I would have liked an easy install of tvheadend.
Too late for me, but not for you to experience a smoother installation (hopefully)
with the following (not so) short list of explanations, commands and tips.
First of all, I used a 32-bit version of Raspberry Pi OS Lite (no desktop), connected
it with an OTG Ethernet and Power cable to my network, and used SSH to install tvheadend.
I relied on default debian repository for a version of tvheadend, aware of the fact this
may be lagging a bit to the latest, but expecting debian to provide a stable and trusted version.
My environment:
uname -a
Linux RPITV 6.6.31+rpt-rpi-v6 #1 Raspbian 1:6.6.31-1+rpt1 (2024-05-29) armv6l GNU/Linux
tvheadend -v
tvheadend: version 4.3-2155~gfe4df311d
The command-line installation of tvheadend will only ask for an administrator/password account.
Obviously a lot more configuration is necessary but that has to be done with a setup wizard
within a website that can only be contacted after the install.
Start proceedings as with any install:
sudo apt update
sudo apt upgrade
Now install tvheadend from debian repository.
Confirm with “Y”(Yes) the question if you really want to install.
Use TAB key to activate the <OK> buttons after providing admin username/password and press Enter.
*The administrator you are providing now is called the superuser or backdoor user, and
*you will need this user for first login into the website. Oh, and make sure you recall
*the password correctly, the install will not ask you to confirm your entry!
sudo apt install tvheadend
After installation check if tvheadend is running:
ps -ef | grep tv
You should see a tvheadend process running like this:
/usr/bin/tvheadend -f -p /run/tvheadend.pid -u hts -g video
It means this:
user/group hts/video
is running
/usr/bin/tvheadend
as a daemon
with
/run/tvheadend.pid
as alternate PID path.
This as as expected.
Also check if tvheadend process is using ports 9981/tcp en 9982/tcp.
sudo netstat -lpnt |grep '9981\|9982'
Check if 9981/tcp en 9982/tcp ports are open to others.
(use nmap, if not installed do so with: sudo apt install nmap nmap-common).
nmap -Pn rpitv -p 9981-9982
Don't worry about pumpkindb on port 9981/tcp. This is what nmap expects this port to be used by
according to its own database, and yes this is the official port for it. As long as no pumpkindb
is using it tvheadend can.
The next section can only be of interest to Dutch readers, but feel free to read this part
anyway. You may find it useful if your frequency file isn't quite up to date.
Before trying to login to the website adjust the default file tvheadend uses for Dutch DVBT2.
This file is not up to date and still contains the DVBT header for all entries. This causes
later on in the configuration proces a service scanning failure. By altering all DVBT headers
into DVBT2 you avoid this failure.
So open the nl-ALL file and change headers:
sudo vi /usr/share/tvheadend/data/dvb-scan/dvb-t/nl-All
Type the following:
:%s/DVBT/DVBT2/g
Confirm the write and quit:
:wq
If you are not interested in the extensive list of encrypted Digitenne channels just
add an extra file containing only the frequencies for free open air tv used
in your area, and select this file later on in the setup wizard. Mine
is just the one 578 MHz frequency for Amsterdam and NH, so I added this file:
sudo vi /usr/share/tvheadend/data/dvb-scan/dvb-t/nl-Amsterdam
Type:
i
Type (or copy/paste and make sure of Unix EOL!):
# The Netherlands, Amsterdam
# TVHeadend: /usr/share/tvheadend/data/dvb-scan/dvb-t/nl-Amsterdam
[CHANNEL]
DELIVERY_SYSTEM = DVBT2
FREQUENCY = 578000000
BANDWIDTH_HZ = 8000000
CODE_RATE_HP = 1/2
CODE_RATE_LP = NONE
MODULATION = QAM/64
TRANSMISSION_MODE = 8K
GUARD_INTERVAL = 1/4
HIERARCHY = NONE
INVERSION = AUTO
[CHANNEL]
DELIVERY_SYSTEM = DVBT2
FREQUENCY = 578000000
BANDWIDTH_HZ = 8000000
CODE_RATE_HP = 2/3
CODE_RATE_LP = NONE
MODULATION = QAM/64
TRANSMISSION_MODE = 8K
GUARD_INTERVAL = 1/4
HIERARCHY = NONE
INVERSION = AUTO
Confirm the write and quit:
:wq
It's time to check into the website, assuming the hostname is RPITV.
If not, change for your hostname.
Use the ip-address if resolving is not working, check with: ip a
I have 2 connections, wlan0 and eth0, both ip-addresses are usable.
But first of all, do not remove or purge your tvheadend installation.
This may be the very cause of hitting the "403 Forbidden" or "401 Unauthorized"
when you try to open the web gui. If purged already, do it again but now
also remove user hts and group video before reinstall.
User and group hts is not removed by the purge but should be.
Removing the group video is debatable and probably not a good idea, but for
now -the 24th of June 2024- removal seems to be mandatory for a web gui login
without 403's or 404's. You find extra info on here
Purge, delete and reinstall with:
sudo apt purge tvheadend
sudo deluser -r hts
sudo groupdel hts
sudo groupdel video
sudo apt install tvheadend
Try http://rpitv:9981 and login with your administrator account.
If you don't encounter a "403 Forbidden" or "401 Unauthorized" we are done.
There are comprehensive tvheadend config howto's on the web to help you
proceed with the setup wizard. But if your login is refused, we're not done yet.
Get back to the command-line interface and do this:
sudo systemctl stop tvheadend
sudo /usr/bin/tvheadend -f -C --noacl -p /run/tvheadend.pid -u hts -g video
Wait till there's only one tvheadend proces running, just to quiet it down so
all the attention will go to what follows... 30 seconds will do.
Now, again try http://rpitv:9981, and yes you're in without having to
provide a login. It's because of 2 extra options when starting tvheadend, check
tvheadend --help
-C, --firstrun If no user account exists then create one with
no username and no password. Use with care as
it will allow world-wide administrative access
to your Tvheadend installation until you create or edit
the access control from within the Tvheadend web interface.
--noacl Disable all access control checks
The --noacl allowes an entry to the website without login, and the -C lets the website
assume this is the firstrun after install, and will therefore auto start the setup wizard.
There, you must provide an admin user not identical to the one you had to
setup before. If you do so anyway you will surely be getting a buggy website login.
And if you don't provide an admin user at all the "403 Forbidden" will also return.
At least, this was the case in my environment and in my version of tvheadend.
The setup wizard will allow you to not provide an admin, but you really better do so.
In the same form, you can leave the network entry blank if all networks are
allowed and type a * in the user field if all users are allowed.
When you are done with the configuration close your browser, and with it the cache.
Get back to the command-line and do this:
sudo systemctl restart tvheadend
It restarts tvheadend with default options.
Wait a bit, try http://rpitv:9981, and login with your new admin (not the superuser!) if asked.
In my environment it took 2 login trials to actually be shown a login form. But that
may be due to the fact that I didn't reboot after installation or configuration.
From then on no problem with login anymore.
If you like some more "403 forbidden". follow this thread.
A last remark... tvheadend is an awesome piece of software, and I love the fact that it enables
TV watching on all screens in a network, simultaneously as well and even record whatever I want.
And hardware like my tiny RPI Zero with its 512 MB RAM and 1-core processor is sufficient for it to run.
What's not to like... well, not so much, that's why I was surprised to find the super-user password file in
plain text and the "403 Forbidden" issue already mentioned way back in 2011, checkout this thread.
The first is careless and the second really surprising, this must be a a very hard nut to crack.
Now that's it, I hope all of this helps.
Addendum-VLC:
VLC pulls all "enabled" channels from tvheadend server with: http://tvh-ip:9981/playlist/channels
With setup of a non-admin user and using: http://user:pass@tvh-ip:9981/playlist/channels
you will be forced to login not only at startup but also at every change of channels.
Avoid the latter by:
-Giving the user "persistent authentication" in Configuration>Users>Passwords
-And then using a slightly different url: http://user:pass@tvh-ip:9981/playlist/auth/channels
