I’ve been trying to get SMB/CIFS to work on my installation. In fact, I found a way to ensure the appropriate utilities were installed using a Dockerfile. However, I’m not sure if this is the best solution for me so I’m looking into other ideas.
My docker host server has a series of CIFS mounts in place. These mounts are used as volumes in other docker containers.
A good example of this is my Frigate container. It gets the data like this:
- /etc/fstab
- //server/NVR/ /media/NVR/
- frigate/docker-compose.yml
- volumes:
- /media/NVR/frigate:/media/frigate
- volumes:
I’ve replicated this approach in my docker-compose.yml for NextCloud:
- nextcloud/docker-compose.yml
- volumes:
- /media/Backups:/media/backups
- /media/Downloads:/media/downloads
- /media/Shared:/media/shared
- /media/NVR:/media/nvr
- volumes:
I’ve been able to add these to my NextCloud instance and they work well. I have hidden credential files on the docker host server to manage access to these shares.
I’m after guidance and direction on the best way to solve my next step in extending the NextCloud functionality for my network.
I have a media server and a file server both running Windows Server 2022 that have a service user account and two personal accounts on them. Here are my requirements:
- Share media folders as read only:
1.1. Audiobooks
1.2. Books
1.3. Music
1.4. Pictures - Share file folders as read/write:
2.1. Backups
2.2. Shared
2.3. Software - Share user file folders as read/write by user:
3.1. user1
3.2. user2
3.3. etc.
I expect I can mount volumes as - /media/Music:/media/music:ro
to force the mount to be read only.
If I mount a volume with no settings it will be read write, as shown if running the docker-compose --file /srv/nextcloud/docker-compose.yml config
command: - /media/Shared:/media/shared:rw
.
What is a good approach or a best practice for managing user specific folders?
I’d likely try the following:
-
Make a set of user folders:
sudo mkdir /media/Users/user1
sudo mkdir /media/Users/user2
-
Change the ownership on each folder:
sudo chown [serviceuser]:[serviceuser] /media/Users/user1
sudo chown [serviceuser]:[serviceuser] /media/Users/user2
-
Create a credentials file for each user:
sudo touch /root/.smbcredentials_user1
sudo chmod 600 /root/.smbcredentials_user1
sudo nano /root/.smbcredentials_user1
-
Update the credentials file for each user:
username=user1
password=[password]
domain=workgroup
-
Then I’d edit the file system table to add the following entries:
//[server]/Users/user1/ /media/Users/user1/ cifs credentials=/root/.smbcredentials_user1,rw,iocharset=utf8,vers=3.0,noperm 0 0
//[server]/Users/user2/ /media/Users/user2/ cifs credentials=/root/.smbcredentials_user2,rw,iocharset=utf8,vers=3.0,noperm 0 0
Is this the best way? Are there other considerations? I recognise that I’d have to keep the network credentials synchronised manually this way, but for my self hosted installation that’s fairly easy. I am wondering if I’m missing a better or easier way of doing things because I’m not as familiar with NextCloud just yet.
Thanks!