Resource icon

FN11.3 iocage jails - Plex, Tautulli, Sonarr, Radarr, Lidarr, Jackett, Transmission, Organizr

I try to check this thread about every 2 weeks but I will not respond to PMs for support. Please post in the thread so other people also assist.

Like a number of people who may be in the same case I was in, I had gone to Corral for Docker Support. While these applications worked well in Corral as docker containers with datasets shared via 9PFS. I found coming back to FreeNAS 11 some of the applications such as Transmission and Plex began to choke and lockup with the same datasets shared under NFS in Docker containers running under Rancher.

I decided I'd migrate all of my applications back to Jails as I had them before Corral as I found them easier to manage and less resource intensive on the system. When I did that I made detailed notes on how to setup each application's base install from scratch. I figured I'd try to give back to the community a bit and share the steps for each application.

This should help guide you to getting these apps installed however I don't have specifics on settings for each as it may vary based on your usage requirements. Most of these apps have their own forums, github repos, etc, where you can get help for each application on its own.

This setup assumes you have a video dataset, a torrent dataset and apps dataset that has a dataset under it for each application's configuration files owned by the user that it will run as.

Determining the best choice for permissions for the video and torrents dataset is up to you to decide based on your setup. I highly recommend reading this post to get a better idea on the numerous ways permissions can be done in jails to best fit your needs.

Having the apps dataset and datasets under it made for easy snapshots of just the application config data and easy reinstalls of jails as to import data you would just need to mount the /config directory back into the new jail.

If anyone would like to see any changes let me know and I'll be happy to make them. If you find an issue with anything please make a post in the discussion thread for this resource.

For any jail below that has commands for iocage all commands should be run from the FreeNAS host. On the iocage create command for each jail you MUST replace <IP>,<MASK>,<GATEWAY> with the correct values for your setup.

Example:
iocage create -n "jailname" -p /tmp/pkg.json -r 11.2-RELEASE ip4_addr="vnet0|192.168.1.100/24" defaultrouter="192.168.1.1" vnet="on" allow_raw_sockets="1" boot="on"

------------------------
Plex
There are 2 sets of directions below based on if you require the plexpass version or not. Personally I mount the video filesystem as readonly inside the plex jail as I don't need to be able to delete media from inside plex as it is managed through other applications.

Non Plexpass:
echo '{"pkgs":["plexmediaserver","ca_root_nss"]}' > /tmp/pkg.json
iocage create -n "plex" -p /tmp/pkg.json -r 11.2-RELEASE ip4_addr="vnet0|<IP>/<MASK>" defaultrouter="<GATEWAY>" vnet="on" allow_raw_sockets="1" boot="on"
rm /tmp/pkg.json
iocage exec plex mkdir -p /config
iocage exec plex mkdir -p /mnt/video
iocage fstab -a plex /mnt/tank1/apps/plex /config nullfs rw 0 0
iocage fstab -a plex /mnt/tank1/video /mnt/video nullfs ro 0 0
iocage exec plex chown -R plex:plex /config
iocage exec plex sysrc "plexmediaserver_enable=YES"
iocage exec plex sysrc plexmediaserver_support_path="/config"
iocage exec plex service plexmediaserver start


Plexpass:
echo '{"pkgs":["plexmediaserver-plexpass","ca_root_nss"]}' > /tmp/pkg.json
iocage create -n "plex" -p /tmp/pkg.json -r 11.2-RELEASE ip4_addr="vnet0|<IP>/<MASK>" defaultrouter="<GATEWAY>" vnet="on" allow_raw_sockets="1" boot="on"
rm /tmp/pkg.json
iocage exec plex mkdir -p /config
iocage exec plex mkdir -p /mnt/video
iocage fstab -a plex /mnt/tank1/apps/plex /config nullfs rw 0 0
iocage fstab -a plex /mnt/tank1/video /mnt/video nullfs ro 0 0
iocage exec plex chown -R plex:plex /config
iocage exec plex sysrc "plexmediaserver_plexpass_enable=YES"
iocage exec plex sysrc plexmediaserver_plexpass_support_path="/config"
iocage exec plex service plexmediaserver_plexpass start


If you would like to change to the latest repo to get faster updates to Plex than every month or so you can do that by creating the following file.
iocage exec plex "mkdir -p /usr/local/etc/pkg/repos"
iocage exec plex "vi /usr/local/etc/pkg/repos/FreeBSD.conf"

Code:
FreeBSD: {
    url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest"
}

Plex should then be avaible at http://<JailIP>:32400/web
------------------------
Tautulli
echo '{"pkgs":["python2","py27-sqlite3","py27-openssl","ca_root_nss","git"]}' > /tmp/pkg.json
iocage create -n "tautulli" -p /tmp/pkg.json -r 11.2-RELEASE ip4_addr="vnet0|<IP>/<MASK>" defaultrouter="<GATEWAY>" vnet="on" allow_raw_sockets="1" boot="on"
rm /tmp/pkg.json
iocage exec tautulli mkdir -p /config
iocage fstab -a tautulli /mnt/tank1/apps/tautulli /config nullfs rw 0 0
iocage exec tautulli git clone https://github.com/Tautulli/Tautulli.git /usr/local/share/Tautulli
iocage exec tautulli "pw user add tautulli -c tautulli -u 109 -d /nonexistent -s /usr/bin/nologin"
iocage exec tautulli chown -R tautulli:tautulli /usr/local/share/Tautulli /config
iocage exec tautulli cp /usr/local/share/Tautulli/init-scripts/init.freenas /usr/local/etc/rc.d/tautulli
iocage exec tautulli chmod u+x /usr/local/etc/rc.d/tautulli
iocage exec tautulli sysrc "tautulli_enable=YES"
iocage exec tautulli sysrc "tautulli_flags=--datadir /config"
iocage exec tautulli service tautulli start


Tautulli should then be available at http://<JailIP>:8181
------------------------
Radarr
echo '{"pkgs":["mono","mediainfo","sqlite3","ca_root_nss","curl"]}' > /tmp/pkg.json
iocage create -n "radarr" -p /tmp/pkg.json -r 11.2-RELEASE ip4_addr="vnet0|<IP>/<MASK>" defaultrouter="<GATEWAY>" vnet="on" allow_raw_sockets="1" boot="on"
rm /tmp/pkg.json
iocage exec radarr mkdir -p /config
iocage exec radarr mkdir -p /mnt/video
iocage exec radarr mkdir -p /mnt/torrents
iocage fstab -a radarr /mnt/tank1/apps/radarr /config nullfs rw 0 0
iocage fstab -a radarr /mnt/tank1/torrents /mnt/torrents nullfs rw 0 0
iocage fstab -a radarr /mnt/tank1/video /mnt/video nullfs rw 0 0
iocage exec radarr ln -s /usr/local/bin/mono /usr/bin/mono
iocage exec radarr "fetch https://github.com/Radarr/Radarr/releases/download/v0.2.0.995/Radarr.develop.0.2.0.995.linux.tar.gz -o /usr/local/share"
iocage exec radarr "tar -xzvf /usr/local/share/Radarr.*.linux.tar.gz -C /usr/local/share"
iocage exec radarr rm /usr/local/share/Radarr.*.linux.tar.gz
iocage exec radarr "pw user add radarr -c radarr -u 352 -d /nonexistent -s /usr/bin/nologin"
iocage exec radarr chown -R radarr:radarr /usr/local/share/Radarr /config
iocage exec radarr mkdir /usr/local/etc/rc.d


Create an rc file for radarr using your favorite editor at /mnt/iocage/jails/radarr/root/usr/local/etc/rc.d/radarr
#!/bin/sh

# $FreeBSD$
#
# PROVIDE: radarr
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
# to enable this service:
#
# radarr_enable: Set to YES to enable radarr
# Default: NO
# radarr_user: The user account used to run the radarr daemon.
# This is optional, however do not specifically set this to an
# empty string as this will cause the daemon to run as root.
# Default: media
# radarr_group: The group account used to run the radarr daemon.
# This is optional, however do not specifically set this to an
# empty string as this will cause the daemon to run with group wheel.
# Default: media
# radarr_data_dir: Directory where radarr configuration
# data is stored.
# Default: /var/db/radarr

. /etc/rc.subr
name=radarr
rcvar=${name}_enable
load_rc_config $name

: ${radarr_enable:="NO"}
: ${radarr_user:="radarr"}
: ${radarr_group:="radarr"}
: ${radarr_data_dir:="/config"}

pidfile="${radarr_data_dir}/nzbdrone.pid"
command="/usr/sbin/daemon"
procname="/usr/local/bin/mono"
command_args="-f ${procname} /usr/local/share/Radarr/Radarr.exe --data=${radarr_data_dir} --nobrowser"

start_precmd=radarr_precmd
radarr_precmd() {
if [ ! -d ${radarr_data_dir} ]; then
install -d -o ${radarr_user} -g ${radarr_group} ${radarr_data_dir}
fi

export XDG_CONFIG_HOME=${radarr_data_dir}
}

run_rc_command "$1"

iocage exec radarr chmod u+x /usr/local/etc/rc.d/radarr
iocage exec radarr sysrc "radarr_enable=YES"
iocage exec radarr service radarr start


Radarr should be available at http://<JailIP>:7878
------------------------
Sonarr
echo '{"pkgs":["mono","mediainfo","sqlite3","ca_root_nss","curl"]}' > /tmp/pkg.json
iocage create -n "sonarr" -p /tmp/pkg.json -r 11.2-RELEASE ip4_addr="vnet0|<IP>/<MASK>" defaultrouter="<GATEWAY>" vnet="on" allow_raw_sockets="1" boot="on"
rm /tmp/pkg.json
iocage exec sonarr mkdir -p /config
iocage exec sonarr mkdir -p /mnt/video
iocage exec sonarr mkdir -p /mnt/torrents
iocage fstab -a sonarr /mnt/tank1/apps/sonarr /config nullfs rw 0 0
iocage fstab -a sonarr /mnt/tank1/torrents /mnt/torrents nullfs rw 0 0
iocage fstab -a sonarr /mnt/tank1/video /mnt/video nullfs rw 0 0
iocage exec sonarr ln -s /usr/local/bin/mono /usr/bin/mono
iocage exec sonarr "fetch http://download.sonarr.tv/v2/master/mono/NzbDrone.master.tar.gz -o /usr/local/share"
iocage exec sonarr "tar -xzvf /usr/local/share/NzbDrone.master.tar.gz -C /usr/local/share"
iocage exec sonarr rm /usr/local/share/NzbDrone.master.tar.gz
iocage exec sonarr "pw user add sonarr -c sonarr -u 351 -d /nonexistent -s /usr/bin/nologin"
iocage exec sonarr chown -R sonarr:sonarr /usr/local/share/NzbDrone /config
iocage exec sonarr mkdir /usr/local/etc/rc.d


Create an rc file for radarr using your favorite editor at /mnt/iocage/jails/sonarr/root/usr/local/etc/rc.d/sonarr
#!/bin/sh

# $FreeBSD$
#
# PROVIDE: sonarr
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
# to enable this service:
#
# sonarr_enable: Set to YES to enable sonarr
# Default: NO
# sonarr_user: The user account used to run the sonarr daemon.
# This is optional, however do not specifically set this to an
# empty string as this will cause the daemon to run as root.
# Default: media
# sonarr_group: The group account used to run the sonarr daemon.
# This is optional, however do not specifically set this to an
# empty string as this will cause the daemon to run with group wheel.
# Default: media
# sonarr_data_dir: Directory where sonarr configuration
# data is stored.
# Default: /var/db/sonarr

. /etc/rc.subr
name=sonarr
rcvar=${name}_enable
load_rc_config $name

: ${sonarr_enable:="NO"}
: ${sonarr_user:="sonarr"}
: ${sonarr_group:="sonarr"}
: ${sonarr_data_dir:="/config"}

pidfile="${sonarr_data_dir}/nzbdrone.pid"
command="/usr/sbin/daemon"
procname="/usr/local/bin/mono"
command_args="-f ${procname} /usr/local/share/NzbDrone/NzbDrone.exe --data=${sonarr_data_dir} --nobrowser"

start_precmd=sonarr_precmd
sonarr_precmd() {
if [ ! -d ${sonarr_data_dir} ]; then
install -d -o ${sonarr_user} -g ${sonarr_group} ${sonarr_data_dir}
fi

export XDG_CONFIG_HOME=${sonarr_data_dir}
}

run_rc_command "$1"

iocage exec sonarr chmod u+x /usr/local/etc/rc.d/sonarr
iocage exec sonarr sysrc "sonarr_enable=YES"
iocage exec sonarr service sonarr start


Sonarr should be available at http://<JailIP>:8989
------------------------
Lidarr
echo '{"pkgs":["mono","mediainfo","sqlite3","ca_root_nss","curl","chromaprint"]}' > /tmp/pkg.json
iocage create -n "lidarr" -p /tmp/pkg.json -r 11.2-RELEASE ip4_addr="vnet0|<IP>/<MASK>" defaultrouter="<GATEWAY>" vnet="on" allow_raw_sockets="1" boot="on"
rm /tmp/pkg.json
iocage exec lidarr mkdir -p /config
iocage exec lidarr mkdir -p /mnt/music
iocage exec lidarr mkdir -p /mnt/torrents
iocage fstab -a lidarr /mnt/tank1/apps/lidarr /config nullfs rw 0 0
iocage fstab -a lidarr /mnt/tank1/torrents /mnt/torrents nullfs rw 0 0
iocage fstab -a lidarr /mnt/tank1/music /mnt/music nullfs rw 0 0
iocage exec lidarr ln -s /usr/local/bin/mono /usr/bin/mono
iocage exec lidarr "fetch https://github.com/lidarr/Lidarr/releases/download/v0.2.0.371/Lidarr.develop.0.2.0.371.linux.tar.gz -o /usr/local/share"
iocage exec lidarr "tar -xzvf /usr/local/share/Lidarr.develop.*.linux.tar.gz -C /usr/local/share"
iocage exec lidarr "rm /usr/local/share/Lidarr.*.tar.gz"
iocage exec lidarr "pw user add lidarr -c lidarr -u 353 -d /nonexistent -s /usr/bin/nologin"
iocage exec lidarr chown -R lidarr:lidarr /usr/local/share/Lidarr /config
iocage exec lidarr mkdir /usr/local/etc/rc.d


Create an rc file for radarr using your favorite editor at /mnt/iocage/jails/lidarr/root/usr/local/etc/rc.d/lidarr
#!/bin/sh

# $FreeBSD$
#
# PROVIDE: lidarr
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf to enable lidarr:
# lidarr_enable="YES"

. /etc/rc.subr
name=lidarr
rcvar=${name}_enable
load_rc_config $name

: ${lidarr_enable="NO"}
: ${lidarr_user:="lidarr"}
: ${lidarr_group:="lidarr"}
: ${lidarr_data_dir:="/config"}

pidfile="${lidarr_data_dir}/lidarr.pid"
command="/usr/sbin/daemon"
procname="/usr/local/bin/mono"
command_args="-f ${procname} /usr/local/share/Lidarr/Lidarr.exe -- data=${lidarr_data_dir} --nobrowser"

start_precmd=lidarr_precmd
lidarr_precmd() {
if [ ! -d ${lidarr_data_dir} ]; then
install -d -o ${lidarr_user} -g ${lidarr_group} ${lidarr_data_dir}
fi

export XDG_CONFIG_HOME=${lidarr_data_dir}
}

run_rc_command "$1"

iocage exec lidarr chmod u+x /usr/local/etc/rc.d/lidarr
iocage exec lidarr sysrc "lidarr_enable=YES"
iocage exec lidarr service lidarr start


Lidarr should be available at http://<JailIP>:8686
------------------------
Jackett
echo '{"pkgs":["mono","curl","ca_root_nss"]}' > /tmp/pkg.json
iocage create -n "jackett" -p /tmp/pkg.json -r 11.2-RELEASE ip4_addr="vnet0|<IP>/<MASK>" defaultrouter="<GATEWAY>" vnet="on" allow_raw_sockets="1" boot="on"
rm /tmp/pkg.json
iocage exec jackett mkdir -p /config
iocage fstab -a jackett /mnt/tank1/apps/jackett /config nullfs rw 0 0
iocage exec jackett ln -s /usr/local/bin/mono /usr/bin/mono
iocage exec jackett "fetch https://github.com/Jackett/Jackett/releases/download/v0.11.502/Jackett.Binaries.Mono.tar.gz -o /usr/local/share"
iocage exec jackett "tar -xzvf /usr/local/share/Jackett.Binaries.Mono.tar.gz -C /usr/local/share"
iocage exec jackett rm /usr/local/share/Jackett.Binaries.Mono.tar.gz
iocage exec jackett "pw user add jackett -c jackett -u 818 -d /nonexistent -s /usr/bin/nologin"
iocage exec jackett chown -R jackett:jackett /usr/local/share/Jackett /config
iocage exec jackett mkdir /usr/local/etc/rc.d


Create an rc file for jackett using your favorite editor at /mnt/iocage/jails/jackett/root/usr/local/etc/rc.d/jackett
#!/bin/sh

# $FreeBSD$
#
# PROVIDE: jackett
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
# to enable this service:
#
# jackett_enable: Set to YES to enable jackett
# Default: NO
# jackett_user: The user account used to run the jackett daemon.
# This is optional, however do not specifically set this to an
# empty string as this will cause the daemon to run as root.
# Default: media
# jackett_group: The group account used to run the jackett daemon.
# This is optional, however do not specifically set this to an
# empty string as this will cause the daemon to run with group wheel.
# Default: media
# jackett_data_dir: Directory where jackett configuration
# data is stored.
# Default: /var/db/jackett

. /etc/rc.subr
name=jackett
rcvar=${name}_enable
load_rc_config $name

: ${jackett_enable:="NO"}
: ${jackett_user:="jackett"}
: ${jackett_group:="jackett"}
: ${jackett_data_dir:="/config"}

command="/usr/sbin/daemon"
procname="/usr/local/bin/mono"
command_args="-p ${jackett_data_dir}/jackett.pid -f ${procname} /usr/local/share/Jackett/JackettConsole.exe -d ${jackett_data_dir}"

start_precmd=jackett_precmd
jackett_precmd() {
export USER=${jackett_user}
if [ ! -d ${jackett_data_dir} ]; then
install -d -o ${jackett_user} -g ${jackett_group} ${jackett_data_dir}
fi

export XDG_CONFIG_HOME=${jackett_data_dir}
}

run_rc_command "$1"

iocage exec jackett chmod u+x /usr/local/etc/rc.d/jackett
iocage exec jackett sysrc "jackett_enable=YES"
iocage exec jackett service jackett restart


Jackett should be available at http://<JailIP>:9117
------------------------
Transmission with OpenVPN + IPFW Killswitch
If you don't need or want the VPN, you can omit installing openvpn, setting up the ipfw_rules file, running the devfs command and any sysrc / service commands related to openvpn/firewall/ipfw.

If you are going to going to use the vpn, you will need add a preinit task in the webui to run the following command as well as run it once before you setup the jail. This adds a rule to the default devfs_ruleset applied to all iocage jails to allow them to access tun devices.
devfs rule -s 4 add path 'tun*' unhide

The firewall rules prevent anything from going out over your normal ISP your VPN dies.

echo '{"pkgs":["bash","unzip","unrar","transmission","openvpn","ca_root_nss"]}' > /tmp/pkg.json
iocage create -n "transmission" -p /tmp/pkg.json -r 11.2-RELEASE ip4_addr="vnet0|<IP>/<MASK>" defaultrouter="<GATEWAY>" vnet="on" allow_raw_sockets="1" boot="on" allow_tun="1"
rm /tmp/pkg.json
iocage exec transmission mkdir -p /config
iocage exec transmission mkdir -p /mnt/torrents
iocage fstab -a transmission /mnt/tank1/apps/transmission /config nullfs rw 0 0
iocage fstab -a transmission /mnt/tank1/torrents /mnt/torrents nullfs rw 0 0
iocage exec transmission mkdir -p /config/transmission-home
iocage exec transmission chown -R transmission:transmission /config/transmission-home


Create your Firewall rules using your favorite editor at /mnt/tank1/apps/transmission/config/ipfw_rules

In the rules below my transmission jail has the ip 172.16.0.14 in the 172.16.0.0/23 network. You will need to alter them based on your setup.
# Allow internal traffic
add 03000 allow ip from 172.16.0.14/32 to 172.16.0.0/23 keep-state
add 03000 allow ip from 172.16.0.0/23 to 172.16.0.14/32 keep-state

# Allow access to Entrace IP for VPN
add 04000 allow ip from 172.16.0.14/32 to <IP of VPN Entrance Node> keep-state

# Allow any traffic over the VPN interface
add 05000 allow ip from any to any via tun*

# Deny any other traffic
add 65534 deny ip from any to any

Place the conf file for your vpn connection at /mnt/tank1/apps/transmission/config/openvpn.conf

iocage exec transmission "chown 0:0 /config/ipfw_rules"
iocage exec transmission "chmod 600 /config/ipfw_rules"
iocage exec transmission sysrc "firewall_enable=YES"
iocage exec transmission sysrc "firewall_type=/config/ipfw_rules"
iocage exec transmission sysrc "openvpn_enable=YES"
iocage exec transmission sysrc "openvpn_dir=/config"
iocage exec transmission sysrc "openvpn_configfile=/config/openvpn.conf"
iocage exec transmission sysrc "transmission_enable=YES"
iocage exec transmission sysrc "transmission_conf_dir=/config/transmission-home"
iocage exec transmission sysrc "transmission_download_dir=/mnt/torrents/completed"
iocage exec transmission service ipfw start
iocage exec transmission service openvpn start
iocage exec transmission service transmission start


The default transmission settings will prevent any access to the WebUI from anything other than from localhost. We need to access edit the settings file for transmission to fix this to do so we need to stop transmission and edit settings.json file for Transmission.
iocage exec transmission service transmission stop

Using your favorite editor edit /mnt/tank1/apps/transmission/config/transmission-home/settings.json and find the lines prefixed with rpc-whitelist. You have 2 options disabling the whitelist or adding your IP to the whitelist.

To disable the whitelist change the following lines:
Code:
"rpc-whitelist-enabled": true,
to
Code:
"rpc-whitelist-enabled": false,

To add your IP edit the line below to include your ip. The setting is a comma separated list, so if your ip was 192.168.1.100 you would change it as follows.
Code:
"rpc-whitelist": "127.0.0.1",
to
Code:
"rpc-whitelist": "127.0.0.1,192.168.1.100",

After you have completed either of these you can start transmission again.
iocage exec transmission service transmission start

Transmission should be available at http://<JailIP>:9091/transmission/web/
------------------------
Organizr
echo '{"pkgs":["nginx","php72","php72-filter","php72-curl","php72-hash","php72-json","php72-openssl","php72-pdo","php72-pdo_sqlite","php72-session","php72-simplexml","php72-sqlite3","php72-zip","git","ca_root_nss"]}' > /tmp/pkg.json
iocage create -n "organizr" -p /tmp/pkg.json -r 11.2-RELEASE ip4_addr="vnet0|<IP>/<MASK>" defaultrouter="<GATEWAY>" vnet="on" allow_raw_sockets="1" boot="on"
rm /tmp/pkg.json
iocage exec organizr mkdir -p /config
iocage fstab -a organizr /mnt/tank1/apps/organizr /config nullfs rw 0 0
iocage exec organizr sed -i '' -e 's?listen = 127.0.0.1:9000?listen = /var/run/php-fpm.sock?g' /usr/local/etc/php-fpm.d/www.conf
iocage exec organizr sed -i '' -e 's/;listen.owner = www/listen.owner = www/g' /usr/local/etc/php-fpm.d/www.conf
iocage exec organizr sed -i '' -e 's/;listen.group = www/listen.group = www/g' /usr/local/etc/php-fpm.d/www.conf
iocage exec organizr sed -i '' -e 's/;listen.mode = 0660/listen.mode = 0600/g' /usr/local/etc/php-fpm.d/www.conf
iocage exec organizr cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini
iocage exec organizr sed -i '' -e 's?;date.timezone =?date.timezone = "Universal"?g' /usr/local/etc/php.ini
iocage exec organizr sed -i '' -e 's?;cgi.fix_pathinfo=1?cgi.fix_pathinfo=0?g' /usr/local/etc/php.ini


Create or replace /mnt/iocage/jails/organizr/root/usr/local/etc/nginx/nginx.conf with the following which is the default with comments removed and the bare minimum changes required to run Organizr.
user www;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
root /usr/local/www/Organizr;
location / {
index index.php index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/local/www/nginx-dist;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
include fastcgi_params;
}
}
}

iocage exec organizr git clone https://github.com/causefx/Organizr.git /usr/local/www/Organizr
iocage exec organizr chown -R www:www /usr/local/www /config
iocage exec organizr sysrc nginx_enable=YES
iocage exec organizr sysrc php_fpm_enable=YES
iocage exec organizr service nginx start
iocage exec organizr service php-fpm start


Navigate to http://JailIP and set the database location to "/config" and pick your timezone.

After you have completed the initial setup in the UI go back and do the following as some settings are stored in the config.php in the web directory such as homepage settings and email settings. If you ever need to recreate the jail you can omit the first 2 of the next 3 steps and just run the link instead of setting up your settings again.
iocage exec organizr cp -a /usr/local/www/Organizr/api/config/config.php /config/config.php
iocage exec organizr rm /usr/local/www/Organizr/api/config/config.php
iocage exec organizr ln -s /config/config.php /usr/local/www/Organizr/api/config/config.php
------------------------
Ombi
echo '{"pkgs":["mono","ca_root_nss","unzip","sqlite3"]}' > /tmp/pkg.json
iocage create -n "ombi" -p /tmp/pkg.json -r 11.2-RELEASE ip4_addr="vnet0|<IP>/<MASK>" defaultrouter="<GATEWAY>" vnet="on" allow_raw_sockets="1" boot="on"
rm /tmp/pkg.json
iocage fstab -a ombi /mnt/tank1/apps/ombi /config nullfs rw 0 0
iocage exec ombi ln -s /usr/local/bin/mono /usr/bin/mono
iocage exec ombi "fetch https://github.com/tidusjar/Ombi/releases/download/v2.2.1/Ombi.zip -o /usr/local/share"
iocage exec ombi "unzip -d /usr/local/share /usr/local/share/Ombi.zip"
iocage exec ombi mv /usr/local/share/Release /usr/local/share/ombi
iocage exec ombi rm /usr/local/share/Ombi.zip


You only need to run the next two commands if you are creating the jail for the first time.
iocage exec ombi sqlite3 /config/Ombi.sqlite "create table aTable(field1 int); drop table aTable;"
iocage exec ombi mkdir -p /config/Backups


iocage exec ombi ln -s /config/Ombi.sqlite /usr/local/share/ombi/Ombi.sqlite
iocage exec ombi ln -s /config/Backups /usr/local/share/ombi/Backups
iocage exec ombi "pw user add ombi -c ombi -u 819 -d /nonexistent -s /usr/bin/nologin"
iocage exec ombi chown -R ombi:ombi /usr/local/share/ombi /config
iocage exec ombi mkdir /usr/local/etc/rc.d


Create an rc file for ombi using your favorite editor at /mnt/iocage/jails/ombi/root/usr/local/etc/rc.d/ombi
#!/bin/sh
#
# $FreeBSD$
#
# PROVIDE: ombi
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
# to enable this service:
#
# ombi_enable (bool): Set to NO by default.
# Set it to YES to enable it.
# ombi_user: The user account ombi daemon runs as what
# you want it to be. It uses 'ombi' user by
# default. Do not sets it as empty or it will run
# as root.
# ombi_group: The group account ombi daemon runs as what
# you want it to be. It uses 'ombi' group by
# default. Do not sets it as empty or it will run
# as wheel.
# ombi_data_dir: Directory where ombi configuration
# data is stored.
# Default: /usr/local/share/ombi

. /etc/rc.subr

name=ombi
rcvar=ombi_enable
load_rc_config ${name}

: ${ombi_enable:=NO}
: ${ombi_user:=ombi}
: ${ombi_group:=ombi}
: ${ombi_data_dir:="/config"}

procname="/usr/local/bin/mono"
command="/usr/sbin/daemon"
command_args="-f ${procname} /usr/local/share/ombi/Ombi.exe"

start_precmd=ombi_precmd
ombi_precmd() {
if [ ! -d ${ombi_data_dir} ];
then install -d -o ${ombi_user} -g ${ombi_group} ${ombi_data_dir}
fi
export XDG_CONFIG_HOME=${ombi_data_dir}
}

run_rc_command "$1"

iocage exec ombi chmod u+x /usr/local/etc/rc.d/ombi
iocage exec ombi sysrc ombi_enable=YES
iocage exec ombi service ombi start


Ombi should be available at http://<JailIP>:3579
------------------------
Sabnzbd
echo '{"pkgs":["sabnzbdplus","ca_root_nss"]}' > /tmp/pkg.json
iocage create -n "sabnzbd" -p /tmp/pkg.json -r 11.2-RELEASE ip4_addr="vnet0|<IP>/<MASK>" defaultrouter="<GATEWAY>" vnet="on" allow_raw_sockets="1" boot="on"
rm /tmp/pkg.json
iocage fstab -a sabnzbd /mnt/tank1/apps/sabnzbd /config nullfs rw 0 0
iocage fstab -a sabnzbd /mnt/tank1/torrents /mnt/torrents nullfs rw 0 0
iocage exec sabnzbd mkdir -p /mnt/torrents/sabnzbd/incomplete
iocage exec sabnzbd mkdir -p /mnt/torrents/sabnzbd/complete
iocage exec sabnzbd ln -s /usr/local/bin/python2.7 /usr/bin/python
iocage exec sabnzbd ln -s /usr/local/bin/python2.7 /usr/bin/python2
iocage exec sabnzbd chown -R _sabnzbd:_sabnzbd /mnt/torrents/sabnzbd /config
iocage exec sabnzbd sysrc sabnzbd_enable=YES
iocage exec sabnzbd sysrc sabnzbd_conf_dir="/config"
iocage exec sabnzbd service sabnzbd start
iocage exec sabnzbd service sabnzbd stop
iocage exec sabnzbd sed -i '' -e 's?host = 127.0.0.1?host = 0.0.0.0?g' /config/sabnzbd.ini
iocage exec sabnzbd sed -i '' -e 's?download_dir = Downloads/incomplete?download_dir = /mnt/torrents/sabnzbd/incomplete?g' /config/sabnzbd.ini
iocage exec sabnzbd sed -i '' -e 's?complete_dir = Downloads/complete?complete_dir = /mnt/torrents/sabnzbd/complete?g' /config/sabnzbd.ini
iocage exec sabnzbd service sabnzbd start

http://<>:8080/sabnzbd/
Author
Pentaflake
Views
377,679
First release
Last update
Rating
4.71 star(s) 41 ratings

Latest updates

  1. Notes on 11.3-RELEASE template for 11.2-U7 FreeNAS users

    All supported jails have been tested with the 11.3-RELEASE template. No changes are required...
  2. Lidarr Updates

    @Chris Cameron Added.
  3. Update for Organizr

    Updated to include commands relevant to recent package updates.
  4. Fixed Sabnzbd getting cut out

    I've re added sabnzbd however I do not use nzbs so I have no way to test it other then seeing...
  5. Update for 11.2

    Added changes for 11.2 Ombi is no longer supported as Ombi 2.x is no longer being developed...

Latest reviews

Very useful, thank you so much.
Great easy guide .. I just skipped the media folders part and used the mount points via the web gui. I was using the plex plugin for a long time and my OCD got the better part of me when I couldn't update the jail to 12.2 and was stuck on 12.1.

I had one little issue where plex wouldn't start after adding mount points, but running:

iocage exec 3DPlexPass service plexmediaserver_plexpass start

again seem to correct the issue and plex starts on it's own again after stopping the jail.

This easy setup combined with:

wget https://raw.githubusercontent.com/mstinaff/PMS_Updater/master/PMS_Updater.sh

sh PMS_Updater.sh -v -a

..now allows me to stay up to date with the whole ball of wax!
Super. Working even for 11.3-RELEASE
with
iocage create -n "lidarr" -p /tmp/pkg.json -r 11.3-RELEASE ip4_addr="vnet0|172.16.0.27/30" defaultrouter="172.16.0.1" vnet="on" \
nat_forwards='tcp(8686)' \
nat="on" allow_raw_sockets="1" boot="on" --basejail
For what I used, the code is organized and works, so thumbs up for that. The only thing that is missing is a simple screenshot of the pool/dataset layout that your guide is based on. This would help illustrate the design for the inexperienced FreeNAS users. Perhaps doing so will provide the clarity that others are seeking.
The code is mostly good...
But the documentation and commenting is lacking...

I get what needs to be done/changed, but I fully understand other users' their comments about not getting it.

It's also lacking on the "after installation" instructions side...

I'm working on completely restructering it into a more user friendly format and i'm gratefull for these instructions because they where quite easy to make into actual scripts.

More info about how you can use them differently:
https://github.com/Ornias1993/jailman
Excellent resource! Thanks so very much. I would love to see a little more clarity on the recommended setup for the datasets, as well as setting permissions. I know that permissions in particular can be very troublesome and the addition of a short step-by-step for this aspect would make this guide even more incredible that it already is.
lost at the iocage fstab -a plex /mnt/tank1/apps/plex /config nullfs rw 0 0, no instruction for dataset.
excellent resource that continues to be updated, bravo!
There are a few issues when I tried this last night, for instance Radarr (not tried sonarr) has a fetch issue pulling the ssl certs:
iocage exec radarr "fetch https://github.com/Radarr/Radarr/releases/download/v0.2.0.995/Radarr.develop.0.2.0.995.linux.tar.gz -o /usr/local/share"
Returns: Certificate verification failed

I got around this by adding: fetch --no-verify-peer

Lastly, can we use media:media credentials on all iocages so they all match and all have the same permissions to write/read to the same folders?
If so would I just have to change:
iocage exec radarr chown -R media:media /usr/local/share/Radarr /config
Because I tried this and just got an error :(

Lastly iocage exec radarr rm /usr/local/share/Radarr.*.linux.tar.gz
Didnt work, I had to go into the jail and do it manually, no biggie just thought I'd mention it.
Great guide, plex works great. I got a little lost with the openvpn and firewall bit. I couldn't get it to work myself but I use torguard vpn so that may be why.
Top