Unfortunately it's one of those situations where there is no perfect solution and everything is a trade-off, but in practice in a homelab situation it's not that bad.
Options:
1) Use NFS share on your TrueNAS machine for the media files of the chart (you almost always should leave the config files as PVC)
2) Disable hostpath validation
Details:
1) If you're already using NFS for sharing the media out to your local clients then this is the obvious solution; however, you're more likely using SMB for that, in which case the downside is that NFS has a bit more overhead (especially for large files) compared to SMB, but for the purposes of a media sharing container (i.e. Plex) it's really not a big deal. There is also the slightly complex topic of having issues with ignored file locking when mixing SMB/NFS shares of the same dataset, but that's also mostly a non-issue in the homelab setting as long as you don't have tons of users that are likely to be modifying the same file using different protocols. For the plex case, the worst that can happen is you delete a file from the web interface while someone was accessing it via the SMB share and suddenly their playback stops. Again, not a big deal.
This is probably what you should do, though it of course isn't an option if you're using the official containers.
2) This one at the moment is a fairly bad solution, as the setting for toggling it on and off actually affects two separate features, one of which is good for security and should essentially never be disabled. This is discussed in the
WIP change for Cobia (23.10) where iXSystems is looking to add a per-application host path validation toggle.
Assuming the above gets implemented, where only the service portion get's disabled and it's of course on an app-by-app basis, I think in Cobia this will be a reasonable alternative for people that wish to avoid NFS for whatever reason. As long as you know ahead of time that a given container won't have issues with ACLs and shared SMB access, and only disable it for that container (i.e. don't just blindly disable it on all containers without doing testing/research), IMO this is a decent option. It's especially safe if you mount the SMB share to the app as read-only.
Plex for example doesn't really struggle with having an SMB shared host path so you could leave host path validation on for everything else, only opting out of it for Plex specifically. You just have to be aware of that it
may be an issue with some apps in some circumstances, and be conservative in it's use.
But like I said, I wouldn't consider doing this at all until it's implemented on a per-app basis given the above caveats.
Mhm i dont know, i upgrade today and see no real solution to use Plex and smb share ?
The only solution, i think is, to use Plex in a VM
@oblivioncth u found a solution?
@morganL maybe u can tell me the recommended way
VM's are ultimately fine, especially if you have resources to spare, but they're overkill and add unnecessary overhead if all you're going to do is host one or two apps in them. I'm really happy with the apps implementation in SCALE after having gotten over the learning curve, and this host path issue is the only real "sticking point" of any kind I ran into (again in the end, not that bad), while everything else was just getting used to some workflows and things I was unfamiliar with.
Using the charts for your services is much more efficient and hands free once you get it setup, especially in terms of updates and ease of migration.
VM's certainly have their purpose those. I use one for Home Assistant for example as I use many of it's addons and preferred supervised home assistant. Being able to have HA supervised, with all of it' add-on's installed directly within it instead of flooding my chart's collection with apps I don't use for anything but HA, and a unique LAN IP without having to install the third-party MetalLB load balancer makes the VM make sense in this case. It encapsulates everything in to one nice, easy to use and manage "box" that I know won't interfere with the rest of my TrueNAS setup. But plex in a VM really saves you nothing and just adds complexity.