I Broke My Media Volume

May 1, 2022, 11:22 a.m. by Avery Uslaner

Image?

If you can see this, it means I figured out how to solve the problem with my nginx container being unable to read the media volume from my Django/Wagtail container.

disable_chat_files.png

From my nginx logs:

2022/05/10 00:01:28 [error] 34#34: *4 open() "/app/media/images/disable_chat_files.width-800.png" failed (13: Permission denied), client: 69.162.230.182, server: averyuslaner.com, request: "GET /media/images/disable_chat_files.width-800.png HTTP/2.0", host: "averyuslaner.com", referrer: "https://averyuslaner.com/i-broke-my-media-volume/"

The static and media volumes are mounted to /app inside the nginx container. Their permissions:

root@e7b004ccbbb5:/# ls -lah /app/
total 16K
drwxr-xr-x  4 root root 4.0K Apr 27 00:17 .
drwxr-xr-x  1 root root 4.0K Apr 27 00:17 ..
drwxrwxr-x  4 5678 root 4.0K Apr 27 00:04 media
drwxrwxr-x 13 5678 root 4.0K Apr 25 20:09 static

Then then it looks like the child directories are not readable by other so that probably needs fixing:

root@e7b004ccbbb5:/# ls -lah /app/media/
total 16K
drwxrwxr-x 4 5678 root 4.0K Apr 27 00:04 .
drwxr-xr-x 4 root root 4.0K Apr 27 00:17 ..
drwxr-x--- 2 5678 root 4.0K May  1 17:23 images
drwxr-x--- 2 5678 root 4.0K May  1 17:23 original_images

But on the host, the permissions are different which seems kinda weird:

ave@averyuslaner:~/personal_website/web$ ls -lah media/
total 16K
drwxr--r-- 4 ave www-data 4.0K Apr 26 23:59 .
drwxrwxr-x 8 ave ave      4.0K Apr 25 19:53 ..
drwxr--r-- 2 ave www-data 4.0K Apr 26 23:59 images
drwxr--r-- 2 ave www-data 4.0K Apr 26 23:59 original_images

Probably to make things cleaner, I should start by moving the static and media folders out of the /app folder.