diff --git a/ansible/mediaserver.yml b/ansible/_deploy_highsea.yml similarity index 53% rename from ansible/mediaserver.yml rename to ansible/_deploy_highsea.yml index c4cfc79..3eae317 100644 --- a/ansible/mediaserver.yml +++ b/ansible/_deploy_highsea.yml @@ -1,7 +1,8 @@ -- name: deploy mediaserver - hosts: mediaserver +- name: deploy highsea stack + hosts: highsea remote_user: "{{ remote_user }}" tasks: - debug: msg="Deploying mediaserver stack to local server" roles: - - { name: mediaserver, tags: ['mediaserver'] } +# - { name: debian_base } + - { name: highsea } diff --git a/ansible/inventory/hosts.yml b/ansible/inventory/hosts.yml index 2cb3f09..d8ed977 100644 --- a/ansible/inventory/hosts.yml +++ b/ansible/inventory/hosts.yml @@ -18,10 +18,11 @@ all: hosts: localhost: ansible_connection: local - # mediaserver: - # hosts: - # hatchery: - # ansible_python_interpreter: /usr/bin/python3 + highsea: + hosts: + highsea.home.jowj.net: + ansible_python_interpreter: /usr/bin/python3 + ansible_user: alice services: hosts: lair: diff --git a/ansible/roles/abjure/tasks/main.yml b/ansible/roles/abjure/tasks/main.yml index ab288b0..b95492e 100644 --- a/ansible/roles/abjure/tasks/main.yml +++ b/ansible/roles/abjure/tasks/main.yml @@ -20,9 +20,9 @@ - name: ensure traefik.log exists file: state=file path=/home/josiah/apps/traefik/traefik.log owner=josiah group=josiah mode=0700 -- name: Create deploy configs dir if it does not exist +- name: Create calibre config dir file: - path: /home/josiah/deploys/abjure + path: /home/josiah/apps/calibre state: directory mode: '0755' diff --git a/ansible/roles/abjure/templates/abjure-compose.yml b/ansible/roles/abjure/templates/abjure-compose.yml index 4e16b75..632e97f 100644 --- a/ansible/roles/abjure/templates/abjure-compose.yml +++ b/ansible/roles/abjure/templates/abjure-compose.yml @@ -10,7 +10,7 @@ services: ports: - 80:80/tcp - 443:443/tcp - - 8080:8080/tcp + - 8088:8088/tcp volumes: - /home/josiah/apps/traefik/acme.json:/acme.json - traefik_logs:/var/log/access.log @@ -31,7 +31,7 @@ services: - "traefik.http.routers.mediaserver-traefik-api.tls.certResolver=mediaserver-resolver" - "traefik.http.routers.mediaserver-traefik-api.rule=Host(`lair.home.jowj.net`)&&(PathPrefix(`/api`)||PathPrefix(`/dashboard`)||PathPrefix(`/debug`))" - "traefik.http.routers.mediaserver-traefik-api.service=api@internal" - - "traefik.http.services.mediaserver-traefik-api.loadbalancer.server.port=8080" + - "traefik.http.services.mediaserver-traefik-api.loadbalancer.server.port=8088" # - "traefik.http.routers.mediaserver-traefik-api.entrypoints=http" - "traefik.http.routers.mediaserver-traefik-api.entrypoints=https" # middleware redirect @@ -88,6 +88,30 @@ services: networks: - pubnet + calibre: + image: lscr.io/linuxserver/calibre:latest + environment: + - PUID=1000 + - PGID=1000 + - TZ=Etc/UTC + volumes: + - /home/josiah/apps/calibre/:/config # this is where the config / metadata db / cache live + - /media/usenet/book-library/readarr/:/books # this is the library + ports: + # don't use traefik for non 443 / 80 ports. + - 8080:8080 + - 8181:8181 + - 8081:8081 + labels: + - "traefik.enable=true" + - "traefik.http.services.mediaserver-calibre.loadbalancer.server.port=8083" + - "traefik.http.routers.mediaserver-calibre.service=mediaserver-calibre" + - "traefik.http.routers.mediaserver-calibre.rule=Host(`calibre.services.jowj.net`)" + - "traefik.http.routers.mediaserver-calibre.tls.certResolver=mediaserver-resolver" + - "traefik.http.routers.mediaserver-calibre.tls=true" + networks: + - pubnet + volumes: traefik_acme: traefik_logs: diff --git a/ansible/roles/abjure/vars/main.yml b/ansible/roles/abjure/vars/main.yml index 71ca1a3..4c006a0 100644 --- a/ansible/roles/abjure/vars/main.yml +++ b/ansible/roles/abjure/vars/main.yml @@ -1 +1 @@ -sys_packages: [ 'curl', 'vim', 'git', 'emacs', 'build-essential', 'mosh', 'python', 'python3-pip', 'nfs-common' ] +sys_packages: [ 'curl', 'vim', 'git', 'emacs', 'build-essential', 'mosh', 'python3', 'python3-pip', 'nfs-common' ] diff --git a/ansible/roles/mediaserver/readme.md b/ansible/roles/highsea/readme.md similarity index 100% rename from ansible/roles/mediaserver/readme.md rename to ansible/roles/highsea/readme.md diff --git a/ansible/roles/mediaserver/tasks/main.yml b/ansible/roles/highsea/tasks/main.yml similarity index 53% rename from ansible/roles/mediaserver/tasks/main.yml rename to ansible/roles/highsea/tasks/main.yml index dd70b32..262391b 100644 --- a/ansible/roles/mediaserver/tasks/main.yml +++ b/ansible/roles/highsea/tasks/main.yml @@ -30,52 +30,51 @@ name='josiah' groups=docker append=yes + +# TODO: Partition, detect PV, add new disk to LVM. + +- name: Mount usenet volume + ansible.posix.mount: + src: storage.home.jowj.net:/volume1/usenet + path: /media/usenet + opts: rw,sync,hard + state: mounted + fstype: nfs - name: Init a new swarm with default parameters community.general.docker_swarm: state: present # set up mediaserver specific bullshit. -- name: ensure traefik config directory exists - file: state=directory path=/home/josiah/apps/traefik/ owner=josiah group=josiah mode=0700 - -- name: ensure the webdav-docker repo exists - git: - repo: 'https://git.awful.club/hosted/webdav-docker.git' - dest: /home/josiah/apps/webdav-docker/ - version: master - -- name: build jlj-webdav image - community.general.docker_image: - name: jlj-webdav - build: - path: /home/josiah/apps/webdav-docker/latest - dockerfile: Dockerfile - source: build - -- name: ensure mediaserver config directory exists - file: state=directory path=/home/josiah/apps/mediaserver/ owner=josiah group=josiah mode=0700 +- name: ensure app dir exists + file: + path: /home/josiah/apps/ + state: directory + recurse: yes + owner: josiah + group: josiah + +- name: ensure app config directory exists + file: + path: /home/josiah/apps/{{ item }} + state: directory + recurse: yes + owner: josiah + group: josiah + loop: [ 'traefik', 'hydra2', 'sabnzbd', 'readarr', 'radarr', 'lidarr', 'sonarr', 'bazarr', 'highsea' ] +# TODO: Figure out why this doesn't actually create the log if its not present? - name: ensure traefik.log exists - file: state=file path=/home/josiah/apps/traefik/traefik.log owner=josiah group=josiah mode=0700 - -- name: allow for pretty json errors - pip: - name: jsondiff + file: + state: file + path: /home/josiah/apps/traefik/traefik.log -- name: Create deploy configs dir if it does not exist - file: - path: /home/josiah/deploys/mediaserver - state: directory - mode: '0755' - -- name: copy over mediaserver config files +- name: copy over highsea config files template: src: "{{ item.src }}" dest: "{{ item.dest }}" - mode: 0777 with_items: - - {src: 'mediaserver-compose.yml', dest: '/home/josiah/apps/mediaserver/mediaserver-compose.yml'} + - {src: 'highsea-compose.yml', dest: '/home/josiah/apps/highsea/highsea-compose.yml'} - {src: 'traefik.yml.j2', dest: '/home/josiah/apps/traefik/traefik.yml'} - name: Ensure acme.json exists @@ -88,22 +87,22 @@ state: file mode: '0600' -- name: Remove the mediaserver stack +- name: Remove the highsea stack block: - - name: Remove the mediaserver stack + - name: Remove the highsea stack docker_stack: state: absent - name: mediaserver + name: highsea compose: - - /home/josiah/apps/mediaserver/mediaserver-compose.yml + - /home/josiah/apps/highsea/highsea-compose.yml - name: Pause so the network gets deleted too pause: seconds: 15 -- name: Deploy mediaserver stack +- name: Deploy highsea stack docker_stack: state: present - name: mediaserver + name: highsea prune: yes compose: - - /home/josiah/apps/mediaserver/mediaserver-compose.yml + - /home/josiah/apps/highsea/highsea-compose.yml diff --git a/ansible/roles/mediaserver/templates/.env.j2 b/ansible/roles/highsea/templates/.env.j2 similarity index 65% rename from ansible/roles/mediaserver/templates/.env.j2 rename to ansible/roles/highsea/templates/.env.j2 index 55d0f00..a8d991e 100644 --- a/ansible/roles/mediaserver/templates/.env.j2 +++ b/ansible/roles/highsea/templates/.env.j2 @@ -12,11 +12,4 @@ ACME_EMAIL=admin@home.jowj.net # The Traefik dashboard will be available at these domains. # The URL is http://example.com/traefik/ # You'll need to fill in BASIC_AUTH above. -TRAEFIK_DOMAINS=hatchery.home.jowj.net - -# Your WebDAV site will be available at these domains. Every domain -# needs DNS records pointing to your server for SSL to work. -WEBDAV_DOMAINS=example.com,www.example.com - -# Set the URL path where you want your WebDAV site to be. -WEBDAV_LOCATION=/webdav +TRAEFIK_DOMAINS=highsea.home.jowj.net \ No newline at end of file diff --git a/ansible/roles/highsea/templates/highsea-compose.yml b/ansible/roles/highsea/templates/highsea-compose.yml new file mode 100644 index 0000000..2715cee --- /dev/null +++ b/ansible/roles/highsea/templates/highsea-compose.yml @@ -0,0 +1,208 @@ +--- +version: '3.7' + +services: + traefik: + image: traefik:2.5 + networks: + - pubnet + command: --web --docker --docker.swarmmode --docker.watch --docker.domain="services.jowj.net" --providers.docker.network=pubnet --logLevel=DEBUG + ports: + - 80:80/tcp + - 443:443/tcp + - 8080:8080/tcp + volumes: + - /home/josiah/apps/traefik/acme.json:/acme.json + - traefik_logs:/var/log/access.log + - /var/run/docker.sock:/var/run/docker.sock + - /home/josiah/apps/traefik/traefik.yml:/traefik.yml + deploy: + mode: global + placement: + constraints: + - node.role == manager + environment: + DO_AUTH_TOKEN: "{{ DO_AUTH_TOKEN }}" + labels: + # Dashboard shit I stole from Micah: + # WARNING: A TRAILING SLASH IS MANDATORY IN THE BROWSER + # e.g. https://example.com/dashboard/, not merely /dashboard + - "traefik.enable=true" + - "traefik.http.routers.highsea-traefik-api.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-traefik-api.rule=Host(`highsea.home.jowj.net`)&&(PathPrefix(`/api`)||PathPrefix(`/dashboard`)||PathPrefix(`/debug`))" + - "traefik.http.routers.highsea-traefik-api.service=api@internal" + - "traefik.http.services.highsea-traefik-api.loadbalancer.server.port=8080" + # - "traefik.http.routers.highsea-traefik-api.entrypoints=http" + - "traefik.http.routers.highsea-traefik-api.entrypoints=https" + # middleware redirect + - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" + # global redirect to https + - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)" + - "traefik.http.routers.http-catchall.entrypoints=http" + - "traefik.http.routers.http-catchall.middlewares=redirect-to-https" + + whoami: + image: containous/whoami:latest + networks: + - pubnet + labels: + - "traefik.enable=true" + - "traefik.http.routers.highsea-whoami.rule=Host(`whoami.services.jowj.net`)" + - "traefik.http.routers.highsea-whoami.service=highsea-whoami" + - "traefik.http.services.highsea-whoami.loadbalancer.server.port=80" + - "traefik.http.routers.highsea-whoami.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-whoami.tls=true" + + hydra2: + image: linuxserver/nzbhydra2:latest + networks: + - pubnet + volumes: + - /home/josiah/apps/hydra2/:/config + - /home/josiah/Downloads/usenet-complete/:/data/downloads + environment: + PGID: 1000 + PUID: 1000 + TZ: American/Chicago + labels: + - "traefik.enable=true" + - "traefik.http.services.highsea-hydra2.loadbalancer.server.port=5076" + - "traefik.http.routers.highsea-hydra2.service=highsea-hydra2" + - "traefik.http.routers.highsea-hydra2.rule=Host(`hydra.services.jowj.net`)" + - "traefik.http.routers.highsea-hydra2.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-hydra2.tls=true" + + sabnzb: + image: "linuxserver/sabnzbd" + networks: + - pubnet + environment: + PUID: 1000 + PGID: 1000 + TZ: America/Chicago + volumes: + - "/home/josiah/apps/sabnzbd:/config" + - "/home/josiah/Downloads/usenet-complete/:/data/downloads" + - "/home/josiah/Downloads/usenet-incomplete/:/data/incomplete-downloads" + - "/home/josiah/Downloads/usenet-watched/:/data/watched-folder" + - "/media/usenet/tv:/data/tv" + - "/media/usenet/audio/:/data/music" + - "/media/usenet/movies/:/data/movies" + - "/media/usenet/book-library/yet-to-be-added:/data/books" + labels: + - "traefik.enable=true" + - "traefik.http.services.highsea-sabnzbd.loadbalancer.server.port=8080" + - "traefik.http.routers.highsea-sabnzbd.service=highsea-sabnzbd" + - "traefik.http.routers.highsea-sabnzbd.rule=Host(`sab.services.jowj.net`)" + - "traefik.http.routers.highsea-sabnzbd.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-sabnzbd.tls=true" + + sonarr: + image: "linuxserver/sonarr" + environment: + PUID: 1000 + PGID: 1000 + TZ: America/Chicago + volumes: + - "/home/josiah/apps/sonarr:/config" + - "/home/josiah/Downloads/usenet-complete/:/data/downloads" + - "/media/usenet/tv/:/data/tv" + labels: + - "traefik.enable=true" + - "traefik.http.services.highsea-sonarr.loadbalancer.server.port=8989" + - "traefik.http.routers.highsea-sonarr.service=highsea-sonarr" + - "traefik.http.routers.highsea-sonarr.rule=Host(`sonarr.services.jowj.net`)" + - "traefik.http.routers.highsea-sonarr.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-sonarr.tls=true" + networks: + - pubnet + + lidarr: + image: "linuxserver/lidarr" + environment: + PUID: 1000 + PGID: 1000 + TZ: America/Chicago + volumes: + - "/home/josiah/apps/lidarr:/config" + - "/home/josiah/Downloads/usenet-complete/:/data/downloads" + - "/media/usenet/audio/:/data/music" + labels: + - "traefik.enable=true" + - "traefik.http.services.highsea-lidarr.loadbalancer.server.port=8686" + - "traefik.http.routers.highsea-lidarr.service=highsea-lidarr" + - "traefik.http.routers.highsea-lidarr.rule=Host(`lidarr.services.jowj.net`)" + - "traefik.http.routers.highsea-lidarr.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-lidarr.tls=true" + networks: + - pubnet + + radarr: + image: "linuxserver/radarr" + environment: + PUID: 1000 + PGID: 1000 + TZ: America/Chicago + volumes: + - "/home/josiah/apps/radarr:/config" + - "/home/josiah/Downloads/usenet-complete/:/data/downloads" + - "/media/usenet/movies/:/data/movies" + labels: + - "traefik.enable=true" + - "traefik.http.services.highsea-radarr.loadbalancer.server.port=7878" + - "traefik.http.routers.highsea-radarr.service=highsea-radarr" + - "traefik.http.routers.highsea-radarr.rule=Host(`radarr.services.jowj.net`)" + - "traefik.http.routers.highsea-radarr.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-radarr.tls=true" + networks: + - pubnet + + readarr: + image: lscr.io/linuxserver/readarr:develop + environment: + PUID: 1000 + PGID: 1000 + TZ: America/Chicago + volumes: + - "/home/josiah/apps/readarr:/config" + - "/media/usenet/audiobooks:/media/usenet/book-library/readarr/audiobooks" + - "/media/usenet/book-library/readarr:/media/usenet/book-library/readarr" # not ready + - "/home/josiah/Downloads/usenet-complete/books:/data/downloads/books" + labels: + - "traefik.enable=true" + - "traefik.http.services.highsea-readarr.loadbalancer.server.port=8787" + - "traefik.http.routers.highsea-readarr.service=highsea-readarr" + - "traefik.http.routers.highsea-readarr.rule=Host(`readarr.services.jowj.net`)" + - "traefik.http.routers.highsea-readarr.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-readarr.tls=true" + networks: + - pubnet + + bazarr: + image: lscr.io/linuxserver/bazarr:latest + environment: + PUID: 1000 + PGID: 1000 + TZ: America/Chicago + volumes: + - "/home/josiah/apps/bazarr:/config" + - "/home/josiah/Downloads/usenet-complete/:/media/downloads" + - "/media/usenet/tv/:/media/tv" + - "/media/usenet/movies/:/media/movies" + labels: + - "traefik.enable=true" + - "traefik.http.services.highsea-bazarr.loadbalancer.server.port=6767" + - "traefik.http.routers.highsea-bazarr.service=highsea-bazarr" + - "traefik.http.routers.highsea-bazarr.rule=Host(`bazarr.services.jowj.net`)" + - "traefik.http.routers.highsea-bazarr.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-bazarr.tls=true" + networks: + - pubnet + +volumes: + traefik_acme: + traefik_logs: + +networks: + pubnet: + driver: overlay diff --git a/ansible/roles/mediaserver/templates/traefik.yml.j2 b/ansible/roles/highsea/templates/traefik.yml.j2 similarity index 93% rename from ansible/roles/mediaserver/templates/traefik.yml.j2 rename to ansible/roles/highsea/templates/traefik.yml.j2 index b365df5..ffd4934 100644 --- a/ansible/roles/mediaserver/templates/traefik.yml.j2 +++ b/ansible/roles/highsea/templates/traefik.yml.j2 @@ -22,13 +22,13 @@ entryPoints: http: middlewares: - mediaserver-https-redir: + highsea-https-redir: redirectScheme: scheme: https permanent: true certificatesResolvers: - mediaserver-resolver: + highsea-resolver: acme: storage: /acme.json email: "admin@home.jowj.net" diff --git a/ansible/roles/highsea/vars/main.yml b/ansible/roles/highsea/vars/main.yml new file mode 100644 index 0000000..2219e76 --- /dev/null +++ b/ansible/roles/highsea/vars/main.yml @@ -0,0 +1 @@ +sys_packages: [ 'curl', 'vim', 'git', 'emacs', 'build-essential', 'mosh', 'python3', 'python3-pip', 'nfs-common', 'python3-jsondiff'] diff --git a/ansible/roles/mediaserver/templates/mediaserver-compose.yml b/ansible/roles/mediaserver/templates/mediaserver-compose.yml deleted file mode 100644 index 26b6a69..0000000 --- a/ansible/roles/mediaserver/templates/mediaserver-compose.yml +++ /dev/null @@ -1,291 +0,0 @@ ---- -version: '3.7' - -services: - traefik: - image: traefik:2.5 - networks: - - pubnet - command: --web --docker --docker.swarmmode --docker.watch --docker.domain="services.jowj.net" --providers.docker.network=pubnet --logLevel=DEBUG - ports: - - 80:80/tcp - - 443:443/tcp - - 8080:8080/tcp - volumes: - - /home/josiah/apps/traefik/acme.json:/acme.json - - traefik_logs:/var/log/access.log - - /var/run/docker.sock:/var/run/docker.sock - - /home/josiah/apps/traefik/traefik.yml:/traefik.yml - deploy: - mode: global - placement: - constraints: - - node.role == manager - environment: - DO_AUTH_TOKEN: "{{ DO_AUTH_TOKEN }}" - labels: - # Dashboard shit I stole from Micah: - # WARNING: A TRAILING SLASH IS MANDATORY IN THE BROWSER - # e.g. https://example.com/dashboard/, not merely /dashboard - - "traefik.enable=true" - - "traefik.http.routers.mediaserver-traefik-api.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-traefik-api.rule=Host(`hatchery.home.jowj.net`)&&(PathPrefix(`/api`)||PathPrefix(`/dashboard`)||PathPrefix(`/debug`))" - - "traefik.http.routers.mediaserver-traefik-api.service=api@internal" - - "traefik.http.services.mediaserver-traefik-api.loadbalancer.server.port=8080" - # - "traefik.http.routers.mediaserver-traefik-api.entrypoints=http" - - "traefik.http.routers.mediaserver-traefik-api.entrypoints=https" - # middleware redirect - - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - # global redirect to https - - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)" - - "traefik.http.routers.http-catchall.entrypoints=http" - - "traefik.http.routers.http-catchall.middlewares=redirect-to-https" - - - hydra2: - image: linuxserver/nzbhydra2:latest - networks: - - pubnet - volumes: - - /home/josiah/apps/hydra2/:/config - - /home/josiah/Downloads/usenet-complete/:/data/downloads - environment: - PGID: 1000 - PUID: 1000 - TZ: American/Chicago - labels: - - "traefik.enable=true" - - "traefik.http.services.mediaserver-hydra2.loadbalancer.server.port=5076" - - "traefik.http.routers.mediaserver-hydra2.service=mediaserver-hydra2" - - "traefik.http.routers.mediaserver-hydra2.rule=Host(`hydra.services.jowj.net`)" - - "traefik.http.routers.mediaserver-hydra2.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-hydra2.tls=true" - - sabnzb: - image: "linuxserver/sabnzbd" - networks: - - pubnet - environment: - PUID: 1000 - PGID: 1000 - TZ: America/Chicago - volumes: - - "/home/josiah/apps/sabnzbd:/config" - - "/home/josiah/Downloads/usenet-complete/:/data/downloads" - - "/home/josiah/Downloads/usenet-incomplete/:/data/incomplete-downloads" - - "/home/josiah/Downloads/usenet-watched/:/data/watched-folder" - - "/media/usenet/tv:/data/tv" - - "/media/usenet/audio/:/data/music" - - "/media/usenet/movies/:/data/movies" - - "/media/usenet/book-library/yet-to-be-added:/data/books" - labels: - - "traefik.enable=true" - - "traefik.http.services.mediaserver-sabnzbd.loadbalancer.server.port=8080" - - "traefik.http.routers.mediaserver-sabnzbd.service=mediaserver-sabnzbd" - - "traefik.http.routers.mediaserver-sabnzbd.rule=Host(`sab.services.jowj.net`)" - - "traefik.http.routers.mediaserver-sabnzbd.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-sabnzbd.tls=true" - - sonarr: - image: "linuxserver/sonarr" - environment: - PUID: 1000 - PGID: 1000 - TZ: America/Chicago - volumes: - - "/home/josiah/apps/sonarr:/config" - - "/home/josiah/Downloads/usenet-complete/:/data/downloads" - - "/media/usenet/tv/:/data/tv" - labels: - - "traefik.enable=true" - - "traefik.http.services.mediaserver-sonarr.loadbalancer.server.port=8989" - - "traefik.http.routers.mediaserver-sonarr.service=mediaserver-sonarr" - - "traefik.http.routers.mediaserver-sonarr.rule=Host(`sonarr.services.jowj.net`)" - - "traefik.http.routers.mediaserver-sonarr.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-sonarr.tls=true" - networks: - - pubnet - - lidarr: - image: "linuxserver/lidarr" - environment: - PUID: 1000 - PGID: 1000 - TZ: America/Chicago - volumes: - - "/home/josiah/apps/lidarr:/config" - - "/home/josiah/Downloads/usenet-complete/:/data/downloads" - - "/media/usenet/audio/:/data/music" - labels: - - "traefik.enable=true" - - "traefik.http.services.mediaserver-lidarr.loadbalancer.server.port=8686" - - "traefik.http.routers.mediaserver-lidarr.service=mediaserver-lidarr" - - "traefik.http.routers.mediaserver-lidarr.rule=Host(`lidarr.services.jowj.net`)" - - "traefik.http.routers.mediaserver-lidarr.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-lidarr.tls=true" - networks: - - pubnet - - radarr: - image: "linuxserver/radarr" - environment: - PUID: 1000 - PGID: 1000 - TZ: America/Chicago - volumes: - - "/home/josiah/apps/radarr:/config" - - "/home/josiah/Downloads/usenet-complete/:/data/downloads" - - "/media/usenet/movies/:/data/movies" - labels: - - "traefik.enable=true" - - "traefik.http.services.mediaserver-radarr.loadbalancer.server.port=7878" - - "traefik.http.routers.mediaserver-radarr.service=mediaserver-radarr" - - "traefik.http.routers.mediaserver-radarr.rule=Host(`radarr.services.jowj.net`)" - - "traefik.http.routers.mediaserver-radarr.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-radarr.tls=true" - networks: - - pubnet - - whoami: - image: containous/whoami:latest - networks: - - pubnet - labels: - - "traefik.enable=true" - - "traefik.http.routers.mediaserver-whoami.rule=Host(`whoami.services.jowj.net`)" - - "traefik.http.routers.mediaserver-whoami.service=mediaserver-whoami" - - "traefik.http.services.mediaserver-whoami.loadbalancer.server.port=80" - - "traefik.http.routers.mediaserver-whoami.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-whoami.tls=true" - - tubesync: - image: ghcr.io/meeb/tubesync:latest - networks: - - pubnet - environment: - PUID: 1000 - PGID: 1000 - TZ: America/Chicago - LISTEN_HOST: "0.0.0.0" - LISTEN_PORT: '8080' - volumes: - - "/home/josiah/apps/tubesync-config:/config" - - "/media/usenet/youtube:/downloads" - labels: - - "traefik.enable=true" - - "traefik.docker.network=pubnet" - - "traefik.http.routers.mediaserver-tubesync.rule=Host(`tubesync.services.jowj.net`)" - - "traefik.http.services.mediaserver-tubesync.loadbalancer.server.port=4848" - - "traefik.http.routers.mediaserver-tubesync.service=mediaserver-tubesync" - - "traefik.http.routers.mediaserver-tubesync.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-tubesync.tls=true" - - audiobookshelf: - image: ghcr.io/advplyr/audiobookshelf:latest - networks: - - pubnet - environment: - PUID: 1000 - PGID: 1000 - AUDIOBOOKSHELF_UID: 1000 - AUDIOBOOKSHELF_GID: 1000 - TZ: America/Chicago - volumes: - - "/home/josiah/apps/audiobookshelf/config:/config" - - "/home/josiah/apps/audiobookshelf/metadata:/metadata" - - "/media/usenet/audiobooks:/audiobooks" - - "/media/usenet/podcasts:/podcasts" - labels: - - "traefik.enable=true" - - "traefik.docker.network=pubnet" - - "traefik.http.routers.mediaserver-audiobookshelf.rule=Host(`audiobookshelf.services.jowj.net`)" - - "traefik.http.services.mediaserver-audiobookshelf.loadbalancer.server.port=80" - - "traefik.http.routers.mediaserver-audiobookshelf.service=mediaserver-audiobookshelf" - - "traefik.http.routers.mediaserver-audiobookshelf.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-audiobookshelf.tls=true" - - readarr: - image: lscr.io/linuxserver/readarr:develop - container_name: readarr - environment: - PUID: 1000 - PGID: 1000 - TZ: America/Chicago - volumes: - - "/home/josiah/apps/readarr/config:/config" - - "/media/usenet/audiobooks:/media/usenet/book-library/readarr/audiobooks" - - "/media/usenet/book-library/readarr:/media/usenet/book-library/readarr" # not ready - - "/home/josiah/Downloads/usenet-complete/:/media/downloads" - labels: - - "traefik.enable=true" - - "traefik.http.services.mediaserver-readarr.loadbalancer.server.port=8787" - - "traefik.http.routers.mediaserver-readarr.service=mediaserver-readarr" - - "traefik.http.routers.mediaserver-readarr.rule=Host(`readarr.services.jowj.net`)" - - "traefik.http.routers.mediaserver-readarr.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-readarr.tls=true" - networks: - - pubnet - - bazarr: - image: lscr.io/linuxserver/bazarr:latest - environment: - PUID: 1000 - PGID: 1000 - TZ: America/Chicago - volumes: - - "/home/josiah/apps/bazarr/config:/config" - - "/home/josiah/Downloads/usenet-complete/:/media/downloads" - - "/media/usenet/tv/:/media/tv" - - "/media/usenet/movies/:/media/movies" - labels: - - "traefik.enable=true" - - "traefik.http.services.mediaserver-bazarr.loadbalancer.server.port=6767" - - "traefik.http.routers.mediaserver-bazarr.service=mediaserver-bazarr" - - "traefik.http.routers.mediaserver-bazarr.rule=Host(`bazarr.services.jowj.net`)" - - "traefik.http.routers.mediaserver-bazarr.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-bazarr.tls=true" - networks: - - pubnet - - stash: - image: git.awful.club/packages/hoard:latest - ## If you intend to use stash's DLNA functionality uncomment the below network mode and comment out the above ports section - # network_mode: host - logging: - driver: "json-file" - options: - max-file: "10" - max-size: "2m" - environment: - - STASH_STASH=/data/ - - STASH_GENERATED=/generated/ - - STASH_METADATA=/metadata/ - - STASH_CACHE=/cache/ - ## Adjust below to change default port (9999) - # - STASH_PORT=9999 - volumes: - - /etc/localtime:/etc/localtime:ro - - "{{ vault_stash_config }}:/root/.stash" - - "{{ vault_stash_data }}:/data" - - "{{ vault_stash_metadata }}:/metadata" - - "{{ vault_stash_cache }}:/cache" - - "{{ vault_stash_generated }}:/generated" - labels: - - "traefik.enable=true" - - "traefik.http.services.mediaserver-hoard.loadbalancer.server.port=9999" - - "traefik.http.routers.mediaserver-hoard.service=mediaserver-hoard" - - "traefik.http.routers.mediaserver-hoard.rule=Host(`hoard.services.jowj.net`)" - - "traefik.http.routers.mediaserver-hoard.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-hoard.tls=true" - networks: - - pubnet - - -volumes: - traefik_acme: - traefik_logs: - vol-webdav: - -networks: - pubnet: - driver: overlay diff --git a/ansible/roles/mediaserver/vars/main.yml b/ansible/roles/mediaserver/vars/main.yml deleted file mode 100644 index ef86eef..0000000 --- a/ansible/roles/mediaserver/vars/main.yml +++ /dev/null @@ -1 +0,0 @@ -sys_packages: [ 'curl', 'vim', 'git', 'emacs', 'build-essential', 'mosh', 'python', 'python3-pip' ] diff --git a/terraform/bikeshed/.terraform.lock.hcl b/terraform/bikeshed/.terraform.lock.hcl index 96578f7..1fb0761 100644 --- a/terraform/bikeshed/.terraform.lock.hcl +++ b/terraform/bikeshed/.terraform.lock.hcl @@ -6,6 +6,7 @@ provider "registry.terraform.io/digitalocean/digitalocean" { constraints = "~> 2.29.0" hashes = [ "h1:OLSxMaqLOUl6DjQ3vz14odCyMCcLA63ltBNPgrIQHG4=", + "h1:mJrr4YaOsB7bWfCSJZneiXB6JMnVNnFxYRmQ8vKaOSQ=", "zh:0af0a1a2de818c5dc8ee7ad4dc4731452848e84cfa0c1ce514af1c7aad15c53c", "zh:27229f3162b4142be48554f56227265982f3b74e4c79fa5d2528c8a3912d1e19", "zh:31d6e73bfe12231fa0ab3bbeef0e4aa9822a2008ae2a1a8b22557bdada4af7a3", @@ -30,6 +31,7 @@ provider "registry.terraform.io/telmate/proxmox" { constraints = "2.7.4" hashes = [ "h1:ivNrl7WU2BJwIKmB1lLr70+GtXBCfzW+K5tvNpYy454=", + "h1:lgfUuXLdyY2Uf5mO7eJNfJC/fsoUDyBsCpxA/rbs3Z4=", "zh:3c2163b167d1e342e1683015cd08c70838d1c631b8e374ac6f86ca2c41271a8c", "zh:453596419e07cd0c41f5f58dd7775664fa685de403e9776197b1502e79bf3814", "zh:492045cf7859bc31a57730b876dcc29d902a24d543a30a67f34b0ee2b4a71a33", diff --git a/terraform/bikeshed/high-sea.tf b/terraform/bikeshed/high-sea.tf index ab5283f..39e5a14 100644 --- a/terraform/bikeshed/high-sea.tf +++ b/terraform/bikeshed/high-sea.tf @@ -19,15 +19,27 @@ resource "proxmox_vm_qemu" "high-sea" { memory = 4096 scsihw = "virtio-scsi-pci" bootdisk = "scsi0" + + # This is our OS disk disk { slot = 0 # set disk size here. leave it small for testing because expanding the disk takes time. - size = "40G" + # You can't actually set this to anything, it doesn't seem? I'm not sure why. if you clone from a template you ALWAYS get that templates size, and any changes made are not seen on the clone vm. + # Maybe a function of the kind of disk that was created? + size = "32G" type = "scsi" storage = "sainthood-cifs" iothread = 0 } - + # This is our data disk; we're just adding the data disk capaccity to LVM, so its maybe dumb? but that's what i'm doing for now. + disk { + slot = 1 + size = "240G" + type = "scsi" + storage = "sainthood-cifs" + iothread = 0 + } + # if you want two NICs, just copy this whole network section and duplicate it network { model = "virtio" @@ -40,11 +52,10 @@ resource "proxmox_vm_qemu" "high-sea" { ] } - ipconfig0 = "ip=10.10.1.10/24,gw=10.98.1.1" - # sshkeys set using variables. the variable contains the text of the key. } # Configure DO DNS after VM is build. A record to point to machine? +# See records_home.jowj.net.tf file in do_domains. diff --git a/terraform/bikeshed/provider.tf b/terraform/bikeshed/provider.tf index 003ded8..8e87a2e 100644 --- a/terraform/bikeshed/provider.tf +++ b/terraform/bikeshed/provider.tf @@ -20,8 +20,8 @@ terraform { # This is actually not needed, but declaring it here helps me remember where its supposed to live. # You gotta comment these out when initing the terraform backend? for some reason. - shared_credentials_files = ["~/.aws/credentials"] - shared_config_files = ["~/.aws/config"] + #shared_credentials_files = ["~/.aws/credentials"] + #shared_config_files = ["~/.aws/config"] } } diff --git a/terraform/do_domains/outputs.tf b/terraform/do_domains/outputs.tf index 9adaf10..a0a91f1 100755 --- a/terraform/do_domains/outputs.tf +++ b/terraform/do_domains/outputs.tf @@ -66,10 +66,6 @@ output "digitalocean_record_tfer--273019966_id" { value = "${digitalocean_record.tfer--273019966.id}" } -output "digitalocean_record_tfer--273019998_id" { - value = "${digitalocean_record.tfer--273019998.id}" -} - output "digitalocean_record_tfer--273021791_id" { value = "${digitalocean_record.tfer--273021791.id}" } @@ -82,10 +78,6 @@ output "digitalocean_record_tfer--273021839_id" { value = "${digitalocean_record.tfer--273021839.id}" } -output "digitalocean_record_tfer--273024307_id" { - value = "${digitalocean_record.tfer--273024307.id}" -} - output "digitalocean_record_tfer--273196064_id" { value = "${digitalocean_record.tfer--273196064.id}" } @@ -130,14 +122,6 @@ output "digitalocean_record_tfer--282785137_id" { value = "${digitalocean_record.tfer--282785137.id}" } -output "digitalocean_record_tfer--289972404_id" { - value = "${digitalocean_record.tfer--289972404.id}" -} - -output "digitalocean_record_tfer--318001321_id" { - value = "${digitalocean_record.tfer--318001321.id}" -} - output "digitalocean_record_tfer--318333757_id" { value = "${digitalocean_record.tfer--318333757.id}" } diff --git a/terraform/do_domains/records_home.jowj.net.tf b/terraform/do_domains/records_home.jowj.net.tf index 3a313e7..38dff90 100644 --- a/terraform/do_domains/records_home.jowj.net.tf +++ b/terraform/do_domains/records_home.jowj.net.tf @@ -213,3 +213,19 @@ resource "digitalocean_record" demiurge-dns { value = "100.108.60.46" weight = "0" } + + +# this motherfucker is currently set manually. +# TODO: Figure out how to do this programmatically +# Especailly because getting the output of tailscale is difficult?? +resource "digitalocean_record" highsea-dns { + domain = "home.jowj.net" + flags = "0" + name = "highsea" + port = "0" + priority = "0" + ttl = "900" + type = "A" + value = "100.72.101.61" + weight = "0" +} diff --git a/terraform/do_domains/records_services.jowj.net.tf b/terraform/do_domains/records_services.jowj.net.tf index 321b085..fa07279 100644 --- a/terraform/do_domains/records_services.jowj.net.tf +++ b/terraform/do_domains/records_services.jowj.net.tf @@ -46,30 +46,6 @@ resource "digitalocean_record" "tfer--273019966" { weight = "0" } -resource "digitalocean_record" "tfer--273019998" { - domain = "services.jowj.net" - flags = "0" - name = "tubesync" - port = "0" - priority = "0" - ttl = "900" - type = "CNAME" - value = "hatchery.home.jowj.net." - weight = "0" -} - -resource "digitalocean_record" "tfer--273024307" { - domain = "services.jowj.net" - flags = "0" - name = "watchtower" - port = "0" - priority = "0" - ttl = "900" - type = "CNAME" - value = "hatchery.home.jowj.net." - weight = "0" -} - resource "digitalocean_record" "tfer--273196064" { domain = "services.jowj.net" flags = "0" @@ -78,7 +54,7 @@ resource "digitalocean_record" "tfer--273196064" { priority = "0" ttl = "900" type = "CNAME" - value = "hatchery.home.jowj.net." + value = "highsea.home.jowj.net." weight = "0" } @@ -140,7 +116,7 @@ resource "digitalocean_record" "tfer--282780675" { priority = "0" ttl = "900" type = "CNAME" - value = "hatchery.home.jowj.net." + value = "highsea.home.jowj.net." weight = "0" } @@ -152,7 +128,7 @@ resource "digitalocean_record" "tfer--282785060" { priority = "0" ttl = "900" type = "CNAME" - value = "hatchery.home.jowj.net." + value = "highsea.home.jowj.net." weight = "0" } @@ -164,7 +140,7 @@ resource "digitalocean_record" "tfer--282785080" { priority = "0" ttl = "900" type = "CNAME" - value = "hatchery.home.jowj.net." + value = "highsea.home.jowj.net." weight = "0" } @@ -176,7 +152,7 @@ resource "digitalocean_record" "tfer--282785089" { priority = "0" ttl = "900" type = "CNAME" - value = "hatchery.home.jowj.net." + value = "highsea.home.jowj.net." weight = "0" } @@ -188,31 +164,7 @@ resource "digitalocean_record" "tfer--282785137" { priority = "0" ttl = "900" type = "CNAME" - value = "hatchery.home.jowj.net." - weight = "0" -} - -resource "digitalocean_record" "tfer--289972404" { - domain = "services.jowj.net" - flags = "0" - name = "requests" - port = "0" - priority = "0" - ttl = "900" - type = "CNAME" - value = "hatchery.home.jowj.net." - weight = "0" -} - -resource "digitalocean_record" "tfer--318001321" { - domain = "services.jowj.net" - flags = "0" - name = "audiobookshelf" - port = "0" - priority = "0" - ttl = "900" - type = "CNAME" - value = "hatchery.home.jowj.net." + value = "highsea.home.jowj.net." weight = "0" } @@ -224,7 +176,7 @@ resource "digitalocean_record" "tfer--318333757" { priority = "0" ttl = "900" type = "CNAME" - value = "hatchery.home.jowj.net." + value = "highsea.home.jowj.net." weight = "0" } @@ -236,7 +188,7 @@ resource "digitalocean_record" "tfer--326222435" { priority = "0" ttl = "900" type = "CNAME" - value = "hatchery.home.jowj.net." + value = "highsea.home.jowj.net." weight = "0" } @@ -264,3 +216,15 @@ resource "digitalocean_record" "pms-services-jowj-net" { value = "lair.home.jowj.net." weight = "0" } + +resource "digitalocean_record" "calibre-services-jowj-net" { + domain = "services.jowj.net" + flags = "0" + name = "calibre" + port = "0" + priority = "0" + ttl = "900" + type = "CNAME" + value = "lair.home.jowj.net." + weight = "0" +} \ No newline at end of file