Docker compose volume Permissions linux

According to the docker-compose and docker run reference, the user option sets the user id (and group id) of the process running in the container. If you set this to 1000:1000, your webserver is not able to bind to port 80 any more. Binding to a port below 1024 requires root permissions. This means you should remove the added user: 1000:1000 statement again.

To solve the permission issue with the shared volume, you need to change the ownership of the directory. Run chown 1000:1000 /path/to/volume. This can be executed inside the container or directly on the host system. The change is persistent and effective immediately (no container restarted required).

In general, I think the volume should be in a sub-directory, e.g.

  volumes:
    - ./public:/var/www/html

Make sure that the correct user owns ./public. If you start the container and the directory does not exist, docker creates it for you. In this case, the directory is owned by root and you need to change ownership manually as explained above.


Alternatively, you can run the webserver as an unprivileged user (user: 1000:1000), let the server listen on port 8080 and change the routing to

 ports:
    - "8080:8080"