User Tools

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
services:navidrome [2024/04/16 10:57] – created willyservices:navidrome [2024/09/02 12:30] (current) – [Reverse Proxy] willy
Line 1: Line 1:
 ====== Navidrome ====== ====== Navidrome ======
  
 +[[https://www.navidrome.org/|Navidrome]] is a streaming server that let's you stream your own music to your devices. It's pretty solid and compatible with [[https://github.com/opensubsonic|OpenSubsonic]] API. You can browse and listen to your collection on the WEB GUI or with your favorite client app.
 +
 +This will be integrated with SSO using Authelia.
 +
 +===== Installation =====
 +
 +Navidrome is provided via docker and natively support rootless configuration. As usual, you need to create a dedicated user for the service:
  
 <code bash> <code bash>
 useradd -d /data/daemons/navidrome -m -g media navidrome useradd -d /data/daemons/navidrome -m -g media navidrome
 +</code>
  
 +Then put the following **docker-compose.yml** to **/data/daemons/navidrome**:
 +<file - docker-compose.yml>
 +version: "3"
 +services:
 +  navidrome:
 +    image: deluan/navidrome:latest
 +    user: 1046:1014 # should be owner of volumes
 +    ports:
 +      - "4533:4533"
 +    restart: unless-stopped
 +    environment:
 +      # Optional: put your config options customization here. Examples:
 +      ND_SCANSCHEDULE: 1h
 +      ND_LOGLEVEL: info  
 +      ND_SESSIONTIMEOUT: 24h
 +      ND_BASEURL: ""
 +      ND_REVERSEPROXYWHITELIST: 10.89.0.0/24
 +    volumes:
 +      - "/data/daemons/navidrome/data:/data"
 +      - "/data/Music/folder:/music:ro"
 +</file>
  
 +You need to adapt UID/GID, paths to music collection and port.
 +ND_REVERSEPROXYWHITELIST must list the subnet associated to your NGINX reverse proxy as seen from the Navidrome container. The provided IP range should be enough for a default Podman installation.
 +
 +
 +===== Reverse Proxy =====
 +
 +I choose to install Navidrome on it's own subdomain **https://navidrome.mydomain.com** to make it easier for Subsonic integration. For more details see [[selfhost:nginx|The Reverse Proxy concept]].
 +
 +This example also include the Authelia integration.
 +
 +<file - navidrome.conf>
 +server {
 +        server_name navidrome.mydomain.com;
 +        listen 443 ssl;
 +        listen 8443 ssl;
 +        http2 on;
 +
 +        access_log /var/log/nginx/navidrome.mydomain.com_access_log main;
 +        error_log /var/log/nginx/navidrome.mydomain.com_error_log info;
 +
 +        include "com.mydomain/authelia_location.conf";
 +
 +        location ^~ / {
 +
 +                include "com.mydomain/authelia_proxy.conf";
 +                include "com.mydomain/authelia_authrequest.conf";
 +
 +                proxy_pass http://127.0.0.1:4533;
 +                proxy_set_header X-Forwarded-Protocol $scheme;
 +                proxy_set_header Remote-User $remote_user;
 +                proxy_buffering off;
 +        }
 +
 +                location /rest {
 +                        proxy_pass http://127.0.0.1:4533/rest;
 +                       proxy_set_header Host $host;
 +                       proxy_set_header X-Real-IP $remote_addr;
 +                       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 +                       proxy_set_header X-Forwarded-Proto $scheme;
 +                        proxy_set_header X-Forwarded-Protocol $scheme;
 +                       proxy_set_header X-Forwarded-Host $http_host;
 +                        proxy_set_header Remote-User $remote_user;
 +                        proxy_buffering off;
 +                }
 +
 +        client_max_body_size 100M;
 +}
 +</file>
 +
 +This will automatically login your users using the SSO provided by [[services:authelia|Authelia]].
 +
 +Please note that the **/rest** location is __not__ protected by Authelia, as this would __not__ work with Subsonic apps. Authentication, in this case, is performed by Navidrome itself: users will need to setup a password within Navidrome! (this might be fixed using Authelia basic auth, but i have not tried.)
 +
 +
 +
 +
 +===== Autostart =====
 +
 +To start it, and set it up on boot, as usual follow my indications [[gentoo:containers|Using Containers on Gentoo]], so link the **user-containers** init script:
 +<code>
 +ln -s /etc/init.d/user-containers /etc/init.d/user-containers.navidrome
 </code> </code>
 +
 +and create the following config file:
 +<file - /etc/conf.d/user-containers.navidrome>
 +USER=navidrome
 +DESCRIPTION="The music server"
 +</file>
 +
 +Add the service to the default runlevel and start it now:
 +<code bash>
 +rc-update add user-containers.navidrome default
 +rc-service user-containers.navidrome start
 +</code>
 +
 +

This website uses technical cookies only. No information is shared with anybody or used in any way but provide the website in your browser.

More information