Question 2422 in Wordpress Question posted in
The official Wordpress documentation can be found here.

Docker Compose WordPress with pure-ftpd – FTP user has no write permissions

Kind of new to Docker, so please bear with me.

BACKGROUND:
I’ve setup the following containers in a Win 10 OS with WSL2:

WordPress + MariaDB + PhpMyAdmin + Pure-ftpd

I’m not binding my project files with my OS as it slows down the whole website. Instead, I’m using pure-ftpd to update my volumes.

This setup performs great! ATM my DB is about 1GB+, Files are about 500MB and Uploads are about 22 GB. *Chef’s kiss

PROBLEM:
When I create a file using FTP, this does not have "Write" permissions. So creating new scripts becomes impossible. A work around has been going to the volume and updating the file permission to "777"

pure-ftpd creates the files using user "1000", but when I try searching the user in the container, this returns nothing.

M I missing something on my .YML to allow pure-ftpd to write into the "wordpress" volume as "root"

This is my .YML

services:
#DATABASE
  db:
    container_name: cc_db
    # We use a mariadb image which supports both amd64 & arm64 architecture
    image: mariadb:10.6.9-focal
    command: '--default-authentication-plugin=mysql_native_password'
    volumes:
      - cc_db:/var/lib/mysql/****_woo
      - ./my_customized.cnf:/etc/mysql/my.cnf
    ports:
      - "3306:3306"  # To Allow Remote Connections
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=******++
      - MYSQL_DATABASE=******
      - MYSQL_USER=wordpress
      - MYSQL_PASSWORD=wordpress
    expose:
      - 3306
      - 33060

    networks:
      - cc_network

#PHPMYADMIN
  phpmyadmin:
    image: phpmyadmin/phpmyadmin
    depends_on:
      - db
    environment:
      - UPLOAD_LIMIT=768M
      - PMA_HOST:db
      - PMA_PORT:3306
      - PMA_ARBITRARY:1
      - MYSQL_ROOT_PASSWORD=******++
    restart: always
    ports:
      - 8080:80
    networks:
    - cc_network

#WORDPRESS
  wordpress:
    container_name: cc_wordpress
    #image: wordpress:latest
    # Current Website:  WordPress @ 6.0.2  -- PHP 8.1.10  -- Maria DB 10.6.9  :: Post Max Size: 128 MB , PHP Limit 120  :: Max Inpt Var 4500
    image: wordpress:6.0.2-php8.1
    ports:
      - 80:80
    restart: always
    networks:
      - cc_network
    environment:
      # our local dev environment
      - WORDPRESS_DEBUG:1
      - WORDPRESS_DB_HOST=db:3306
      - WORDPRESS_DB_USER=wordpress
      - WORDPRESS_DB_PASSWORD=wordpress
      - WORDPRESS_DB_NAME=*****
    volumes:
      - ./uploads.ini:/usr/local/etc/php/conf.d/uploads.ini
      - ./httpd/wp-config.php:/var/www/html/wp-config.php
      - ./httpd/.htaccess:/var/www/html/.htaccess
      - cc_wordpress:/var/www/html/wp-content:rw

  ftp:
    container_name: ftpd-server
    image: stilliard/pure-ftpd:hardened
    depends_on:
      - wordpress
    ports:
      - 21:21
      - 20:20
      - 30000-30009:30000-30009
    volumes:
     - cc_wordpress:/home/user/:rw
     - './ftp/pass:/etc/pure-ftpd/passwd'
    environment:
      PUBLICHOST: "10.47.61.236"
      FTP_USER_NAME: "user"
      FTP_USER_PASS: "*****++"
      FTP_USER_HOME: "/home/user"
      ADDED_FLAGS: "--tls=2"
      TLS_CN: "**** FTP"
      TLS_ORG: "*****"
      TLS_C: "US"
      MAX_CONNECTIONS: "20"
    restart: always
    
    networks:
      - cc_network


networks:
  cc_network:

volumes:
  cc_wordpress:
  cc_db:
Tags:

2

Answers


  1. 0

    According to the pure-ftpd documentation you could indicate the UID and GID of the FTP user using the appropriate environment variables:

    If you wish to set the UID & GID of the FTP user, use the FTP_USER_UID & FTP_USER_GID environment variables.

    The documentation provides as well an example of using pure-ftpd explicitly with WordPress. It mentions:

    In the WordPress container, the owner of the files has the UID 33 & GID 33, thus we set the UID & GID of the FTP user accordingly, providing the following code snipplet:

    version: "3.2"
services:
  web:
    image: wordpress:4.8-apache
    # other configs for wordpress
    volumes:
      - ./data/wordpress:/var/www/html
  ftp:
    # optionally replace username/repo:tag with your name and image details
    image: stilliard/pure-ftpd:latest
    deploy:
      replicas: 1
      restart_policy:
        condition: on-failure
    environment:
      PUBLICHOST: xxx.xxx.xxx.xxx
      FTP_USER_NAME: "bob"
      FTP_USER_PASS: "foobarqux"
      FTP_USER_HOME: "/var/www/html"
      FTP_USER_UID: 33
      FTP_USER_GID: 33
    volumes:
      - ./data/wordpress:/var/www/html
      - ./data/ftp:/etc/ssl/private
    ports:
      - target: 21
        published: 21
        protocol: tcp
        mode: host

# Bind each passive ports to the host
      - target: 30000
        published: 30000
        protocol: tcp
        mode: host
# ...

    Please, try modifying your docker-compose file accordingly, I suppose something similar to this:

    services:
#DATABASE
  db:
    container_name: cc_db
    # We use a mariadb image which supports both amd64 & arm64 architecture
    image: mariadb:10.6.9-focal
    command: '--default-authentication-plugin=mysql_native_password'
    volumes:
      - cc_db:/var/lib/mysql/****_woo
      - ./my_customized.cnf:/etc/mysql/my.cnf
    ports:
      - "3306:3306"  # To Allow Remote Connections
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=******++
      - MYSQL_DATABASE=******
      - MYSQL_USER=wordpress
      - MYSQL_PASSWORD=wordpress
    expose:
      - 3306
      - 33060

    networks:
      - cc_network

#PHPMYADMIN
  phpmyadmin:
    image: phpmyadmin/phpmyadmin
    depends_on:
      - db
    environment:
      - UPLOAD_LIMIT=768M
      - PMA_HOST:db
      - PMA_PORT:3306
      - PMA_ARBITRARY:1
      - MYSQL_ROOT_PASSWORD=******++
    restart: always
    ports:
      - 8080:80
    networks:
    - cc_network

#WORDPRESS
  wordpress:
    container_name: cc_wordpress
    #image: wordpress:latest
    # Current Website:  WordPress @ 6.0.2  -- PHP 8.1.10  -- Maria DB 10.6.9  :: Post Max Size: 128 MB , PHP Limit 120  :: Max Inpt Var 4500
    image: wordpress:6.0.2-php8.1
    ports:
      - 80:80
    restart: always
    networks:
      - cc_network
    environment:
      # our local dev environment
      - WORDPRESS_DEBUG:1
      - WORDPRESS_DB_HOST=db:3306
      - WORDPRESS_DB_USER=wordpress
      - WORDPRESS_DB_PASSWORD=wordpress
      - WORDPRESS_DB_NAME=*****
    volumes:
      - ./uploads.ini:/usr/local/etc/php/conf.d/uploads.ini
      - ./httpd/wp-config.php:/var/www/html/wp-config.php
      - ./httpd/.htaccess:/var/www/html/.htaccess
      - cc_wordpress:/var/www/html/wp-content:rw

  ftp:
    container_name: ftpd-server
    image: stilliard/pure-ftpd:hardened
    depends_on:
      - wordpress
    ports:
      - 21:21
      - 20:20
      - 30000-30009:30000-30009
    volumes:
     - cc_wordpress:/home/user/:rw
     - './ftp/pass:/etc/pure-ftpd/passwd'
    environment:
      PUBLICHOST: "10.47.61.236"
      FTP_USER_NAME: "user"
      FTP_USER_PASS: "*****++"
      FTP_USER_HOME: "/home/user"
      FTP_USER_UID: 33
      FTP_USER_GID: 33
      ADDED_FLAGS: "--tls=2"
      TLS_CN: "**** FTP"
      TLS_ORG: "*****"
      TLS_C: "US"
      MAX_CONNECTIONS: "20"
    restart: always
    
    networks:
      - cc_network


networks:
  cc_network:

volumes:
  cc_wordpress:
  cc_db:

    You are using the wordpress:6.0.2-php8.1 image which in turn is based on php:8.1-apache. As far I understand from the php:8.1-apache Dockerfile you would need to adjust the FTP_USER_UID and FTP_USER_GID variables to match the ones used to run Apache, I assume, the user www-data, created by default in Debian systems with UID and GID 33.

    Login or Signup to reply.
  2. 0

    Excellent answer by @jccampanero. Would like to add that you can docker exec something like pure-pw useradd yourusername -f /etc/pure-ftpd/passwd/pureftpd.passwd -m -u ftpuser -d /home/ftpusers/youruser. Also according to documentation,

    If you have any trouble with volume permissions due to the uid or gid
    of the created user you can change the -u flag for the uid you would
    like to use and/or specify -g with the group id as well. For more
    information see issue

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search