| Beginners Info | |
|
All that long string of numbers is the path of one of our disks on the server and inside that disk we have an appdata folder and inside we create the folderpass folder Filesystem mount paths are usually in the /srv folder and the following folder contains a uuid to uniquely identify that drive. That folder is the mount folder for that hard drive. You should never modify the permissions of that folder or use it to create a shared folder. Create a folder inside to use as a shared folder. | |
| Note | |
| You are interested in reading this even if you are an experienced docker user but have no experience with OMV. | |
| Beginners Info | |
|
Don't confuse file system level permissions with samba system permissions. Samba permissions are a top layer that can restrict permissions to the file system level, never expand them. The file system level permissions will always be the same even if you modify the permissions in the OMV GUI. Another very different issue is ACL permissions, never use them if you do not know exactly what you are doing, in 99% of cases they are not necessary and only cause problems. | |
| Warning | |
| Do not uninstall the openmediavault-sharerootfs plugin. It is a dependency of the openmediavault-compose plugin. Uninstalling openmediavault-sharerootfs when the openmediavault-compose plugin is installed will cause the openmediavault-compose plugin to be uninstalled. | |
| Beginners Info | |
|
Installing OMV on a pendrive may seem strange to a beginner, but you will also be surprised to know that a large part of professional-level servers boot from a pendrive. Doing this has many advantages and no disadvantages. The speed of the system does not suffer at all since practically everything is done in RAM. The longevity of the pendrive is guaranteed by the openmediavault-flashmemory plugin, which is responsible for avoiding excessive writing that could degrade it. In addition to all this, it will be very easy to make backup copies, you will only have to make an image of that pendrive with usbimager on your PC. And even more important, restoring the system is extremely easy, cloning a pendrive from an image is very simple and fast. And finally, from a docker point of view, installing OMV on a pendrive will make it easier for us to separate the operating system and docker, using that fast SSD or NVMe drive where it is really necessary, in the docker storage. The OMV pendrive will not occupy a SATA port or the NVMe port on the motherboard. If your system is already installed and configured you can easily move the OMV configuration to a pendrive with omv-regen. | |
| Beginners Info | |
|
Separating Docker from the operating system unit offers several advantages (this may surprise a user new to Linux, but things work differently on Linux than on Windows): - If Docker is installed along with the operating system, Docker data will be lost if you need to reinstall OMV for any reason. For a possible reinstall of OMV, having the docker data on a separate drive only requires mounting that drive and everything is back up and running in a matter of minutes. - Avoid rootfs filling problems. Depending on the number and type of containers, it is very possible to exhaust rootfs storage if docker is located next to the operating system, this causes a lot of problems. - Allows you to place docker on a higher speed drive. The OMV operating system does not need to be on fast storage, it can live perfectly on a pendrive (just remember to install openmediavault-flashmemory to ensure the longevity of the pendrive). However, Docker containers will benefit from increased execution speed if docker is installed on a high-access speed drive, such as an SSD or NVMe. - Installing OMV on a USB flash drive is a good idea. But installing docker also on that pendrive is detrimental to the pendrive because docker will perform continuous writes, penalizing the longevity of the pendrive despite openmediavault-flashmemory. - If you don't have a fast drive you can install docker on one of the data drives. The applications won't go as fast but at least they will be separated from rootfs. | |
| Beginners Info | |
|
Capacity of the disk drive dedicated to docker This capacity depends on the number and type of containers you are going to configure. A minimum of 60GB or 100GB would be recommended. If you are going to use database containers like Jellyfin or Plex with very large libraries you may need more, perhaps 250GB or 500GB. Nextcloud can also take up a lot of space depending on how you use it. | |
| Note | |
| If you already have data on the NAS you will probably already have the data folder created, not necessarily with the same name. | |
| Beginners Info | |
| Each container is created using two configuration files. The yml file contains the container operation definitions, such as the image that is downloaded, the volumes and/or ports transferred to the host, etc. The env file contains environment variables for that particular container. Don't worry about this last file, you won't need it for now. | |
| Beginners Info | |
|
To create shared folders, for example the appdata folder in the OMV GUI go to STORAGE > SHARED FOLDERS and Click +CREATE button. - In the NAME field type -> appdata - In the FILE SYSTEM field, select the SSD or NVMe disk or the one that interests you. - Press SAVE button. | |
| Beginners Info | |
|
We can store persistent container data in this folder. For example, for the Jellyfin config folder we would do the following: - /srv/dev-disk-by-uuid-9d43cda9-20e5-474f-b38b-6b2b6c03211a/appdata/jellyfin/config:/config Where /srv/dev-disk-by-uuid-9d43cda9-20e5-474f-b38b-6b2b6c03211a/appdata is the absolute path to the appdata folder. You can copy it from the OMV GUI in the STORAGE > SHARED FOLDERS tab in the ABSOLUTE PATH column. When you start the container, Docker will create the jellyfin and config subfolders if they do not exist. Later you can see this with examples. | |
| Advanced configuration. | |
|
Relative paths are supported by the compose plugin. If we use relative paths for volumes in containers, those volumes will be generated in these subfolders. For example, if we create a Jellyfin container and define this volume: - ./config:/config the configuration folder will be created in the subfolder of that container in this case: /appdata/jellyfin/config In addition to relative paths the compose plugin also supports symlinks to define volume paths. You can use the openmediavault-symlinks plugin to create them in the OMV GUI and combine both systems or use just one of them. | |
| Note | |
| If you don't have a fast drive for Docker, you can configure the data and appdata folders in the same shared folder. This will make the CHANGE_TO_COMPOSE_DATA_PATH variable serve to define the path of both. This is how the plugin example files are preconfigured. | |
| Note | |
|
In the system diagram of this document the backup_compose folder has been configured on the NVMe drive instead of the dedicated backup drive for the following reason. The primary purpose of the compose plugin's scheduled backup utility is to obtain a copy of persistent data when containers are stopped. The plugin is responsible for stopping the containers, backing them up and starting them again. This allows you to obtain a consistent copy. The next copy will overwrite the previous one (via rsync), so you will always only have the latest one. This makes it easier to later use a specialized bakcups application that is capable of generating versioned and/or compressed backups of that copy generated by the plugin. If you prefer, you can configure that folder on the backup disk as well. | |
| Warning | |
|
The file system where the docker folder is should preferably be EXT4. If you need to locate this folder on a ZFS or BTRFS file system, consult the corresponding documentation on the docker website to learn how to do it. Never use an NTFS file system to host docker folders, it won't work (or generally for anything on linux other than a staging mount for copying data). Do not place the docker folder in a merges pool, as this causes the docker files to be spread across several drives and ends up causing operating problems. If you do not have available units other than those contained in the mergerfs pool you can do the following: - Create the docker folder on one of the drives that make up the mergerfs pool instead of creating it in the pool, and use the absolute path of that drive in the compose plugin GUI to locate the docker folder. - Don't use the mergerfs rebalance feature on that pool, the docker data could end up on a different drive and be lost. | |
| Advanced configuration. | |
|
You can customize the /etc/docker/daemon.json file manually to customize the options. Doing this is useful for setting the driver for an nvidia card or for the driver for a different file system. If you need to customize this file just leave the Docker storage field blank, the plugin will not modify the file. | |
| Warning | |
| Don't add appuser to the docker group. This is a security hole. | |
| Beginners Info | |
|
To create the appuser user in the OMV GUI: - Go to the USERS > USERS tab and press the +CREATE button. - In the NAME field type appuser - In the PASSWORD field define a strong password and confirm it in the next field. - If you need to add appuser to a group, click the GROUPS field and choose the ones you need. - Click on SAVE button. To assign permissions to appuser, select appuser and press the SHARED FOLDER PERMISSIONS button. - On each line of each shared folder, choose the appropriate permissions and click the corresponding box so that it is yellow. - Click on SAVE button. | |
| Warning | |
|
Except for very controlled special cases, never designate the admin user (UID=998) or the root user (UID=0) to manage a container. This is a serious security flaw. If we do this we are giving the container complete freedom to do whatever it wants in our system. Have you created this container? Do you know what he is capable of doing? | |
# THE FOLLOWING VARIABLES CAN BE USED IN ANY COMPOSE FILE
# THEIR VALUE WILL BE REPLACED BY THE VALUE ASSIGNED HERE
# YOU CAN ADD AS MANY VARIABLES AS YOU NEED
#
#
# Customize the PID and GID value of your appuser user.
# You can see it in the OMV GUI in the USERS > USERS tab
#
APPUSER_PUID=1002
APPUSER_PGID=100
#
# Customize your time zone value.
# You can see it in the OMV GUI in the SYSTEM > DATE & TIME tab
#
TIME_ZONE_VALUE=Europe/Madrid
#
# In this file you can define how many paths you need for different compose files.
# The following are examples corresponding to the example system in the Docker on OMV document on the omv-extras wiki.
# Customize the values according to your system configuration.
#
PATH_TO_APPDATA=/srv/dev-disk-by-uuid-9d43cda9-20e5-474f-b38b-6b2b6c03211a/appdata
PATH_TO_DATA=/srv/mergerfs/pool/data
PATH_TO_DOCUMENTS=/srv/mergerfs/pool/data/documents
PATH_TO_MEDIA=/srv/mergerfs/pool/data/media
PATH_TO_MOVIES=/srv/mergerfs/pool/data/media/movies
PATH_TO_PHOTOS=/srv/mergerfs/pool/data/media/photos
PATH_TO_BACKUPS=/srv/dev-disk-by-uuid-384444bb-f020-4492-acd2-5997e908f49f/backups
PATH_TO_DOWNLOADS=/srv/dev-disk-by-uuid-384444bb-f020-4492-acd2-5997e908f49f/downloads
* Now we could define the following compose file:
---
services:
jellyfin:
image: lscr.io/linuxserver/jellyfin:latest
container_name: jellyfin
environment:
- PUID=${APPUSER_PUID}
- PGID=${APPUSER_PGID}
- TZ=${TIME_ZONE_VALUE}
volumes:
- ${PATH_TO_APPDATA}/jellyfin/config:/config
- ${PATH_TO_APPDATA}/jellyfin/cache:/cache
- ${PATH_TO_MEDIA}:/media
ports:
- 8096:8096
restart: unless-stopped
* And the file that would actually be executed would be this:
---
services:
jellyfin:
image: lscr.io/linuxserver/jellyfin:latest
container_name: jellyfin
environment:
- PUID=1002
- PGID=100
- TZ=Europe/Madrid
volumes:
- /srv/dev-disk-by-uuid-9d43cda9-20e5-474f-b38b-6b2b6c03211a/appdata/jellyfin/config:/config
- /srv/dev-disk-by-uuid-9d43cda9-20e5-474f-b38b-6b2b6c03211a/appdata/jellyfin/cache:/cache
- /srv/mergerfs/pool/data/media:/media
ports:
- 8096:8096
restart: unless-stopped
What this variable system does is convert the variables that we have defined in the compose file into the actual values that we need to define in the compose file. If we are only creating one compose file it may not make much sense, but it is very useful when there are several compose files.
The advantage of using this system is that we define the compose file once and never need to modify it. Even if we reinstall the OMV system we just need to update those global variables and all our containers will be up to date and continue to work as before.
\\
| Note | |
|
At this time, the plugin fully supports global environment variables, even while using the plugin's backup utility, so there is no reason to use symlinks. But if you want to use them for some reason, you can still do so. If you don't want to use environment variables, simply write the full values to the compose files without using variables. | |
| Note | |
| If you have configured folders in the plugin's SETTINGS tab, the example files will usually work as is, but you may want to modify them to optimize your settings. If you finish reading this document and look at any of the example files, you will understand why. | |
| Beginners Info | |
| You will find containers where the creator has not published a compose file. Containers can be run from the CLI with a command line. The plugin uses docker-compose for easy setup but you need that compose file. If you can't find it, you can build it yourself using Composerize and starting from that container's docker command. There is a prepared Composerize container in the plugin's examples list. | |
# https://hub.docker.com/r/linuxserver/jellyfin
services:
jellyfin:
image: lscr.io/linuxserver/jellyfin:latest
container_name: jellyfin
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
- JELLYFIN_PublishedServerUrl=192.168.0.5 #optional
volumes:
- CHANGE_TO_COMPOSE_DATA_PATH/jellyfin/library:/config
- CHANGE_TO_COMPOSE_DATA_PATH/jellyfin/tvseries:/data/tvshows
- CHANGE_TO_COMPOSE_DATA_PATH/jellyfin/movies:/data/movies
ports:
- 8096:8096
- 8920:8920 #optional
- 7359:7359/udp #optional
- 1900:1900/udp #optional
restart: unless-stopped
| Note | |
| Verify on the official page that this compose file has not changed before installing it | |
| Beginners Info | |
|
WHAT A COMPOSE FILE IS LIKE A compose file is a yaml format file that is used to define the configurations that docker will adjust to the downloaded image to form the container. The parts of this composition file for jellyfin are as follows: services: It is always the first line and gives way to the definition of the different services. jellyfin: Is the name of a service in this compose file. In this case there is only one but there could be more. image: Defines where the container is downloaded from, in this case linuxserver. This value may have options to download different versions of images. In this case the word latest indicates that the latest available version will always be downloaded. container_name: Simply the name of the container for this service, in this case jellyfin. environment In this section some environment values are defined, such as in this case the user who will run the container, the time zone, or others. volumes Here we define the folder mounts in the container. ports To define port mounts. restart Tells docker how we want the container to behave when the server starts, etc. In this case, the container will always be running unless we stop it manually. | |
# THE FOLLOWING VARIABLES CAN BE USED IN ANY COMPOSE FILE
# THEIR VALUE WILL BE REPLACED BY THE VALUE ASSIGNED HERE
# YOU CAN ADD AS MANY VARIABLES AS YOU NEED
#
#
# Customize the PID and GID value of your appuser user.
# You can see it in the OMV GUI in the USERS > USERS tab
#
APPUSER_PUID=1002
APPUSER_PGID=100
#
# Customize your time zone value.
# You can see it in the OMV GUI in the SYSTEM > DATE & TIME tab
#
TIME_ZONE_VALUE=Europe/Madrid
#
# In this file you can define how many paths you need for different compose files.
# The following are examples corresponding to the example system in the Docker on OMV document on the omv-extras wiki.
#
PATH_TO_APPDATA=/srv/dev-disk-by-uuid-9d43cda9-20e5-474f-b38b-6b2b6c03211a/appdata
PATH_TO_DATA=/srv/mergerfs/pool/data
PATH_TO_DOCUMENTS=/srv/mergerfs/pool/data/documents
PATH_TO_MEDIA=/srv/mergerfs/pool/data/media
PATH_TO_MOVIES=/srv/mergerfs/pool/data/media/movies
PATH_TO_PHOTOS=/srv/mergerfs/pool/data/media/photos
PATH_TO_BACKUPS=/srv/dev-disk-by-uuid-384444bb-f020-4492-acd2-5997e908f49f/backups
PATH_TO_DOWNLOADS=/srv/dev-disk-by-uuid-384444bb-f020-4492-acd2-5997e908f49f/downloads
\\
* We adjust the compose file as follows:
\\
# https://hub.docker.com/r/linuxserver/jellyfin
services:
jellyfin:
image: lscr.io/linuxserver/jellyfin:latest
container_name: jellyfin
environment:
- PUID=${APPUSER_PUID} # See Comment 1
- PGID=${APPUSER_PGID} # See Comment 1
- TZ=${TIME_ZONE_VALUE} # See Comment 2
#- JELLYFIN_PublishedServerUrl=192.168.0.5 # See Comment 3
volumes:
- ${PATH_TO_APPDATA}/jellyfin/config:/config # See Comment 4
- CHANGE_TO_COMPOSE_DATA_PATH/media:/media # See Comment 4
devices: # See Comment 5
- /dev/dri:/dev/dri # See Comment 5
ports:
- 8096:8096 # See Comment 6
restart: unless-stopped
| Beginners Warning | |
|
This file is in Yaml format, indentations are important. If you do not respect the indentations, Docker will not be able to interpret the configuration file and the container will give an error and will not start. Whenever you ask for help on the forum, post the compose file in a code box to show the indentations so you can get help. To create a code box in the forum press the corresponding button in the toolbar. Hides sensitive data, such as passwords, email addresses, etc. | |
| Beginners Info | |
|
On the left the folder on the host. On the right the folder in the container. Read the introduction of this document to understand folder mapping. | |
| Advanced configuration | |
|
You can use relative paths. Set the volume mapping in the compose file: - ./config:/config will create the folder ${PATH_TO_APPDATA}/jellyfin/config on the host. | |
| Beginners Info | |
| This will be the persistent data for this container. If we need to reset the container, it is enough to stop it, delete this folder and start the container. We will find it in its initial state and ready to configure from scratch. | |
| Note | |
|
In the case of jellyfin the libraries are configured from the container, we just need it to be able to see them. That is to say, it is not necessary to map movies on the one hand and photos on the other hand, although we could do it that way too. To make it easier, we map a single volume that contains everything. Later from jellyfin we will search each folder for each library. /media/movies /media/photos etc. | |
| Beginners Info | |
|
You should always make sure that the port mapped on the host is free. There are special cases where the container needs port 80 and/or port 443, with Nginx Proxy Manager. OMV uses those ports to access the GUI. You can change them in System Workbench. Another special case is pihole, which needs port 53. OMV uses port 53 and we cannot occupy it, so in this case it can be solved with a VLAN. There is a procedure in the openmediavault-compose plugin document on this wiki. | |
services:
jellyfin:
image: lscr.io/linuxserver/jellyfin:latest
container_name: jellyfin
environment:
- PUID=1002
- PGID=100
- TZ=Europe/Madrid
volumes:
- /srv/dev-disk-by-uuid-9d43cda9-20e5-474f-b38b-6b2b6c03211a/system/appdata/jellyfin/config:/config
- /srv/mergerfs/pool/data/media:/media
devices:
- /dev/dri:/dev/dri
ports:
- 8096:8096
restart: unless-stopped
# https://hub.docker.com/r/linuxserver/duplicati
services:
duplicati:
image: lscr.io/linuxserver/duplicati:latest
container_name: duplicati
environment:
- PUID=${APPUSER_PUID}
- PGID=${APPUSER_PGID}
- TZ=${TIME_ZONE_VALUE}
#- CLI_ARGS= #optional
volumes:
- ${PATH_TO_APPDATA}/duplicati/config:/config
- ${PATH_TO_BACKUPS}/duplicati/backups:/backups
- ${PATH_TO_DOCUMENTS}:/source/documents:ro # :ro makes the container only have read access to this volume
- ${PATH_TO_PHOTOS}:/source/photos:ro
ports:
- 8200:8200
restart: unless-stopped
###########################
# This compose file is customized following the document: "Docker in OMV" from the OMV-Extras wiki.
# Adapt it to your server if the configuration is different.
# https://wiki.omv-extras.org/doku.php?id=omv7:docker_in_omv
###########################
# https://hub.docker.com/r/linuxserver/syncthing
services:
syncthing:
image: lscr.io/linuxserver/syncthing:latest
container_name: syncthing
hostname: syncthing #optional
environment:
- PUID=${APPUSER_PUID}
- PGID=${APPUSER_PGID}
- TZ=${TIME_ZONE_VALUE}
volumes:
- ${PATH_TO_APPDATA}/syncthing/config:/config
- ${PATH_TO_DOCUMENTS}/mary/syncthing:/mary # If your name is not Mary, modify this
- ${PATH_TO_DOCUMENTS}/peter/syncthing:/peter # If your name is not Peter, modify this
ports:
- 8384:8384
- 22000:22000/tcp
- 22000:22000/udp
- 21027:21027/udp
restart: unless-stopped
###########################
# This compose file is customized following the document: "Docker in OMV" from the OMV-Extras wiki.
# Adapt it to your server if the configuration is different.
# https://wiki.omv-extras.org/doku.php?id=omv7:docker_in_omv
###########################
| Advanced configuration. | |
|
NPM requires ports 80 and 443 on the router to validate Let's Encrypt certificates. You can free those ports by changing the ones used by the OMV GUI as suggested or you can do a forwarding from the router to the container. To do this, forward 80 and 443 on the router to, for example, 30080 and 30443 with the server's IP. In the NPM container it collects these ports using: - 30080:80 - 30443:443 The result will be the same, the container will receive the traffic from those router ports and you will still have the OMV GUI on port 80 and 443 of your local network. | |
# https://nginxproxymanager.com
services:
app:
image: 'jc21/nginx-proxy-manager:latest'
restart: unless-stopped
ports:
- '80:80' # Public HTTP Port
- '443:443' # Public HTTPS Port
- '81:81' # Admin Web Port
# Add any other Stream port you want to expose
# - '21:21' # FTP
environment:
# Mysql/Maria connection parameters:
DB_MYSQL_HOST: "db"
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: "npm"
DB_MYSQL_PASSWORD: "npm"
DB_MYSQL_NAME: "npm"
# Uncomment this if IPv6 is not enabled on your host
# DISABLE_IPV6: 'true'
volumes:
- ${PATH_TO_APPDATA}/nginxproxymanager/data:/data
- ${PATH_TO_APPDATA}/nginxproxymanager/letsencrypt:/etc/letsencrypt
depends_on:
- db
db:
image: 'jc21/mariadb-aria:latest'
restart: unless-stopped
environment:
MYSQL_ROOT_PASSWORD: 'npm'
MYSQL_DATABASE: 'npm'
MYSQL_USER: 'npm'
MYSQL_PASSWORD: 'npm'
MARIADB_AUTO_UPGRADE: '1'
volumes:
- ${PATH_TO_APPDATA}/nginxproxymanager/mysql:/var/lib/mysql
###########################
# This compose file is customized following the document: "Docker in OMV" from the OMV-Extras wiki.
# Adapt it to your server if the configuration is different.
# https://wiki.omv-extras.org/doku.php?id=omv7:docker_in_omv
###########################
# https://github.com/nextcloud/all-in-one
# For custom configuration consult -> https://github.com/nextcloud/all-in-one/blob/main/compose.yaml
services:
nextcloud-aio-mastercontainer:
image: nextcloud/all-in-one:latest
init: true
restart: always
container_name: nextcloud-aio-mastercontainer
volumes:
- nextcloud_aio_mastercontainer:/mnt/docker-aio-config
- /var/run/docker.sock:/var/run/docker.sock:ro
ports:
- 8080:8080
environment:
- APACHE_PORT=11000
- NEXTCLOUD_DATADIR=${PATH_TO_APPDATA}/nextcloud_data
volumes:
nextcloud_aio_mastercontainer:
name: nextcloud_aio_mastercontainer
###########################
# This compose file is customized following the document: "Docker in OMV" from the OMV-Extras wiki.
# Adapt it to your server if the configuration is different.
# https://wiki.omv-extras.org/doku.php?id=omv7:docker_in_omv
###########################
| Note | |
|
Nextcloud AIO is a container that spawns other containers and stores them in the docker folder. The openmediavault-compose plugin backup utility does not back up data in this folder. If you want to have a backup of this container you must use the internal backup function of Nextcloud AIO. In the Nextcloud AIO GUI you must establish where this backup is saved and how often it should be done, Nextcloud AIO takes care of everything else, stopping containers, making the backup and starting containers again. | |
| Beginners Info | |
| Most of the example compose files will work out of the box if you run them without making any modifications. But it will probably be better to adapt them to your system configuration according to everything explained in this document. This will avoid unexpected situations. | |