Hi support
What permissions are required to deploy to a Offline Package Drop?
I get acces denied when I try to deply to my target \FQDN\share\octopus.
The share is on a Synology NAS. I have tried adding permissions to “Everyone”, but still get an access denied.
The Octopus Deploy server is running Windows 2022 as “Local System”.
Hi Kasper,
Thanks for sending on your Offline Drop query.
Looking at the docs I can see we don’t cover this part of the deploy in great detail. There are so many potential points of detail to cover it might be too difficult to get to them all.
In your case we have had a few tickets referring to various NAS products and long story short, the particular share needed Full control permissions in order to write the journal files. The user with Full Control should be the user Octopus runs as.
Strangely it can happen that once deployed to, customers have found that removing the Full Control access may allow repeated drops to still work. Your mileage may vary on that though.
Another more obscure option is to use the Synology as a tentacle if that is an option on your infrastructure. A colleague wrote the following on that topic:
As far as I know, we don’t have specific plans to support Synology NAS devices, but depending on the capabilities of the specific NAS you have, you can probably still deploy to the device in potentially 1 of two ways…
- The main option would be to use Docker on the Synology NAS and then configure the Octopus tentacle image on the NAS. I’d recommend configuring the container as a worker (rather than a deployment target), and then you could mount the volume you need to copy files to, register the worker with Octopus, and have a script step that runs on an isolated Worker Pool, called Synology NAS worker pool for example to copy the files to the target volume. You can find out more information about the way to use the Tentacle container image in our documentation.
- The second option might be a bit of a wildcard as I’m not sure if it would work but the idea would be to configure the Synology NAS device as an SSH target. You’d need a specific port open and then either a key pair or a username/password to authenticate. Assuming the SSH access can access the volume mount you have configured, you could use the NAS almost the same as a regular target. I should mention, that due to the SSH target requirements I can’t say for 100% certainty if this would work, and you’d need to test it to see. My main concern would be the .NET pre-requisites that need to be installed on the device, unless you are making use of raw scripting.
Let us know how get on and if we can help further.
Kind regards,
Paraic
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.