Documenting migration of tt-rss truecharts app to jailmaker+dockge

I’ve been stalled out ever since truecharts took down their app repo. Mostly because I didn’t want to use an interim solution like dockge+jailmaker (and have to migrate everything again when the next Truenas version is released). Well I wish I’d been paying more attention to things, because now I’ve seen Stux’s video about migrating from jailmaker and it looks like the solution in 24.10 is still dockge just without jailmaker. So what am I waiting for? Let’s go!

I’m going to start from zero here. Full Truecharts setup with the operator charts, cnpg, traefik, and all that jazz on Truenas 24.04.

Setting up jailmaker and Dockge

First step is installing jailmaker and then Dockge. I looked at both the Truenas doc and Stux’s video for this. My only deviation was changing the default network bridge when installing the docker template config with jailmaker.

I’m going to pause to mention that I don’t know what I’m doing. Bridge NICs never really clicked in my brain, so don’t blindly follow what I did here.

The default docker config has this section:
systemd_nspawn_user_args=--network-bridge=br1
But my Truenas system is already using br0 for apps:


So I changed that line in the config to use br0, and it seems to have worked.
systemd_nspawn_user_args=--network-bridge=br0
Either way I recommend you follow Stux’s video and make sure your demo app can ping out to the wider internet once installed.
More jailmaker networking info.

I also didn’t follow any of the other network configuration Stux goes through in the video. Once I’d set the bridge and let docker start up, it pulled its own IP address and I made it static on the router side.

Now we have jailmaker installed to /mnt/application/jailmaker/jlmkr.py and a docker “VM” installed to /mnt/application/jailmaker/jails/docker/. And then dockge is installed to that docker VM. Everything by following the video. It gets a tiny big convoluted, so here’s the list:

What about volume paths for tt-rss?

The truecharts version of tt-rss allows you to make config, plugins.local, and themes.local into mounts to Truenas. You can do that in dockge too, but instead I’m going to prefer using docker cp to copy themes and such over to the docker volumes. If you want to set up host mounts, see the next post in this thread.

Installing tt-rss in Dockge

Like in Stux’s video, click “+ Compose” to create a new app in Dockge. The basic information from tt-rss’s installation documentation still works here, but I made some changes:

  • Since Truecharts started using some weird amalgamation database system, going backwards from their Postgresql 16.3 to tt-rss’s version 15 isn’t automatic. Instead of wrestling with it, just change tt-rss’s compose to use the newer version 16.
  • And in order to make migrating easier, add pgadmin to the compose.

The result will look like this:

compose.yaml

version: "3"
services:
  db:
    image: postgres:16-alpine
    restart: unless-stopped
    env_file:
      - .env
    environment:
      - POSTGRES_USER=${TTRSS_DB_USER}
      - POSTGRES_PASSWORD=${TTRSS_DB_PASS}
      - POSTGRES_DB=${TTRSS_DB_NAME}
    volumes:
      - db:/var/lib/postgresql/data
  pgadmin:
    image: dpage/pgadmin4
    container_name: pgadmin4_container
    restart: always
    ports:
      - 8281:80
    environment:
      PGADMIN_DEFAULT_EMAIL: ctag@me.com
      PGADMIN_DEFAULT_PASSWORD: mypassword
    volumes:
      - pgadmin-data:/var/lib/pgadmin
  app:
    image: cthulhoo/ttrss-fpm-pgsql-static:latest
    restart: unless-stopped
    env_file:
      - .env
    volumes:
      - app:/var/www/html
      - ./config.d:/opt/tt-rss/config.d:ro
    depends_on:
      - db
  #  optional, makes weekly backups of your install
  #  backups:
  #    image: cthulhoo/ttrss-fpm-pgsql-static:latest
  #    restart: unless-stopped
  #    env_file:
  #      - .env
  #    volumes:
  #      - backups:/backups
  #      - app:/var/www/html
  #    depends_on:
  #      - db
  #    command: /opt/tt-rss/dcron.sh -f

  updater:
    image: cthulhoo/ttrss-fpm-pgsql-static:latest
    restart: unless-stopped
    env_file:
      - .env
    volumes:
      - app:/var/www/html
      - ./config.d:/opt/tt-rss/config.d:ro
    depends_on:
      - app
    command: /opt/tt-rss/updater.sh
  web-nginx:
    image: cthulhoo/ttrss-web-nginx:latest
    restart: unless-stopped
    env_file:
      - .env
    ports:
      - ${HTTP_PORT}:80
    volumes:
      - app:/var/www/html:ro
    depends_on:
      - app
volumes:
  db: null
  app: null
  backups: null
  pgadmin-data: null
networks: {}

Update the pgadmin account and password, and then enter the .env file:

.env

# Put any local modifications here.

# Run FPM under this UID/GID.
OWNER_UID=568
OWNER_GID=568

# FPM settings.
#PHP_WORKER_MAX_CHILDREN=5
#PHP_WORKER_MEMORY_LIMIT=256M

# ADMIN_USER_* settings are applied on every startup.

# Set admin user password to this value. If not set, random password will be generated on startup, look for it in the 'app' container logs.
#ADMIN_USER_PASS=

# Sets admin user access level to this value. Valid values:
# -2 - forbidden to login
# -1 - readonly
#  0 - default user
# 10 - admin
#ADMIN_USER_ACCESS_LEVEL=

# Auto create another user (in addition to built-in admin) unless it already exists.
#AUTO_CREATE_USER=
#AUTO_CREATE_USER_PASS=
#AUTO_CREATE_USER_ACCESS_LEVEL=0

# Default database credentials.
# You can generate a db password with `openssl rand -base64 12`
TTRSS_DB_USER=postgres
TTRSS_DB_NAME=tt-rss
TTRSS_DB_PASS=password

APP_WEB_ROOT=/var/www/html/tt-rss
APP_BASE=

# You will likely need to set this to the correct value - it should point to external tt-rss URL as seen in your browser.
TTRSS_SELF_URL_PATH=http://192.168.13.78:8280

# You can customize other config.php defines by setting overrides here. See tt-rss/.docker/app/Dockerfile for complete list. Examples:

# You probably shouldn't disable auth_internal unless you know what you're doing.
# TTRSS_PLUGINS=auth_internal,auth_remote
# TTRSS_SINGLE_USER_MODE=true
# TTRSS_SESSION_COOKIE_LIFETIME=2592000
# TTRSS_FORCE_ARTICLE_PURGE=30
# ...

# Bind exposed port to 127.0.0.1 to run behind reverse proxy on the same host. If you plan expose the container, remove "127.0.0.1:".
#HTTP_PORT=127.0.0.1:8280
HTTP_PORT=8280

I made a few changes here. The only important one is setting the database to tt-rss otherwise you’ll have to restore the Truecharts tt-rss db into the postgres db of the new instance. I also set the user/group to ‘apps’ UID of 568, changed the port to allow external access, set the self_url, and added a snipped to make the app_base empty (otherwise you’ll be browseing to http://[ip]:8280/tt-rss/).

Click save, and then start your new app. If you didn’t set a password for the tt-rss admin user, grab it from the log output and try logging in. Once that works, open pgadmin and add a new server. For the hostname put db:
image

Once that all works, lets shift back to the truecharts app and make a backup. Here’s where it can get sticky, I already had pgadmin installed through the truecharts documentation. And if you don’t already have it, they’ve disabled access to go install it. So you can either install pgadmin from a re-hosted truecharts catalog, or use the terminal commands below.

Using pgadmin to create database dump:

Log in and create a new server to connect to your tt-rss database. For the hostname, use the tcdbinfo.sh script.

For me it was tt-rss-cnpg-main-rw.ix-tt-rss.svc.cluster.local

Right click on the server and select “Backup…”


There are guides out there for making and restoring backups from pgadmin. Here are the settings I used though:



Click Backup.
To download the file, go to “Tools” in the blue menu at the top of the screen, and select “Storage Manager”. Click the file and download it.

Making backup file without pgadmin:

This doesn’t appear to be on truechart’s website anymore, but at one time I found a script that makes backups of all pgsql apps. Here is it’s contents:

tcdbbackup.sh:

#!/bin/bash
# create backup folder
folder="./dumps/"
mkdir -p "$folder"

# get namespaces with postgres database pod
namespaces=$(k3s kubectl get pods -A | grep postgres | awk '{print $1}')

for ns in $namespaces; do
  # extract application name
  app=$(echo "$ns" | sed 's/^ix-//')

  echo "Creating database backup for $app."

  file="$app.sql"
  
  # Scale down deployment to avoid inconsistencies in DB
  k3s kubectl scale deploy "$app" -n "$ns" --replicas=0
  while true; do k3s kubectl get pods -n "$ns" | grep -i -q terminating || break; done;

  k3s kubectl exec -n "$ns" -c "$app"-postgresql "$app"-postgresql-0 -- bash -c 'PGPASSWORD=$POSTGRES_PASSWORD pg_dump -Fc -U $POSTGRES_USER -d $POSTGRES_DB -f /tmp/'$file
  k3s kubectl cp -n "$ns" -c "$app"-postgresql "$app-postgresql-0:tmp/$file" $folder$file

  # Scale deployment back up
  k3s kubectl scale deploy "$app" -n "$ns" --replicas=1
  
  if [ ! -f "$folder$file" ]; then
    >&2 echo "$folder$file does not exist."
    exit 1
  fi

  echo "File $file created."
done
exit 0

Running that script should create .sql dumps of apps in a new folder called dumps/.

Using backup file you just made on new tt-rss app:

Now re-open pgadmin for your new tt-rss instance. Upload the same backup file in the Storage Manager. Then create a new database named “tt-rss”. I’m not sure if that’s strictly necessary, but it didn’t hurt. Right click the tt-rss database and select “Restore…”. Pick the uploaded file, and select “postgres” for the role drop-down. Click Restore!

Once that completed, I re-started my tt-rss and had all of my settings and saved feeds

2 Likes

Here is a section I cut from the original post, since I decided to go a different direction.

Setting up mount paths on tt-rss

If you followed Stux’s video guide, you should have some dataset paths similar to this:

/mnt/application/jailmaker
/mnt/application/docker/data
/mnt/application/docker/stacks

And you’ve edited the docker config to include bind mounts:

The official tt-rss yaml supports volumes for:

  • db: data storage for postgresql
  • app: the hosted webpage files
  • backups: Auto-generated weekly backups
  • (and pgadmin-data: Not part of tt-rss, added by ctag to the compose.yaml below.)

But the truecharts app supports config, themes.local, and plugins.local as well. Instead of following just what’s in the tt-rss docker yaml file, we’re going to duplicate the available storage from the truecharts app.

Start by creating the datasets on Truenas:

Don’t forget to change the permissions. I set the tt-rss dataset to apps:apps and then applied recursively.

I have NOT included these mountpoints in the compose.yaml below, in case anyone just copies it directly, or wants to mix and match which volumes to mount. You will need to edit compose.yaml manually to match your mount points, like so:

...
  app:
    image: cthulhoo/ttrss-fpm-pgsql-static:latest
    restart: unless-stopped
    env_file:
      - .env
    volumes:
      - app:/var/www/html
      - /mnt/data/tt-rss/config:/opt/tt-rss/config.d:ro
...

Well, I guess editing a post is disabled after some amount of time. That’s cute.

Anyway, I just tried using the tcdbbackup.sh script, and it doesn’t work. That must have been part of the change to cloudnative-pg in the charts.

So, here are the new steps to backup a database if you don’t have pgadmin:

Go to your app in the Truenas UI and click on the “Shell” icon beside any workload:
image

In the popup menu, select the “cnpg” pod:
image

Pick the postgres container, and /bin/bash as the shell:
image

You shouldn’t have to follow this step, but once in the shell I pause to look for a mountpoint that is read-write:

/var/lib/postgresql/data/ should always be writable, since that’s where pgsql is already storing data. Use this path to save your .sql backup file:

Next, identify the database you want to export:

And then create the sql backup file:
image

Then exit the container shell, and go to the Truenas shell. Find your cnpg container:

And then copy out the sql backup file:

Now you can restore the sql file into your new dockge app!

1 Like

Not for all user grades.

Unfortunately spammers like to post… then edit in their spam later.

Maybe a mod can help?

2 Likes

@ctag Just keep posting for updates, which will eventually elevate your status to the point where you can edit your old posts.

1 Like

Thanks Stux! That does make sense.

Thanks etorix, will do.

Next on my radar is figuring out a reverse proxy setup. Caddy-docker-proxy looks promising.