When running the createBackup() command in Pocketbase, it fails because of the following error.
failed to create a temp dir: mkdir pb_data/.pb_temp_to_delete: operation not permitted
pb_data I believe is controlled by FUSE as part of LiteFS. I don’t believe I can change where the temp directory is written too for the backup operation.
How do I give pocketbase permissions to write to a create/write to/delete a directory within the FUSE controlled directory pb_data.
Dockerfile
# Build our application using a Go builder.
FROM golang:1.22 AS builder
WORKDIR /go/src/app
COPY . .
RUN go build -buildvcs=false -ldflags "-s -w -extldflags '-static'" -tags osusergo,netgo,fts5 -o /usr/local/bin/pocketbase ./
# Our final Docker image stage starts here.
FROM alpine:latest AS runtime
ARG LITEFS_CONFIG=litefs.yml
# Copy binaries from the previous build stages.
COPY --from=builder /usr/local/bin/pocketbase /usr/local/bin/pocketbase
COPY --from=flyio/litefs:0.5.11 /usr/local/bin/litefs /usr/local/bin/litefs
# Copy needed LiteFS configurations
ADD /etc/${LITEFS_CONFIG} /etc/litefs.yml
# Setup our environment to include FUSE & SQLite. We install ca-certificates
# so we can communicate with the Consul server over HTTPS. cURL is added so
# we can call our HTTP endpoints for debugging.
RUN apk add bash fuse3 sqlite ca-certificates curl
# Copy migrations, public, and views from local directory to container
COPY ./migrations /pb_migrations
COPY ./pb_public /pb_public
COPY ./views /views
# Run LiteFS as the entrypoint. After it has connected and sync'd with the
# cluster, it will run the commands listed in the "exec" field of the config.
#ENTRYPOINT litefs mount
ENTRYPOINT litefs mount
litefs.yaml
# The fuse section describes settings for the FUSE file system. This file system
# is used as a thin layer between the SQLite client in your application and the
# storage on disk. It intercepts disk writes to determine transaction boundaries
# so that those transactions can be saved and shipped to replicas.
fuse:
dir: "/pb_data"
# The data section describes settings for the internal LiteFS storage. We'll
# mount a volume to the data directory so it can be persisted across restarts.
# However, this data should not be accessed directly by the user application.
data:
dir: "/var/lib/litefs"
# This flag ensure that LiteFS continues to run if there is an issue on starup.
# It makes it easy to ssh in and debug any issues you might be having rather
# than continually restarting on initialization failure.
exit-on-error: false
# This section defines settings for the option HTTP proxy.
# This proxy can handle primary forwarding & replica consistency
# for applications that use a single SQLite database.
proxy:
addr: ":8080"
target: ":8055"
db: "data.db"
passthrough:
- "*.ico"
- "*.png"
# This section defines a list of commands to run after LiteFS has connected
# and sync'd with the cluster. You can run multiple commands but LiteFS expects
# the last command to be long-running (e.g. an application server). When the
# last command exits, LiteFS is shut down.
exec:
- cmd: "pocketbase migrate up"
if-candidate: true
- cmd: "pocketbase serve --http 0.0.0.0:8055"
# The lease section specifies how the cluster will be managed. We're using the
# "consul" lease type so that our application can dynamically change the primary.
#
# These environment variables will be available in your Fly.io application.
lease:
type: "consul"
advertise-url: "http://${FLY_ALLOC_ID}.vm.${FLY_APP_NAME}.internal:20202"
candidate: ${FLY_REGION == PRIMARY_REGION}
promote: true
consul:
url: "${FLY_CONSUL_URL}"
key: "litefs/${SHARED_APP_NAME}"
I don’t really understand fuse, and docker users, or even what user a machine has by default.
When I SSH into the machine, i see everything is root, but permissions look file.
Showing Permissions and Owner
2874dd6b3e2948:/# ls -al
total 108
drwxr-xr-x 1 root root 4096 Oct 6 23:11 .
drwxr-xr-x 1 root root 4096 Oct 6 23:11 ..
drwxr-xr-x 2 root root 4096 Oct 6 23:11 .fly
drwxr-xr-x 10 root root 4096 Oct 6 23:11 .fly-upper-layer
drwxr-xr-x 1 root root 4096 Oct 6 23:11 bin
drwxr-xr-x 10 root root 2660 Oct 6 23:11 dev
drwxr-xr-x 1 root root 4096 Oct 6 23:11 etc
drwxr-xr-x 2 root root 4096 Sep 6 11:34 home
drwxr-xr-x 7 root root 4096 Oct 6 23:03 lib
drwxr-xr-x 5 root root 4096 Sep 6 11:34 media
drwxr-xr-x 2 root root 4096 Sep 6 11:34 mnt
drwxr-xr-x 2 root root 4096 Sep 6 11:34 opt
drwxrwxrwx 1 root root 0 Oct 6 23:11 pb_data
drwxr-xr-x 2 root root 12288 Oct 6 21:14 pb_migrations
drwxr-xr-x 2 root root 4096 Aug 1 15:28 pb_public
dr-xr-xr-x 137 root root 0 Oct 6 23:11 proc
drwx------ 1 root root 4096 Oct 7 14:29 root
drwxr-xr-x 2 root root 4096 Sep 6 11:34 run
drwxr-xr-x 1 root root 4096 Oct 6 23:11 sbin
drwxr-xr-x 2 root root 4096 Sep 6 11:34 srv
dr-xr-xr-x 12 root root 0 Oct 6 23:11 sys
drwxrwxrwt 2 root root 4096 Sep 6 11:34 tmp
drwxr-xr-x 7 root root 4096 Sep 6 11:34 usr
drwxr-xr-x 1 root root 4096 Sep 6 11:34 var
drwxr-xr-x 5 root root 4096 Oct 6 20:18 views
Appreciate the help. This is blocking me from getting off of LiteFS Cloud, which is pending deprecation on the 15th.