Hi all! First post and first experience with TrueNAS
I’m tinkering with Electric Eel RC2 before committing to a reliable home server once 24.10 is out!
I’m encountering some problems I can’t quite fully understand with some apps, particularly Jellyfin
I’ll narrate the whole process so that anyone who wants to help can have the most amount of information, so I thank in advance the poor souls who will bear with this topic!
TL;DR
The Jellyfin app in the “community” train has some problem with permissions, ffmpeg specifically, what can I do to solve it?
Useful context info:
- Current Train: TrueNAS-ElectricEel-RC - TrueNAS ElectricEel 24.10 RC
- Encrypted Pool: no
- Jellyfin App version: 10.9.11
This is my main dataset:
As you can see, I have a /data/media
folder (that I want Jellyfin to access in order to retrieve the media) and I set the permissions to share some test media through SMB (Mask + custom group called “smb_users”)
I have also created the folder structure app_configs/jellyfin/cache
and app_configs/jellyfin/config
to use intead of ixVolumes
Below is the Jellyfin configuration through the standard Apps:
application name: jellyfin (default)
version: 1.0.25 (default)
Timezone: Europe/Rome
UID:568 (default)
GID:568 (default)
port: 30013 (default)
config storage: host path @/mnt/pippin/app_configs/jellyfin/config
cache storage: host path @/mnt/pippin/app_configs/jellyfin/cache
transcode storage: temporary
additional storage: host path @/mnt/pippin/data/media
:/media
With the configuration above, the app is stuck in a deploying cycle where the containers start and exit.
The log I found from the jellyfin container is the following: Unhandled exception. System.UnauthorizedAccessException: Access to the path '/config/log' is denied.
First batch of questions: if 568:568 is the built-in uid:gid apps
, why is it throwing an error about permissions?
From what I understood, the apps uid:gid should fulfill the necessary permissions to run the apps without using the root user. Am I supposed to run Jellyfin as a root user? (it didn’t require it for other apps, e.g. Dockge, NPM or Tailscale)
One thing I noticed is in the “Application Metadata” pane in the “Apps” dashboard
From what I can understand, the container is expecting to run as a uid:gid
jellyfin
even though that uid:gid is reserved for “apps”, maybe that’s the issue? Some conflict with permissions?
So I manually set an ACL for the /mnt/pippin/app_configs/jellyfin
dataset to explicitly allow the apps
group to r, w & x. Here’s a screenshot of the ACL (started from a restricted preset).
I noticed that the child datasets have the ACL preset without my additions (maybe a bug?), but that’s just a side problem, I manually set the ACL to be as above for the child datasets AND the
/mnt/pippin/data/media
folder, just to be absolutely sure that jellyfin can access all the necessary folders.
Now the jellyfin container works! Odd, but it works!
I set up the initial configuration of Jellyfin using default parameters: I only created a movie library from the /media folder I enabled from “additional storage”.
Jellyfin scans the folder correctly, I have Big Buck Bunny ready and…
Fatal player error! Come on!!
So I check the logs and I find this error:
Now what?
I tried to find some solution here, the old TrueNas forum and the Jellyfin forum, but most certainly I’m missing something
It’s the second try I do in the last few days, I erased the pool and started from a fresh install just to get stuck at the same point.
How can I edit permissions inside a container for a specific program (in this case, ffmpeg)? if I cat /etc/passwd
I don’t see the a user that can lead to ffmpeg.
I could deploy a custom app or a new stack using Dockge, but I would like to use the “official” way if I can.
If you need more information, please let me know! I’m happy to share (and learn from my mistakes!)