Create user and group --------------------- Credentials -> Local Users -> Add Full Name: digikam Username: digikam Disable Password: Create Home Directory: Samba Authentication: Save digikam UID: 3044 digikam GID: 3043 Create datasets --------------- # In Truenas shell: # list datasets zfs list | grep -i "docker.*digikam" # create following dataset if not present zfs create SSD1/docker/data/digikam zfs create SSD1/docker/data/digikam/config zfs create SSD1/docker/data/digikam/mariadb chown -R digikam:digikam /mnt/SSD1/docker/data/digikam chown -R mariadb:mariadb /mnt/SSD1/docker/data/digikam/mariadb Create foldera -------------- mkdir -p /mnt/SSD1/docker/stacks/digikam/secrets If not done already, add mapping for media in jail config --------------------------------------------------------- In this example: the folder where media is stored is /mnt/stpool1/NData1/Media On Truenas shell: jlmkr edit docker Add the following args to "systemd_nspawn_user_args": --bind='/mnt/stpool1/NData1/Media:/mnt/media' If not done already, set ACL permissions for media to be accessible by media group ---------------------------------------------------------------------------------- On Truenas shell: # read and note acl entries getfacl /mnt/stpool1/NData1 getfacl /mnt/stpool1/NData1/Media # set read and execute permissions for media group on parent folder setfacl -m g:media:5 /mnt/stpool1/NData1 # set full permissions for media group on Media folder recursively setfacl -R -m g:media:7 /mnt/stpool1/NData1/Media # modify defaults recursively setfacl -R -d -m g:media:7 /mnt/stpool1/NData1/Media # NB! if you want to remove all acl entries from a folder recursively, use setfacl -b -R Copy folder to docker stacks ---------------------------- # In Windows cmd shell in digikam folder, enter: ./cp2nas 192.168.2.2 # or pscp -P 22 -r stacks/*.* root@192.168.2.2:/mnt/SSD1/docker/stacks/digikam/ # This should copy stacks folder to /mnt/SSD1/docker/stacks/digikam Create secrets -------------- In Truenas shell: cd /mnt/SSD1/docker/stacks/digikam/secrets echo -n 'your_postgresql_database_name' > /mnt/SSD1/docker/stacks/digikam/secrets/digikam_mariadb_database_name echo -n 'your_postgresql_username' > /mnt/SSD1/docker/stacks/digikam/secrets/digikam_mariadb_username openssl rand 36 | base64 -w 0 | sed 's/[\$,\#,/,+,=]//g' | cut -c -32 | tr -d '\n' > /mnt/SSD1/docker/stacks/digikam/secrets/digikam_mariadb_password openssl rand 60 | base64 -w 0 | sed 's/[\$,\#,/,+,=]//g' | cut -c -56 | tr -d '\n' > /mnt/SSD1/docker/stacks/digikam/secrets/digikam_mariadb_root_password chown -R digikam:digikam /mnt/SSD1/docker/stacks/digikam/secrets/ chmod -R 400 /mnt/SSD1/docker/stacks/digikam/secrets/ # read existing acl permissions, if any getfacl /mnt/SSD1/docker/stacks/digikam/secrets # set acl permissions setfacl -m u:mariadb:4 /mnt/SSD1/docker/stacks/digikam/secrets setfacl -m u:mariadb:4 /mnt/SSD1/docker/stacks/digikam/secrets/digikam_mariadb_root_password setfacl -m u:mariadb:4 /mnt/SSD1/docker/stacks/digikam/secrets/digikam_mariadb_password setfacl -m u:mariadb:4 /mnt/SSD1/docker/stacks/digikam/secrets/digikam_mariadb_username setfacl -m u:mariadb:4 /mnt/SSD1/docker/stacks/digikam/secrets/digikam_mariadb_database_name # NB! if you want to remove all acl entries from a folder recursively, use setfacl -b -R # to list secrets in secrets dir cd /mnt/SSD1/docker/stacks/digikam/secrets for i in $(ls -1); do echo $i = `cat $i`; done | sort To open container shell ------------------------ docker exec -it digikam-mariadb-1 bash To log into database from container shell ----------------------------------------- mariadb -u root -p digikam # Enter root password