Folder locations for Docker : Best Practices

I’ve been trying to get SMB/CIFS to work on my installation. In fact, I found a way to ensure the appropriate utilities were installed using a Dockerfile. However, I’m not sure if this is the best solution for me so I’m looking into other ideas.

My docker host server has a series of CIFS mounts in place. These mounts are used as volumes in other docker containers.

A good example of this is my Frigate container. It gets the data like this:

  • /etc/fstab
    • //server/NVR/ /media/NVR/
  • frigate/docker-compose.yml
    • volumes:
      • /media/NVR/frigate:/media/frigate

I’ve replicated this approach in my docker-compose.yml for NextCloud:

  • nextcloud/docker-compose.yml
    • volumes:
      • /media/Backups:/media/backups
      • /media/Downloads:/media/downloads
      • /media/Shared:/media/shared
      • /media/NVR:/media/nvr

I’ve been able to add these to my NextCloud instance and they work well. I have hidden credential files on the docker host server to manage access to these shares.

I’m after guidance and direction on the best way to solve my next step in extending the NextCloud functionality for my network.

I have a media server and a file server both running Windows Server 2022 that have a service user account and two personal accounts on them. Here are my requirements:

  1. Share media folders as read only:
    1.1. Audiobooks
    1.2. Books
    1.3. Music
    1.4. Pictures
  2. Share file folders as read/write:
    2.1. Backups
    2.2. Shared
    2.3. Software
  3. Share user file folders as read/write by user:
    3.1. user1
    3.2. user2
    3.3. etc.

I expect I can mount volumes as - /media/Music:/media/music:ro to force the mount to be read only.

If I mount a volume with no settings it will be read write, as shown if running the docker-compose --file /srv/nextcloud/docker-compose.yml config command: - /media/Shared:/media/shared:rw.

What is a good approach or a best practice for managing user specific folders?

I’d likely try the following:

  1. Make a set of user folders:

    sudo mkdir /media/Users/user1
    sudo mkdir /media/Users/user2

  2. Change the ownership on each folder:

    sudo chown [serviceuser]:[serviceuser] /media/Users/user1
    sudo chown [serviceuser]:[serviceuser] /media/Users/user2

  3. Create a credentials file for each user:

    sudo touch /root/.smbcredentials_user1
    sudo chmod 600 /root/.smbcredentials_user1
    sudo nano /root/.smbcredentials_user1

  4. Update the credentials file for each user:


  5. Then I’d edit the file system table to add the following entries:

     //[server]/Users/user1/    /media/Users/user1/    cifs    credentials=/root/.smbcredentials_user1,rw,iocharset=utf8,vers=3.0,noperm    0    0
     //[server]/Users/user2/    /media/Users/user2/    cifs    credentials=/root/.smbcredentials_user2,rw,iocharset=utf8,vers=3.0,noperm    0    0

Is this the best way? Are there other considerations? I recognise that I’d have to keep the network credentials synchronised manually this way, but for my self hosted installation that’s fairly easy. I am wondering if I’m missing a better or easier way of doing things because I’m not as familiar with NextCloud just yet.


Looks fine. Setting it on the bare metal is a good idea and Nextcloud should be able to access it no problem. If concerned, just tell your users to report any issues and state your migration is “In progress. Thank you for understanding. Please send me feedback if you encounter any issues.”

You could always create some fake user accounts to make sure everything works as expected.

For further help with Docker volume locations you’ll want to consult their documentation for best practice ideas.