Don’t subscribe to things like music streaming!
It’s like subscribing to an emojii keyboard. Why?
Let’s setup NaviDrome as our Spotify replacement:
… it has docker instructions! This should be E-Z on TrueNAS Scale.
Spoiler, it was not.
I first started by trying to use the “Add Docker Contaienr” gui wizard thing to add this. It Did Not Work.
Second I tried some different variations on the gui to add the container.
It did not work.
Stuck at deploying?
I used the gui to get logs:
It was a big black nothing:
I dropped to a prompt and did docker ps:
running docker ps over and over again I could see the container stopping and starting.
I did docker logs bd35 and got
Terminated huh? Okay, terminate this.
Let’s do it My Way
So I think this is a case of the gui getting in the way and causing more harm than it is meant to solve.
I had created the dataset /mnt/tank/navidrome and /mnt/tank/navidrome/data and /mnt/tank/navidrome/music
You probably already have a music folder. If that’s true then you don’t need to create one. Navidrome mounts your music folder READ ONLY which is nice and safe.
Next, I created docker-compose.yml
in their install docs:
version: "3"
services:
navidrome:
image: deluan/navidrome:latest
user: 1000:1000 # should be owner of volumes
ports:
- "4533:4533"
restart: unless-stopped
environment:
# Optional: put your config options customization here. Examples:
ND_SCANSCHEDULE: 1h
ND_LOGLEVEL: info
ND_SESSIONTIMEOUT: 24h
ND_BASEURL: ""
volumes:
- "/mnt/tank/navidrome/data:/data"
- "/mnt/tank/navidrome/muisic:/music:ro"
… and put it in /mnt/navidrome
and then from the command prompt I ran:
cd /mnt/tank/navidrome
docker-compose up -d
which starts, and detaches the container. It is possible to make this container auto-restart.
The downside of DIYing it here is that it doesn’t show in the TrueNAS gui. The upside is It Actually Works.
Or it would have, if it wasn’t for the TrueNAS firewall in scale.
TrueNAS Scale Has A Firewall
The documentation is usually very good, here:
However, searching for iptables has a lot of false positives:
As explained in the video, it was ultimately the only option to drop to a prompt and forward the port manually.
iptables -A INPUT --dport 4355 -j ACCEPT
It took me a sec to figure this out. This is the first result, and it has an approach like mine, but the “why do you need that” :
made me think this user was doing something wrong and there was a “sanctioned” way to do this. But that wasn’t the case here, as far as I can tell.
,And then we are able to access the music player on our system:
With our Wireshark guide, you can stream from anywhere through your VPN! Without fear of someone breaking into your server through a weak service password on software like Navidrome. It also doesn’t matter as much that you aren’t using SSL encryption since the VPN provides a layer of encryption.
Cool stuff!