var/www/html:rw,cached
    environment:
      - "NGINX_ENVSUBST_TEMPLATE_SUFFIX=.conf"
    depends_on:
      - app
    networks:
      - default
      - traefik
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.${APP_NAME}.rule=Host(`${DOMAIN}`) || Host(`www.${DOMAIN}`)${DOMAIN_ADDITIONAL}"
      - "traefik.http.routers.${APP_NAME}.entrypoints=websecure"
      - "traefik.http.services.${APP_NAME}.loadbalancer.server.port=80"
      - "traefik.docker.network=traefik_proxy"
    restart: on-failure

  mysql:
    image: mariadb
    container_name: ${APP_NAME}-mysql
    command: --lower_case_table_names=2
    volumes:
       - './data/db:/var/lib/mysql:delegated'
    environment:
      MYSQL_ROOT_PASSWORD: "${DB_ROOT_PASSWORD}"
      MYSQL_DATABASE: ${DB_NAME}
      MYSQL_USER: "${DB_USER}"
      MYSQL_PASSWORD: "${DB_USER_PASSWORD}"
    restart: on-failure

  app:
    build:
      context: .
      dockerfile: Dockerfile
      args:
        PHP_VERSION: ${PHP_VERSION:-7.4}-fpm
        COMPOSER: ${COMPOSER_VERSION:-1}
    container_name: ${APP_NAME}-app
    volumes:
      - ./src:/var/www/html:rw,cached
      - ./config/php.ini:/usr/local/etc/php/conf.d/php.ini
      - ~/.ssh/id_rsa:/root/.ssh/id_rsa:ro
      - ./wp-cli:/root/.wp-cli
      - $SSH_AUTH_SOCK:/ssh-auth.sock
    environment:
      WP_CLI_ALLOW_ROOT: "true"
      SSH_AUTH_SOCK: "/ssh-auth.sock"
    depends_on:
      - mysql
    restart: on-failure

  phpmyadmin:
    image: phpmyadmin/phpmyadmin
    container_name: ${APP_NAME}-phpmyadmin
    volumes:
      - ./config/phpmyadmin.ini:/usr/local/etc/php/conf.d/phpmyadmin.ini
    networks:
      - default
      - traefik
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.${APP_NAME}-pma.rule=Host(`phpmyadmin.${DOMAIN}`)"
      - "traefik.http.routers.${APP_NAME}-pma.entrypoints=websecure"
      - "traefik.http.services.${APP_NAME}-pma.loadbalancer.server.port=80"
      - "traefik.docker.network=traefik_proxy"
    environment:
      PMA_HOST: "${DB_HOST}"
      PMA_PORT: 3306
      MYSQL_ROOT_PASSWORD: "${DB_ROOT_PASSWORD}"
    restart: on-failure

networks:
  default:
    name: network_${APP_NAME}
  traefik:
    name: traefik_proxy
    external: true