pfSense 24.11 is not good

I had purchased the Netgate 3100 from the company because I thought that would get me the best compatibility and support. Well, an update was made available: 24.11-RELEASE (arm) and I made the mistake of applying it six days ago. My whole router/firewall has crashed thrice since then.

I’ve been pretty unhappy with Netgate for a while now, so a couple of days ago I pulled the trigger on purchasing a Protectli Vault V1210 Mini PC. I’ll install OPNsense on it and duplicate what I have in the Netgate. Then the Netgate 3100 will go to the landfill.

When I bought the Netgate appliance, I didn’t know about the shenanigans the Netgate owners were doing with their staff. I wish I had known that; I would have started with something other than Netgate.

In the Make Orwell Fiction Again category, I remember reading several articles about how the Netgate owners screwed a former employee, and it ended up in lawsuits. Those stories have now been memory holed. Sigh.

Later, I found a definite bug in their SMTP over TLS implementation, in the initialization routine. Mind you, I’ve been doing SMTP for more than twenty years. I know how to do SMTP via telnet, and can do really low-level commands with it. Everyone with that particular version of pfSense would be affected by not being able to do SMTP over TLS to an outside mail server because of this initialization bug.

I wrote up the bug with the steps to duplicate it, and I tried to submit it to Netgate technical support.

Their answer was “You don’t have a current support contract. Buy a support contract, and we’ll work on it.”

I am not paying you to fix your shit. You should be paying me for so clearly identifying where your software fell down.1 The pfSense user interface under System > Advanced > Notifications has a checkbox to Enable SMTP over SSL/TLS. This should work, and it did not. I went through the steps at the command line level, and everything was there and workable. The certificates validated, and email flowed like it should – if I did it manually.

That they wanted me to pay them to fix their broken software is galling.

I do miss the days of Novell, where their published policy was “Yes, you need to pay to open a support ticket, but if this turns out to be our bug and not something you could have fixed on your own by RTFM2, then we will refund you your money.” I think in the twenty years I was a GroupWise admin, almost every support ticket I opened with them ended up being zero cost for us. Once, the support technician said that yes, they had already known about the bug, but the Technical Information Document (TID) was only a day away from being published. Heh. If I’d waited a day, I could have RTFM’d the TID and not bothered with opening a ticket. Yes, he refunded us the support ticket cost. Sure enough, the next day the TID was published, with exactly the same steps the support technician walked me through to solve the problem.

  1. I’m pretty sure it was an extra carriage-return character when calling OpenSSL. ↩︎
  2. The Novell folk were always nice and polite, so in this case it is Friendly manual ↩︎

Jay Leno joke, today not funny

One of my favorite Jay Leno jokes revolves around Congress taking its annual recess. After they would do so, Jay would say “Congress has just begun its summer recess; the realm is safe, once again.”

It is quite funny, because it says Congress does more harm by being in session than not.

Today, however, with Speaker Johnson calling for a recess to avoid a vote on H.R. 581, tweaks the joke in a horrific way:

“Congress has just begun its 2025 summer recess; the pedophiles are safe, once again.”

I’ll note that my Congressman Vince Fong did not vote in favor of H.R. 185, nor has his office replied to my email and request for response.

I just sent a letter to my Congressman

Honorable Vince Fong,

I request that you support House Resolution 185 to advance responsible policies. This bill may also be known as the “Epstein Files Transparency Act”.

I am certain that you understand that the damage done to children who are raped is profound and lasts a lifetime. You seem to be someone of good character, so I think that you might agree that no amount of “the ends justify the means” can excuse away the horrific acts by Jeffrey Epstein, his clients, and collaborators. As someone who believes in the rule of law and the fundamental advantage that the USA has because our judicial system is not easily bought off, these perpetrators need to be brought to justice as proof that the system still works. I request that you publicly support this bill, that you vote in favor of this bill, and support your other members of Congress who also support this bill.

Thank you for your time and attention to this.

David Gerisch

That’s the letter I sent, via https://fong.house.gov/contact

One of the interesting things I’ve read was a question put to people who had experience in both the USA and in other countries. The question was “What is the biggest difference between your home country and the USA?” The answer was that the USA follows the rule of law more than other countries do. Here in the USA, we simply assume that the judiciary cannot be bought, and that is mostly true. In many other countries, it is far less true than what we have here in the USA. Someone cannot cheat their neighbor out of property or money and simply expect that a large bribe will make the judicial problem disappear. That doesn’t happen here (mostly), and if someone tried it, the newspapers, radio, and television would have a grand old time running the story. This is the primary reason I never want to see government subsidies for mass media: once the newspapers / radio / television got hooked on that government subsidy money, they’d be thrall.

Quarterly inventory – 2025 Q2

Dear FutureMe,

Today would be a good day to do a quarterly inventory.

How is your personal life going?

How is your work life going?

How is your Volunteer Service life going?

Future Me

Personal Life

I’m in a little bit better mood this quarter, mostly due to taking on another Volunteer Service position, and listening to a book. I did have a lot of fun with MPD (Music Player Demon), although that went pear-shaped more recently.

Home Air Conditioning

When I was in my 20’s, I lived in a place that had only a swamp cooler. Augusts, here in the Central San Joaquin Valley desert, will often get to 110 °F (43 °C). With only a swamp cooler, that was not fun. Now that I’m in my 60’s, I want refrigeration. Seriously.

Although I have the pieces for a sun shade for my western facing glass door, I haven’t made any progress on building it. My air conditioning unit is doing poorly, too, so that is a bummer. Back in December, Grant’s Air Conditioning replaced the control board (computer). This new one appears to have a setting where if the desired temperature cannot be met after some period of time, it goes into failure mode. It will kick the refrigeration compressor on for ten seconds, and then stop. It tries that every five minutes. Meanwhile, inside the home, the internal temperature keeps rising. Eventually, the outside cools off enough to where the differential is back within range, and full cooling begins again.

Okay: a backstory. Back in February, Grant’s Air Conditioning replaced a huge capacitor. I think its job is to jump-start the blower. The thing is almost the size of my fist. Also, a while ago before, I started having weird electrical problems in the house. My UPS (uninterruptible power supply / battery backup) in my master bedroom started kicking on, and reporting out-of-bounds power levels from street power.

My theory is that something in the blower has changed, and this jump-start capacitor is draining to zero as it jump-starts the blower. It uses so much power in this process that my UPS detects the out-of-bound condition, and kicks in to protect my gear. Or in the other direction, it pulls so much power to recharge, that there’s a spike when it finally fills up. Either power overload or underload happens, and the UPS kicks in. I hear it clicking and the front-panel displays an error condition.

The first time I started seeing this UPS behavior was during the winter. Then in February, the air conditioning / heating unit failed, and Grant’s came out and fixed the capacitor.

About two months ago, the UPS started acting funny again. The air conditioning also started the failure mode where it only runs the refrigeration for ten seconds and quits. I had to run off to a meeting, so in desperation I forced the blower into always on mode, and left. By the time I got back, the refrigeration was back on. I left the blower in always on mode.

Days later, I notice that the UPS events have stopped. The blower has been running for a couple of months now. If the blower doesn’t need to be jump-started, the capacitor doesn’t get energized (it seems to me).

That was a long story about my fear that my air conditioning unit is going to need major service to repair / replace the blower. If not that, another $240 for another capacitor that won’t last very long.

Food and food costs

Inflation is always bad, and this time is no different. I very much need to avoid eating out at fast-food or restaurants; my financial advisor would like me to have $25,000 in the bank when I retire. I’m at around half that, and I hope to retire in twelve and a half months. There for a while, I was cooking / heating frozen pizzas, but I was clearly gaining weight. So then I switched to breaded chicken fillets from the delicatessen portion of Winco (the best grocery store we have). But the price of those has been going up too, and, they seem to make me really drowsy on my lunch break. I suspect there is too much deep-fat fried breading on them. I wasn’t gaining weight with them, but I wasn’t losing any either.

Now I’m trying frozen burritos, although they don’t digest as well as the breaded chicken fillets. My preference would be to buy steak. But I remember when New York Strips were $6 per pound, and at $15 per pound now, I’m out.

I’ve had to add more fast-food stores to my boycott list due to inflation. There is no way I can justify going to them anymore. I was bummed that the one place (which has high-quality tacos) has been losing customers, and last night when I drove by to check on their Sunday Taco Special, they’d raised the price a dollar. Long term, I expect they will go out of business.

Other personal life items

I still need to redo my personal mail server. This is yet-another task that would be fun if I had a week to do it. For the Juneteenth holiday and the use-it-or-lose-it-Personal-Holiday-Allowance Friday, I did have four days in a row available. However, I was working on my MPD project, and it didn’t go well.

MPD project (Music Player Demon)

One thing that was super fun was buying a Raspberry Pi Zero and adding a HiFi Berry DAC Zero, and configuring it. It went about as beautiful as it could. Now, in my Work-From-Home office, I don’t need a laptop running Snapcast client; I’ve got this hooked into my receiver instead:

Pictured here is a disassembled Raspberry Pi Zero and a HiFi Berry DAC Zero, in addition to the powered on unit in production. The Raspberry Pi Zero is about two keys wide and four keys long if laid on the numeric keypad of your full-size keyboard. I was happy enough with the streaming audio sink that I bought two more kits; the unassembled pieces shown are from those kits.

I tried writing Perl code to manage MPD using AI. On the one hand, it didn’t take very long at all to crank out 7,000 lines of Perl, which mostly did do what I wanted. But it wasn’t fully what I wanted. Looking at the code, I got the idea that it was putting too much into one branch of one loop, and that trying to break it into more logical pieces was the right thing to do. I went back to manual mode, and have made a mess of it. Sure, my various functions are in more logical places, but the differences between what I think I want versus what I write make it slow-going. I also managed to clobber previously set alarms, so I’m actually worse off now than before. Oof.

Listening to a book: Catch-22

I subscribe to a couple of journalists who do a weekly show with an hour and a half of current events and half an hour on a book they are reading. They’ll propose a book to each other, and if the other hasn’t read it, that will become the book. A couple of weeks ago, one of them said that Catch-22 by Joseph Heller was the funniest book written in the last 80 years. Maybe he said “one of the …” but either way it was high praise.

I went ahead and paid Audible.com for a copy. Yes, this book is terribly funny.

I remembered a moment from 45 years ago, when my best friend Craig had told me he’d just read the funniest book ever, Catch-22, and that I should read it. I wasn’t fond of the idea because what I knew about the term Catch-22 was that it is always a “lose-lose” situation. Looking back, I suppose my thinking was that was the book would inure me, and that I’d become more accepting of Catch-22 situations. For whatever reason, I took a pass, and didn’t read the book. Here, 45 years later, this book does make me smirk a lot. I don’t regret not reading it 45 years ago, but I think I would have enjoyed it back then too. I don’t know, though: back then I was in high-school, and hadn’t experienced a lot of bureaucracy. Today I have 35 years of that in my history, so maybe I can laugh easier about it now.

Work Life

If $18,000 fell out of the sky and into my lap, I would retire tomorrow.

I’m counting down: twelve months (plus a few weeks) to go.

One of my co-workers died. I’d been working with him for more than twenty years. I had tried to let him know that my life got vastly better when I stopped drinking alcohol; but, he didn’t want to hear it. I know that if someone doesn’t want to stop, there is no way to convince him or her otherwise – and attempting to do so anyway causes the alcoholic to dig their heels in deeper. Rest in peace, Joe.

Volunteer Service Life

I did add one more service commitment this quarter: two times a month, I’m with other members in a meeting in our newest homeless shelter. It’s an interesting place: they have a dog kennel. Many people who have been long-term homeless have only one companion: their dog. So if they have to choose between a shelter that doesn’t allow pets, versus remaining homeless, they’ll stay homeless. This newest homeless shelter solves that problem by building in a dog kennel and a bicycle lockup, so that people who do get a bicycle don’t get it stolen.

Streaming audio server with a Raspberry Pi 5 and Mopidy – Never Mind

Well, this is a bummer. The Iris interface on Mopidy is nice, and when I’m doing everything manually, it works fine. BUT, I wanted to do things with scripting. I can somewhat get things to work, but not reliably. So I’m going to give up on Mopidy and go back to MPD (Music Player Demon).

I’d managed to build a little routine that, once an hour, generates a sound file with the current time in it. I copied it to the right place, updated the file cache so that the new file is the current one, and then threw (using CURL) the command to add the file to the Mopidy queue. For testing, I had cron run it every two minutes.

# Add the current_time.mp3 file to the queue

/usr/bin/curl -s -X POST "$MOPIDY_URL" \
  -H "Content-Type: application/json" \
  -d '{
    "method": "core.tracklist.add",
    "params": {
      "uris": ["'"$FILE_URI"'"],
      "at_position": 1
    },
    "id": 1,
    "jsonrpc": "2.0"
  }'

But, if the queue is empty, Mopidy isn’t going to play anything. So then I had to add:

# Start playback

/usr/bin/curl -s -X POST "$MOPIDY_URL" \
  -H "Content-Type: application/json" \
  -d '{
    "method": "core.playback.play",
    "id": 2,
    "jsonrpc": "2.0"
  }'

And now I’ve three problems.

The first is that there is a weird loop problem where once: the file plays correctly. I’ll hear “The current time is 16:40.” The next time the cron job runs the bash script, I’ll hear “The current time is 16:42. The current time is 16:42.” The third time it runs, I’ll hear “The current time is 16:44. The current time is 16:44. The curren” and the playback is interrupted.

It is always in triples; 16:46 would play fine, 16:48 would play twice, and 16:50 would attempt to play three times but get cut off.

So that is one problem. The next is that I prefer to do my scripting in Perl, and I know that Perl has been doing JSON-RPC for a really long time now. But the Perl script I wrote doesn’t seem to be connecting to the Mopidy server. It tells me that it connected, and shows me a result (instead of a refusal to connect), but the Mopidy debug log does not acknowledge that a connection was made.

The third is that even when I add a song manually using the Iris interface, that “core.playback.play” method would break the playback of the currently playing song. The idea was that if I only create a current_time.mp3 file at the top of the hour, and add it to the queue, then within a few minutes, I’ll hear was hour it is. But now I’ve got the worst of both worlds: if the queue was empty, no playback of the current_time.mp3, but if I trigger the playback, the current song gets clobbered. Sigh.

I really liked that Mopidy has the nice Iris web client; but, if the only way to interact with the server is via mouse and keyboard, well then I’m out.

Streaming audio server with a Raspberry Pi 5 and Mopidy

My first attempt at an MPD streaming box was a tough config, because I was learning along the way, hitting every stumbling block there is. Getting the Music Player Demon running wasn’t terrible, but getting my various client machines to listen to the streaming server was tough. Okay, I am going to try again, and hopefully, it actually works with Mopidy this time.

The Iris plugin to Mopidy is nice. Previously I used Cantata, which was fine, but it was a local install on each machine. Iris is good because it runs on the server, and I don’t need to do a local install on each machine just to control the music stream.

On to the build!

I used the Raspberry Pi Imager program to put the Raspberry Pi OS Lite (64-bit) on the SD card. Then I booted the device, ssh’d in and ran

sudo apt update

followed by

sudo apt upgrade -y

followed by a sudo reboot now

sudo raspi-config

I’m changing the hostname. Also, because I prefer vim to nano:

sudo apt install vim -y
sudo update-alternatives --config editor

And of course, now I get to install my favorite aliases and history search keystrokes. These are detailed here.

Next, I’m going to follow the instructions at Mopidy Installation

I am following the section Install from apt.mopidy.com:

sudo mkdir -p /etc/apt/keyrings
sudo wget -q -O /etc/apt/keyrings/mopidy-archive-keyring.gpg https://apt.mopidy.com/mopidy.gpg
sudo wget -q -O /etc/apt/sources.list.d/mopidy.list https://apt.mopidy.com/bookworm.list

So one difference is that the instructions say to wget from https://apt.mopidy.com/bullseye.list but this version of Debian on the Raspberry Pi is bookworm (Debian 12 instead of 11). We’ll find out if I just shot myself in the foot. 😉

sudo apt update
sudo apt install mopidy -y
sudo apt install mopidy-mpd -y
sudo apt install mopidy-local -y
sudo apt install snapserver snapclient -y
sudo apt install python3-pip -y
sudo python3 -m pip install Mopidy-Iris --break-system-packages

The instructions I found say to simply do sudo python3 -m pip install Mopidy-Iris but Debian (or perhaps it is Python) barks at me with “error: externally-managed-environment – This environment is externally managed” and some potential way around the problem. That’s a nope: I want to run as a systemd service, and isolating stuff into unreachable environments is not the battle I wish to fight today.

And another thing: the Snapcast instructions assume that Snapweb is installed, but it never is. First, I downloaded it from https://github.com/badaix/snapweb/releases and picked the file snapweb.zip

As of 2025-07-19 one could use this curl command:

wget https://github.com/badaix/snapweb/releases/download/v0.9.0/snapweb.zip

Then I copied it to the Mopidy server, and did this:

sudo mkdir -p /usr/share/snapweb
sudo unzip snapweb.zip -d /usr/share/snapweb

Okay, I’m almost ready to start configuring things.

Later on down the line, the mopidy.conf file will consider that the files to serve up are at a certain location. What location? Here’s how to find out:

sudo mopidyctl config

and look in the [local] section for media_dir = /var/lib/mopidy/media

Now would be a great time to mount my music files via a CIFS / SMB share:

sudo apt install cifs-utils -y
touch /root/credentials.smb
vim /root/credentials.smb
username=epstein_did_not_kill_himself
password=Apparently-Child-Rape-Is-Okay-If-The-Deep-State-Does-It,-Because-With-The-Deep-State,-The-Ends-(Blackmail)-Justify-The-Means-(Child-Rape).--Everyone-Who-Is-Human-Recognizes-The-Evil,-But-The-People-Who-Make-Up-The-Deep-State-Are-Sociopaths.--Unfortunately,-The-People-In-The-Current-Administration-Who-Promised-To-Drain-The-Swamp-Have-Been-Broken,-Most-Likely-With-Threats-To-Their-Family.--What-A-World,-Amirite?
sudo chmod 600 /root/credentials.smb

Then we can edit /etc/fstab

//hostname/smbsharename/data /var/lib/mopidy/media cifs vers=3.0,credentials=/root/credentials.smb,_netdev,iocharset=utf8 0 0

I’m also going to try to keep from wearing out the SD card so quickly, so I’ll try this:

tmpfs   /var/cache/mopidy   tmpfs   size=1G,mode=1777   0 0

I rebooted, because I wanted the fstab to be read and /var/lib/mopidy/media to be mounted.

Okay, things I’ve added in /etc/mopidy/mopidy.conf :

[http]
hostname = ::

[mpd]
hostname = ::

This was previously hostname = 127.0.0.1

I changed to listen on all interfaces (that’s what :: does) because I do want any of my machines on my local network to be able to interact with the Mopidy server. Note that I am planning on never putting this box on the public Internet.

There is another change I made in /etc/mopidy/mopidy.conf :


output = audioresample ! audioconvert ! audio/x-raw,rate=48000,channels=2,format=S16LE ! wavenc ! filesink location=/tmp/snapfifo

Then I get to edit /etc/snapserver.conf:

sudo vim /etc/snapserver.conf
source = pipe:///tmp/snapfifo?name=Mopidy

I’m going to try to make sure Snapcast loads first, before Mopidy, because Snapcast needs to be writing into /tmp/snapfifo before Mopidy starts reading it.

sudo systemctl edit mopidy.service
[Unit]
After=snapserver.service
Requires=snapserver.service

To configure the Snapweb server:

sudo vim /etc/snapserver.conf

Find the line #doc_root = /usr/share/snapserver/snapweb and change it to:

doc_root = /usr/share/snapweb

And I think I am at the moment of truth:

sudo systemctl enable snapserver.service
sudo systemctl enable mopidy.service

sudo systemctl restart snapserver.service
sudo systemctl restart mopidy.service

If things are looking correctly, my next step is….

sudo mopidyctl local scan

Well, it almost worked right on the first try. I also needed to do this:

echo "fs.protected_fifos = 0" | sudo tee /etc/sysctl.d/snapcast-unprotect-fifo.conf
sudo sysctl --system

Hooray! My streaming music server is up and running within my local network. This was fun. 🙂

Home alarm clock update – now with streaming audio

As mentioned in Home alarm clock update, I’d like to work with Snapcast.

Well, right off the bat, all the instructions for getting the Snapcast client to work automatically, did not. When I say “automatically” I mean that after I reboot the machine, I simply want the Snapcast client running without me having to do anything else. There were suggestions about making it a system service, and a user service, and none of those worked. I’m pretty sure it has something to do with my logged-in user having an environment which is different from what systemd or cron sees.

KAlarm to the rescue!

It has an option to launch stuff after reboot. That’s what I needed.

snapclient --host <IP address of MPD server goes here>

It does take a few seconds after reboot for KAlarm to figure out to run this command. But as soon as it does, my machine (whichever machine) taps into the stream, and music starts playing out. But because KAlarm doesn’t launch until after everything in KDE is up and running, I’m not having these weird errors where the Snapcast client cannot see the stream or the audio devices to play it out.

This is great.

However, what about my alarms? Those are music files too (well, sometimes a TTS wave file). The multiplexing nature of computer audio would have the two playing simultaneously. That is less than ideal.

Turns out that VLC has an option for exiting nicely after playing a file. Add a couple of MPC commands, and we’re golden. The magic command for VLC is rc --play-and-exit

I did have to install the MPC client (for controlling MPD servers) on my machines.

But now my KAlarm commands look like this:

mpc --host <IP address> pause
vlc --intf rc --play-and-exit /path/to/friday_morning.pls
mpc --host <IP address> play

I can queue up a whole stream of music files as background music, using Cantata, and when it comes time for my alarm to fire, to let me know it is time for the next event, the background music pauses through the whole house, the alarm does its thing, and then the background music resumes.

This is so neat. I am having fun with my computers again. 🙂

And I enjoy hearing the London Philharmonic Orchestra playing Sonic the Hedgehog: a Symphonic Suite and Elder Scrolls – Skyrim: Far Horizons. The Elder Scrolls V: Skyrim: Original Game Soundtrack has some great orchestral music. And now my whole house is filled with it.

A Future Me email from six months ago, and the situation has not gotten any better (Linode is in decline)

Dear FutureMe,

I am sad that Linode appears to be going to hell. It got acquired by Akamai, and now my personal email server is getting blocked by Microsoft and Comcast for being in a datacenter which is blasting out spam. I haven’t been able to reply to Carol Ann’s emails for five days. My support ticket with Linode has been open and sitting there with no action. I checked my outbound mail log, and it isn’t me who is blasting out spam. I presume that Akamai has opened their doors to be spammer-friendly because spammers have $$$ to spend with them.

I think that I need to ditch Linode and move to some VPS which hasn’t gone through enshitification.

I’m bummed because for the 501(c)(3) I’m a member of, I was the one who made the pitch to move off our previous VPS and to Linode (for a slight increase in cost).

Last time I moved mail servers, it was a chore.

Raspberry Pi MPD server

Notes about starting fresh on a Raspberry Pi and making a Music Player Daemon (MPD) server out of it.

New image preparation

I did use the Raspberry Pi Imager program and put the base Debian with no desktop environment on the SD card. I did use the customizer to put a user and password on it.

I also have put the MAC in my DHCP server so that the Pi gets a static IP address, and I put an entry in DNS so that IP address maps to the host name I want.

First, an update:

sudo apt-get update

Then I install vim. The default is to use nano, but I like vim.

sudo apt-get install vim -y

Followed by

sudo update-alternatives --config editor

Choice 3 picks vim as my editor.

Followed by turning off Wi-Fi. For music streaming, I only want the Raspberry Pi to be hard-wired into the network.

sudo vim /boot/firmware/config.txt

At the very bottom, I added this to the config.txt file:

dtoverlay=disable-wifi

It goes underneath the [all] section. Then I reboot and log in, and perform

sudo apt update
sudo apt upgrade -y

Now I get to install my favorite aliases and history search keystrokes. These are detailed here.

The next steps are so that I can do ssh from my main machine. I followed this, although I wanted to set a root user password first:

sudo passwd root

Then I mostly followed these steps: New Debian install; ssh and sudo changes

Then I did the ssh-copy-id thing and changed Password Authentication back to no in /etc/ssh/sshd_config

Start with the MPD install

The documentation says that the version of MPD that one can install from the Debian repositories is out of date. I can confirm that.

However, going through those motions sets things up well for later.

apt install mpd -y

Followed by

apt install snapserver -y

The Snapcast server needs to be configured to look to MPD for the sound source.

vim /etc/snapserver.conf

to say:

[stream]  
source = pipe:///tmp/snapfifo?name=MPD

That line was already there, except the name= was default instead of MPD

So later I get to download the latest .tar.xy file, and copy it to the Raspberry Pi. Then:

tar xf mpd-version.tar.xz
cd mpd-version

At this point, I should simply point you at https://mpd.readthedocs.io/en/stable/user.html

There’s a whole bit about apt install meson g++ pkgconf \ and some whole bunches of packages. Then there’s the compile after that. 696 things it compiles.

After all that is done, it is time to update the /etc/mpd.conf file.

This is what mine looks like with the comments stripped out:

music_directory       "/var/lib/mpd/music"
playlist_directory    "/var/lib/mpd/playlists"
db_file               "/var/lib/mpd/tag_cache"

state_file            "/var/lib/mpd/state"
sticker_file          "/var/lib/mpd/sticker.sql"

user                  "mpd"
bind_to_address       "0.0.0.0"
port                  "6600"

auto_update           "yes"
auto_update_depth     "0"

zeroconf_enabled      "yes"
zeroconf_name         "Music Player @ %h"

input {
        plugin        "curl"
}

decoder {
        plugin        "hybrid_dsd"
        enabled       "no"
}

decoder {
        plugin        "wildmidi"
        enabled       "no"
        #config_file  "/etc/timidity/timidity.cfg"
}

audio_output {
    type              "fifo"
    encoder           "flac"
    name              "snapserver"
    format            "48000:16:2"
    path              "/tmp/snapfifo"
    compression       "8"
    mixer_type        "software"
}

filesystem_charset    "UTF-8"

Eventually, we get it installed, which includes creating the /var/lib/mpd/music directory. We need that for the next step.

Access to the sound files

This took an edit of /etc/fstab although this is always more difficult than I think it should be.

I did it for Nextcloud, so it is the same thing, kind of. Nextcloud gets read/write access, where this MPD server doesn’t need to be able to write to the sound files or directory.

First, set up a credentials file, with the login name and password:

touch /root/credentials.smb
vim /root/credentials.smb
username=epstein_did_not_kill_himself
password=Apparently-Child-Rape-Is-Okay-If-0.1%-Richest-People-Opt-In-To-Doing-It,Obviously,Because-Otherwise-The-Rapists-Would-Have-Gone-To-Jail

Then we can edit /etc/fstab

//hostname/smbsharename/data /var/lib/mpd/music cifs vers=3.0,credentials=/root/credentials.smb,_netdev,iocharset=utf8 0 0

One thing that kicked my ass for a couple of hours:

vim /usr/local/lib/systemd/system/mpd.service

And on the ExecStart line, I had to explicitly add the configuration file path and file name.

So before, it looked like this:

ExecStart=/usr/local/bin/mpd --systemd

But that would err out with “could not find config file”. I changed it to this:

ExecStart=/usr/local/bin/mpd --systemd /etc/mpd.conf

And now it magically works. Of course, yesterday the first time I set it up, I had no such problems. Sigh.

I still have one more thing to add: Snapweb, where Snapcast server will show you what is currently running. I had that running yesterday, and liked it.