Hi! I digged a little bit and your template is not the problem. It seems the container itself is the "problem".
I tried to redeploy the application mapping /mnt/user/appdata/spoolman to "/home/app/.local/share/" and voila. It deploys even with default permissions. If I go to "/mnt/user/appdata/spoolman" I find that a subfolder named "spoolman" has been created. That means that we map a Volume to a folder that does not exist before the application is deployed. Therefore the system won't let us create the folder on the host.
I think what happens is that the docker container will try to create the spoolman folder on "first install" (when we deploy the container). So this happens on first install, on updates and so on. Therefore I think the "culprit" is to be found in the dockerfile at:
# Add local user so we don't run as root
RUN adduser -D app \
&& mkdir -p /home/app/.local/share/spoolman \
&& chown -R app:app /home/app/.local/share/spoolman
This tries to create the directory and set permissions for a directory mapped to host which might be the reason of failure. I'm just guessing here, because this happens in the "Nimbus" between host and docker instance. I could not say if this is really the problem. But again, if mapped to the parent directory "/home/app/.local/share/" the directory spoolman is created and everything runs as it should.
Maybe I misunderstand, but it would seem to be the only logical explaination to the behaviour we are seeing.
I hope this can help you down the path of finding what is going wrong.