Immich container fails to mount read-only volume
I am trying to deploy immich rootless on podman conainers. I use the docker-compose.yml from immich github. It works fine. I can bring up the application, and start use it. So far so good.
I mount my photo collection using a local override yml:
However, I have my photo collection owned by the group photo. This group has rwx access to the photo collection.
I want to let immich read files on there but not write files in the collection. So I cannot just make the container user member of photo group because that would give too much permission.
So instead, I use ACL to give rx permission to the user running the immich containers.
Now, this works when I test it on the filesystem. However, when I actually start immich containers, it fails to stat this folder.
This is likely due to something about the rootless/subgids...
I mount my photo collection using a local override yml:
However, I have my photo collection owned by the group photo. This group has rwx access to the photo collection.
I want to let immich read files on there but not write files in the collection. So I cannot just make the container user member of photo group because that would give too much permission.
So instead, I use ACL to give rx permission to the user running the immich containers.
Now, this works when I test it on the filesystem. However, when I actually start immich containers, it fails to stat this folder.
This is likely due to something about the rootless/subgids...
