Differences

This shows you the differences between two versions of the page.

--- systems:media_server:set_up_the_docker_environment [2025/06/04 09:21] – created peter
+++ systems:media_server:set_up_the_docker_environment [2025/06/05 21:48] (current) – [Create and set permissions for the .env file] peter
@@ Line 3: / Line 3: @@
 ===== Directory Structure =====
-Setup a specific directory structure so have everything centralized in one place
+Setup a specific directory structure so have everything centralized in one place:
-code bash>
+<code bash>
 mkdir -p /home/peter/docker/appdata
 mkdir -p /home/peter/docker/compose
@@ Line 12: / Line 12: @@
 mkdir -p /home/peter/docker/secrets
 mkdir -p /home/peter/docker/shared
-mkdir -p /home/peter/docker/.env
 </code>
@@ Line 24: / Line 23: @@
   * **secrets** - to store credentials used by apps securely.
   * **shared** - to store shared information.
-  * **.env** - to store credentials used by apps securely as variable names.
 </WRAP>
@@ Line 33: / Line 31: @@
 <code bash>
-sudo chown root:root /home/peter/docker/secrets
+sudo chown peter:docker /home/peter/docker/secrets
 sudo chmod 600 /home/peter/docker/secrets
 </code>
 <WRAP info>
-**NOTE:**  Setting permissions of the **secrets** directory to 600, makes this directory accessible only to the root user, adding a layer of security while accessing sensitive information.
+**NOTE:**  Setting permissions of the **secrets** directory to 600, makes this directory accessible only to the primary user, adding a layer of security while accessing sensitive information.
 </WRAP>
@@ Line 48: / Line 46: @@
 <code bash>
 touch /home/peter/docker/.env
-sudo chown root:root /home/peter/docker/.env
+sudo chown peter:docker /home/peter/docker/.env
 sudo chmod 600 /home/peter/docker/.env
 </code>
 <WRAP info>
-**NOTE:**  Setting permissions of the **secrets** directory to 600, makes this directory accessible only to the root user, adding a layer of security while accessing sensitive information.
+**NOTE:**  **.env** - to store credentials used by apps securely as variable names.
+  * Setting permissions of the **secrets** directory to 600, makes this directory accessible only to the specified user, adding a layer of security while accessing sensitive information.
 </WRAP>
@@ Line 59: / Line 59: @@
 ----
-===== Create the master docker-compose file =====
+===== Create the mediaserver docker-compose file =====
 <code bash>
-touch /home/peter/docker/docker-compose-master.yml
+touch /home/peter/docker/docker-compose-mediaserver.yml
 </code>
 <WRAP info>
-**NOTE:**  This is the configuration file for all services.
+**NOTE:**  This is the master configuration file for all services.
+</WRAP>
+----
+===== Set Root Directory Permissions =====
+==== Install facl ====
+<code bash>
+sudo apt install acl
+</code>
+----
+==== Set permission for /home/peter/docker direcrory ====
+<code bash>
+sudo chmod 775 /home/peter/docker
+sudo setfacl -Rdm u:peter:rwx /home/peter/docker
+sudo setfacl -Rm u:peter:rwx /home/peter/docker
+sudo setfacl -Rdm g:docker:rwx /home/peter/docker
+sudo setfacl -Rm g:docker:rwx /home/peter/docker
+</code>
+<WRAP info>
+**NOTE:**  This provides access to the contents of the docker root directory to the docker group.
+  * Similar acls may also need to be set on the media directories, which will be defined later, such as sonarr, radarr, etc. or they may throw permissions errors.
+  * After doing the above, you will notice a "+" at the end of permissions (e.g. drwxrwxr-x+) for docker root directory and its contents.
+    * This indicates that ACL is set for the directory/file.
+</WRAP>
+<WRAP important>
+**WARNING:**  These permissions may not seem restrictive enough.
+  * Feel free to change as required, but keep for now to ensure a smooth setup.
+</WRAP>
+----
+===== Populate the Environmental Variables (.env) file =====
+Add the following environmental variables:
+<file bash /home/peter/docker/.env>
+PUID='1000'
+PGID='1000'
+TZ='Europe/Jersey'
+USERDIR='/home/peter'
+DOCKERDIR='/home/peter/docker'
+MEDIADIR1='/mnt/media'
+HOSTNAME='mediaserver'
+</file>
+<WRAP info>
+**NOTE:**
+  * **PUID** and **PGID** - the user ID and group ID of the Linux user (peter), who we want to run the home server apps as.
+    * Both of these can be obtained using the **id** command: <code bash>id</code>
+  * **TZ** - the time zone that you want to set for your containers.
+    * Get your TZ from this [[https://en.wikipedia.org/wiki/List_of_tz_database_time_zones|timezone database]].
+  * **USERDIR** - the path to the home directory of the current user.
+  * **DOCKERDIR** - the docker root directory that will house all persistent data folders for docker apps.
+  * **MEDIADIR1** - the directory that stores the media, downloads, and other stuff.
+    * This could be an external drive or a network directory.
+  * **HOSTNAME** - is the name of the docker host.
+    * To determine the hostname run: <code bash>hostname</code>
+</WRAP>
+----
+===== Create the Docker Compose Mediaserver Directory =====
+<code bash>
+mkdir /home/peter/docker/compose/mediaserver
+</code>
+<WRAP info>
+**NOTE:**  The previously created **docker-compose-mediaserver.yml** is the main Docker Compose file.
+  * But, the individual Docker Compose files for the apps will be created inside the compose directory.
 </WRAP>
@@ Line 72: / Line 159: @@
 ----
+===== References =====
+https://en.wikipedia.org/wiki/List_of_tz_database_time_zones