Just got TrueNAS up and running and I am trying to generate an SSL with Let’s Encrypt in NGINX. I get
PermissionError: [Errno 1] Operation not permitted: ‘/etc/letsencrypt/renewal/npm-6.conf’
I have checked and the user it’s running on has permissions to the folders and file. I did have another setup with the same domains, could that be it? Let’s Encrypt already has a cert for that domain?
Thanks for any help!
Lets Encrypt confirmed the cert was made, it seems like the NGINX app just cannot save it to the cert directory. It appears that permissions are correct as best as I can see.
I changed the app to run as 0, I know bad just for testing, and I still get the permissions error.
Looks like it’s creating the file but the file is empty. Also, I did set the UID\GID to 0 to test and got the same error. Just to verify, which user will need permissions? Just to make sure I am looking at the right UID
Did you ever fix this, I’m having the same issue
I had the same issue and did not want to run nginx as root. The permission issue seems to stem from the datasets having ACL restricted mode instead of passthrough. If you want to run nginx as apps (568), then the datasets should be owned by apps and ACL mode set to passthrough. I am using ElectricEel-24.10.0 and here is my nginx config:
Permissions for my cert storage:
Permissions for my data storage:
Make sure the datasets for your cert and data are set in passthrough mode:
You can also run it as any other user, just replace apps with the desired user id.
