Table of Contents

Systems - Media Server - Set Up the Docker Environment

Directory Structure

Setup a specific directory structure so have everything centralized in one place: 

mkdir -p /home/peter/docker/appdata
mkdir -p /home/peter/docker/compose
mkdir -p /home/peter/docker/logs
mkdir -p /home/peter/docker/scripts
mkdir -p /home/peter/docker/secrets
mkdir -p /home/peter/docker/shared

NOTE:

  • appdata - this directory will store the data for all apps and services.
  • compose - this directory will have a sub-directory for each host, inside which all the individual Docker Compose files will be stored.
  • logs - to centralize all relevant logs.
  • scripts - to store all scripts.
  • secrets - to store credentials used by apps securely.
  • shared - to store shared information.

Set permissions for the secrets directory

sudo chown peter:docker /home/peter/docker/secrets
sudo chmod 600 /home/peter/docker/secrets

NOTE: Setting permissions of the secrets directory to 600, makes this directory accessible only to the primary user, adding a layer of security while accessing sensitive information.

Create and set permissions for the .env file

touch /home/peter/docker/.env
sudo chown peter:docker /home/peter/docker/.env
sudo chmod 600 /home/peter/docker/.env

NOTE: .env - to store credentials used by apps securely as variable names.

  • Setting permissions of the secrets directory to 600, makes this directory accessible only to the specified user, adding a layer of security while accessing sensitive information.

Create the mediaserver docker-compose file

touch /home/peter/docker/docker-compose-mediaserver.yml

NOTE: This is the master configuration file for all services.

Set Root Directory Permissions

Install facl

sudo apt install acl

Set permission for /home/peter/docker direcrory

sudo chmod 775 /home/peter/docker
sudo setfacl -Rdm u:peter:rwx /home/peter/docker
sudo setfacl -Rm u:peter:rwx /home/peter/docker
sudo setfacl -Rdm g:docker:rwx /home/peter/docker
sudo setfacl -Rm g:docker:rwx /home/peter/docker

NOTE: This provides access to the contents of the docker root directory to the docker group.

  • Similar acls may also need to be set on the media directories, which will be defined later, such as sonarr, radarr, etc. or they may throw permissions errors.
  • After doing the above, you will notice a “+” at the end of permissions (e.g. drwxrwxr-x+) for docker root directory and its contents.
    • This indicates that ACL is set for the directory/file.

WARNING: These permissions may not seem restrictive enough.

  • Feel free to change as required, but keep for now to ensure a smooth setup.

Populate the Environmental Variables (.env) file

Add the following environmental variables:

/home/peter/docker/.env
PUID='1000'
PGID='1000'
TZ='Europe/Jersey'
USERDIR='/home/peter'
DOCKERDIR='/home/peter/docker'
MEDIADIR1='/mnt/media'
HOSTNAME='mediaserver'

NOTE:

  • PUID and PGID - the user ID and group ID of the Linux user (peter), who we want to run the home server apps as.
    • Both of these can be obtained using the id command: 
      id
  • TZ - the time zone that you want to set for your containers.
  • USERDIR - the path to the home directory of the current user.
  • DOCKERDIR - the docker root directory that will house all persistent data folders for docker apps.
  • MEDIADIR1 - the directory that stores the media, downloads, and other stuff.
    • This could be an external drive or a network directory.
  • HOSTNAME - is the name of the docker host.
    • To determine the hostname run: 
      hostname

Create the Docker Compose Mediaserver Directory

mkdir /home/peter/docker/compose/mediaserver

NOTE: The previously created docker-compose-mediaserver.yml is the main Docker Compose file.

  • But, the individual Docker Compose files for the apps will be created inside the compose directory.

References

https://en.wikipedia.org/wiki/List_of_tz_database_time_zones