Axel Knauf1d ago

I wanted to listen to my music collection from everywhere, so I've been setting up Navidrome behind my FreedomBox using Podman quadlets for systemd integration (all based on Debian Trixie). Here's how:

First I've installed Navidrome as Podman quadlet, based on the official docker compose installation manual:

Docs: https://www.navidrome.org/docs/installation/docker/

This is what my /etc/containers/systemd/navidrome.container looks like:

[Unit] Description=Navidrome Wants=network-online.target After=network-online.target [Container] Image=docker.io/deluan/navidrome:0.60.0 User=1001:119 UserNS=keep-id Environment=ND_ENABLEINSIGHTSCOLLECTOR=false Environment=ND_BASEURL=https://www.example.org/music/ Environment=ND_LASTFM_ENABLED=false Environment=ND_LISTENBRAINZ_ENABLED=false Environment=ND_ENABLECOVERANIMATION=false Volume=/home/navidrome/data:/data:rw,U,z Volume=/media/data/my-mp3-collection/:/music:ro,U,z PublishPort=127.0.0.1:4533:4533 [Service] TimeoutStartSec=900 Restart=always [Install] WantedBy=multi-user.target

Things to note:

  • I've pinned the version to not automatically pull latest but have control over upgrades.
  • User 1001:119 refers to a dedicated non-system user I've created with adduser navidrome --disabled-login which has a home directory to hold the data dir. 119 is the group my music collection folder belongs to. I'm automatically synchronizing it using syncthing, hence the differing GID.

After setting up this quadlet, I reloaded systemd config, started the container and checked the logs. It came up fine, scanning my library on first start:

sudo systemctl daemon-reload sudo systemctl start navidrome sudo journalctl -u navidrome -f

Afterwards I set up FreedomBox integration, so I can potentially re-use SSO and have Navidrome run on a URL path on the same domain. In order to do that I created a new Apache2 config /etc/apache2/conf-available/navidrome.conf:

<Location /music/> Include includes/freedombox-single-sign-on.conf <IfModule mod_auth_pubtkt.c> TKTAuthToken "admin" </IfModule> # allow websockets RewriteEngine On RewriteCond %{HTTP:Connection} Upgrade [NC] RewriteCond %{HTTP:Upgrade} =websocket [NC] RewriteRule /(.*) wss://127.0.0.1:4533/$1 [P,L] ProxyPass http://127.0.0.1:4533/music/ retry=1 ProxyPassReverse http://127.0.0.1:4533/music/ ProxyPreserveHost On </Location>

This config uses FreedomBox's SSO and enforces a user account with "admin" role. In addition, it enables WebSockets and proxies through to the Navidrome container on port 4533.

I enabled it and reloaded Apache:

sudo a2enconf navidrome sudo systemctl reload apache2

All of this done, I was able to open the Navidrome web UI on the configured path /music of my FreedomBox and set up a first admin account. Hooray!

Next up: Figure out how to enable Navidrome to use FreedomBox's SSO. The docs are straight-forward:

https://www.navidrome.org/docs/getting-started/extauth-quickstart/

And FreedomBoxs already sets a REMOTE_USER header. But I've not been able to make this work, yet. Inside the podman container, the proxy IP is reported as 10.88.0.1, but setting this and the header in my config did not work. I'll figure it out eventually and post an update. Happy selfhosting!

#FreedomBox #Navidrome #Selfhosting #Music

Installing with Docker

Using the official docker images with Docker and Docker Compose

Navidrome
Show threadavron1d ago
@yunohost @Khrys Je suis un non-pro, le mail marche très bien avec Freedombox (il suffit d'installer Debian avec l'option #Freedombox) et un VPN FDN, et je n'y connais absolument rien.
Chris Allegretta3d ago
I am going to do a writeup on the #Freedombox #Debian blend (I've inaccurately calling it a 'spin', heh) for my blog. It's been an interesting year+ with hosting and self-hosting. #Proxmox continues to dominate my personal and work installations.

I also want to do a write up about Netbird, but think I need to mess a little more with HeadScale and Nebula before that. VM backups (like X TB worth) to a server behind a restrictive FW seems to be the hardest part for these mesh/vpns to get and stay working reliably. But overall I already can't imagine my life without Netbird, it's so nice to have a GUI for private network allow/deny rules and just letting go of having to route everything through firewall port forwarding.
Show threadaspragg5d ago

@wakejagr I think the Debian-derived #FreedomBox is worth looking at for inspiration - not necessarily to install it (but you could?) but just to see which packages it has chosen to perform various selfhosting duties.

https://www.freedombox.org/

FreedomBox - Personal Server at Home

FreedomBox is a personal server running a free software operating system, with free applications designed to create and preserve personal privacy.

FreedomBox
FreedomBox5d ago

FreedomBox 26.3 has been released. Here are the highlights:

- ui: Use HTMX to eliminate full page reloads
- wireguard: Add ‘Start Server’ button to help with client setup

See the full list of changes:
https://discuss.freedombox.org/t/freedombox-26-3-released/4084

#FreedomBox #FreedomBoxRelease

FreedomBox 26.3 released

FreedomBox 26.3 has been released and uploaded to Debian unstable. Typically, the freedombox package will migrate to testing in 2 days, and then can be uploaded to stable-backports. Highlights of this release: ui: Use HTMX to eliminate full page reloads wireguard: Add ‘Start Server’ button to help with client setup Other changes in this release: debian: Follows policy 4.7.3 debian: Ignore lintian warning: service file missing Install section debian: Remove default Rules-Requires-Root debia...

FreedomBox Forum
Garrett LeSageFeb 1

Every year, for several years, people at #FOSDEM keep talking about #FreedomBox.

We probably need something that's even more super-simple to set up and maintain, "marketed" toward a more general audience (which puts emphasis on things non-computer-tech people care about).

It should be resilient too, like image-based and having easy installation of things on top (container-based so it's not mixed in with the main system).

It should be named by what services provide, not weird project names.

Show threadckoulJan 30

@thejikz I have tried a couple of other self hosting solutions (eg yunohost, Cosmos server) but find freedombox better suited for my needs.

I am having a very positive experience with it especially for non static IP cases, even when run on quite old Raspberry Pi hardware. #freedombox #selfHosting

thejikzJan 30

Freedombox, Debian. Does anyone have good, bad, or meh experience with this and security related genaral advice for home hosting over non static IP?
My next step is the fbox support forums, just nice to have a layer of first hand thoughts on something like this to boost confidence, or not. LOL

#askfedi #freedombox

Show threadAndreas Grupp  Jan 29

Danke @marco_m_aus_f für die Anregung. Da habe ich in der Schnelle gar nicht daran gedacht. Eine Mailcow ist für die meisten Lehrkräfte die das mal im Unterricht brauchen aber zu komplex aufzusetzen. Mir ist dann aber spontan die #Freedombox oder ein #Yunohost eingefallen. Den könnten sich Lehrkräfte auf einen Raspi installieren und mit in den Unterricht nehmen.

@dreamchipper

Show threadFossmanJan 28

@organicmaps Soverign computing needs to be made easier. Many awesome projects are working hard for this and I wish them all success: @realdrdoug, @yunohost, @freedomboxfndn, @npub126ntw5mnermmj0znhjhgdk8lh2af72sm8qfzq48umdlnhaj9kuns3le9ll

#selfhosting #sovereigncomputing #datasovereignity #selfhosted #SelfHost #start9 #yunohost #freedombox #HomeServerHQ