Skip to content

Instantly share code, notes, and snippets.

@thomascrha

thomascrha/FreeNAS.md

Forked from zenxedo/TrueNAS Setup.md
Last active April 21, 2023 17:36
Show Gist options
  • Save thomascrha/4973c3ff37b8261f55762cc4f29f179d to your computer and use it in GitHub Desktop.
Save thomascrha/4973c3ff37b8261f55762cc4f29f179d to your computer and use it in GitHub Desktop.
Download ZIP
Utimate FreeNAS Setup
Raw
FreeNAS.md

FreeNAS

These are my current FreeNAS plugins settings, also useful commands and backup schemes.

My current setup: Updated 19/12

Info on what is currently setup on freenas.local

Jail Architecture

services Jail for general use server applications setup

players Jail for general media playback and library/download intergration

indexers Jail for index services setup

downloaders Jail for downloading and torrent indexing Running VPN fulltime

Jail Setup

For creating a blank new jail. Create a jail using the FreeNAS web UI

Jail name: media_jail
IPv4 address: DHCP
autostart: checked
type: pluginjail
VIMAGE: unchecked
vanilla: checked
sysctls: allow.raw_sockets=true,allow.sysvipc=true

Ports and dependencies

ssh [email protected]
jls
jexec 17 tcsh
passwd
portsnap fetch extract
portsnap fetch update
sysrc sshd_enable=YES
pkg update && pkg upgrade

Create main user inside jail matching UID

Create this user in your FreeNAS with the same uid and gid (typically 1001 if you haven't made a custom account yet).

In the jail, add a user with a matching UID as the owner of the data dataset/folders.

pw useradd -n data -u 1001 -d /nonexistent -s /usr/sbin/nologin

In the jail, change the user the plugin runs as, and change ownership of the data-directory.

service PLUGIN onestop
chown -R USER:GROUP /var/db/PLUGIN
sysrc 'PLUGIN_user=USER'
service PLUGIN start

Transmission

Notes

Currently configured into the transmissionJackett jail - just a blank Jail with transmission pand Jackett manually installed. Also installed openvpn and configured with PIA VPN. Attached is the script used for intialisation - set_up_vpn.sh.

jls
jexec [JAILID] tcsh
cd $HOME
fetch https://gist.githubusercontent.com/thomascrha/4973c3ff37b8261f55762cc4f29f179d/raw/1f08e99e8dd8f645ad88ad2c2f6f020688ba96b4/set_up_vpn.sh
chmod +x set_up_vpn.sh
./set_up_vpn.sh

Backup

Files/Folders that need to be saved

rsync -atR /mnt/volume1/jails/downloads/var/db/transmission /mnt/volume_1/backup/freenas.backup/jail-download/

Manual Install

pkg update && pkg upgrade
pkg install -y transmission-daemon
sysrc transmission_conf_dir="/var/db/transmission"
sysrc transmission_download_dir="/media/download"
sysrc transmission_enable="YES"
chown -R data /var/db/transmission
sysrc 'transmission_user=data'
service transmission start

# you might need to change the white list in settings.json to 0.0.0.0

restart jail

Port

jail_ip:9091

Updating

pkg update && pkg upgrade
pkg install -y transmission-daemon
add to settings.json -- "rpc-whitelist-enabled": false,

Jackett

Notes

Currently configured into the transmissionJackett jail - just a blank jail with Jackett manually installed.

Backup

Files/Folders that need to be saved

rsync -atR /mnt/volume1/jails/download/.config/Jackett /mnt/volume_1/backup/jail-download/

Manual Install https://github.com/Jackett/Jackett/releases https://forums.freenas.org/index.php?threads/need-help-installing-jackett-on-freenas-in-a-jail.38384/

pkg update && pkg upgrade
pkg install -y mono curl
cd /usr/local/
fetch https://github.com/Jackett/Jackett/releases/download/v0.7.923/Jackett.Binaries.Mono.tar.gz
tar -zxvf Jackett.Binaries.Mono.tar.gz
rm Jackett.Binaries.Mono.tar.gz
mv Jackett jackett
chown -R data /usr/local/jackett
sysrc 'jackett_user=data'
cd /usr/local/etc/rc.d
fetch https://gist.githubusercontent.com/tho8261f55762cc4f29f179d/raw/ce08b465c839dec84fe1f8b763fed4948b21e652/jackett
chmod 555 jackett
mkdir /.config
chown -R USER /.config

restart jail

Port

jail_ip:9117

Updating

cd /usr/local/
fetch https://github.com/Jackett/Jackett/releases/download/v0.7.923/Jackett.Binaries.Mono.tar.gz
tar -zxvf Jackett.Binaries.Mono.tar.gz
rm Jackett.Binaries.Mono.tar.gz

Sonarr

Notes

Backup

Files/Folders that need to be saved

#Make sure to stop any services before copying over
rsync -atR /mnt/volume1/jails/indexers/usr/local/sonarr /mnt/volume_1/backup/jail-indexers/

Manual Install

https://github.com/Sonarr/Sonarr/wiki/Installation-FreeBSD

pkg update && pkg upgrade
pkg install -y sonarr
sysrc sonarr_enable=YES
service sonarr start
# not the best option but works for in app updates
chmod 777 /usr/local/share/sonarr

Port

jail_ip:8989

Updating

pkg upgrade sonarr or though the web interface

Plex

Notes

Backup

Files/Folders that need to be saved

rsync -atR /mnt/volume1/jails/plex/usr/local/plexdata-plexpass /mnt/volume_1/backup/jail-plex/

Manual Install

pkg update && pkg upgrade
pkg install -y plexmediaserver-plexpass
sysrc plexmediaserver_plexpass_enable=YES
service plexmediaserver_plexpass start

Port

jail_ip:32400/web

Updating

pkg upgrade plexmediaserver_plexpass

Ombi

Notes

Manual Install

https://github.com/tidusjar/Ombi/releases https://forums.freenas.org/index.php?threads/plex-request-or-similar.42187/

pkg update && pkg upgrade
pkg install -y mono screen
echo 'jail_sysvipc_allow="YES"' >> /etc/rc.conf
cd
fetch https://github.com/tidusjar/Ombi/releases/download/v2.0.1/Ombi.zip
unzip Ombi.zip
mv Release /usr/local/ombi
rm Ombi.zip
touch /etc/rc.d/ombi
echo "/usr/local/bin/screen -d -m -S root nohup /usr/local/bin/mono /usr/local/ombi/Ombi.exe" >> /etc/rc.d/ombi
chmod 555 /etc/rc.d/ombi

restart jail

Port

jail_ip:3579

Updating

Radarr

Notes

Manual Install

https://github.com/Radarr/Radarr/releases https://github.com/Radarr/Radarr

pkg update && pkg upgrade
pkg install -y mono mediainfo sqlite3
#needed this to stop error:Could not find libgdiplus. Cannot test if image is corrupt.: Couldn't load GDIPlus library
pkg install libgdiplus

cd /usr/local/
fetch https://github.com/Radarr/Radarr/releases/download/v0.2.0.210/Radarr.develop.0.2.0.210.linux.tar.gz
tar -zxvf Radarr.develop.0.2.0.210.linux.tar.gz
rm Radarr.develop.0.2.0.210.linux.tar.gz
echo "/usr/local/bin/mono /usr/local/Radarr/Radarr.exe" > /etc/rc.d/radarr
chmod 555 /etc/rc.d/radarr
#this is needed for updates within Radarr
ln -s /usr/local/bin/mono /bin

restart your jail

Port

jail_ip:7878

Updating

Updating is done through the web interface

Headphones

Notes

Manual Install

pkg update && pkg upgrade
pkg install py27-sqlite3  py27-cheetah
cd /usr/local && git clone git://github.com/rembo10/headphones.git
chown -R media:media headphones
cp /usr/local/headphones/init-scripts/init.freebsd /usr/local/etc/rc.d/headphones
chmod +x /usr/local/etc/rc.d/headphones
sysrc headphones_enable=YES
sysrc headphones_user=media
sysrc headphones_group=media

# edit rc.d/headphones, change python lcation to /usr/local/bin/python

restart your jail

Port

jail_ip:8181

Updating

Backups

Important files

Sonarr: download backup through web interface or nzbdrone.db config.xml
Radarr: download backup through web interface or nzbdrone.db config.xml
Unifi: download backup through web interface
Ombi: Ombi.sqlite
Headphones: headphones.db config.ini

Moving over databases and config files from plugins Log into FreeNAS

cp /mnt/tetra/plugins_1/usr/pbi/headphones-amd64/data/config.ini /mnt/tetra/media_jail/usr/local/headphones/
cp /mnt/tetra/plugins_1/usr/pbi/headphones-amd64/data/headphones.db /mnt/tetra/media_jail/usr/local/headphones/

Make sure your settings move across the boundary. Daemons might not start up if ip's, filepaths, etc. are different.

Common Commands

https://www-uxsup.csx.cam.ac.uk/pub/doc/suse/suse9.0/userguide-9.0/ch24s04.html

cd /directorypath	: Change to directory.
chmod [options] mode filename	: Change a file’s permissions.
chown [options] filename :	Change who owns a file.
cp [options] :source destination	: Copy files and directories.
ln -s test symlink	: Creates a symbolic link named symlink that points to the file test
mkdir [options] directory	: Create a new directory.
mv -i myfile yourfile : Move the file from "myfile" to "yourfile". This effectively changes the name of "myfile" to "yourfile".
mv -i /data/myfile :	Move the file from "myfile" from the directory "/data" to the current working directory.
rm [options] directory	: Remove (delete) file(s) and/or directories.
tar [options] filename :	Store and extract files from a tarfile (.tar) or tarball (.tar.gz or .tgz).
touch filename :	Create an empty file with the specified name.

Testing

service [name of service] start
service [name of service] stop
service [name of service] restart

Alarmserver

pkg install python
pkg install py27-tornado py27-OpenSSL
cd /usr/local/share/
git clone https://github.com/juggie/AlarmServer
change the config example file
cd usr/local/share/AlarmServer
python alarmserver.py

Helpful Codes

Mounting USB drive:

kldload fuse
mkdir /mnt/usb
ntfs-3g /dev/da1s1 /mnt/usb
ntfs-3g -o permissions /dev/da1s1 /mnt/usb

Upgrading

Upgrading can be a royal pain... but fear not. Typically you can just run a portmaster -ad, and if it says "conflict... blah blah" just run "pkg delete -f " then re-run the portmaster command. Eventually everything should be updated! Many times the update process comes to a grinding halt because of dependency issues. You can kick off a single app to be updated similar below. You will also want to review /usr/ports/UPDATING if you run into trouble to see if a port has changed. There is usually a command to migrate a package such as a portmaster -o oldpackage newpackage.

less /usr/ports/UPDATING
portsnap fetch update
cd /usrports/ports-mgmt/pkg && make install clean
cd /usr/ports/ports-mgmt/portmaster && make install clean
pkg version -l '<'
portmaster -Rafd
portmaster -fd news/sabnzbdplus

Rsync files

&rsync --progress --stats --recursive --times --perms --links --dry-run /mnt/tetra /mnt/usb/tetra
nohup foo &

rsync -az -H --delete --numeric-ids --stats --progress -e ssh [email protected]:/mnt/tetra/family /media/jacob/usb/tetra
rsync -az -H --delete --numeric-ids --stats --progress -e ssh [email protected]:/mnt/tetra/media_jail/usr/local/sickbeard/data/config.ini /media/jacob/usb/tetra/backup

cp

Copy server and daemon config files and databases

mkdir /mnt/tetra/backup/server_configs
cd /mnt/tetra/backup/server_configs
rsync -aqz /mnt/tetra/media_jail/usr/local/sickbeard/config.ini /mnt/tetra/media_jail/usr/local/sickbeard/sickbeard.db sickbeard/
rsync -aqz /mnt/tetra/media_jail/usr/local/sabnzbd/sabnzbd.ini sabnzbd/
rsync -aqz /mnt/tetra/media_jail/usr/local/headphones/config.ini /mnt/tetra/media_jail/usr/local/headphones/headphones.db headphones/
rsync -aqz /mnt/tetra/media_jail/usr/local/CouchPotatoServer/data/settings.conf /mnt/tetra/media_jail/usr/local/CouchPotatoServer/data/couchpotato.db couchpotato/
rsync -aqz /mnt/tetra/media_jail/usr/local/etc/nginx/nginx.conf /mnt/tetra/media_jail/usr/local/www/home/index.html nginx/

cd /mnt/tetra/backup/server_configs
rsync -aqz sabnzbd/sabnzbd.ini /mnt/tetra/media_jail/usr/local/sabnzbd/
rsync -aqz sickbeard/config.ini sickbeard/sickbeard.db /mnt/tetra/media_jail/usr/local/sickbeard/
rsync -aqz headphones/config.ini headphones/headphones.db /mnt/tetra/media_jail/usr/local/headphones/
rsync -aqz couchpotato/settings.conf couchpotato/couchpotato.db /mnt/tetra/media_jail/usr/local/CouchPotatoServer/data/

cd /usr/local && chmod -R media:media sabnzbd sickbeard headphones CouchPotatoServer
Raw
jackett
#!/bin/sh
# $FreeBSD$
#
# PROVIDE: jackett
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
. /etc/rc.subr
name=jackett
rcvar=${name}_enable
load_rc_config $name
: ${jackett_enable:="YES"}
#: ${jackett_user:="daemon"}
#: ${jackett_group:="wheel"}
: ${jackett_data_dir:="/usr/local/jackett"}
pidfile="${jackett_data_dir}/jackett.pid"
command="/usr/sbin/daemon"
procname="/usr/local/bin/mono"
command_args="${procname} /usr/local/jackett/JackettConsole.exe"
start_precmd=jackett_precmd
jackett_precmd() {
if [ ! -d ${jackett_data_dir} ]; then
install -d -o ${jackett_user} -g ${jackett_group} ${jackett_data_dir}
fi
}
run_rc_command "$1"
Raw
set_up_vpn.sh
#!/bin/tcsh
# Grab user information.
echo "PrivateInternetAccess OpenVPN Setup:"
echo " https://www.privateinternetaccess.com/pages/client-control-panel"
echo " -> PPTP/L2TP/SOCKS Username and Password"
echo -n "User: "
set user = $<
echo -n "Pass: "
set pass = $<
# Get initial IP address.
if ( -x "/usr/local/bin/wget" ) then
set IP0=`wget -qO- http://wtfismyip.com/text`
else if ( -x "/usr/local/bin/curl" ) then
set IP0=`curl http://wtfismyip.com/text`
else
return 0
exit 0
endif
# Some directories.
set openVPNPort = /usr/ports/security/openvpn
set openVPNDir = /usr/local/etc/openvpn
# Update & upgrade pkgs
#/usr/sbin/pkg update -f
#/usr/sbin/pkg upgrade -y
# Fetch & extract ports
#/usr/sbin/portsnap fetch
#/usr/sbin/portsnap extract
# Go to the OpenVPN directory.
cd $openVPNPort
# Change this to a 1 == 1 to use the dialog box to set the options
/bin/mkdir -p /var/db/ports/security_openvpn/
echo "# This file is auto-generated by 'make config'." > /var/db/ports/security_openvpn/options
echo "# Options for openvpn-2.3.6_1" >> /var/db/ports/security_openvpn/options
echo "_OPTIONS_READ=openvpn-2.3.6_1" >> /var/db/ports/security_openvpn/options
echo "_FILE_COMPLETE_OPTIONS_LIST=DOCS EASYRSA EXAMPLES PKCS11 PW_SAVE OPENSSL POLARSSL" >> /var/db/ports/security_openvpn/options
echo "OPTIONS_FILE_UNSET+=DOCS" >> /var/db/ports/security_openvpn/options
echo "OPTIONS_FILE_SET+=EASYRSA" >> /var/db/ports/security_openvpn/options
echo "OPTIONS_FILE_UNSET+=EXAMPLES" >> /var/db/ports/security_openvpn/options
echo "OPTIONS_FILE_UNSET+=PKCS11" >> /var/db/ports/security_openvpn/options
echo "OPTIONS_FILE_SET+=PW_SAVE" >> /var/db/ports/security_openvpn/options
echo "OPTIONS_FILE_SET+=OPENSSL" >> /var/db/ports/security_openvpn/options
echo "OPTIONS_FILE_UNSET+=POLARSSL" >> /var/db/ports/security_openvpn/options
/bin/mkdir -p /var/db/ports/archivers_lzo2
echo "# This file is auto-generated by 'make config'" > /var/db/ports/archivers_lzo2/options
echo "# Options for lzo2-2.08_1" >> /var/db/ports/archivers_lzo2/options
echo "_OPTIONS_READ=lzo2-2.08_1" >> /var/db/ports/archivers_lzo2/options
echo "_FILE_COMPLETE_OPTIONS_LIST=DOCS EXAMPLES" >> /var/db/ports/archivers_lzo2/options
echo "OPTIONS_FILE_UNSET+=DOCS" >> /var/db/ports/archivers_lzo2/options
echo "OPTIONS_FILE_UNSET+=EXAMPLES" >> /var/db/ports/archivers_lzo2/options
# Install & Clean OpenVPN
/usr/bin/make install
/usr/bin/make clean
# Make & Change to the OpenVPN Config Directory
/bin/mkdir -p $openVPNDir
cd $openVPNDir
# Grab PIA's OpenVPN settings
if ( -x "/usr/local/bin/wget" ) then
/usr/local/bin/wget https://www.privateinternetaccess.com/openvpn/openvpn.zip --no-check-certificate
else if ( -x "/usr/local/bin/curl" ) then
/usr/local/bin/curl -OLk https://www.privateinternetaccess.com/openvpn/openvpn.zip
else
return 0
endif
# Unzip & Delete the file.
/usr/bin/unzip -q /usr/local/etc/openvpn/openvpn.zip
/bin/rm -f /usr/local/etc/openvpn/openvpn.zip
# For each of the ovpn settings.
foreach ovpn (*.ovpn)
# First add to read in the user's information from pass.txt
echo "auth-user-pass $openVPNDir/pass.txt" >> "$ovpn"
# Add the full paths to avoid ambiguity.
sed -i "" "s/crl\.pem/\/usr\/local\/etc\/openvpn\/crl.pem/g" "$ovpn"
sed -i "" "s/ca\.crt/\/usr\/local\/etc\/openvpn\/ca.crt/g" "$ovpn"
# Finally replace the spaces in the filename with underscores.
set ovpn2 = `echo $ovpn | sed "s/ /_/g"`
mv "$ovpn" "$ovpn2"
end
# Add username and pass to the pass.txt
echo $user > "$openVPNDir/pass.txt"
echo -n $pass >> "$openVPNDir/pass.txt"
# Enable openvpn in rc.conf
echo 'openvpn_enable="YES"' >> /etc/rc.conf
echo 'openvpn_configfile="/usr/local/etc/openvpn/AU Sydney.ovpn"' >> /etc/rc.conf
# Start OpenVPN
/usr/sbin/service openvpn start
echo "Waiting 10 seconds for OpenVPN to spin up"
sleep 10
# Get the new IP address.
if ( -x "/usr/local/bin/wget" ) then
set IP1=`wget -qO- http://wtfismyip.com/text`
else if ( -x "/usr/local/bin/curl" ) then
set IP1=`curl http://wtfismyip.com/text`
else
return 0
exit 0
endif
# Compare and Contrast.
echo "If these are different, OpenVPN is working"
echo "Old IP: $IP0"
echo "New IP: $IP1"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment