Setting up Navidrome in Docker on TrueNAS Scale

Don’t subscribe to things like music streaming!

It’s like subscribing to an emojii keyboard. Why?

Let’s setup NaviDrome as our Spotify replacement:

… it has docker instructions! This should be E-Z on TrueNAS Scale.

Spoiler, it was not.

I first started by trying to use the “Add Docker Contaienr” gui wizard thing to add this. It Did Not Work.

Second I tried some different variations on the gui to add the container.

It did not work.

Stuck at deploying?

I used the gui to get logs:


It was a big black nothing:

I dropped to a prompt and did docker ps:

running docker ps over and over again I could see the container stopping and starting.

I did docker logs bd35 and got


Terminated huh? Okay, terminate this.

Let’s do it My Way

So I think this is a case of the gui getting in the way and causing more harm than it is meant to solve.

I had created the dataset /mnt/tank/navidrome and /mnt/tank/navidrome/data and /mnt/tank/navidrome/music

You probably already have a music folder. If that’s true then you don’t need to create one. Navidrome mounts your music folder READ ONLY which is nice and safe.

Next, I created docker-compose.yml in their install docs:

version: "3"
    image: deluan/navidrome:latest
    user: 1000:1000 # should be owner of volumes
      - "4533:4533"
    restart: unless-stopped
      # Optional: put your config options customization here. Examples:
      ND_LOGLEVEL: info  
      ND_BASEURL: ""
      - "/mnt/tank/navidrome/data:/data"
      - "/mnt/tank/navidrome/muisic:/music:ro"

… and put it in /mnt/navidrome

and then from the command prompt I ran:

cd /mnt/tank/navidrome
docker-compose up -d 

which starts, and detaches the container. It is possible to make this container auto-restart.

The downside of DIYing it here is that it doesn’t show in the TrueNAS gui. The upside is It Actually Works.

Or it would have, if it wasn’t for the TrueNAS firewall in scale.

TrueNAS Scale Has A Firewall

The documentation is usually very good, here:

However, searching for iptables has a lot of false positives:

As explained in the video, it was ultimately the only option to drop to a prompt and forward the port manually.

 iptables -A INPUT --dport 4355 -j ACCEPT 

It took me a sec to figure this out. This is the first result, and it has an approach like mine, but the “why do you need that” :

made me think this user was doing something wrong and there was a “sanctioned” way to do this. But that wasn’t the case here, as far as I can tell.

,And then we are able to access the music player on our system:

With our Wireshark guide, you can stream from anywhere through your VPN! Without fear of someone breaking into your server through a weak service password on software like Navidrome. It also doesn’t matter as much that you aren’t using SSL encryption since the VPN provides a layer of encryption.

Cool stuff!


I have had lots of problems with the jails on trueNAS. I’m getting ready to switch my server back to linux and if I really miss trueNAS, run it as a VM and just pass my ZFS file system to it. I’m running trueNAS to get actual ACLs and other nice configuration stuff, but there is a lot better compatibility and documentation for getting things done on linux vs BSD.

@wendell By using TrueCharts it would be possible to avoid all this hassle.

I might prefer to do it myself as well, but we’re both advanced users.
For the project of an easy-to-deploy Homeserver, TrueCharts seems like a better option.

It’s a community catalog of Helm Charts, made to plug into TrueNAS Scale.

I just quickly tested installing Navidrome through their Chart and it works flawlessly.
For Less Experienced Users just clicking Next during the process works well and for intermediate users advanced otpions are available.

Or did you have a specific reason not to consider TrueCharts?


Thanks. No, just the UI. I think when a package provides a docker or docker compose instructions getting a gui options for that would make the most sense? So we don’t depend on someone making a helm chart? Or does it not work that way?

Is the UI just oddly broken for manually adding arbitrary contianer x?

Did your install use the same IP as the truenas machine or did it get it’s own IP via bridge?

Old Reply, that was less refined

Installing Navidrome manually through the UI:

It’s possible without the hassle you had to go through, all that’s needed is setting a Port and Forwarding it to provide access via the Host’s IP. If a separate IP / Interface is needed there are options to set that up.

Any Arguments or Environment Variables needed can also be set through the UI during installation, see here (this was just a minimal installation with not much configured, though working):

Screenshot from 2022-02-23 08-21-24

Installing Navidrome via TrueCharts Catalogue

A TrueCharts App is not a replacement for a Docker Container, just an easier, more automated way to set one up, as it takes into consideration the underlying Kubernetes.
It exposes the relevant settings for Kubernetes and Docker that the particular container needs in a more readable way for less experienced users and does some work in the background.

For Example, the Networking Section can be as simple as this, how it comes pre-configured:

In this case it exposes Navidrome via the Host’s IP.

But the GUI for the App also has options to set things up for a ClusterIP, that is available only internally to connect it to another Docker running Traefik or other advanced configurations.
Check out the Section to Configure Ingress with a few settings:

My Verdict:

Why not describe both Options?

For Beginners, using the TrueCharts Helms is much easier and will make it easier to understand what’s being configured.
For Advanced Users, Setting up the Docker manually via the GUI will work well and give deeper insight.

A Wiki Post for Global Configuratin on the “Apps” Section in TrueNAS Scale and how to get started with it would probably also be a good idea, I’ll volunteer for it.

I think it’d be better in the long term than your method, as in both cases these configs will actually get stored in the database file of TrueNAS Scale, are easy to back up / restore and won’t have a chance to break during updates.

I’ve been working with TrueNAS Scale and have been exploring this a bit more.

If one wants to install Navidrome as a Docker Container, not using TrueCharts, and expose outside of TrueNAS Scale, there are two easy Options:

1) Add a Network Interface from the Host with an IP Alias

Now one can reach Navidrome externally via the chosen IP and Port 4553.
The Port can be changed by adding an Environment Variable to Navidrome

2) Forward a Port to the Container

Now one can reach Navidrome via the IP/Hostname of the TrueNAS Scale System and Port 9533.

Adding a Host Path for Media Ingress:

This is also done quite comfortably through the UI, as long as there are read permissions available on the filesystem.

I’m running Emby right now on TruNas core using the plugin. It works pretty well but controlling other devices from it doesn’t work well and some devices don’t read from it’s DLNA service.

Is Navidrome better than Emby?

thats a good question. community want to try some things with devices and whatnot?

I generally use Emby DLNA service to play music over my Yamaha receiver with Musiccast. The browse interface in Musiccast with DLNA is terrible so I end up making playlists in Emby that I queue up from Musiccast.

It would be great to use Emby or Navidrome interface to control the music playing to the Yamaha stereo. With Emby I can get it to play one song with DLNA control from Emby in the browser but then it just stops. Not sure if that’s a problem with Emby or Yamaha

Thanks! Super-interesting :slight_smile:

This would be Wireguard right?

1 Like

Ran into this!

EDIT: Solved. For anyone doing this in WSL+Docker, just use ~ before the path.

1 Like

I ran into the same issue it was when I ran the docker without any volumes to test it and I let the users pid.
When I removed the user pid it disapeared.

Thank you for all of the guides you are making.
I am, however, stuck on the step before - setting up my home sever / NAS. Main reason is that I’m not yet confident enough about setting up storage sever, and then pushing it into production.
I know you have made several videos in the series, but could you make an overview guide with pros and cons of distributions, software and hardware requirements for various applications, e.g. I am interested in simple and reliable NAS with SSD caching and ability to run few virtual machines and containers, and I’m using Fedora as main distro.
Also when making builds, can you give explicit suggestions for hardware e.g. we need X for ECC support, since I can’t find a lot of hardware items available.
Thanks in advance,

1 Like

Just want to point out that this solution (navidrome + vpn) fails with all company laptops. There’s no way that the IT will allow you to install a vpn client.

If you are looking for a solution for that then you will need to reverse proxy with a public IP.

You all are a bit too focused on details. I’d like to point out that Pornophonique album there, it’s great.

I’ve seen this zerotier thing and recently Lawrence did a homelab show about it:

He said it could traverse internal networks easily and cleanly and could actually be used for red teaming or maybe less maliciously, navidrome streaming.

While looking for an iOS client for the Navidrome server, it occurred to me that Navidrome isn’t the only streaming service in the Open Source ecosystem. There is also:

Jellyfin, etc

So is Navidrome the best-ish of the category server-wise? Or are there “better” alternatives? I guess the client UI isn’t really important because you should be just playing it in the background?

What about the clients? Koel seems nice for iOS, but it is paid. What are you guys using for iOS?

I personally use Jellyfin for Music, it’s amazing at organizing music and requires less perfect tagging.
Finamp is a great App for Mobile Streaming on Android.

Also, check out the list of Navidrome Apps in their Docs, there is four Options for iOS:


With my experience, Navidrome is the newer than most of these, less jank and is compatible with the Subsonic API, so you can actually use any Subsonic client.

1 Like

I used airsonic-advanced prior to this. Well actually I used DS Audio on Synology but they broke it with some updates mid last year and have so far not bothered to fix it again, despite having bug reports submitted and my searching showing others having the same issues. Anyway my music library is relatively large at around 200k files and airsonic was SLOW. Super slow, to the point it would time out loading large libraries and if it ever did that would require the docker container to be restarted. But eventually the cache would build itself up and after many many restarts I could browse my library, but even then, if too much was added to a playlist at once it would crash. Synching and loading were also slow all the time no matter what, I’ve been told the use of java is what does this. I gave navidrome a shot after seeing the L1 video on it and damn if within a minute of first spinning up the container I was able to connect remotely over mobile and being browsing/playing tracks, the directory of music already scanned loaded near instantly as well. Very impressive.

My only question mark with navidrome is browsing the shares by the original folder structure, which is a massive dealbreaker for me. I’m using DSUB for android which does have the option to browse by folder using the subsonic API, but it appears that navidrome ignores this setting and still only uses tags. Is there any way around this? Or perhaps a navidrome fork that allows it? It doesn’t have to be navidrome either, just as long as it doesn’t choke on big libraries, offers transcoding and has directory browsing I’m happy. DS Audio was genuinely fanstastic for my use case which still makes me mad to think about.

1 Like

so like yourself I had this issue where navidrome wouldn’t deploy.
I got this working but the storage Folder’s had to have ACL rules applied to them, I also found this out the hard way when trying to do any virtualization libqemu user needed added to the ACL list for the share.