====== Systems - Media Server - Set Up the Docker Environment ======

===== Directory Structure =====

Setup a specific directory structure so have everything centralized in one place:

<code bash>
mkdir -p /home/peter/docker/appdata
mkdir -p /home/peter/docker/compose
mkdir -p /home/peter/docker/logs
mkdir -p /home/peter/docker/scripts
mkdir -p /home/peter/docker/secrets
mkdir -p /home/peter/docker/shared
</code>

<WRAP info>
**NOTE:**

  * **appdata** - this directory will store the data for all apps and services.
  * **compose** - this directory will have a sub-directory for each host, inside which all the individual Docker Compose files will be stored.
  * **logs** - to centralize all relevant logs.
  * **scripts** - to store all scripts.
  * **secrets** - to store credentials used by apps securely.
  * **shared** - to store shared information.

</WRAP>

----

===== Set permissions for the secrets directory =====

<code bash>
sudo chown peter:docker /home/peter/docker/secrets
sudo chmod 600 /home/peter/docker/secrets
</code>

<WRAP info>
**NOTE:**  Setting permissions of the **secrets** directory to 600, makes this directory accessible only to the primary user, adding a layer of security while accessing sensitive information.

</WRAP>

----

===== Create and set permissions for the .env file  =====

<code bash>
touch /home/peter/docker/.env
sudo chown peter:docker /home/peter/docker/.env
sudo chmod 600 /home/peter/docker/.env
</code>

<WRAP info>
**NOTE:**  **.env** - to store credentials used by apps securely as variable names.

  * Setting permissions of the **secrets** directory to 600, makes this directory accessible only to the specified user, adding a layer of security while accessing sensitive information.

</WRAP>

----

===== Create the mediaserver docker-compose file =====

<code bash>
touch /home/peter/docker/docker-compose-mediaserver.yml
</code>

<WRAP info>
**NOTE:**  This is the master configuration file for all services.

</WRAP>

----

===== Set Root Directory Permissions =====

==== Install facl ====

<code bash>
sudo apt install acl
</code>

----

==== Set permission for /home/peter/docker direcrory ====

<code bash>
sudo chmod 775 /home/peter/docker
sudo setfacl -Rdm u:peter:rwx /home/peter/docker
sudo setfacl -Rm u:peter:rwx /home/peter/docker
sudo setfacl -Rdm g:docker:rwx /home/peter/docker
sudo setfacl -Rm g:docker:rwx /home/peter/docker
</code>

<WRAP info>
**NOTE:**  This provides access to the contents of the docker root directory to the docker group.

  * Similar acls may also need to be set on the media directories, which will be defined later, such as sonarr, radarr, etc. or they may throw permissions errors.

  * After doing the above, you will notice a "+" at the end of permissions (e.g. drwxrwxr-x+) for docker root directory and its contents.
    * This indicates that ACL is set for the directory/file.

</WRAP>

<WRAP important>
**WARNING:**  These permissions may not seem restrictive enough.

  * Feel free to change as required, but keep for now to ensure a smooth setup.

</WRAP>

----

===== Populate the Environmental Variables (.env) file =====

Add the following environmental variables:

<file bash /home/peter/docker/.env>

PUID='1000'
PGID='1000'
TZ='Europe/Jersey'
USERDIR='/home/peter'
DOCKERDIR='/home/peter/docker'
MEDIADIR1='/mnt/media'
HOSTNAME='mediaserver'
</file>

<WRAP info>
**NOTE:**  

  * **PUID** and **PGID** - the user ID and group ID of the Linux user (peter), who we want to run the home server apps as.
    * Both of these can be obtained using the **id** command: <code bash>id</code>
  * **TZ** - the time zone that you want to set for your containers.
    * Get your TZ from this [[https://en.wikipedia.org/wiki/List_of_tz_database_time_zones|timezone database]].
  * **USERDIR** - the path to the home directory of the current user.
  * **DOCKERDIR** - the docker root directory that will house all persistent data folders for docker apps.
  * **MEDIADIR1** - the directory that stores the media, downloads, and other stuff.
    * This could be an external drive or a network directory.
  * **HOSTNAME** - is the name of the docker host.
    * To determine the hostname run: <code bash>hostname</code>

</WRAP>

----

===== Create the Docker Compose Mediaserver Directory =====

<code bash>
mkdir /home/peter/docker/compose/mediaserver
</code>

<WRAP info>
**NOTE:**  The previously created **docker-compose-mediaserver.yml** is the main Docker Compose file.

  * But, the individual Docker Compose files for the apps will be created inside the compose directory.

</WRAP>

----

===== References =====

https://en.wikipedia.org/wiki/List_of_tz_database_time_zones