TransWikia.com

How to map my host's to the container's user in docker-compose using the lebokus/docker-volume-bindfs plugin?

Unix & Linux Asked on December 24, 2021

I have a php dev stack setup through Dockerfiles and docker-compose. I mount the source tree and composer vendor folder to the container. My host’s local user philipp has id 1000 and my container uses user www-data with user id 33.

In order to map the id of the mounted volumes I installed the lebokus/docker-volume-bindfs plugin:

docker plugin install lebokus/bindfs

Now I have a service defintion in my docker-compose.yml:

  php-fpm:
    container_name: professionalworks
    build:
      context: .
      dockerfile: ./docker/php/Dockerfile
    env_file: .env
    volumes:
      - .:/var/www/html:delegated
      - ./vendor/:/var/www/html/vendor:delegated
      - ./docker/php/php.ini:/usr/local/etc/php/conf.d/php.ini
    depends_on:
      - mariadb
      - blackfire

And for the volume setting I have:

volumes:
  mariadb:
  php-fpm:
    driver: lebokus/bindfs:latest
    driver_opts:
      sourcePath: "${PWD}"
      map: "${UID}/33:@${UID}/@33"

Yet I see no effect in the container. The folder is still owned by host user:

$ id -u
33
$ stat . # or stat ./vendor
Uid: ( 1000/ UNKNOWN)   Gid: ( 1001/ UNKNOWN)

I must add that I know nothing about the internals of bindfs and even reading the bindfs man page about map did not enlighten me:

 --map=user1/user2:@group1/@group2:..., -o map=...
      Given a mapping user1/user2, all files owned by user1 are shown as owned by  user2.
      When  user2  creates  files, they are chowned to user1 in the underlying directory.
      When files are chowned to user2, they  are  chowned  to  user1  in  the  underlying
      directory. Works similarly for groups.

      A  single  user  or  group may appear no more than once on the left and once on the
      right of a slash in the list of mappings.   Currently,  the  options  --force-user,
      --force-group,  --mirror,  --create-for-*,  --chown-*  and  --chgrp-*  override the
      corresponding behavior of this option.

      Requires mounting as root.

Also, I want to mount three different folders/files, but the volume:

./docker/php/php.ini:/usr/local/etc/php/conf.d/php.ini`

should not map the user from the host.

Only these should:

  • ./:/var/www/html:delegated
  • ./vendor/:/var/www/html/vendor:delegated

I have tried different settings for the map options but I have no clue what they are actually doing. Esp. the @ symbol in some of the examples I found online really confuse me.

E.g. official docker-compose example uses:

driver_opts:
  sourcePath: "${PWD}"
  map: "${UID}/0:@${UID}/@0"

This user uses:

driver_opts:
  sourcePath: "${PWD}/../clients-service"
  map: "${UID:-1000}/33:@${UID:-1000}/@33"  

What’s the meaning of the @? Why would I want to use -1000?

And most importantly: How could I bind the volume from my host and have it map to the container’s user inside the container? Ideally, it could write bidirectictionally, meaning a file created on the host should be editable inside the container and vice versa. Can I, and if so, how can I achieve this using the lebokus/docker-volume-bindfs plugin?

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP