| Both sides previous revision Previous revision Next revision | Previous revision |
| omv7:docker_in_omv [2024/10/31 12:50] – [2. Plugin Settings] chente | omv7:docker_in_omv [2025/01/09 15:53] (current) – [2. Plugin Settings] chente |
|---|
| Done. We now have a user //jellyfin// with a primary group //jellyfin// that we can assign to the jellyfin container and we can guarantee that it will only have access to the folders we give it permission to. The //jellyfin// user will not be able to access any other folder on the system since it does not belong to the //users// group. Additionally, the persistent data in the jellyfin container will belong to the //jellyfin// user and the //jellyfin// group, so no other container will be able to access those files either. If we want another user to have access to that persistent data we just have to include it in the //jellyfin// group. Now we have that container perfectly isolated. | Done. We now have a user //jellyfin// with a primary group //jellyfin// that we can assign to the jellyfin container and we can guarantee that it will only have access to the folders we give it permission to. The //jellyfin// user will not be able to access any other folder on the system since it does not belong to the //users// group. Additionally, the persistent data in the jellyfin container will belong to the //jellyfin// user and the //jellyfin// group, so no other container will be able to access those files either. If we want another user to have access to that persistent data we just have to include it in the //jellyfin// group. Now we have that container perfectly isolated. |
| |
| **In this document we will use a single user called //appuser// and created in the GUI for simplicity, this is enough for many users. Consider your use case and whether or not you need to go further.** | **In this document we will use a single user called //appuser// and created in the GUI, this is more than enough for 99% of users. Consider your use case and whether or not you need to go further. If you do, act accordingly throughout the entire process.** |
| |
| ---- | ---- |
| The first step is to define some folders where the different data is stored. To do this, we go to the SERVICES > COMPOSE > SETTINGS tab. | The first step is to define some folders where the different data is stored. To do this, we go to the SERVICES > COMPOSE > SETTINGS tab. |
| There are many possible configurations on a NAS. First we will see a simple configuration and then we will see a somewhat more advanced configuration. | There are many possible configurations on a NAS. First we will see a simple configuration and then we will see a somewhat more advanced configuration. |
| | |
| | ---- |
| |
| == 2.1 SIMPLE OMV NAS SYSTEM == | == 2.1 SIMPLE OMV NAS SYSTEM == |
| The following image shows a schematic of this type of configuration. | The following image shows a schematic of this type of configuration. |
| |
| {{ :omv7:dockeromv7-28.jpg?direct&1400 |Expand image -> Docker folders - Simple NAS}} | {{ :omv7:dockeromv7-28.jpg?direct&1200 |Expand image -> Docker folders - Simple NAS}} |
| |
| In this case all the necessary folders are on the same drive so everything will be very simple. All of them will be inside the mount folder of that drive, something like ''/srv/dev-disk-by-uuid.../appdata'' for example. | In this case all the necessary folders are on the same drive so everything will be very simple. All of them will be inside the mount folder of that drive, something like ''/srv/dev-disk-by-uuid.../appdata'' for example. |
| |
| Create those shared folders in the OMV GUI and follow the explanations below. | Create those shared folders in the OMV GUI and follow the explanations in point 2.3. Just keep in mind that all paths in this case will be in the same mount folder of type ''/srv/disk-by-uuid-.../docker'' or ''/srv/disk-by-uuid-.../backup_compose'' since there is only one unit. |
| | |
| | ---- |
| |
| == 2.2 ADVANCED OMV NAS SYSTEM == | == 2.2 ADVANCED OMV NAS SYSTEM == |
| | |
| | In a more advanced configuration than the previous one we can find something like the following. |
| |
| The image below shows an example schematic that may be typical of any OMV NAS. The explanations in this document from now on will be based on this example system. Your system will probably be different, adapt the explanations to your real system. | The image below shows an example schematic that may be typical of any OMV NAS. The explanations in this document from now on will be based on this example system. Your system will probably be different, adapt the explanations to your real system. |
| On the right you can see how the plugin's SETTINGS tab could be configured following this diagram. If your system is simpler or more complicated, adapt it accordingly. A simpler system could be one drive for OMV and another drive for data, in which case just create all the necessary folders on the data drive. | On the right you can see how the plugin's SETTINGS tab could be configured following this diagram. If your system is simpler or more complicated, adapt it accordingly. A simpler system could be one drive for OMV and another drive for data, in which case just create all the necessary folders on the data drive. |
| {{ :omv7:dockeromv7-6.png?direct&1400 |Expand image -> Docker folders - Typical NAS}} | {{ :omv7:dockeromv7-6.png?direct&1400 |Expand image -> Docker folders - Typical NAS}} |
| | |
| | ---- |
| |
| == 2.3 CONFIGURATION == | == 2.3 CONFIGURATION == |
| </span></strong></td></tr><tr><td style="background-color:#E6FEFF;height:25px;width:380px;"> | </span></strong></td></tr><tr><td style="background-color:#E6FEFF;height:25px;width:380px;"> |
| If you don't have a fast drive for Docker, you can configure the <i>data</i> and <i>appdata</i> folders in the same shared folder. This will make the CHANGE_TO_COMPOSE_DATA_PATH variable serve to define the path of both. This is how the plugin example files are preconfigured. | If you don't have a fast drive for Docker, you can configure the <i>data</i> and <i>appdata</i> folders in the same shared folder. This will make the CHANGE_TO_COMPOSE_DATA_PATH variable serve to define the path of both. This is how the plugin example files are preconfigured. |
| | </tr></table></body></html> |
| | * ...<html><body><table width="100%" border="0"><tr><td colspan="2" style="background-color:#69A5FF;height:30px;"><strong><span style="color:#FFFFFF;font-size:110%;">  Beginners Info |
| | </span></strong></td></tr><tr><td style="background-color:#E6FEFF;height:25px;width:380px;"> |
| | The internal structure described in the "data" folder is unimportant. In this document, a "standard" structure has simply been described for illustrative purposes, so that the reader has a general idea about what the content of that folder may be. You can distribute within that folder any directory tree that you feel comfortable with. |
| </tr></table></body></html> | </tr></table></body></html> |
| * CONFIGURE THE DATA FOLDER: | * CONFIGURE THE DATA FOLDER: |