docker-apps/digikam/digikam_jm.txt

Create user and group
---------------------
Credentials -> Local Users -> Add
Full Name: digikam
Username: digikam
Disable Password: <select>
Email: <leave blank>
UID: (note)
Create New Primary Group: <select>
Create Home Directory: <uncheck>
Samba Authentication: <uncheck>
Save

digikam UID: 3044
digikam GID: 3043

Create datasets
---------------
# In Truenas shell:
# list datasets
zfs list | grep -i "docker.*digikam"
# create following dataset if not present
zfs create SSD1/docker/data/digikam
zfs create SSD1/docker/data/digikam/config
zfs create SSD1/docker/data/digikam/mariadb
chown -R digikam:digikam /mnt/SSD1/docker/data/digikam
chown -R mariadb:mariadb /mnt/SSD1/docker/data/digikam/mariadb

Create foldera
--------------
mkdir -p /mnt/SSD1/docker/stacks/digikam/secrets

If not done already, add mapping for media in jail config
---------------------------------------------------------
In this example: the folder where media is stored is /mnt/stpool1/NData1/Media
On Truenas shell:
jlmkr edit docker
Add the following args to "systemd_nspawn_user_args": 
--bind='/mnt/stpool1/NData1/Media:/mnt/media'

If not done already, set ACL permissions for media to be accessible by media group
----------------------------------------------------------------------------------
On Truenas shell:
# read and note acl entries
getfacl /mnt/stpool1/NData1
getfacl /mnt/stpool1/NData1/Media
# set read and execute permissions for media group on parent folder
setfacl -m g:media:5 /mnt/stpool1/NData1
# set full permissions for media group on Media folder recursively
setfacl -R -m g:media:7 /mnt/stpool1/NData1/Media
# modify defaults recursively
setfacl -R -d -m g:media:7 /mnt/stpool1/NData1/Media
# NB! if you want to remove all acl entries from a folder recursively, use setfacl -b -R <foldername>

Copy folder to docker stacks
----------------------------
# In Windows cmd shell in digikam folder, enter:
./cp2nas 192.168.2.2
# or
pscp -P 22 -r stacks/*.* root@192.168.2.2:/mnt/SSD1/docker/stacks/digikam/
# This should copy stacks folder to /mnt/SSD1/docker/stacks/digikam

Create secrets
--------------
In Truenas shell:
cd /mnt/SSD1/docker/stacks/digikam/secrets
echo -n 'your_postgresql_database_name' > /mnt/SSD1/docker/stacks/digikam/secrets/digikam_mariadb_database_name
echo -n 'your_postgresql_username' > /mnt/SSD1/docker/stacks/digikam/secrets/digikam_mariadb_username
openssl rand 36 | base64 -w 0 | sed 's/[\$,\#,/,+,=]//g' | cut -c -32  | tr -d '\n' > /mnt/SSD1/docker/stacks/digikam/secrets/digikam_mariadb_password
openssl rand 60 | base64 -w 0 | sed 's/[\$,\#,/,+,=]//g' | cut -c -56  | tr -d '\n' > /mnt/SSD1/docker/stacks/digikam/secrets/digikam_mariadb_root_password
chown -R digikam:digikam /mnt/SSD1/docker/stacks/digikam/secrets/
chmod -R 400 /mnt/SSD1/docker/stacks/digikam/secrets/
# read existing acl permissions, if any
getfacl /mnt/SSD1/docker/stacks/digikam/secrets
# set acl permissions
setfacl -m u:mariadb:4 /mnt/SSD1/docker/stacks/digikam/secrets
setfacl -m u:mariadb:4 /mnt/SSD1/docker/stacks/digikam/secrets/digikam_mariadb_root_password
setfacl -m u:mariadb:4 /mnt/SSD1/docker/stacks/digikam/secrets/digikam_mariadb_password
setfacl -m u:mariadb:4 /mnt/SSD1/docker/stacks/digikam/secrets/digikam_mariadb_username
setfacl -m u:mariadb:4 /mnt/SSD1/docker/stacks/digikam/secrets/digikam_mariadb_database_name
# NB! if you want to remove all acl entries from a folder recursively, use setfacl -b -R <foldername>
# to list secrets in secrets dir
cd /mnt/SSD1/docker/stacks/digikam/secrets
for i in $(ls -1); do echo $i = `cat $i`; done | sort

To open container shell
------------------------
docker exec -it digikam-mariadb-1 bash

To log into database from container shell
-----------------------------------------
mariadb -u root -p digikam
# Enter root password