Can't write on API folder in development mode unless sudo

System Information
  • Strapi Version: 4.15.0
  • Operating System: Ubuntu
  • Database: Mysql
  • Node Version: 18.18.2
  • NPM Version: 9.8.1
  • Yarn Version: 1.22.19

I’m running Strapi in development mode in a Ubuntu 22.04 machine (azure) and pm2 runs the ecosystem.config.js file to automatically run its configuration. It does work fine but when running it via pm2 it seems I can’t create new fields for my entities. I get this error message:

Error: EACCES: permission denied, open '/srv/strapi/app/src/api/product/content-types/product/schema.json'
error: Invalid schema edition ApplicationError: Invalid schema edition

I’m running this with my current admin user, not root…
If I run this manually with sudo it works well (without pm2), but it shouldn’t be necessary to run with sudo tho.

Which permissions should I give to the API folder in order to run Strapi safely from this development environment?

I have a service user that’s “strapi” and also an “admin” user that runs pm2

These are the blocked folder permissions

drwxrwxr-x 5 strapi strapi 4096 Nov 10 12:38 /srv/strapi/app/src/api

Same issue on Strapi version 4.20.5 :

[2024-03-19 10:40:38.448] http: DELETE /content-type-builder/content-types/api::roommate.roommate (435 ms) 400
(node:123) [DEP0170] DeprecationWarning: The URL api::roommate.roommate is invalid. Future versions of Node.js will throw an error.
[2024-03-19 10:40:50.738] http: GET api:api/admin/plugins/content-type-builder/content-types/api::roommate.roommate (3 ms) 200
[2024-03-19 10:40:50.957] http: GET /admin/project-type (2 ms) 200
[2024-03-19 10:40:51.074] http: POST /admin/renew-token (4 ms) 200
[2024-03-19 10:40:51.161] http: GET /admin/init (96 ms) 200
[2024-03-19 10:40:51.329] http: GET /admin/users/me (251 ms) 200
[2024-03-19 10:40:51.444] http: GET /admin/information (264 ms) 200
[2024-03-19 10:40:51.495] http: GET /admin/users/me/permissions (315 ms) 200
[2024-03-19 10:40:51.518] http: GET /admin/project-settings (336 ms) 200
[2024-03-19 10:40:51.770] http: GET /i18n/locales (264 ms) 200
[2024-03-19 10:40:51.983] http: GET /content-type-builder/components (163 ms) 200
[2024-03-19 10:40:51.995] http: GET /content-type-builder/content-types (177 ms) 200
[2024-03-19 10:40:52.206] http: GET /content-type-builder/reserved-names (382 ms) 200
[2024-03-19 10:41:11.458] error: Error writing schema files
[2024-03-19 10:41:11.458] error: EACCES: permission denied, unlink '/opt/app/src/api/roommate/content-types/roommate/schema.json'
Error: EACCES: permission denied, unlink '/opt/app/src/api/roommate/content-types/roommate/schema.json'
[2024-03-19 10:41:11.476] error: Error rolling back schema files. You might need to fix your files manually
[2024-03-19 10:41:11.476] error: EACCES: permission denied, open '/opt/app/src/api/roommate/content-types/roommate/schema.json'
Error: EACCES: permission denied, open '/opt/app/src/api/roommate/content-types/roommate/schema.json'
[2024-03-19 10:41:11.488] error: EACCES: permission denied, rmdir '/opt/app/src/api/roommate/controllers'
Error: EACCES: permission denied, rmdir '/opt/app/src/api/roommate/controllers'
[2024-03-19 10:41:11.488] http: DELETE /content-type-builder/content-types/api::roommate.roommate (426 ms) 400

Here is my Dockerfile :

FROM node:20.10.0-alpine
# Installing libvips-dev for sharp Compatibility
RUN apk update && apk add --no-cache build-base gcc autoconf automake zlib-dev libpng-dev nasm bash vips-dev git
ARG NODE_ENV=development

COPY ./strapi/package.json ./strapi/package-lock.json ./
RUN npm install -g node-gyp
RUN npm config set fetch-retry-maxtimeout 600000 -g && npm install
ENV PATH /opt/node_modules/.bin:$PATH

WORKDIR /opt/app
COPY ./strapi/ .
RUN chown -R node:node /opt/app
USER node
RUN ["npm", "run", "build"]
CMD ["npm", "run", "develop"]