i2p-docker

i2p-docker copied to clipboard

I ran the command from the README on a Digital Ocean Docker image, and the image failed to start because i2prouter couldn't write to the volume. Initially this was as root, but I tried it after making a user account in the docker group and it still happened. I fixed it with chmod 777 ~/.i2p, after which the image would boot, but that doesn't seem like the correct solution.

Did you create the directory before you used it as a volume? I can see how that would lead to permission errors. When I run the command (without my host i2p config directory yet created) docker creates it with the correct user/group (i2psvc, or 104:107) and everything starts up fine. I think it might make sense to change the UID/GID in the image to be 1000:1000, so it works for most linux users who already created the directory with their default account. If you are having this issue even without creating the dir first let me know what OS you're on and I'll try to reproduce.

I am able to reproduce what str4d's issue. This is mostly a docker problem, but can be much better represented in the README. I'll find a nice fix.

Another proposal is to forcefully change the permissions of the i2p directory upon each launch. I.e. ENTRYPOINT chmod -R i2pvsvc:i2psvc /var/lib/i2p && /usr/bin/i2prouter

Thoughts @hkparker ?

@chris-barry What are you thinking the underlying problem is? Happy to help out as needed.

chmod on start isn't the worst solution as long as we have permission. Since we drop to i2psvc we don't have root so I'm not confident that will always work (and we don't want to run as root). It might be ideal for the java router to do the permission fixing so this fix could apply to other situations, but that wouldn't really have an impact on the aforementioned permission problem. Probably going to take some experimenting.

Making the permissions work auto-magically can be done, but requires some work: https://denibertovic.com/posts/handling-permissions-with-docker-volumes/

I encountered Permission Denied error on Synology NAS's docker, which only allows to use host directory for volume. Synology NAS docker only supports WebUI, there is no bash command to customize the docker container. I don't encounter this permission error in other containers on Synology NAS.

BTW I tried to run chown before start the app, and that does not help neither.

Same here

 ~> docker run -v ~/.i2p:/var/lib/i2p -p 127.0.0.1:4444:4444 -p 127.0.0.1:6668:6668 -p 127.0.0.1:7657:7657 geti2p/i2p
     
     
Running I2P Service...
mkdir: cannot create directory ‘/var/lib/i2p/.i2p’: Permission denied
Error creating /var/lib/i2p/.i2p! Edit /usr/bin/i2prouter and set I2P_CONFIG_DIR
to the correct location.

Would being able to specify a uid when creating the container be sufficient for your needs @wangjia184 and @devxpy? Because if so I'll just follow @chris-barry's linked article and make that happen (but probably have a default of 1000)