134 lines
5.2 KiB
Plaintext
134 lines
5.2 KiB
Plaintext
Create user and group
|
|
---------------------
|
|
Credentials -> Local Users -> Add
|
|
Full Name: rootappapp
|
|
Username: rootappapp
|
|
Disable Password: <select>
|
|
Email: stuurmcp@telkomsa.net
|
|
UID: (note)
|
|
Create New Primary Group: <unselect>
|
|
Primary Group: rootapp
|
|
Create Home Directory: <uncheck>
|
|
Samba Authentication: <uncheck>
|
|
Save
|
|
|
|
rootapp UID: 3050
|
|
rootapp GID: 3049
|
|
|
|
If not done already, add mapping for media on container config
|
|
--------------------------------------------------------------
|
|
In this example: the folder where media is stored is /mnt/stpool1/NData1/Media
|
|
On Truenas shell:
|
|
jlmkr edit docker
|
|
Add the following args to "systemd_nspawn_user_args":
|
|
--bind='/mnt/stpool1/NData1/Media:/mnt/media'
|
|
|
|
If not done already, set ACL permissions for media to be accessible by media group
|
|
----------------------------------------------------------------------------------
|
|
On Truenas shell:
|
|
# read and note acl entries
|
|
getfacl /mnt/stpool1/NData1
|
|
getfacl /mnt/stpool1/NData1/Media
|
|
# set read and execute permissions for media group on parent folder
|
|
setfacl -m g:media:5 /mnt/stpool1/NData1
|
|
# set full permissions for media group on Media folder recursively
|
|
setfacl -R -m g:media:7 /mnt/stpool1/NData1/Media
|
|
# modify defaults recursively
|
|
setfacl -R -d -m g:media:7 /mnt/stpool1/NData1/Media
|
|
# NB! if you want to remove all acl entries from a folder recursively, use setfacl -b -R <foldername>
|
|
|
|
set ACL permissions for custom certificcates
|
|
--------------------------------------------
|
|
# On Truenas shell:
|
|
# read and note acl entries
|
|
getfacl /mnt/SSD1/docker/data/traefik/certs
|
|
# change owner and group if not traefik
|
|
chown -R traefik:traefik /mnt/SSD1/docker/data/traefik/certs
|
|
# set access permissions to 750
|
|
chmod -R 750 /mnt/SSD1/docker/data/traefik/certs
|
|
# modify for media group recursively
|
|
setfacl -R -m g:media:4 /mnt/SSD1/docker/data/traefik/certs
|
|
# modify defaults recursively
|
|
setfacl -R -d -m g:media:4 /mnt/SSD1/docker/data/traefik/certs
|
|
|
|
Create datasets
|
|
---------------
|
|
/mnt/SSD1/docker/data/rootapp
|
|
/mnt/SSD1/docker/data/rootapp/config
|
|
Set Owner:Group to rootapp:rootapp
|
|
|
|
Copy folder to docker stacks
|
|
----------------------------
|
|
In Windows cmd shell in rootapp folder, enter:
|
|
pscp -P 22 -r stacks/*.* rootapp@192.168.2.2:/mnt/SSD1/docker/stacks/rootapp/
|
|
This should copy compose.yaml, .env and secrets to /mnt/SSD1/docker/stacks/rootapp
|
|
|
|
Create data folders
|
|
-------------------
|
|
mkdir /mnt/data/rootapp/config
|
|
mkdir /mnt/data/rootapp/transcodes
|
|
cd /mnt/data/rootapp
|
|
|
|
Create secrets
|
|
--------------
|
|
Visit https://www.rootapp.tv/claim/ and get your rootapp claim which will expire in 4 minutes
|
|
cd /opt/stacks/rootapp/secrets
|
|
echo -n 'claim-b6UNdeGsjjMz4tRADKfB' > rootapp_claim # this one is expired
|
|
chown 3015:3014 rootapp_claim
|
|
chmod 400 rootapp_claim
|
|
Update and start your rootapp container within the 4 minutes
|
|
|
|
Create rootapp custom cert
|
|
-----------------------
|
|
openssl pkcs12 -export -out rootapp_cert.p12 -in rootapp.pem -inkey rootapp-key.pem -certfile rootapp.pem -passout pass:'password' -certpbe AES-256-CBC -keypbe AES-256-CBC -macalg SHA256
|
|
|
|
Migrating data from old rootapp media server (source) to newly installed one (target)
|
|
----------------------------------------------------------------------------------
|
|
Stop old/source rootapp media server
|
|
heavyscript app --stop rootapp
|
|
|
|
Stop new/target rootapp media server
|
|
On Dockge, select rootapp and click stop
|
|
Copy the source Library to target folder:
|
|
cp -r /mnt/stpool1/apps/rootapp/Library /mnt/SSD1/docker/data/rootapp/config/
|
|
|
|
Managing library files
|
|
----------------------
|
|
Try and keep the mount folders for the media the same as that of the old media server
|
|
However, if you choose to have a different mount:
|
|
For example,
|
|
If the old media server mapped to /Media and the new one now maps to /data, then you will have to modify the media folders in rootapp settings to reflect the new mount.
|
|
Open rootapp, click on the spanner/wrench and select Manage->Libraries
|
|
Go through all the libraries items, adding new media folders and removing those that were replaced
|
|
This may take some time (depends on library size)
|
|
|
|
Check and update custom server access URLs in rootapp
|
|
--------------------------------------------------
|
|
Open rootapp web app using browser on rootapp server
|
|
Click on wrench/spanner, navigate to your home server name -> Settings -> Network
|
|
Scroll down to Enable Relay checkbox, and uncheck it (you can check it again after getting remote access to work)
|
|
Check entries in Custom server access URLs textbox
|
|
Update the settings to reflect new server ip address and URL; and ensure there is a URL for https://rootapp.sthome.org:443
|
|
https://rootapp.sthome.org,http://rootapp.sthome.org,http://rootapp.sthome.org:32400
|
|
Click on Save Changes
|
|
Still under Settings, click on Remote Access
|
|
Click on Enable Remote Access
|
|
Put check mark in Manually specify public port and enter 443 (traefik will map this to 32400)
|
|
Click on Retry
|
|
Restart rootapp container for good measure
|
|
Go previous Settings -> Remote Access screen
|
|
Click on Retry
|
|
The server should briefly be connected
|
|
Open rootapp Windows or Android App and check if it works
|
|
|
|
Troubleshooting
|
|
---------------
|
|
Android not connecting to server
|
|
Open rootapp app
|
|
Sign out from your account
|
|
Sign in entering rootapp account credentials
|
|
See if it works
|
|
|
|
|
|
|