vh/NetAlertX
1
0
Fork 0
mirror of https://github.com/jokob-sk/NetAlertX.git synced 2025-12-07 09:36:05 -08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

📚 file permissions guide #652

Browse Source
This commit is contained in:
jokob-sk
2024-05-27 19:25:24 +10:00
parent 0cf525bd30
commit bef7f87706
2 changed files with 34 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
docs/FILE_PERMISSIONS.md Normal file
View File

@@ -0,0 +1,33 @@
# Managing File Permissions for NetAlertX on Nginx with Docker
NetAlertX runs on an Nginx web server. On Alpine Linux, Nginx operates as the `nginx` user (user ID 101, group ID 82 - `www-data`). Consequently, files accessed or written by the NetAlertX application are owned by `nginx:www-data`.
Upon starting, NetAlertX changes the ownership of files on the host system mapped to `/app/config` and `/app/db` in the container to `nginx:www-data`. This ensures that Nginx can access and write to these files. Since the user in the Docker container is mapped to a user on the host system by ID:GID, the files in `/app/config` and `/app/db` on the host system are owned by a user with the same ID and GID (ID 101 and GID 82). On different systems, this ID:GID may belong to different users (on Debian, the user with ID 82 is `uuidd`), or there may not be a user with ID 82 at all.
While this generally isn't problematic, it can cause issues for host system users needing to access these files (e.g., backup scripts). If users other than root need access to these files, it is recommended to add those users to the group with GID 82. If that group doesn't exist, it should be created.
### Permissions Table for Individual Folders
| Folder | User | User ID | Group | Group ID | Permissions | Notes |
|----------------|--------|---------|-----------|----------|-------------|---------------------------------------------------------------------|
| `/app/config` | nginx | 101 | www-data | 82 | rwxr-xr-x | Ensure `nginx` can read/write; other users can read if in `www-data` |
| `/app/db` | nginx | 101 | www-data | 82 | rwxr-xr-x | Same as above |
### Steps to Add Users to Group
1. **Check if group exists:**
```sh
getent group www-data
```
2. **Create group if it does not exist:**
```sh
sudo groupadd -g 82 www-data
```
3. **Add user to group:**
```sh
sudo usermod -aG www-data <username>
```
Replace `<username>` with the actual username that requires access.

1
docs/README.md
View File

@@ -42,6 +42,7 @@ There is also an in-app Help / FAQ section that should be answering frequently a
- [Debugging UI not showing](/docs/WEB_UI_PORT_DEBUG.md)
- [Invalid JSON errors debug help](/docs/DEBUG_INVALID_JSON.md)
- [Troubleshooting Plugins](/docs/DEBUG_PLUGINS.md)
- [File Permissions](/docs/FILE_PERMISSIONS.md)
#### 🔝 Popular/Suggested