How does one code locally with apps running in docker without permission conflicts on mounted directories?
Coding an webapp that runs on root inside the container, when this creates files it is created as root:root locally on my system. Now I can’t touch those files.
How are you supposed to do this the correct way? I tried this rootless setup, but that didn’t work out.
Yep already done that, running docker compose without sudo.
It was part of the documentation on the site so I never ended up with wrong permissions on my local folder, yet the stuff the containers create are owned by root:root
You need to make sure the main process inside you contaiener alligns with the UID:GID of the owner of the bind-mount in your local filesystem.
Inside your Dockerfile you need to create a non-privilged user, and declare the USER instruction to switch to this user. As a result all following instructions of the Dockerfile will be executed as this user. COPY will continue to copy files into the container as root:root, you will need to modify ownership to allign those files the non-proviliged user. If you create a container from such a container, the entrypoint script/main process will be started with thre restricted user. Please see Docker run reference | Docker Documentation for a reference how to override the UID:GID of the declared user of the USER instruction.