thought the community apps would be qualified to run ( somewhat ) out of the box. There is not much to configure in the App. So during startup i hit this
2025-11-13 14:29:11.765639+00:00Created elasticsearch keystore in /usr/share/elasticsearch/config/elasticsearch.keystore
Solutions might be to give write access to user 1000 .. askign ChatGPT
On TrueNAS SCALE the issue around UID/GID 1000 is well-known: many containerised Apps expect to run as user 1000 and group 1000, but the host system may not have a corresponding user/group with those IDs — yet the container still runs under 1000:1000. Here are the key points and how to handle them.
So my questions would be:
1.) If a community App is avail for TrueNas Scale, shouldnt it autom. offer to create the correct user?
2.) True Nas itself doesnt have a UID of 1000 pre-configured, reading the answer, it seems that some Apps requires this UID. Why is this not pre-configured in SCALE?
so…. you should probably be able to just sudo chown -R 1000:1000 /mnt/yourdir
you do not need a user on the host system, just the uid in the permissions set correctly for the ES container. if you get a “permission denied or something” when running that command as root you should check your ACL mode is set to passthrough and not restricted.
you can if you want to make a user with uid 1000 and give it permissions over the dataset in the GUI if you choose to, but like I said it’s not necessary. There will never be a pre-configured uid 1000 though as systems that started out on older versions of TrueNAS started users at 1000 and would naturally conflict.
as for why it’s in the catalogue if you need to set it correctly… welcome to docker and Linux in general, permissions will sometimes need adjusted as nothing is standardized and sometimes applications will insist on doing their own things.
most of the apps in the catalogue and quite a few docker images ie linuxserver.io do try to do a slight of hand and adjust the permissions blindly on startup if they see the ownership of the mapped directory is “wrong” but that is dangerous if misconfiguration is at play. and outright fails if you have restricted ACLs enabled.
the app catalogue is actually a Github repo that people can commit to. I don’t think there is a formal selection process but a lot seem to be done through PRs.
