# https://www.youtube.com/watch?v=Bql1JCVFw4k&t=194s Create user and group --------------------- Credentials -> Local Users -> Add Full Name: sftpgo Username: sftpgo Disable Password: Create Home Directory: Samba Authentication: Save sftpgo UID: 3065 sftpgo GID: 3066 media GID:3017 Create datasets --------------- # In Truenas shell: # list datasets zfs list | grep -i "docker.*sftpgo" # create following dataset if not present zfs create SSD1/docker/data/sftpgo zfs create SSD1/docker/data/sftpgo/config zfs create SSD1/docker/data/sftpgo/appdata zfs create SSD1/docker/data/sftpgo/logs zfs create SSD1/docker/data/sftpgo/certs zfs create SSD1/docker/data/sftpgo/credentials zfs create SSD1/docker/data/sftpgo/webroot zfs create SSD1/docker/data/sftpgo/pgdata zfs create SSD1/docker/data/sftpgo/pgbackups chmod -R 750 /mnt/SSD1/docker/data/sftpgo chmod -R 700 /mnt/SSD1/docker/data/sftpgo/config chmod -R 700 /mnt/SSD1/docker/data/sftpgo/certs chmod -R 700 /mnt/SSD1/docker/data/sftpgo/credentials chmod -R 700 /mnt/SSD1/docker/data/sftpgo/webroot chown -R sftpgo:sftpgo /mnt/SSD1/docker/data/sftpgo chown -R postgres:postgres /mnt/SSD1/docker/data/sftpgo/pgdata chown -R postgres:postgres /mnt/SSD1/docker/data/sftpgo/pgbackups Create folders -------------- mkdir -p /mnt/SSD1/docker/stacks/sftpgo/secrets mkdir /mnt/stpool1/NData2/backups/sftpgo mkdir /mnt/stpool1/NData1/Media/uploads mkdir /mnt/SSD1/docker/data/sftpgo/webroot/sftpgo.com chown -R sftpgo:media /mnt/stpool1/NData1/Media/uploads chown -R sftpgo:sftpgo /mnt/stpool1/NData2/backups/sftpgo chown -R sftpgo:sftpgo /mnt/SSD1/docker/data/sftpgo/webroot chmod -R 700 /mnt/SSD1/docker/data/sftpgo/webroot chmod -R 775 /mnt/stpool1/NData1/Media/uploads Copy folder to docker stacks ---------------------------- # In Windows cmd shell in sftpgo folder, enter: ./cp2nas 192.168.2.2 # or pscp -P 22 -r stacks/*.* root@192.168.2.2:/mnt/SSD1/docker/stacks/sftpgo/ # This should copy stacks folder to /mnt/SSD1/docker/stacks/sftpgo Create secrets -------------- In Truenas shell: cd /mnt/SSD1/docker/stacks/sftpgo/secrets/ # database secrets echo -n 'sftpgo' > /mnt/SSD1/docker/stacks/sftpgo/secrets/sftpgo_postgresql_database echo -n 'sftpgo' > /mnt/SSD1/docker/stacks/sftpgo/secrets/sftpgo_postgresql_username openssl rand 48 | base64 -w 0 > /mnt/SSD1/docker/stacks/sftpgo/secrets/sftpgo_postgresql_password # smtp email secrets echo -n 'your_smtp_destination' > /mnt/SSD1/docker/stacks/sftpgo/secrets/smtp_destination echo -n 'your_smtp_from' > /mnt/SSD1/docker/stacks/sftpgo/secrets/smtp_from echo -n 'your_smtp_host' > /mnt/SSD1/docker/stacks/sftpgo/secrets/smtp_host echo -n 'your_smtp_username' > /mnt/SSD1/docker/stacks/sftpgo/secrets/smtp_username echo -n 'your_smtp_password' > /mnt/SSD1/docker/stacks/sftpgo/secrets/smtp_password # restrict access chown -R sftpgo:sftpgo /mnt/SSD1/docker/stacks/sftpgo/secrets/ chmod -R 400 /mnt/SSD1/docker/stacks/sftpgo/secrets/ # read existing acl permissions, if any getfacl /mnt/SSD1/docker/stacks/sftpgo/secrets # set acl permissions setfacl -m u:postgres:4 /mnt/SSD1/docker/stacks/sftpgo/secrets setfacl -m u:postgres:4 /mnt/SSD1/docker/stacks/sftpgo/secrets/sftpgo_postgresql_password setfacl -m u:postgres:4 /mnt/SSD1/docker/stacks/sftpgo/secrets/sftpgo_postgresql_username setfacl -m u:postgres:4 /mnt/SSD1/docker/stacks/sftpgo/secrets/sftpgo_postgresql_database # NB! if you want to remove all acl entries from a folder recursively, use setfacl -b -R # to list secrets in secrets dir cd /mnt/SSD1/docker/stacks/sftpgo/secrets for i in $(ls -1); do echo $i = `cat $i`; done | sort