AWBbox 2 Posted November 4, 2024 Posted November 4, 2024 I've been happily using Emby on TrueNAS Scale for a couple of years now, currently on version 4.8.10.0. I wanted to know whether there was a reliable way to disable the web server, allowing access to media content only via DLNA? I have access to the container shell via TrueNAS and have been having a poke around /config/config/system.xml but the answer eludes me so far. Thank you!
Happy2Play 9780 Posted November 4, 2024 Posted November 4, 2024 (edited) My only guess would be firewalling the server ports but at the same time then you have no way to configure the server. But there is no way to disable the server as that is what is running the DLNA plugin. Can only guess you mean web client and not server but it is integrated into the install. Edited November 4, 2024 by Happy2Play
AWBbox 2 Posted November 4, 2024 Author Posted November 4, 2024 My hope was that if there was a means to disable the web GUI from the CLI then it wouldn't matter that I would lose that means to configure the server. TrueNAS Scale lacks a means to firewall inbound connections as far as I know, otherwise blocking access to TCP 8096 would be an adequate solution.
Q-Droid 989 Posted November 4, 2024 Posted November 4, 2024 There is no CLI for Emby and many of the settings are stored in the database. Without the web interface you can't manage the server. If you want to try it then simply define the wrong port mapping for the container. You won't be able to access the web server which is your end goal.
AWBbox 2 Posted November 4, 2024 Author Posted November 4, 2024 I just meant that if I effected a change via the CLI somehow (i.e. modifying a suitable file), that I could still undo that at some point if I ever needed to use the web GUI again in future. For some reason, the port mapping for the container settings in TrueNAS Scale doesn't appear to affect the access to Emby, it might be because I have the service bound to the host network? I can set the WebUI Port value to 12345 and I can still access it on 8096.
Q-Droid 989 Posted November 4, 2024 Posted November 4, 2024 True. The mapping is not in effect when in host network mode. Odd that truenas scale doesn't have a firewall.
Solution AWBbox 2 Posted November 4, 2024 Author Solution Posted November 4, 2024 Okay, correction! TrueNAS Scale does use iptables and persistent rules can be added via Init Scripts, in my case: /usr/sbin/iptables -A INPUT -p tcp --dport 8096 -j DROP I'm happy with this solution 1
AWBbox 2 Posted November 11, 2024 Author Posted November 11, 2024 Quick follow up in case any readers end up copying what I did here. It appears an update to the Emby Docker image might have introduced a healthcheck with this iptables rule breaks. Traffic coming from the loopback address of TrueNAS must always be allowed, so instead use: /usr/sbin/iptables -A INPUT ! -i lo -p tcp --dport 8096 -j DROP This blocks everything to TCP/8096 except if it's from the loopback interface. 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now