Permissions issue installing gitlab with docker on Mac

Question

I'm trying to get Gitlab running locally and am running into a permissions issue:

cp: cannot create regular file '/etc/gitlab/gitlab.rb': Permission denied

The command I'm running is

sudo docker run \
    --hostname local.gitlab \
    --publish 443:443 --publish 80:80 --publish 2200:22 \
    --name gitlab \
    --restart always \
    --volume /srv/gitlab/config:/etc/gitlab \
    --volume /srv/gitlab/logs:/var/log/gitlab \
    --volume /srv/gitlab/data:/var/opt/gitlab \
    gitlab/gitlab-ce:latest

The previous command succeeds if I omit the --volumes arguments, though.

I've tried running

docker exec -it gitlab update-permissions
docker restart gitlab

but that doesn't seem to get things working either.

Output from docker ps:

CONTAINER ID        IMAGE                     COMMAND             CREATED             STATUS                            PORTS                                                            NAMES
aa0654ff45e2        gitlab/gitlab-ce:latest   "/assets/wrapper"   29 seconds ago      Up 3 seconds (health: starting)   0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:2200->22/tcp   gitlab

Output from docker logs gitlab:

Thank you for using GitLab Docker Image!
Current version: gitlab-ce=10.3.2-ce.0

Configure GitLab for your system by editing /etc/gitlab/gitlab.rb file
And restart this container to reload settings.
To do it use docker exec:

docker exec -it gitlab vim /etc/gitlab/gitlab.rb
docker restart gitlab

For a comprehensive list of configuration options please see the Omnibus GitLab readme
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md

If this container fails to start due to permission problems try to fix it by executing:

docker exec -it gitlab update-permissions
docker restart gitlab

Installing gitlab.rb config...
cp: cannot create regular file '/etc/gitlab/gitlab.rb': Permission denied

I'm on macOS Sierra 10.12.6

Any help would be appreciated!

---

Update

I've modified the folder permissions according to this answer, and things are a bit further along, but am getting new permissions errors now. Below is the output from docker logs gitlab:

Thank you for using GitLab Docker Image!
Current version: gitlab-ce=10.3.2-ce.0

Configure GitLab for your system by editing /etc/gitlab/gitlab.rb file
And restart this container to reload settings.
To do it use docker exec:

docker exec -it gitlab vim /etc/gitlab/gitlab.rb
docker restart gitlab

For a comprehensive list of configuration options please see the Omnibus GitLab readme
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md

If this container fails to start due to permission problems try to fix it by executing:

docker exec -it gitlab update-permissions
docker restart gitlab

Preparing services...
Starting services...
Configuring GitLab package...
/opt/gitlab/embedded/bin/runsvdir-start: line 24: ulimit: pending signals: cannot modify limit: Operation not permitted
/opt/gitlab/embedded/bin/runsvdir-start: line 37: /proc/sys/fs/file-max: Read-only file system
gitlab preinstall: 
gitlab preinstall: This node does not appear to be running a database
gitlab preinstall: Skipping version check, if you think this is an error exit now
gitlab preinstall: 
Configuring GitLab...
Starting Chef Client, version 12.12.15
resolving cookbooks for run list: ["gitlab"]
Synchronizing Cookbooks:
- gitlab (0.0.1)
- package (0.1.0)
- registry (0.1.0)
- mattermost (0.1.0)
- consul (0.0.0)
- gitaly (0.1.0)
- runit (0.14.2)
Installing Cookbook Gems:
Compiling Cookbooks...
Recipe: gitlab::default
* directory[/etc/gitlab] action create

    ================================================================================
    Error executing action `create` on resource 'directory[/etc/gitlab]'
    ================================================================================

    Errno::EPERM
    ------------
    Operation not permitted @ chmod_internal - /etc/gitlab

    Cookbook Trace:
    ---------------
    /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/recipes/default.rb:33:in `from_file'

    Resource Declaration:
    ---------------------
    # In /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/recipes/default.rb

    28: directory "/etc/gitlab" do
    29:   owner "root"
    30:   group "root"
    31:   mode "0775"
    32:   only_if { node['gitlab']['manage-storage-directories']['manage_etc'] }
    33: end.run_action(:create)
    34: 
    35: if File.exists?("/var/opt/gitlab/bootstrapped")
    36:     node.default['gitlab']['bootstrap']['enable'] = false
    37: end
    38: 

    Compiled Resource:
    ------------------
    # Declared in /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/recipes/default.rb:28:in `from_file'

    directory("/etc/gitlab") do
    action [:create]
    retries 0
    retry_delay 2
    default_guard_interpreter :default
    path "/etc/gitlab"
    declared_type :directory
    cookbook_name "gitlab"
    recipe_name "default"
    owner "root"
    group "root"
    mode "0775"
    only_if { #code block }
    end

    Platform:
    ---------
    x86_64-linux


================================================================================
Recipe Compile Error in /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/recipes/default.rb
================================================================================

Errno::EPERM
------------
directory[/etc/gitlab] (gitlab::default line 28) had an error: Errno::EPERM: Operation not permitted @ chmod_internal - /etc/gitlab

Cookbook Trace:
---------------
    /opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/recipes/default.rb:33:in `from_file'

Relevant File Content:
----------------------
/opt/gitlab/embedded/cookbooks/cache/cookbooks/gitlab/recipes/default.rb:

26:  include_recipe 'gitlab::config'
27:  
28:  directory "/etc/gitlab" do
29:    owner "root"
30:    group "root"
31:    mode "0775"
32:    only_if { node['gitlab']['manage-storage-directories']['manage_etc'] }
33>> end.run_action(:create)
34:  
35:  if File.exists?("/var/opt/gitlab/bootstrapped")
36:     node.default['gitlab']['bootstrap']['enable'] = false
37:  end
38:  
39:  directory "Create /var/opt/gitlab" do
40:    path "/var/opt/gitlab"
41:    owner "root"
42:    group "root"

Platform:
---------
x86_64-linux


Running handlers:
There was an error running gitlab-ctl reconfigure:

directory[/etc/gitlab] (gitlab::default line 28) had an error: Errno::EPERM: Operation not permitted @ chmod_internal - /etc/gitlab

Running handlers complete
Chef Client failed. 0 resources updated in 05 seconds

I've tried modifying the /etc/gitlab permissions using Get Info and with chmod but no success.

---

Update Part 2

I gave up on getting GL running locally and just set up a remote development version.

Answer 1

Use your user's folder. This will allow you in a sense to bypass the need to setup permissions on an external folder. Worked for me!

    --volume /Users/username/gitlab/config:/etc/gitlab \
    --volume /Users/username/gitlab/logs:/var/log/gitlab \
    --volume /Users/username/gitlab/data:/var/opt/gitlab \

Answer 2

What you need to do is grant Read and Write permissions for everyone on the the host folders that are trying to mount /srv/gitlab/config, /srv/gitlab/logs and /srv/gitlab/data. Right Click > Get Info > Lock Icon.

This problem is related to File system sharing (osxfs) on mac and how it maintains file permissions between the host and the container.

Answer 3

This seems similar to gitlab-org/omnibus-gitlab issue 1839 which referes to the more complete guide:

Setup your own test OpenShift Origin instance for the Idea to Production Demo

That bug is still opened though.