container won't start when data dir is NFS mount
pmenzel opened this issue · 4 comments
pmenzel commented
Hi,
I mounted an NFS share in my RPi filesystem for usage of the backuppc data directory. When I start the container with:
docker run --name backuppc --publish 8005:8080 --volume /home/pi/docker-data/backuppc/etc:/etc/backuppc --volume /home/pi/docker-data/backuppc/home:/home/backuppc --volume /mnt/backuppc-data/:/data/backuppc adferrand/backuppc
it starts the setup, but then exits early, producing this output:
First run of the container. BackupPC will be installed. If exist, configuration and data will be reused and upgraded as needed.
Found /etc/backuppc/config.pl, so this is an upgrade of an
existing BackupPC installation. We will verify some existing
information, but you will probably not need to make any
changes - just hit ENTER to each question.
I found the following locations for these programs:
bzip2 => /usr/bin/bzip2
cat => /bin/cat
df => /bin/df
gtar/tar => /usr/bin/tar
gzip => /usr/bin/gzip
hostname => /bin/hostname
nmblookup => /usr/bin/nmblookup
par2 => /usr/bin/par2
perl => /usr/bin/perl
ping => /bin/ping
ping6 => /bin/ping6
rrdtool => /usr/bin/rrdtool
rsync => /usr/bin/rsync
rsync_bpc => /usr/local/bin/rsync_bpc
sendmail => /usr/sbin/sendmail
smbclient => /usr/bin/smbclient
split => /usr/bin/split
ssh/ssh2 => /usr/bin/ssh
--> Are these paths correct? [y]
Failed to create or chown /data/backuppc
Please tell me the hostname of the machine that BackupPC will run on.
--> BackupPC will run on host [beffef4e55f9]
BackupPC should run as a dedicated user with limited privileges. You
need to create a user. This user will need read/write permission on
the main data directory and read/execute permission on the install
directory (these directories will be setup shortly).
The primary group for this user should also be chosen carefully.
The data directories and files will have group read permission,
so group members can access backup files.
--> BackupPC should run as user [backuppc]
Please specify an install directory for BackupPC. This is where the
BackupPC scripts, library and documentation will be installed.
--> Install directory (full path) [/usr/local/BackupPC]
Please specify a data directory for BackupPC. This is where all the
PC backup data is stored. This file system needs to be big enough to
accommodate all the PCs you expect to backup (eg: at least several GB
per machine).
--> Data directory (full path) [/data/backuppc]
BackupPC has SCGI and CGI perl interfaces that run under Apache. You need
to pick which one to run.
For SCGI, Apache uses the scgi_mod module to communicate with BackupPC_Admin_SCGI,
which handles the requests. This allows Apache to run as a different user as
backuppc. To use SCGI you need to set SCGIServerPort to any spare
non-privileged TCP port number. A negative value disables SCGI.
** Important security warning!! The SCGIServerPort must not be accessible by
** anyone untrusted. That means you can't allow untrusted users access to the
** BackupPC server, and you should block the SCGIServerPort TCP port from
** network access.
The traditional alternative is to use CGI. In this case, an executable needs
to be installed Apache's cgi-bin directory. This executable needs to run as
set-uid backuppc, or it can be run under mod_perl with Apache
running as user backuppc.
--> SCGI port (-1 to disable) [-1]
--> CGI bin directory (full path, or empty for no CGI) [/var/www/cgi-bin/BackupPC]
BackupPC's CGI and SCGI script need to display various PNG/GIF
images that should be stored where Apache can serve them. They
should be placed somewhere under Apache's DocumentRoot. BackupPC
also needs to know the URL to access these images. Example:
Apache image directory: /var/www/htdocs/BackupPC
URL for image directory: /BackupPC
The URL for the image directory should start with a slash.
--> Apache image directory (full path, or empty for no S/CGI) [/var/www/html/BackupPC]
--> URL for image directory (omit http://host; starts with '/', or empty for no S/CGI) [/BackupPC]
Ok, we're about to:
- install the binaries, lib and docs in /usr/local/BackupPC
- create the data directory /data/backuppc
- optionally install the cgi-bin interface
- create/update the config.pl file /etc/backuppc/config.pl
--> Do you want to continue? [y]
Created /usr/local/BackupPC/bin
Created /usr/local/BackupPC/share
Created /usr/local/BackupPC/share/doc
Created /usr/local/BackupPC/share/doc/BackupPC
Created /usr/local/BackupPC/lib
Created /usr/local/BackupPC/lib/BackupPC
Created /usr/local/BackupPC/lib/BackupPC/CGI
Created /usr/local/BackupPC/lib/BackupPC/Config
Created /usr/local/BackupPC/lib/BackupPC/Lang
Created /usr/local/BackupPC/lib/BackupPC/Storage
Created /usr/local/BackupPC/lib/BackupPC/Xfer
Created /usr/local/BackupPC/lib/BackupPC/Zip
Created /usr/local/BackupPC/lib/Net
Created /usr/local/BackupPC/lib/Net/FTP
Created /var/www/html/BackupPC
The mount point /mnt/backuppc-data/ is writeable by the pi user.
It can also be written to from within Docker, e.g. using as test container: docker run -it --name my-volume-test -v /mnt/backuppc-data/:/data centos /bin/bash
Also the image works fine, when the data dir is a regular folder.
pmenzel commented
The next log lines should be:
Created /data/backuppc
Created /data/backuppc/pool
Created /data/backuppc/cpool
Created /data/backuppc/pc
Created /etc/backuppc
Created /data/backuppc/log
Created /var/run/BackupPC
I guess it fails to create /data/backuppc. But that path should exist already through the volume mapping..
pmenzel commented
The data dir is passed to the backuppc configure script here:
https://github.com/adferrand/docker-backuppc/blob/master/files/entrypoint.sh#L62
which then tries to chown the folder here:
https://github.com/backuppc/backuppc/blob/master/configure.pl#L918
which will fail on mounted folders.
One workaround could be to set option --no-set-perms
https://github.com/backuppc/backuppc/blob/master/configure.pl#L1416
when calling configure.pl in the entry point.
pmenzel commented
A workaround to solve this issue
- download
entrypoint.shfrom the repository and replace the call toconfigure.plhere:
docker-backuppc/files/entrypoint.sh
Line 58 in abf846b
with
perl configure.pl \
--batch \
--config-dir /etc/backuppc \
--cgi-dir /var/www/cgi-bin/BackupPC \
--data-dir /data/backuppc \
--log-dir /data/backuppc/log \
--hostname "$HOSTNAME" \
--html-dir /var/www/html/BackupPC \
--html-dir-url /BackupPC \
--install-dir /usr/local/BackupPC \
--backuppc-user "$BACKUPPC_USERNAME" \
--no-set-perms \
$configure_admin
chown -R "$BACKUPPC_USERNAME":"$BACKUPPC_GROUPNAME" /etc/backuppc /home/backuppc /usr/local/BackupPC /var/www/html/BackupPC /var/www/cgi-bin/BackupPC /var/run/BackupPC
chmod a+x /usr/local/BackupPC/bin/*
- place the modified
entrypoint.shto the bind mount that will be/etc/backuppcin the container. - then use this yaml file for docker compose to create the container:
---
services:
backuppc:
image: adferrand/backuppc
# override entrypoint by our own script and not use /entrypoint.sh from the image
entrypoint: "/etc/backuppc/entrypoint.sh"
# add command here again, as it is required when overriding the entrypoint, see https://docs.docker.com/compose/compose-file/#entrypoint
command: "/usr/bin/supervisord -c /etc/supervisord.conf"
container_name: backuppc
environment:
- PUID=1000
- PGID=1000
volumes:
- /my/docker-data/backuppc/etc:/etc/backuppc
- /my/docker-data/backuppc/home:/home/backuppc
- /my/nfs/mount:/data/backuppc
ports:
- 8080:8080 # Web UI
restart: "unless-stopped"