First impressions and experiences running Roon

First of all I want to say hello to everyone here in the community. I’m running roon for round about 1.5 month now and I couldn’t be happier. It’s such an intuitiv piece of software and helps me to find new tracks and musicians while forget to go to sleep :wink:

This Post is more of an overview of my past thougths and tests on how to implement Roon to my existing IT and audio environment.

What I want to achiev with Roon:

  • Manage all my Qobuz music in roon to find similar and new tracks. → thumbs up for Roon Radio!

  • rip my round about 250 CD Collection and add it to the local library.

  • have a system that simply could play on all my devices. (WiiM, Denon Receiver, Chromecasts, Android Phones, Android Auto)

  • fire and forget solution with low maintenance

All of my requirements are fulfilled by roon. So let’s go ahead to the technical part.

1st Core/Server installation:

I simply have run and test all of my requirements while running the core/server on my local PC.

The core/server was able to find all my streaming and remote devices in all network segments (IoT, Wireless, DMZ, LAN). But I had already preconfigured Avahi, mDNS and all other necessary prerequisites.

So let’s find a solution for a 24/7 installation.

2nd installation (Core/Server on Synology NAS):

I’ve installed a VM on my Synology DS1621xs+ with a striped down debian 12 and roon installation. This installation had some troubles with hanging (process running until man. restart) .net streaming processes from Roon ARC forwarded from my reverse proxy.

As much as I prefer a self build Core/Server (possibility to monitor the Server, running open source, …), I also appreciate an easy to handle solution. Maybe I could have debug every problem, with my background (I’m a IT Systemengineer for Datacenter and Cloud solutions…). But why to tinker, when there is an “appliance” version of the core?

3rd installation (ROCK on Synology NAS):

I’ve installed ROCK inside a VM on my NAS. This works perfect until today. The performance is great, everything works as intended and it’s supported if I run it on an Intel NUC.

Running ARC with ROCK:

I’ve never forwarded a port to my Core/Server as I have the knowledge to do it “the right way” with a reverse-proxy or client to site VPN (openvpn, wireguard or what ever)

ARC itself works at the moment without a problem connecting to the core with wireguard managing the client to site connection only for the ARC App on my Google Pixel 7 Pro.

Final solution (ROCK on NUC12):

Let’s face it, lots of us end up with a NUC running ROCK on it. It looks like me too :wink:

I’ve ordered yesterday a NUC12i5 (latest officaly supported ROCK Hardware) to install Rock baremetal on it. Why? No tinker and direct support from Roon if I face any problem in the future. I just want to enjoy my music.

I’ll be happy to report the performance differences to the solution on the NAS as soon as I migrated the core. So stay tuned :wink:

Oh and please don’t ask me if solution A has better SQ than solution B. I can’t hear any difference. But I also do not care about snake oil cables or such things :wink:

Security concerns (ROCK):

  1. having a non ssl enabled web management GUI without any kind of authentication is by far not state of the art.

  2. port forwarding to a closed source appliance is not optimal for systems like this not being isolated. Not everyone has an IoT network segment or the knowledge to build client to site vpn or reverse proxy solutions. I don’t have a global answer for this “problem” for the normal customer/user. All I want is to share my opinion.

  3. smb (smb1?) server without authentication. really? I’ve had to spin up my WSL on my Win11 Desktop to copy the codecs do the ROCK. Please do not activate SMB1 or enable unauthenticated SMB connections on your PCs. Or if you need so, roll back everything after copying the files to the ROCK! It makes your PC vulnerable if you do such changes without reverting them.

Sorry for the wall of text and for any kind of gramar or misspellings. English is not my native language :wink:

2 Likes

Welcome to the Roon forum @Obi
I moved your thread to the Roon Software category as in uncategorized it might not gain much attention.

2 Likes

Glad you are having fun. Just one comment: It’s SMB2. No auth is true and while it does not bother me (just like the web interface) because nobody in my household is going to attack my server, I guess there are other scenarios, if just to prevent mishaps.

On the other hand, though, spend time on the forum and see people mess up their networks, fail to access the ROCK share even with open access, etc., and you may appreciate that it’s not more complicated. Not easy to cover all scenarios :slight_smile:

It’s true. I’ve read about a lot of troubles connecting to the ROCK share. But for all Windows user this is a direct result of missing authentication. And if a normal Enduser faces such a problem, they tend to be creative and mess up their systems :wink:
I think a simple Username/Password setting could solve Point 1 and 3.

On the other hand it will possibly complicate the api handling on Point 1 and maybe generate some other problems I’m not aware with point 3. I mean, they really know what they are doing developing their software.

Not all. Only for those who use Win Pro etc., which started to have guest login off by default. This is an additional hurdle, but not the only one.

Maybe, maybe not, I am not sure :slight_smile: