BernCarney
9/27/2017 - 11:14 PM

FreeNAS 11 - Jails setup for Plex, NGINX, PlexPy, Sonarr, Radarr, Jackett, Ombi, and Nzbget

FreeNAS 11 - Jails setup for Plex, NGINX, PlexPy, Sonarr, Radarr, Jackett, Ombi, and Nzbget

FreeNAS11 Media Stack.md
content_copyfile_download
  • Rendered
  • Source

FreeNAS 11 Jails setup for Plex, PlexPy, Sonarr, Radarr, Jackett, NZBGet, and Ombi

Datasets

Create (1) Unix dataset to store your media content (possibly 2 if you want to seperate torrents) Create (1) parent Unix dataset named apps and a child dataset of apps for each app installed (7 in my case). Configs will be stored here.

Dataset permissions pw groupadd -n MAINGROUP -g GID chown -R :MAINGROUP /mnt/MAINDATASET/NEWDATASET chmod -R 770 /mnt/MAINDATASET/NEWDATASET

Jail permissions pw groupadd -n MAINGROUP -g GID pw groupmod MAINGROUP -m USER

DATASETS [MD=main dataset] [JD=jail dataset]
|
|_ /mnt/[MD]
|   |
|   |_ /mnt/[MD]/video
|
|
|
|_ /mnt/[JD]
    |
    |_ /mnt/[JD]/apps
        |
        |_ /mnt/[JD]/apps/plex
        |_ /mnt/[JD]/apps/plexpy
        |_ /mnt/[JD]/apps/sonarr
        |_ /mnt/[JD]/apps/radarr
        |_ /mnt/[JD]/apps/jackett
        |_ /mnt/[JD]/apps/nzbget
        |_ /mnt/[JD]/apps/ombi

Plex

IP=192.168.0.208 Default Port=32400 plex:plex UID=972

HOST                    JAIL
/mnt/[MD]/video         /mnt/video (read only)
/mnt/[MD]/apps/plex     /usr/local/plexdata

Install pkg upgrade pkg install nano plexmediaserver

Setup group permissions pw groupadd -n MAINGROUP -g GID pw groupmod MAINGROUP -m plex

Enable service and start it sysrc "plexmediaserver_enable=YES" service plexmediaserver start

Available at http://IP:Port/web

PlexPy

IP=192.168.0.209 Default Port=8181 plexpy:plexpy UID=500

    HOST                                            JAIL
    /mnt/[MD]/apps/plex/Plex Media Server/logs      /plexlogs (read only)
    /mnt/[MD]/apps/plexpy                           /config

Install Dependancies pkg upgrade pkg install nano python2 databases/py-sqlite3 security/py-openssl security/ca_root_nss git

Install Plexpy cd /usr/local/share/ git clone https://github.com/JonnyWong16/plexpy.git

Create a user for Plexpy to run as, pw user add plexpy -c plexpy -u 500 -d /nonexistent -s /usr/bin/nologin

Create group for main dataset permissions pw groupadd -n MAINGROUP -g GID pw groupmod MAINGROUP -m plexpy

Make the Plexpy applications directorys owned by the plexpy user chown -R plexpy:plexpy /usr/local/share/plexpy chown -R plexpy:plexpy /config

Copy the rc script and enable the plexpy service using /config directory for its application data. cp /usr/local/share/plexpy/init-scripts/init.freenas /usr/local/etc/rc.d/plexpy chmod u+x /usr/local/etc/rc.d/plexpy

Enable the service and start plexpy sysrc "plexpy_enable=YES" sysrc "plexpy_flags=--datadir /config" service plexpy start

Available at http://IP:Port

Radarr

IP=192.168.0.210 Default Port=7878 radarr:radarr UID=501

    HOST                    JAIL
    /mnt/[MD]/video        /mnt/video
    /mnt/[JD]/apps/radarr  /config

Install Dependancies pkg upgrade pkg install nano mono mediainfo sqlite3

Link Mono to /usr/bin/mono so Radarr can update properly on its own with its built in update functionality ln -s /usr/local/bin/mono /usr/bin/mono

Install Radarr and update once running cd /usr/local/share fetch https://github.com/Radarr/Radarr/releases/download/v0.2.0.852/Radarr.develop.0.2.0.852.linux.tar.gz tar -xzvf Radarr.*.linux.tar.gz rm Radarr.*.linux.tar.gz

Create a user for Radarr to run as pw user add radarr -c radarr -u 501 -d /nonexistent -s /usr/bin/nologin

Create group for main dataset permissions pw groupadd -n MAINGROUP -g GID pw groupmod MAINGROUP -m radarr

Make Radarr the owner the Radarr files chown -R radarr:radarr /usr/local/share/Radarr chown -R radarr:radarr /config

Create an rc file for radarr using your favorite editor at /usr/local/etc/rc.d/radarr

#!/bin/sh
# $FreeBSD$
#
# PROVIDE: radarr
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
# to enable this service:
#
# radarr_enable:    Set to YES to enable radarr
#            Default: NO
# radarr_user:    The user account used to run the radarr daemon.
#            This is optional, however do not specifically set this to an
#            empty string as this will cause the daemon to run as root.
#            Default: media
# radarr_group:    The group account used to run the radarr daemon.
#            This is optional, however do not specifically set this to an
#            empty string as this will cause the daemon to run with group wheel.
#            Default: media
# radarr_data_dir:    Directory where radarr configuration
#            data is stored.
#            Default: /var/db/radarr
. /etc/rc.subr
name=radarr
rcvar=${name}_enable
load_rc_config $name

: ${radarr_enable:="NO"}
: ${radarr_user:="radarr"}
: ${radarr_group:="radarr"}
: ${radarr_data_dir:="/config"}

pidfile="${radarr_data_dir}/nzbdrone.pid"
command="/usr/sbin/daemon"
procname="/usr/local/bin/mono"
command_args="-f ${procname} /usr/local/share/Radarr/Radarr.exe --data=${radarr_data_dir} --nobrowser"

start_precmd=radarr_precmd
radarr_precmd() {
    if [ ! -d ${radarr_data_dir} ]; then
    install -d -o ${radarr_user} -g ${radarr_group} ${radarr_data_dir}
    fi
    
    export XDG_CONFIG_HOME=${radarr_data_dir}
}

run_rc_command "$1"

Make the rcfile executable and enable the service chmod u+x /usr/local/etc/rc.d/radarr sysrc "radarr_enable=YES" service radarr start

Available at http://IP:Port

Sonarr

IP=192.168.0.211 Default Port=8989 sonarr:sonarr 502

    Host                    Jail
    /mnt/[MD]/video         /mnt/video
    /mnt/[JD]/apps/sonarr   /config

Install Dependancies pkg upgrade pkg install nano mono mediainfo sqlite3

Link Mono to /usr/bin/mono so Sonarr can update properly on its own with its built in update functionality ln -s /usr/local/bin/mono /usr/bin/mono

Install Sonarr and update once running cd /usr/local/share fetch http://download.sonarr.tv/v2/master/mono/NzbDrone.master.tar.gz tar -xzvf NzbDrone.master.tar.gz rm NzbDrone.master.tar.gz

Create a user for Sonarr to run as pw user add sonarr -c sonarr -u 502 -d /nonexistent -s /usr/bin/nologin

Create group for main dataset permissions pw groupadd -n MAINGROUP -g GID pw groupmod MAINGROUP -m sonarr

Make Sonarr the owner the Sonarr files chown -R sonarr:sonarr /usr/local/share/NzbDrone chown -R sonarr:sonarr /config

Create an rc file for sonarr using your favorite editor at /usr/local/etc/rc.d/sonarr

#!/bin/sh
# $FreeBSD$
#
# PROVIDE: sonarr
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
# to enable this service:
#
# sonarr_enable:    Set to YES to enable sonarr
#            Default: NO
# sonarr_user:    The user account used to run the sonarr daemon.
#            This is optional, however do not specifically set this to an
#            empty string as this will cause the daemon to run as root.
#            Default: media
# sonarr_group:    The group account used to run the sonarr daemon.
#            This is optional, however do not specifically set this to an
#            empty string as this will cause the daemon to run with group wheel.
#            Default: media
# sonarr_data_dir:    Directory where sonarr configuration
#            data is stored.
#            Default: /var/db/sonarr
. /etc/rc.subr
name=sonarr
rcvar=${name}_enable
load_rc_config $name

: ${sonarr_enable:="NO"}
: ${sonarr_user:="sonarr"}
: ${sonarr_group:="sonarr"}
: ${sonarr_data_dir:="/config"}

pidfile="${sonarr_data_dir}/nzbdrone.pid"
command="/usr/sbin/daemon"
procname="/usr/local/bin/mono"
command_args="-f ${procname} /usr/local/share/NzbDrone/NzbDrone.exe --data=${sonarr_data_dir} --nobrowser"

start_precmd=sonarr_precmd
sonarr_precmd() {
    if [ ! -d ${sonarr_data_dir} ]; then
    install -d -o ${sonarr_user} -g ${sonarr_group} ${sonarr_data_dir}
    fi
    
    export XDG_CONFIG_HOME=${sonarr_data_dir}
}

run_rc_command "$1"

Make the rcfile executable and enable the service chmod u+x /usr/local/etc/rc.d/sonarr sysrc "sonarr_enable=YES" service sonarr start

Available at http://IP:Port

Jackett

IP=192.168.0.212 Default Port=9117 jackett:jackett UID=503

    Host                        Jail
    /mnt/tank1/apps/jackett     /config

Install Dependancies pkg upgrade pkg install nano mono mediainfo sqlite3

Link Mono to /usr/bin/mono so Jackett can update properly on its own ln -s /usr/local/bin/mono /usr/bin/mono

Install Jackett and update once running cd /usr/local/share fetch https://github.com/Jackett/Jackett/releases/download/v0.8.225/Jackett.Binaries.Mono.tar.gz tar -xzvf Jackett.Binaries.Mono.tar.gz rm Jackett.Binaries.Mono.tar.gz

Create a user for Jackett to run as, pw user add jackett -c jackett -u 503 -d /nonexistent -s /usr/bin/nologin

Create group for main dataset permissions pw groupadd -n MAINGROUP -g GID pw groupmod MAINGROUP -m jackett

Make Jackett the owner the Jackett files chown -R jackett:jackett /usr/local/share/Jackett chown -R jackett:jackett /config

Create an rc file for jackett using your favorite editor at /usr/local/etc/rc.d/jackett

#!/bin/sh
# $FreeBSD$
#
# PROVIDE: jackett
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
# to enable this service:
#
# jackett_enable:    Set to YES to enable jackett
#            Default: NO
# jackett_user:    The user account used to run the jackett daemon.
#            This is optional, however do not specifically set this to an
#            empty string as this will cause the daemon to run as root.
#            Default: media
# jackett_group:    The group account used to run the jackett daemon.
#            This is optional, however do not specifically set this to an
#            empty string as this will cause the daemon to run with group wheel.
#            Default: media
# jackett_data_dir:    Directory where jackett configuration
#            data is stored.
#            Default: /var/db/jackett
. /etc/rc.subr
name=jackett
rcvar=${name}_enable
load_rc_config $name

: ${jackett_enable:="NO"}
: ${jackett_user:="jackett"}
: ${jackett_group:="jackett"}
: ${jackett_data_dir:="/config"}

pidfile="${jackett_data_dir}/jackett.pid"
command="/usr/sbin/daemon"
procname="/usr/local/bin/mono"
command_args="-f ${procname} /usr/local/share/Jackett/JackettConsole.exe -d ${jackett_data_dir}"

start_precmd=jackett_precmd
jackett_precmd() {
    if [ ! -d ${jackett_data_dir} ]; then
    install -d -o ${jackett_user} -g ${jackett_group} ${jackett_data_dir}
    fi
    
    export XDG_CONFIG_HOME=${jackett_data_dir}
}

run_rc_command "$1"

Make the rcfile executable and enable the service chmod u+x /usr/local/etc/rc.d/jackett sysrc "jackett_enable=YES" service jackett start

Available at http://IP:Port

NZBGet

IP=192.168.0.213 Default Port=6789 nzbget:nzbget UID=504

    Host                    Jail
    /mnt/[MD]/video         /mnt/video
    /mnt/[JD]/apps/nzbget   /config

Install QoL editor and nzbget pkg upgrade pkg install nano nzbget

Link config files to /config: ln -s /usr/local/etc/nzbget.conf /config/nzbget.conf ln -s /usr/local/share/nzbget/scripts /config/scripts

Link Python environment so scripts can work. Alternatively you can edit scripts with the correct path at the top (ie: #!/usr/local/bin python) ln -s /usr/local/bin/python2.7 /usr/bin/python ln -s /usr/local/bin/python2.7 /usr/bin/python2

Update nzbget.conf file (you can configure everything here or just what's below)

MainDir=/mnt/downloads
WebDir=/usr/local/share/nzbget/webui
ScriptDir=/config/scripts
LockFile=/config/nzbget.lock
ConfigTemplate=/usr/local/share/nzbget/nzbget.conf
CertStore=/etc/ssl/cert.pem
ControlUsername=[admin user]
ControlPassword=[admin password]
CertCheck=yes 
LogFile=/config/nzbget.log
DaemonUsername=nzbget
UMask=0002 #if needed

Create a user for NZBGet to run as, pw user add nzbget -c nzbget -u 504 -d /nonexistent -s /usr/bin/nologin

Create group for main dataset permissions pw groupadd -n MAINGROUP -g GID pw groupmod MAINGROUP -m nzbget

Make NZBGet the owner the NZBGet files chown -R nzbget:nzbget /usr/local/share/nzbget chown -R nzbget:nzbget /config

Enable and start nzbget sysrc "nzbget_enable=YES" service nzbget start

If you haven't setup group write permissions on your video dataset yet you'll get some errors here but they are just saying folders can't be created. You can still check that the webui works and update permissions after.

At the time of writing this guide (2017-09-29) there was a bug in the default scripts included with NZBGet that would cause them to error out if you had special characters in your user_password. I put in a pull request (#453). If you have this problem, change the following in the default scripts:

# Add to other import statements at the top
from urllib2 import quote

# Change
rpcUrl = 'http://%s:%s@%s:%s/xmlrpc' % (username, quotepassword, host, port);

# To
rpcUrl = 'http://%s:%s@%s:%s/xmlrpc' % (quote(username), quote(password), host, port);

Available at http://IP:Port default_user:nzbget, default_password:tegbzn6789

Ombi

IP=192.168.0.214 Default Port=3579 ombi:ombi UID=505

    Host                    Jail
    /mnt/[JD]/apps/ombi     /config

Install Dependancies pkg upgrade pkg install nano mono ca_root_nss unzip sqlite3

Link Mono to /usr/bin/mono ln -s /usr/local/bin/mono /usr/bin/mono

Fetch Ombi and copy files to final location fetch -o /tmp https://ci.appveyor.com/api/buildjobs/bpbd7olow6ipl745/artifacts/Ombi.zip mkdir -p /usr/local/bin/ombi unzip -d /tmp /tmp/Ombi.zip mv /tmp/Release/* /usr/local/bin/ombi/ rm -r /tmp/Release/ /tmp/Ombi.zip

Create an empty sqlite db in the /config folder and a Backups folder sqlite3 /config/Ombi.sqlite "create table aTable(field1 int); drop table aTable;" mkdir -p /config/Backups

Link the config files to Ombi folder ln -s /config/Ombi.sqlite /usr/local/bin/ombi/Ombi.sqlite ln -s /config/Backups /usr/local/bin/ombi/Backups

Create a user for Ombi to run as pw useradd ombi -d /nonexistent -s /usr/bin/nologin -c "ombi service account" -u 505

Create group for main dataset permissions pw groupadd -n MAINGROUP -g GID pw groupmod MAINGROUP -m ombi

Make ombi the owner of the application files chown -R ombi:ombi /usr/local/bin/ombi chown -R ombi:ombi /config

Create an rc file for ombi using your favorite editor at /usr/local/etc/rc.d/ombi

#!/bin/sh
#
# $FreeBSD$
#
# PROVIDE: ombi
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
# to enable this service:
#
# ombi_enable (bool):        Set to NO by default.
#                       Set it to YES to enable it.
# ombi_user:         The user account ombi daemon runs as what
#                       you want it to be. It uses 'ombi' user by
#                       default. Do not sets it as empty or it will run
#                       as root.
# ombi_group:        The group account ombi daemon runs as what
#                       you want it to be. It uses 'ombi' group by
#                       default. Do not sets it as empty or it will run
#                       as wheel.
# ombi_data_dir:    Directory where ombi configuration
#            data is stored.
#            Default: /usr/local/bin/ombi

. /etc/rc.subr

name=ombi
rcvar=ombi_enable
load_rc_config ${name}

: ${ombi_enable:=NO}
: ${ombi_user:=ombi}
: ${ombi_group:=ombi}
: ${ombi_data_dir:="/config"}

procname="/usr/local/bin/mono"
command="/usr/sbin/daemon"
command_args="-f ${procname} /usr/local/bin/ombi/Ombi.exe"

start_precmd=ombi_precmd
ombi_precmd() {
    if [ ! -d ${ombi_data_dir} ]; 
    then install -d -o ${ombi_user} -g ${ombi_group} ${ombi_data_dir}
    fi
    export XDG_CONFIG_HOME=${ombi_data_dir}
}

run_rc_command "$1"

Make the rcfile executable and enable the service chmod u+x /usr/local/etc/rc.d/ombi sysrc "ombi_enable=YES" service ombi start

Available at http://IP:Port