#installing docker compose netdata on truenas jailed docker instance

I'm running into an issue with the volume setup for my netdata installation. When i attempt to start the container, i get the following:

netdata | Netdata detected docker.sock
netdata | Creating docker group 996
netdata | addgroup: The group `docker' already exists.
netdata | Could not add group docker with ID 996, its already there probably
netdata | Assign netdata user to docker group 996
netdata | Copying stock configuration to /etc/netdata
netdata | cp: preserving permissions for '/etc/netdata/charts.d': Operation not permitted
netdata | cp: preserving permissions for '/etc/netdata/custom-plugins.d': Operation not permitted
netdata | cp: preserving permissions for '/etc/netdata/go.d': Operation not permitted
netdata | cp: preserving permissions for '/etc/netdata/health.d': Operation not permitted
netdata | cp: preserving permissions for '/etc/netdata/python.d': Operation not permitted
netdata | cp: preserving permissions for '/etc/netdata/ssl': Operation not permitted
netdata | cp: preserving permissions for '/etc/netdata/statsd.d': Operation not permitted

my compose file is below:
version: "3"
services:
netdata:
image: netdata/netdata
container_name: netdata
pid: host
network_mode: bridge
restart: unless-stopped
cap_add:
- SYS_PTRACE
- SYS_ADMIN
security_opt:
- apparmor:unconfined
ports:
- 19999:19999
volumes:
- /mnt/data/netdata/config:/etc/netdata
- /mnt/files/netdata/lib:/var/lib/netdata
- /mnt/files/netdata/cache:/var/cache/netdata
- /:/host/root:ro,rslave
- /etc/passwd:/host/etc/passwd:ro
- /etc/group:/host/etc/group:ro
- /etc/localtime:/etc/localtime:ro
- /proc:/host/proc:ro
- /sys:/host/sys:ro
- /etc/os-release:/host/etc/os-release:ro
- /var/log:/host/var/log:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
networks: {}

Looking into it further "cp -a" isn't supported on truenas because of ACLs bolted on. is there a way i can mod the installer to skip the -a and just cp without permission checking?

Hi. No, there is no way. Also, -a is not permission checking but copying directories recursively.

If you don't know how to give write permissions for /mnt/data/netdata/config you can use this method:

1. create temp Netdata container
2. copy /etc/netdata directory from container to the host
3. mount this directory into the new Netdata container

See how to do it https://github.com/netdata/netdata/blob/v1.38.0/packaging/docker/README.md#host-editable-configuration

it's not knowing how, truenas doesn't permit it anymore. it's more of a nas software issue that's really pissing me off.

Have you considered asking on truenas forums? I believe there should be a solution.

i have it osted there.

*posted

Tried without "/mnt/data/netdata/config:/etc/netdata" mount? Did Netdata start and work? Is that the only problem?

yep. without that it works just fine.

if i knew the permissions it was trying to apply, maybe i could set it. i was able to do that with another container.