Some of the apps I listed run their main containers permanently as root. When I next have significant free time I’ll look into contributing to the various apps to remedy this.
This defeats the purpose of the default truenas container system. If I wanted to do things the hard but right way I’d run proxmox.
(I mean proxmox replacing truenas, not in addition to.)
There’s quite a bit of daylight between “install Dockge/Portainer and use normal Compose files” and “set up a Proxmox host, set up remote access to your TrueNAS storage over to that host, and install all your software there.”
Sure, it’d be nice to have a regularly-maintained, high-quality apps catalog. I frankly doubt we ever will, and especially one that will continue to be so in the long term.
1 Like
Yeah, I do that too. I run TrueNAS scale virtualized inside of Proxmox. I pass through a second drive controller and everything works fine. I love TrueNAS for its NAS functions, but to be honest, its virtualization capabilities didn’t float my boat at all. But you overlook what I think is thebest part of having docker in TrueNAS, which is I don’t have to use NFS to reach TrueNAS the way I would if I ran a separate VM for docker. I can just bind mount to my data sets.
Could this be solved by using userns remapping so you could run app inside container as root but it would map as non-root on host?
Or would this approach hit the some problems with permissions as described here? Root access, do so many apps need it? - #16 by kuloch
This works now for immich, as of a recent change to the immich template.
1 Like
nice! thank you!