TrueNAS/docker-apps
TrueNAS/docker-apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
a8a4d24f53
docker-apps/sftpgo/sftpgo_jm.txt
Chris d067d5f1f7 first commit
2025-04-03 22:57:52 +02:00

93 lines
3.6 KiB
Plaintext
Raw Blame History

# https://www.youtube.com/watch?v=Bql1JCVFw4k&t=194s
Create user and group
---------------------
Credentials -> Local Users -> Add
Full Name: sftpgo
Username: sftpgo
Disable Password: <select>
Email: <leave blank>
UID: (note)
Create New Primary Group: <select>
Create Home Directory: <uncheck>
Samba Authentication: <uncheck>
Save
sftpgo UID: 3065
sftpgo GID: 3066
media GID:3017
Create datasets
---------------
# In Truenas shell:
# list datasets
zfs list | grep -i "docker.*sftpgo"
# create following dataset if not present
zfs create SSD1/docker/data/sftpgo
zfs create SSD1/docker/data/sftpgo/config
zfs create SSD1/docker/data/sftpgo/appdata
zfs create SSD1/docker/data/sftpgo/logs
zfs create SSD1/docker/data/sftpgo/certs
zfs create SSD1/docker/data/sftpgo/credentials
zfs create SSD1/docker/data/sftpgo/webroot
zfs create SSD1/docker/data/sftpgo/pgdata
zfs create SSD1/docker/data/sftpgo/pgbackups
chmod -R 750 /mnt/SSD1/docker/data/sftpgo
chmod -R 700 /mnt/SSD1/docker/data/sftpgo/config
chmod -R 700 /mnt/SSD1/docker/data/sftpgo/certs
chmod -R 700 /mnt/SSD1/docker/data/sftpgo/credentials
chmod -R 700 /mnt/SSD1/docker/data/sftpgo/webroot
chown -R sftpgo:sftpgo /mnt/SSD1/docker/data/sftpgo
chown -R postgres:postgres /mnt/SSD1/docker/data/sftpgo/pgdata
chown -R postgres:postgres /mnt/SSD1/docker/data/sftpgo/pgbackups
Create folders
--------------
mkdir -p /mnt/SSD1/docker/stacks/sftpgo/secrets
mkdir /mnt/stpool1/NData2/backups/sftpgo
mkdir /mnt/stpool1/NData1/Media/uploads
mkdir /mnt/SSD1/docker/data/sftpgo/webroot/sftpgo.com
chown -R sftpgo:media /mnt/stpool1/NData1/Media/uploads
chown -R sftpgo:sftpgo /mnt/stpool1/NData2/backups/sftpgo
chown -R sftpgo:sftpgo /mnt/SSD1/docker/data/sftpgo/webroot
chmod -R 700 /mnt/SSD1/docker/data/sftpgo/webroot
chmod -R 775 /mnt/stpool1/NData1/Media/uploads
Copy folder to docker stacks
----------------------------
# In Windows cmd shell in sftpgo folder, enter:
./cp2nas 192.168.2.2
# or
pscp -P 22 -r stacks/*.* root@192.168.2.2:/mnt/SSD1/docker/stacks/sftpgo/
# This should copy stacks folder to /mnt/SSD1/docker/stacks/sftpgo
Create secrets
--------------
In Truenas shell:
cd /mnt/SSD1/docker/stacks/sftpgo/secrets/
# database secrets
echo -n 'sftpgo' > /mnt/SSD1/docker/stacks/sftpgo/secrets/sftpgo_postgresql_database
echo -n 'sftpgo' > /mnt/SSD1/docker/stacks/sftpgo/secrets/sftpgo_postgresql_username
openssl rand 48 | base64 -w 0 > /mnt/SSD1/docker/stacks/sftpgo/secrets/sftpgo_postgresql_password
# smtp email secrets
echo -n 'your_smtp_destination' > /mnt/SSD1/docker/stacks/sftpgo/secrets/smtp_destination
echo -n 'your_smtp_from' > /mnt/SSD1/docker/stacks/sftpgo/secrets/smtp_from
echo -n 'your_smtp_host' > /mnt/SSD1/docker/stacks/sftpgo/secrets/smtp_host
echo -n 'your_smtp_username' > /mnt/SSD1/docker/stacks/sftpgo/secrets/smtp_username
echo -n 'your_smtp_password' > /mnt/SSD1/docker/stacks/sftpgo/secrets/smtp_password
# restrict access
chown -R sftpgo:sftpgo /mnt/SSD1/docker/stacks/sftpgo/secrets/
chmod -R 400 /mnt/SSD1/docker/stacks/sftpgo/secrets/
# read existing acl permissions, if any
getfacl /mnt/SSD1/docker/stacks/sftpgo/secrets
# set acl permissions
setfacl -m u:postgres:4 /mnt/SSD1/docker/stacks/sftpgo/secrets
setfacl -m u:postgres:4 /mnt/SSD1/docker/stacks/sftpgo/secrets/sftpgo_postgresql_password
setfacl -m u:postgres:4 /mnt/SSD1/docker/stacks/sftpgo/secrets/sftpgo_postgresql_username
setfacl -m u:postgres:4 /mnt/SSD1/docker/stacks/sftpgo/secrets/sftpgo_postgresql_database
# NB! if you want to remove all acl entries from a folder recursively, use setfacl -b -R <foldername>
# to list secrets in secrets dir
cd /mnt/SSD1/docker/stacks/sftpgo/secrets
for i in $(ls -1); do echo $i = `cat $i`; done | sort
Reference in New Issue View Git Blame Copy Permalink