Installation UID and GID

My architecture is Ubuntu 18.04 LXC (proxmox). I followed the Jellyfin Repository installation guide.

The Jellyfin team provided Ubuntu repository for installation on Ubuntu automaticaly creates a new system user/group called (jellyfin:jellyfin - 108:114) . The issue is these new UID’s and GID’s are automatically created and random. This creates a permission issue with UID’s/GID’s for my NFS permissions.

Is there a way to install Jellyfin under a existing user during the installation phase? For example, a username media with UID:GID 1105:100?

My work around has been:

  1. Edit Jellyfin System.d Service file
    I added edited the user and added my Group.
    sudo systemctl stop jellyfin && sed -i 's/User = jellyfin/User = media\nGroup = users/' /lib/systemd/system/jellyfin.service

  2. Chown Files for new user access
    sudo systemctl stop jellyfin && sudo chown media:adm /var/cache/jellyfin && sudo chown -R media:users /var/cache/jellyfin/* && sudo find /etc /lib /var -user jellyfin -group adm -exec sudo chown media:adm {} + && sudo find /etc /lib /var -user jellyfin -group jellyfin -exec sudo chown media:users {} + && sudo systemctl restart jellyfin

Any help would be much appreciated.

You could add the jellyfin user to the group which already has access to the files which would then be as simple as

usermod -aG Group jellyfin

Then on restart of jellyfin it should have access to the files with the associated group permissions

Thank you. Got Jellyfin up and running.

The only issue is now the on-screen command under jellyfin GUI (TV) options to delete content doesn’t work. I think this is because of user permissions caused by Proxmox remapping jellyfin UID from the LXC container to the Proxmox host to my NAS via NFS. I could map the installed jellyfin:jellyfin UID/GID but they are randomly assigned UID/GID numbers on installing jellyfin so this is not a straight forward solution.

Update
My fix was simple. Change default jellyfin UID & GID to match my media:medialab UID & GID in the LXC container.

OLDUID=$(id -u jellyfin) &&
OLDGID=$(id -g jellyfin) &&
usermod -u 1605 jellyfin && 
groupmod -g 65605 jellyfin &&
find / \( -path /mnt \) -prune -o -user "$OLDUID" -exec chown -h 1605 {} \; &&
find / \( -path /mnt \) -prune -o -group "$OLDGID" -exec chgrp -h 65605 {} \;

In Proxmox you also need do some Unprivileged container mapping (LXC is Ubuntu 18.04). To change the Jellyfin container mapping we change the container UID and GID in the file /etc/pve/lxc/<containerid>.conf . Simply use Proxmox CLI your machine ID > >_ Shell or SSH and type the following replacing <containerid> with your container id no.:

# User media | Group medialab
echo -e "lxc.idmap: u 0 100000 1605
lxc.idmap: g 0 100000 100
lxc.idmap: u 1605 1605 1
lxc.idmap: g 100 100 1
lxc.idmap: u 1606 101606 63930
lxc.idmap: g 101 100101 65435
lxc.idmap: u 65604 65604 100
lxc.idmap: g 65604 65604 100" >> /etc/pve/lxc/<containerid>.conf &&
grep -qxF 'root:65604:100' /etc/subuid || echo 'root:65604:100' >> /etc/subuid &&
grep -qxF 'root:65604:100' /etc/subgid || echo 'root:65604:100' >> /etc/subgid &&
grep -qxF 'root:100:1' /etc/subgid || echo 'root:100:1' >> /etc/subgid &&
grep -qxF 'root:1605:1' /etc/subuid || echo 'root:1605:1' >> /etc/subuid

Now all permissions are retained for scraping and writing metadata to my NFS share and now ‘jellyfin option’ to delete content at my TV works.
EDIT
Deletes from the Jellyfin catalogue but NOT the files . Logs show it attempts it seems:

[2020-01-07 10:36:40.208 +00:00] [INF] Deleting item, Type: "Movie", Name: "Pompeii", Path: "/mnt/video/movies/Pompeii (2014)/Pompeii (2014) [Bluray-1080p DTS-5.1 X264 ].mkv", Id: 74adfefe-13d2-bbd6-ad68-bd56f21aa05d
[2020-01-07 10:36:45.298 +00:00] [INF] Starting Library Sync...

And Jellyfin successfully writes to the NFS share all the movie metadata (i.e fanart etc). So permissions are correct and Jellyfin has full RW del access.

I dont know if Jellyfin auto updating will work - wait and see.