docs icon indicating copy to clipboard operation
docs copied to clipboard
verified publisher icon directus

Update 2.create-a-project.md

Open mihaon opened this issue 6 months ago • 4 comments

The https://directus.io/docs/getting-started/create-a-project contains a docker-compose.yml which will cause a permissions error when trying to upload files via the admin panel just after first start. It happens because docker "bind mount" host directory (in contrast to named volumes) is not initialized with owner/permissions taken from inside the container directory.

But since from Docker Compose 2.30 it became possible to use a post-start hook to fix this problem - https://docs.docker.com/compose/how-tos/lifecycle/#post-start-hooks.

So quick fix for .yml might be:

services:
    directus:
        # ...
        volumes:
            - ./database:/directus/database
            - ./uploads:/directus/uploads
            - ./extensions:/directus/extensions
        post_start:
            - command: chown node:node /directus/database /directus/uploads /directus/extensions
              user: root
        # ...

P.S.: this can also be fixed by adding chown to the CMD in the Dockerfile (like postgres docker image does)

mihaon avatar Aug 10 '25 14:08 mihaon

@mihaon is attempting to deploy a commit to the Directus Team on Vercel.

A member of the Team first needs to authorize it.

vercel[bot] avatar Aug 10 '25 14:08 vercel[bot]

Is this a specific problem when running the compose file on linux cause on Windows I'm not running into such problems?

Nitwel avatar Oct 16 '25 12:10 Nitwel

I don't know about Windows. Did you try to docker compose up without first creating the uploads directory?

In Linux I get:

$ ls -lh
-rw-rw-r--  1 m    m     533 Oct 19 16:08 docker-compose.yml

$ docker compose up

$ ls -lh
drwxr-xr-x  2 root root 4.0K Oct 19 16:09 database
drwxr-xr-x  2 root root 4.0K Oct 19 16:09 extensions
drwxr-xr-x  2 root root 4.0K Oct 19 16:09 uploads
-rw-rw-r--  1 m    m     533 Oct 19 16:09 docker-compose.yml

So, the node user from inside the container can't access to the root owned directories.

mihaon avatar Oct 19 '25 13:10 mihaon

Postgres docker image contains another workaround to prevent same issue: https://github.com/docker-library/postgres/blob/22ca5c8d8e4b37bece4d38dbce1a060583b5308a/18/trixie/docker-entrypoint.sh#L58

Workaround in the Dockerfile (like in the Postgres) is better then post_start command in the compose file because it doesn't complicate the compose file.

mihaon avatar Oct 19 '25 13:10 mihaon

Heya! Thanks for opening this PR :) There's indeed a permission problem on Linux specifically as Docker auto-creates bind-mounted directories that don't exist yet as root, which then can't be read by the node user which is what Directus is running under. We're currently calling out that those folders should be created ahead of time, which negates this issue on Linux:

https://github.com/mihaon/docs/blob/5549574887c37e0a65aee22821422dd2573363fc/content/getting-started/2.create-a-project.md?plain=1#L53

Adding a post_start adds a new complexity as it (as the name implies) runs after the main process starts. This in turn could mean that Directus can try to access these folders during startup before the chown completes. It also means the fix lives in user-land, meaning that we don't have an automated migration path once the post_start is no longer wanted.

I'll close this change as I don't think having all users add a post_start for a limited number of folks affected by this particular environment problem is the right move for (new) users, and will instead open an issue on the Directus repo 👍

rijkvanzanten avatar Feb 09 '26 21:02 rijkvanzanten