From e45a5b7989d1196f5cff4280b8106ac175b53f0f Mon Sep 17 00:00:00 2001 From: josiah Date: Sun, 31 Dec 2023 23:18:46 -0600 Subject: [PATCH 1/9] Create TF for highsea deploy. --- terraform/bikeshed/.terraform.lock.hcl | 2 ++ terraform/bikeshed/high-sea.tf | 19 +++++++++++++++---- terraform/bikeshed/provider.tf | 4 ++-- terraform/do_domains/records_home.jowj.net.tf | 15 +++++++++++++++ 4 files changed, 34 insertions(+), 6 deletions(-) diff --git a/terraform/bikeshed/.terraform.lock.hcl b/terraform/bikeshed/.terraform.lock.hcl index 96578f7..1fb0761 100644 --- a/terraform/bikeshed/.terraform.lock.hcl +++ b/terraform/bikeshed/.terraform.lock.hcl @@ -6,6 +6,7 @@ provider "registry.terraform.io/digitalocean/digitalocean" { constraints = "~> 2.29.0" hashes = [ "h1:OLSxMaqLOUl6DjQ3vz14odCyMCcLA63ltBNPgrIQHG4=", + "h1:mJrr4YaOsB7bWfCSJZneiXB6JMnVNnFxYRmQ8vKaOSQ=", "zh:0af0a1a2de818c5dc8ee7ad4dc4731452848e84cfa0c1ce514af1c7aad15c53c", "zh:27229f3162b4142be48554f56227265982f3b74e4c79fa5d2528c8a3912d1e19", "zh:31d6e73bfe12231fa0ab3bbeef0e4aa9822a2008ae2a1a8b22557bdada4af7a3", @@ -30,6 +31,7 @@ provider "registry.terraform.io/telmate/proxmox" { constraints = "2.7.4" hashes = [ "h1:ivNrl7WU2BJwIKmB1lLr70+GtXBCfzW+K5tvNpYy454=", + "h1:lgfUuXLdyY2Uf5mO7eJNfJC/fsoUDyBsCpxA/rbs3Z4=", "zh:3c2163b167d1e342e1683015cd08c70838d1c631b8e374ac6f86ca2c41271a8c", "zh:453596419e07cd0c41f5f58dd7775664fa685de403e9776197b1502e79bf3814", "zh:492045cf7859bc31a57730b876dcc29d902a24d543a30a67f34b0ee2b4a71a33", diff --git a/terraform/bikeshed/high-sea.tf b/terraform/bikeshed/high-sea.tf index ab5283f..39e5a14 100644 --- a/terraform/bikeshed/high-sea.tf +++ b/terraform/bikeshed/high-sea.tf @@ -19,15 +19,27 @@ resource "proxmox_vm_qemu" "high-sea" { memory = 4096 scsihw = "virtio-scsi-pci" bootdisk = "scsi0" + + # This is our OS disk disk { slot = 0 # set disk size here. leave it small for testing because expanding the disk takes time. - size = "40G" + # You can't actually set this to anything, it doesn't seem? I'm not sure why. if you clone from a template you ALWAYS get that templates size, and any changes made are not seen on the clone vm. + # Maybe a function of the kind of disk that was created? + size = "32G" type = "scsi" storage = "sainthood-cifs" iothread = 0 } - + # This is our data disk; we're just adding the data disk capaccity to LVM, so its maybe dumb? but that's what i'm doing for now. + disk { + slot = 1 + size = "240G" + type = "scsi" + storage = "sainthood-cifs" + iothread = 0 + } + # if you want two NICs, just copy this whole network section and duplicate it network { model = "virtio" @@ -40,11 +52,10 @@ resource "proxmox_vm_qemu" "high-sea" { ] } - ipconfig0 = "ip=10.10.1.10/24,gw=10.98.1.1" - # sshkeys set using variables. the variable contains the text of the key. } # Configure DO DNS after VM is build. A record to point to machine? +# See records_home.jowj.net.tf file in do_domains. diff --git a/terraform/bikeshed/provider.tf b/terraform/bikeshed/provider.tf index 003ded8..8e87a2e 100644 --- a/terraform/bikeshed/provider.tf +++ b/terraform/bikeshed/provider.tf @@ -20,8 +20,8 @@ terraform { # This is actually not needed, but declaring it here helps me remember where its supposed to live. # You gotta comment these out when initing the terraform backend? for some reason. - shared_credentials_files = ["~/.aws/credentials"] - shared_config_files = ["~/.aws/config"] + #shared_credentials_files = ["~/.aws/credentials"] + #shared_config_files = ["~/.aws/config"] } } diff --git a/terraform/do_domains/records_home.jowj.net.tf b/terraform/do_domains/records_home.jowj.net.tf index 3a313e7..deef93e 100644 --- a/terraform/do_domains/records_home.jowj.net.tf +++ b/terraform/do_domains/records_home.jowj.net.tf @@ -213,3 +213,18 @@ resource "digitalocean_record" demiurge-dns { value = "100.108.60.46" weight = "0" } + + +# this motherfucker is currently set manually. +# TODO: Figure out how to do this programmatically +resource "digitalocean_record" highsea-dns { + domain = "home.jowj.net" + flags = "0" + name = "highsea" + port = "0" + priority = "0" + ttl = "900" + type = "A" + value = "192.168.1.17" + weight = "0" +} From 9d05e266d97a0a5e9bad2387ab7830d0b712f03e Mon Sep 17 00:00:00 2001 From: josiah Date: Sun, 31 Dec 2023 23:19:08 -0600 Subject: [PATCH 2/9] Rename deploy file to follow new standard. Replace mediaserver with highsea. --- ansible/{mediaserver.yml => _deploy_highsea.yml} | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) rename ansible/{mediaserver.yml => _deploy_highsea.yml} (53%) diff --git a/ansible/mediaserver.yml b/ansible/_deploy_highsea.yml similarity index 53% rename from ansible/mediaserver.yml rename to ansible/_deploy_highsea.yml index c4cfc79..3eae317 100644 --- a/ansible/mediaserver.yml +++ b/ansible/_deploy_highsea.yml @@ -1,7 +1,8 @@ -- name: deploy mediaserver - hosts: mediaserver +- name: deploy highsea stack + hosts: highsea remote_user: "{{ remote_user }}" tasks: - debug: msg="Deploying mediaserver stack to local server" roles: - - { name: mediaserver, tags: ['mediaserver'] } +# - { name: debian_base } + - { name: highsea } From 3f47bfc7925b95e2f7d30a8ec28209d525696e7f Mon Sep 17 00:00:00 2001 From: josiah Date: Sun, 31 Dec 2023 23:19:32 -0600 Subject: [PATCH 3/9] Update original media server play to better match what's needed. - Split out PMS, hoard services - Replace inventory data - Remove unneeded webdav shit - Update some config directory mounts to be less dumb - renamed a bunch of traefik stuff --- ansible/inventory/hosts.yml | 9 +- .../roles/{mediaserver => highsea}/readme.md | 0 .../{mediaserver => highsea}/tasks/main.yml | 88 +++--- .../templates/.env.j2 | 9 +- .../highsea/templates/highsea-compose.yml | 209 +++++++++++++ .../templates/traefik.yml.j2 | 4 +- ansible/roles/highsea/vars/main.yml | 1 + .../templates/mediaserver-compose.yml | 291 ------------------ ansible/roles/mediaserver/vars/main.yml | 1 - 9 files changed, 266 insertions(+), 346 deletions(-) rename ansible/roles/{mediaserver => highsea}/readme.md (100%) rename ansible/roles/{mediaserver => highsea}/tasks/main.yml (53%) rename ansible/roles/{mediaserver => highsea}/templates/.env.j2 (65%) create mode 100644 ansible/roles/highsea/templates/highsea-compose.yml rename ansible/roles/{mediaserver => highsea}/templates/traefik.yml.j2 (93%) create mode 100644 ansible/roles/highsea/vars/main.yml delete mode 100644 ansible/roles/mediaserver/templates/mediaserver-compose.yml delete mode 100644 ansible/roles/mediaserver/vars/main.yml diff --git a/ansible/inventory/hosts.yml b/ansible/inventory/hosts.yml index 2cb3f09..d8ed977 100644 --- a/ansible/inventory/hosts.yml +++ b/ansible/inventory/hosts.yml @@ -18,10 +18,11 @@ all: hosts: localhost: ansible_connection: local - # mediaserver: - # hosts: - # hatchery: - # ansible_python_interpreter: /usr/bin/python3 + highsea: + hosts: + highsea.home.jowj.net: + ansible_python_interpreter: /usr/bin/python3 + ansible_user: alice services: hosts: lair: diff --git a/ansible/roles/mediaserver/readme.md b/ansible/roles/highsea/readme.md similarity index 100% rename from ansible/roles/mediaserver/readme.md rename to ansible/roles/highsea/readme.md diff --git a/ansible/roles/mediaserver/tasks/main.yml b/ansible/roles/highsea/tasks/main.yml similarity index 53% rename from ansible/roles/mediaserver/tasks/main.yml rename to ansible/roles/highsea/tasks/main.yml index dd70b32..27d0645 100644 --- a/ansible/roles/mediaserver/tasks/main.yml +++ b/ansible/roles/highsea/tasks/main.yml @@ -30,52 +30,60 @@ name='josiah' groups=docker append=yes + +# TODO: Partition, detect PV, add new disk to LVM. + +# Mount remote storage under ~/apps +- name: Mount an NFS volume + ansible.posix.mount: + src: sainthood.home.jowj.net:/volume1/bikeshed_workloads/highsea-apps/ + path: /home/josiah/backups + opts: rw,sync,hard + state: mounted + fstype: nfs + +- name: Mount usenet volume + ansible.posix.mount: + src: storage.home.jowj.net:/volume1/usenet + path: /media/usenet + opts: rw,sync,hard + state: mounted + fstype: nfs - name: Init a new swarm with default parameters community.general.docker_swarm: state: present # set up mediaserver specific bullshit. -- name: ensure traefik config directory exists - file: state=directory path=/home/josiah/apps/traefik/ owner=josiah group=josiah mode=0700 - -- name: ensure the webdav-docker repo exists - git: - repo: 'https://git.awful.club/hosted/webdav-docker.git' - dest: /home/josiah/apps/webdav-docker/ - version: master - -- name: build jlj-webdav image - community.general.docker_image: - name: jlj-webdav - build: - path: /home/josiah/apps/webdav-docker/latest - dockerfile: Dockerfile - source: build - -- name: ensure mediaserver config directory exists - file: state=directory path=/home/josiah/apps/mediaserver/ owner=josiah group=josiah mode=0700 +- name: ensure app dir exists + file: + path: /home/josiah/apps/ + state: directory + recurse: yes + owner: josiah + group: josiah + +- name: ensure app config directory exists + file: + path: /home/josiah/apps/{{ item }} + state: directory + recurse: yes + owner: josiah + group: josiah + loop: [ 'traefik', 'hydra2', 'sabnzbd', 'readarr', 'radarr', 'lidarr', 'sonarr', 'bazarr', 'highsea' ] +# TODO: Figure out why this doesn't actually create the log if its not present? - name: ensure traefik.log exists - file: state=file path=/home/josiah/apps/traefik/traefik.log owner=josiah group=josiah mode=0700 - -- name: allow for pretty json errors - pip: - name: jsondiff + file: + state: file + path: /home/josiah/apps/traefik/traefik.log -- name: Create deploy configs dir if it does not exist - file: - path: /home/josiah/deploys/mediaserver - state: directory - mode: '0755' - -- name: copy over mediaserver config files +- name: copy over highsea config files template: src: "{{ item.src }}" dest: "{{ item.dest }}" - mode: 0777 with_items: - - {src: 'mediaserver-compose.yml', dest: '/home/josiah/apps/mediaserver/mediaserver-compose.yml'} + - {src: 'highsea-compose.yml', dest: '/home/josiah/apps/highsea/highsea-compose.yml'} - {src: 'traefik.yml.j2', dest: '/home/josiah/apps/traefik/traefik.yml'} - name: Ensure acme.json exists @@ -88,22 +96,22 @@ state: file mode: '0600' -- name: Remove the mediaserver stack +- name: Remove the highsea stack block: - - name: Remove the mediaserver stack + - name: Remove the highsea stack docker_stack: state: absent - name: mediaserver + name: highsea compose: - - /home/josiah/apps/mediaserver/mediaserver-compose.yml + - /home/josiah/apps/highsea/highsea-compose.yml - name: Pause so the network gets deleted too pause: seconds: 15 -- name: Deploy mediaserver stack +- name: Deploy highsea stack docker_stack: state: present - name: mediaserver + name: highsea prune: yes compose: - - /home/josiah/apps/mediaserver/mediaserver-compose.yml + - /home/josiah/apps/highsea/highsea-compose.yml diff --git a/ansible/roles/mediaserver/templates/.env.j2 b/ansible/roles/highsea/templates/.env.j2 similarity index 65% rename from ansible/roles/mediaserver/templates/.env.j2 rename to ansible/roles/highsea/templates/.env.j2 index 55d0f00..a8d991e 100644 --- a/ansible/roles/mediaserver/templates/.env.j2 +++ b/ansible/roles/highsea/templates/.env.j2 @@ -12,11 +12,4 @@ ACME_EMAIL=admin@home.jowj.net # The Traefik dashboard will be available at these domains. # The URL is http://example.com/traefik/ # You'll need to fill in BASIC_AUTH above. -TRAEFIK_DOMAINS=hatchery.home.jowj.net - -# Your WebDAV site will be available at these domains. Every domain -# needs DNS records pointing to your server for SSL to work. -WEBDAV_DOMAINS=example.com,www.example.com - -# Set the URL path where you want your WebDAV site to be. -WEBDAV_LOCATION=/webdav +TRAEFIK_DOMAINS=highsea.home.jowj.net \ No newline at end of file diff --git a/ansible/roles/highsea/templates/highsea-compose.yml b/ansible/roles/highsea/templates/highsea-compose.yml new file mode 100644 index 0000000..d8026e2 --- /dev/null +++ b/ansible/roles/highsea/templates/highsea-compose.yml @@ -0,0 +1,209 @@ +--- +version: '3.7' + +services: + traefik: + image: traefik:2.5 + networks: + - pubnet + command: --web --docker --docker.swarmmode --docker.watch --docker.domain="services.jowj.net" --providers.docker.network=pubnet --logLevel=DEBUG + ports: + - 80:80/tcp + - 443:443/tcp + - 8080:8080/tcp + volumes: + - /home/josiah/apps/traefik/acme.json:/acme.json + - traefik_logs:/var/log/access.log + - /var/run/docker.sock:/var/run/docker.sock + - /home/josiah/apps/traefik/traefik.yml:/traefik.yml + deploy: + mode: global + placement: + constraints: + - node.role == manager + environment: + DO_AUTH_TOKEN: "{{ DO_AUTH_TOKEN }}" + labels: + # Dashboard shit I stole from Micah: + # WARNING: A TRAILING SLASH IS MANDATORY IN THE BROWSER + # e.g. https://example.com/dashboard/, not merely /dashboard + - "traefik.enable=true" + - "traefik.http.routers.highsea-traefik-api.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-traefik-api.rule=Host(`highsea.home.jowj.net`)&&(PathPrefix(`/api`)||PathPrefix(`/dashboard`)||PathPrefix(`/debug`))" + - "traefik.http.routers.highsea-traefik-api.service=api@internal" + - "traefik.http.services.highsea-traefik-api.loadbalancer.server.port=8080" + # - "traefik.http.routers.highsea-traefik-api.entrypoints=http" + - "traefik.http.routers.highsea-traefik-api.entrypoints=https" + # middleware redirect + - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" + # global redirect to https + - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)" + - "traefik.http.routers.http-catchall.entrypoints=http" + - "traefik.http.routers.http-catchall.middlewares=redirect-to-https" + + whoami: + image: containous/whoami:latest + networks: + - pubnet + labels: + - "traefik.enable=true" + - "traefik.http.routers.highsea-whoami.rule=Host(`whoami.services.jowj.net`)" + - "traefik.http.routers.highsea-whoami.service=highsea-whoami" + - "traefik.http.services.highsea-whoami.loadbalancer.server.port=80" + - "traefik.http.routers.highsea-whoami.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-whoami.tls=true" + + hydra2: + image: linuxserver/nzbhydra2:latest + networks: + - pubnet + volumes: + - /home/josiah/apps/hydra2/:/config + - /home/josiah/Downloads/usenet-complete/:/data/downloads + environment: + PGID: 1000 + PUID: 1000 + TZ: American/Chicago + labels: + - "traefik.enable=true" + - "traefik.http.services.highsea-hydra2.loadbalancer.server.port=5076" + - "traefik.http.routers.highsea-hydra2.service=highsea-hydra2" + - "traefik.http.routers.highsea-hydra2.rule=Host(`hydra.services.jowj.net`)" + - "traefik.http.routers.highsea-hydra2.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-hydra2.tls=true" + + sabnzb: + image: "linuxserver/sabnzbd" + networks: + - pubnet + environment: + PUID: 1000 + PGID: 1000 + TZ: America/Chicago + volumes: + - "/home/josiah/apps/sabnzbd:/config" + - "/home/josiah/Downloads/usenet-complete/:/data/downloads" + - "/home/josiah/Downloads/usenet-incomplete/:/data/incomplete-downloads" + - "/home/josiah/Downloads/usenet-watched/:/data/watched-folder" + - "/media/usenet/tv:/data/tv" + - "/media/usenet/audio/:/data/music" + - "/media/usenet/movies/:/data/movies" + - "/media/usenet/book-library/yet-to-be-added:/data/books" + labels: + - "traefik.enable=true" + - "traefik.http.services.highsea-sabnzbd.loadbalancer.server.port=8080" + - "traefik.http.routers.highsea-sabnzbd.service=highsea-sabnzbd" + - "traefik.http.routers.highsea-sabnzbd.rule=Host(`sab.services.jowj.net`)" + - "traefik.http.routers.highsea-sabnzbd.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-sabnzbd.tls=true" + + sonarr: + image: "linuxserver/sonarr" + environment: + PUID: 1000 + PGID: 1000 + TZ: America/Chicago + volumes: + - "/home/josiah/apps/sonarr:/config" + - "/home/josiah/Downloads/usenet-complete/:/data/downloads" + - "/media/usenet/tv/:/data/tv" + labels: + - "traefik.enable=true" + - "traefik.http.services.highsea-sonarr.loadbalancer.server.port=8989" + - "traefik.http.routers.highsea-sonarr.service=highsea-sonarr" + - "traefik.http.routers.highsea-sonarr.rule=Host(`sonarr.services.jowj.net`)" + - "traefik.http.routers.highsea-sonarr.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-sonarr.tls=true" + networks: + - pubnet + + lidarr: + image: "linuxserver/lidarr" + environment: + PUID: 1000 + PGID: 1000 + TZ: America/Chicago + volumes: + - "/home/josiah/apps/lidarr:/config" + - "/home/josiah/Downloads/usenet-complete/:/data/downloads" + - "/media/usenet/audio/:/data/music" + labels: + - "traefik.enable=true" + - "traefik.http.services.highsea-lidarr.loadbalancer.server.port=8686" + - "traefik.http.routers.highsea-lidarr.service=highsea-lidarr" + - "traefik.http.routers.highsea-lidarr.rule=Host(`lidarr.services.jowj.net`)" + - "traefik.http.routers.highsea-lidarr.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-lidarr.tls=true" + networks: + - pubnet + + radarr: + image: "linuxserver/radarr" + environment: + PUID: 1000 + PGID: 1000 + TZ: America/Chicago + volumes: + - "/home/josiah/apps/radarr:/config" + - "/home/josiah/Downloads/usenet-complete/:/data/downloads" + - "/media/usenet/movies/:/data/movies" + labels: + - "traefik.enable=true" + - "traefik.http.services.highsea-radarr.loadbalancer.server.port=7878" + - "traefik.http.routers.highsea-radarr.service=highsea-radarr" + - "traefik.http.routers.highsea-radarr.rule=Host(`radarr.services.jowj.net`)" + - "traefik.http.routers.highsea-radarr.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-radarr.tls=true" + networks: + - pubnet + + readarr: + image: lscr.io/linuxserver/readarr:develop + container_name: readarr + environment: + PUID: 1000 + PGID: 1000 + TZ: America/Chicago + volumes: + - "/home/josiah/apps/readarr:/config" + - "/media/usenet/audiobooks:/media/usenet/book-library/readarr/audiobooks" + - "/media/usenet/book-library/readarr:/media/usenet/book-library/readarr" # not ready + - "/home/josiah/Downloads/usenet-complete/:/media/downloads" + labels: + - "traefik.enable=true" + - "traefik.http.services.highsea-readarr.loadbalancer.server.port=8787" + - "traefik.http.routers.highsea-readarr.service=highsea-readarr" + - "traefik.http.routers.highsea-readarr.rule=Host(`readarr.services.jowj.net`)" + - "traefik.http.routers.highsea-readarr.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-readarr.tls=true" + networks: + - pubnet + + bazarr: + image: lscr.io/linuxserver/bazarr:latest + environment: + PUID: 1000 + PGID: 1000 + TZ: America/Chicago + volumes: + - "/home/josiah/apps/bazarr:/config" + - "/home/josiah/Downloads/usenet-complete/:/media/downloads" + - "/media/usenet/tv/:/media/tv" + - "/media/usenet/movies/:/media/movies" + labels: + - "traefik.enable=true" + - "traefik.http.services.highsea-bazarr.loadbalancer.server.port=6767" + - "traefik.http.routers.highsea-bazarr.service=highsea-bazarr" + - "traefik.http.routers.highsea-bazarr.rule=Host(`bazarr.services.jowj.net`)" + - "traefik.http.routers.highsea-bazarr.tls.certResolver=highsea-resolver" + - "traefik.http.routers.highsea-bazarr.tls=true" + networks: + - pubnet + +volumes: + traefik_acme: + traefik_logs: + +networks: + pubnet: + driver: overlay diff --git a/ansible/roles/mediaserver/templates/traefik.yml.j2 b/ansible/roles/highsea/templates/traefik.yml.j2 similarity index 93% rename from ansible/roles/mediaserver/templates/traefik.yml.j2 rename to ansible/roles/highsea/templates/traefik.yml.j2 index b365df5..ffd4934 100644 --- a/ansible/roles/mediaserver/templates/traefik.yml.j2 +++ b/ansible/roles/highsea/templates/traefik.yml.j2 @@ -22,13 +22,13 @@ entryPoints: http: middlewares: - mediaserver-https-redir: + highsea-https-redir: redirectScheme: scheme: https permanent: true certificatesResolvers: - mediaserver-resolver: + highsea-resolver: acme: storage: /acme.json email: "admin@home.jowj.net" diff --git a/ansible/roles/highsea/vars/main.yml b/ansible/roles/highsea/vars/main.yml new file mode 100644 index 0000000..2219e76 --- /dev/null +++ b/ansible/roles/highsea/vars/main.yml @@ -0,0 +1 @@ +sys_packages: [ 'curl', 'vim', 'git', 'emacs', 'build-essential', 'mosh', 'python3', 'python3-pip', 'nfs-common', 'python3-jsondiff'] diff --git a/ansible/roles/mediaserver/templates/mediaserver-compose.yml b/ansible/roles/mediaserver/templates/mediaserver-compose.yml deleted file mode 100644 index 26b6a69..0000000 --- a/ansible/roles/mediaserver/templates/mediaserver-compose.yml +++ /dev/null @@ -1,291 +0,0 @@ ---- -version: '3.7' - -services: - traefik: - image: traefik:2.5 - networks: - - pubnet - command: --web --docker --docker.swarmmode --docker.watch --docker.domain="services.jowj.net" --providers.docker.network=pubnet --logLevel=DEBUG - ports: - - 80:80/tcp - - 443:443/tcp - - 8080:8080/tcp - volumes: - - /home/josiah/apps/traefik/acme.json:/acme.json - - traefik_logs:/var/log/access.log - - /var/run/docker.sock:/var/run/docker.sock - - /home/josiah/apps/traefik/traefik.yml:/traefik.yml - deploy: - mode: global - placement: - constraints: - - node.role == manager - environment: - DO_AUTH_TOKEN: "{{ DO_AUTH_TOKEN }}" - labels: - # Dashboard shit I stole from Micah: - # WARNING: A TRAILING SLASH IS MANDATORY IN THE BROWSER - # e.g. https://example.com/dashboard/, not merely /dashboard - - "traefik.enable=true" - - "traefik.http.routers.mediaserver-traefik-api.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-traefik-api.rule=Host(`hatchery.home.jowj.net`)&&(PathPrefix(`/api`)||PathPrefix(`/dashboard`)||PathPrefix(`/debug`))" - - "traefik.http.routers.mediaserver-traefik-api.service=api@internal" - - "traefik.http.services.mediaserver-traefik-api.loadbalancer.server.port=8080" - # - "traefik.http.routers.mediaserver-traefik-api.entrypoints=http" - - "traefik.http.routers.mediaserver-traefik-api.entrypoints=https" - # middleware redirect - - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - # global redirect to https - - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)" - - "traefik.http.routers.http-catchall.entrypoints=http" - - "traefik.http.routers.http-catchall.middlewares=redirect-to-https" - - - hydra2: - image: linuxserver/nzbhydra2:latest - networks: - - pubnet - volumes: - - /home/josiah/apps/hydra2/:/config - - /home/josiah/Downloads/usenet-complete/:/data/downloads - environment: - PGID: 1000 - PUID: 1000 - TZ: American/Chicago - labels: - - "traefik.enable=true" - - "traefik.http.services.mediaserver-hydra2.loadbalancer.server.port=5076" - - "traefik.http.routers.mediaserver-hydra2.service=mediaserver-hydra2" - - "traefik.http.routers.mediaserver-hydra2.rule=Host(`hydra.services.jowj.net`)" - - "traefik.http.routers.mediaserver-hydra2.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-hydra2.tls=true" - - sabnzb: - image: "linuxserver/sabnzbd" - networks: - - pubnet - environment: - PUID: 1000 - PGID: 1000 - TZ: America/Chicago - volumes: - - "/home/josiah/apps/sabnzbd:/config" - - "/home/josiah/Downloads/usenet-complete/:/data/downloads" - - "/home/josiah/Downloads/usenet-incomplete/:/data/incomplete-downloads" - - "/home/josiah/Downloads/usenet-watched/:/data/watched-folder" - - "/media/usenet/tv:/data/tv" - - "/media/usenet/audio/:/data/music" - - "/media/usenet/movies/:/data/movies" - - "/media/usenet/book-library/yet-to-be-added:/data/books" - labels: - - "traefik.enable=true" - - "traefik.http.services.mediaserver-sabnzbd.loadbalancer.server.port=8080" - - "traefik.http.routers.mediaserver-sabnzbd.service=mediaserver-sabnzbd" - - "traefik.http.routers.mediaserver-sabnzbd.rule=Host(`sab.services.jowj.net`)" - - "traefik.http.routers.mediaserver-sabnzbd.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-sabnzbd.tls=true" - - sonarr: - image: "linuxserver/sonarr" - environment: - PUID: 1000 - PGID: 1000 - TZ: America/Chicago - volumes: - - "/home/josiah/apps/sonarr:/config" - - "/home/josiah/Downloads/usenet-complete/:/data/downloads" - - "/media/usenet/tv/:/data/tv" - labels: - - "traefik.enable=true" - - "traefik.http.services.mediaserver-sonarr.loadbalancer.server.port=8989" - - "traefik.http.routers.mediaserver-sonarr.service=mediaserver-sonarr" - - "traefik.http.routers.mediaserver-sonarr.rule=Host(`sonarr.services.jowj.net`)" - - "traefik.http.routers.mediaserver-sonarr.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-sonarr.tls=true" - networks: - - pubnet - - lidarr: - image: "linuxserver/lidarr" - environment: - PUID: 1000 - PGID: 1000 - TZ: America/Chicago - volumes: - - "/home/josiah/apps/lidarr:/config" - - "/home/josiah/Downloads/usenet-complete/:/data/downloads" - - "/media/usenet/audio/:/data/music" - labels: - - "traefik.enable=true" - - "traefik.http.services.mediaserver-lidarr.loadbalancer.server.port=8686" - - "traefik.http.routers.mediaserver-lidarr.service=mediaserver-lidarr" - - "traefik.http.routers.mediaserver-lidarr.rule=Host(`lidarr.services.jowj.net`)" - - "traefik.http.routers.mediaserver-lidarr.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-lidarr.tls=true" - networks: - - pubnet - - radarr: - image: "linuxserver/radarr" - environment: - PUID: 1000 - PGID: 1000 - TZ: America/Chicago - volumes: - - "/home/josiah/apps/radarr:/config" - - "/home/josiah/Downloads/usenet-complete/:/data/downloads" - - "/media/usenet/movies/:/data/movies" - labels: - - "traefik.enable=true" - - "traefik.http.services.mediaserver-radarr.loadbalancer.server.port=7878" - - "traefik.http.routers.mediaserver-radarr.service=mediaserver-radarr" - - "traefik.http.routers.mediaserver-radarr.rule=Host(`radarr.services.jowj.net`)" - - "traefik.http.routers.mediaserver-radarr.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-radarr.tls=true" - networks: - - pubnet - - whoami: - image: containous/whoami:latest - networks: - - pubnet - labels: - - "traefik.enable=true" - - "traefik.http.routers.mediaserver-whoami.rule=Host(`whoami.services.jowj.net`)" - - "traefik.http.routers.mediaserver-whoami.service=mediaserver-whoami" - - "traefik.http.services.mediaserver-whoami.loadbalancer.server.port=80" - - "traefik.http.routers.mediaserver-whoami.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-whoami.tls=true" - - tubesync: - image: ghcr.io/meeb/tubesync:latest - networks: - - pubnet - environment: - PUID: 1000 - PGID: 1000 - TZ: America/Chicago - LISTEN_HOST: "0.0.0.0" - LISTEN_PORT: '8080' - volumes: - - "/home/josiah/apps/tubesync-config:/config" - - "/media/usenet/youtube:/downloads" - labels: - - "traefik.enable=true" - - "traefik.docker.network=pubnet" - - "traefik.http.routers.mediaserver-tubesync.rule=Host(`tubesync.services.jowj.net`)" - - "traefik.http.services.mediaserver-tubesync.loadbalancer.server.port=4848" - - "traefik.http.routers.mediaserver-tubesync.service=mediaserver-tubesync" - - "traefik.http.routers.mediaserver-tubesync.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-tubesync.tls=true" - - audiobookshelf: - image: ghcr.io/advplyr/audiobookshelf:latest - networks: - - pubnet - environment: - PUID: 1000 - PGID: 1000 - AUDIOBOOKSHELF_UID: 1000 - AUDIOBOOKSHELF_GID: 1000 - TZ: America/Chicago - volumes: - - "/home/josiah/apps/audiobookshelf/config:/config" - - "/home/josiah/apps/audiobookshelf/metadata:/metadata" - - "/media/usenet/audiobooks:/audiobooks" - - "/media/usenet/podcasts:/podcasts" - labels: - - "traefik.enable=true" - - "traefik.docker.network=pubnet" - - "traefik.http.routers.mediaserver-audiobookshelf.rule=Host(`audiobookshelf.services.jowj.net`)" - - "traefik.http.services.mediaserver-audiobookshelf.loadbalancer.server.port=80" - - "traefik.http.routers.mediaserver-audiobookshelf.service=mediaserver-audiobookshelf" - - "traefik.http.routers.mediaserver-audiobookshelf.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-audiobookshelf.tls=true" - - readarr: - image: lscr.io/linuxserver/readarr:develop - container_name: readarr - environment: - PUID: 1000 - PGID: 1000 - TZ: America/Chicago - volumes: - - "/home/josiah/apps/readarr/config:/config" - - "/media/usenet/audiobooks:/media/usenet/book-library/readarr/audiobooks" - - "/media/usenet/book-library/readarr:/media/usenet/book-library/readarr" # not ready - - "/home/josiah/Downloads/usenet-complete/:/media/downloads" - labels: - - "traefik.enable=true" - - "traefik.http.services.mediaserver-readarr.loadbalancer.server.port=8787" - - "traefik.http.routers.mediaserver-readarr.service=mediaserver-readarr" - - "traefik.http.routers.mediaserver-readarr.rule=Host(`readarr.services.jowj.net`)" - - "traefik.http.routers.mediaserver-readarr.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-readarr.tls=true" - networks: - - pubnet - - bazarr: - image: lscr.io/linuxserver/bazarr:latest - environment: - PUID: 1000 - PGID: 1000 - TZ: America/Chicago - volumes: - - "/home/josiah/apps/bazarr/config:/config" - - "/home/josiah/Downloads/usenet-complete/:/media/downloads" - - "/media/usenet/tv/:/media/tv" - - "/media/usenet/movies/:/media/movies" - labels: - - "traefik.enable=true" - - "traefik.http.services.mediaserver-bazarr.loadbalancer.server.port=6767" - - "traefik.http.routers.mediaserver-bazarr.service=mediaserver-bazarr" - - "traefik.http.routers.mediaserver-bazarr.rule=Host(`bazarr.services.jowj.net`)" - - "traefik.http.routers.mediaserver-bazarr.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-bazarr.tls=true" - networks: - - pubnet - - stash: - image: git.awful.club/packages/hoard:latest - ## If you intend to use stash's DLNA functionality uncomment the below network mode and comment out the above ports section - # network_mode: host - logging: - driver: "json-file" - options: - max-file: "10" - max-size: "2m" - environment: - - STASH_STASH=/data/ - - STASH_GENERATED=/generated/ - - STASH_METADATA=/metadata/ - - STASH_CACHE=/cache/ - ## Adjust below to change default port (9999) - # - STASH_PORT=9999 - volumes: - - /etc/localtime:/etc/localtime:ro - - "{{ vault_stash_config }}:/root/.stash" - - "{{ vault_stash_data }}:/data" - - "{{ vault_stash_metadata }}:/metadata" - - "{{ vault_stash_cache }}:/cache" - - "{{ vault_stash_generated }}:/generated" - labels: - - "traefik.enable=true" - - "traefik.http.services.mediaserver-hoard.loadbalancer.server.port=9999" - - "traefik.http.routers.mediaserver-hoard.service=mediaserver-hoard" - - "traefik.http.routers.mediaserver-hoard.rule=Host(`hoard.services.jowj.net`)" - - "traefik.http.routers.mediaserver-hoard.tls.certResolver=mediaserver-resolver" - - "traefik.http.routers.mediaserver-hoard.tls=true" - networks: - - pubnet - - -volumes: - traefik_acme: - traefik_logs: - vol-webdav: - -networks: - pubnet: - driver: overlay diff --git a/ansible/roles/mediaserver/vars/main.yml b/ansible/roles/mediaserver/vars/main.yml deleted file mode 100644 index ef86eef..0000000 --- a/ansible/roles/mediaserver/vars/main.yml +++ /dev/null @@ -1 +0,0 @@ -sys_packages: [ 'curl', 'vim', 'git', 'emacs', 'build-essential', 'mosh', 'python', 'python3-pip' ] From 0389805bc3661535604630b80ce49edfa607c8ea Mon Sep 17 00:00:00 2001 From: josiah Date: Sun, 31 Dec 2023 23:20:49 -0600 Subject: [PATCH 4/9] Python is no longer a valid package! lol. --- ansible/roles/abjure/vars/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/abjure/vars/main.yml b/ansible/roles/abjure/vars/main.yml index 71ca1a3..4c006a0 100644 --- a/ansible/roles/abjure/vars/main.yml +++ b/ansible/roles/abjure/vars/main.yml @@ -1 +1 @@ -sys_packages: [ 'curl', 'vim', 'git', 'emacs', 'build-essential', 'mosh', 'python', 'python3-pip', 'nfs-common' ] +sys_packages: [ 'curl', 'vim', 'git', 'emacs', 'build-essential', 'mosh', 'python3', 'python3-pip', 'nfs-common' ] From d4953760ede55a41aa38045054dadc4a60e4ca0f Mon Sep 17 00:00:00 2001 From: josiah Date: Sun, 31 Dec 2023 23:23:56 -0600 Subject: [PATCH 5/9] Repoint DNS from old hatchery cname to new highsea. Also, remove some unneeded services that just didn't work out. --- terraform/do_domains/outputs.tf | 16 ----- .../do_domains/records_services.jowj.net.tf | 64 +++---------------- 2 files changed, 8 insertions(+), 72 deletions(-) diff --git a/terraform/do_domains/outputs.tf b/terraform/do_domains/outputs.tf index 9adaf10..a0a91f1 100755 --- a/terraform/do_domains/outputs.tf +++ b/terraform/do_domains/outputs.tf @@ -66,10 +66,6 @@ output "digitalocean_record_tfer--273019966_id" { value = "${digitalocean_record.tfer--273019966.id}" } -output "digitalocean_record_tfer--273019998_id" { - value = "${digitalocean_record.tfer--273019998.id}" -} - output "digitalocean_record_tfer--273021791_id" { value = "${digitalocean_record.tfer--273021791.id}" } @@ -82,10 +78,6 @@ output "digitalocean_record_tfer--273021839_id" { value = "${digitalocean_record.tfer--273021839.id}" } -output "digitalocean_record_tfer--273024307_id" { - value = "${digitalocean_record.tfer--273024307.id}" -} - output "digitalocean_record_tfer--273196064_id" { value = "${digitalocean_record.tfer--273196064.id}" } @@ -130,14 +122,6 @@ output "digitalocean_record_tfer--282785137_id" { value = "${digitalocean_record.tfer--282785137.id}" } -output "digitalocean_record_tfer--289972404_id" { - value = "${digitalocean_record.tfer--289972404.id}" -} - -output "digitalocean_record_tfer--318001321_id" { - value = "${digitalocean_record.tfer--318001321.id}" -} - output "digitalocean_record_tfer--318333757_id" { value = "${digitalocean_record.tfer--318333757.id}" } diff --git a/terraform/do_domains/records_services.jowj.net.tf b/terraform/do_domains/records_services.jowj.net.tf index 321b085..5b13716 100644 --- a/terraform/do_domains/records_services.jowj.net.tf +++ b/terraform/do_domains/records_services.jowj.net.tf @@ -46,30 +46,6 @@ resource "digitalocean_record" "tfer--273019966" { weight = "0" } -resource "digitalocean_record" "tfer--273019998" { - domain = "services.jowj.net" - flags = "0" - name = "tubesync" - port = "0" - priority = "0" - ttl = "900" - type = "CNAME" - value = "hatchery.home.jowj.net." - weight = "0" -} - -resource "digitalocean_record" "tfer--273024307" { - domain = "services.jowj.net" - flags = "0" - name = "watchtower" - port = "0" - priority = "0" - ttl = "900" - type = "CNAME" - value = "hatchery.home.jowj.net." - weight = "0" -} - resource "digitalocean_record" "tfer--273196064" { domain = "services.jowj.net" flags = "0" @@ -78,7 +54,7 @@ resource "digitalocean_record" "tfer--273196064" { priority = "0" ttl = "900" type = "CNAME" - value = "hatchery.home.jowj.net." + value = "highsea.home.jowj.net." weight = "0" } @@ -140,7 +116,7 @@ resource "digitalocean_record" "tfer--282780675" { priority = "0" ttl = "900" type = "CNAME" - value = "hatchery.home.jowj.net." + value = "highsea.home.jowj.net." weight = "0" } @@ -152,7 +128,7 @@ resource "digitalocean_record" "tfer--282785060" { priority = "0" ttl = "900" type = "CNAME" - value = "hatchery.home.jowj.net." + value = "highsea.home.jowj.net." weight = "0" } @@ -164,7 +140,7 @@ resource "digitalocean_record" "tfer--282785080" { priority = "0" ttl = "900" type = "CNAME" - value = "hatchery.home.jowj.net." + value = "highsea.home.jowj.net." weight = "0" } @@ -176,7 +152,7 @@ resource "digitalocean_record" "tfer--282785089" { priority = "0" ttl = "900" type = "CNAME" - value = "hatchery.home.jowj.net." + value = "highsea.home.jowj.net." weight = "0" } @@ -188,31 +164,7 @@ resource "digitalocean_record" "tfer--282785137" { priority = "0" ttl = "900" type = "CNAME" - value = "hatchery.home.jowj.net." - weight = "0" -} - -resource "digitalocean_record" "tfer--289972404" { - domain = "services.jowj.net" - flags = "0" - name = "requests" - port = "0" - priority = "0" - ttl = "900" - type = "CNAME" - value = "hatchery.home.jowj.net." - weight = "0" -} - -resource "digitalocean_record" "tfer--318001321" { - domain = "services.jowj.net" - flags = "0" - name = "audiobookshelf" - port = "0" - priority = "0" - ttl = "900" - type = "CNAME" - value = "hatchery.home.jowj.net." + value = "highsea.home.jowj.net." weight = "0" } @@ -224,7 +176,7 @@ resource "digitalocean_record" "tfer--318333757" { priority = "0" ttl = "900" type = "CNAME" - value = "hatchery.home.jowj.net." + value = "highsea.home.jowj.net." weight = "0" } @@ -236,7 +188,7 @@ resource "digitalocean_record" "tfer--326222435" { priority = "0" ttl = "900" type = "CNAME" - value = "hatchery.home.jowj.net." + value = "highsea.home.jowj.net." weight = "0" } From c0a7ec54bfc9da032caf25c16c2a87ef32769ec9 Mon Sep 17 00:00:00 2001 From: josiah Date: Mon, 1 Jan 2024 15:05:10 -0600 Subject: [PATCH 6/9] Remov unneeded arg, change IP to priv. --- ansible/roles/highsea/templates/highsea-compose.yml | 1 - terraform/do_domains/records_home.jowj.net.tf | 3 ++- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/roles/highsea/templates/highsea-compose.yml b/ansible/roles/highsea/templates/highsea-compose.yml index d8026e2..b6f3dce 100644 --- a/ansible/roles/highsea/templates/highsea-compose.yml +++ b/ansible/roles/highsea/templates/highsea-compose.yml @@ -159,7 +159,6 @@ services: readarr: image: lscr.io/linuxserver/readarr:develop - container_name: readarr environment: PUID: 1000 PGID: 1000 diff --git a/terraform/do_domains/records_home.jowj.net.tf b/terraform/do_domains/records_home.jowj.net.tf index deef93e..38dff90 100644 --- a/terraform/do_domains/records_home.jowj.net.tf +++ b/terraform/do_domains/records_home.jowj.net.tf @@ -217,6 +217,7 @@ resource "digitalocean_record" demiurge-dns { # this motherfucker is currently set manually. # TODO: Figure out how to do this programmatically +# Especailly because getting the output of tailscale is difficult?? resource "digitalocean_record" highsea-dns { domain = "home.jowj.net" flags = "0" @@ -225,6 +226,6 @@ resource "digitalocean_record" highsea-dns { priority = "0" ttl = "900" type = "A" - value = "192.168.1.17" + value = "100.72.101.61" weight = "0" } From 7982871e25244dcb7cc7a0a102e543cda75711d8 Mon Sep 17 00:00:00 2001 From: josiah Date: Mon, 1 Jan 2024 18:47:40 -0600 Subject: [PATCH 7/9] Add calibre to mediaserver stack. Investigating using calibre-web insteado of the full desktop app. hopefully this works out well with using readarr as the primary management interface. --- ansible/roles/abjure/tasks/main.yml | 4 ++-- .../roles/abjure/templates/abjure-compose.yml | 21 +++++++++++++++++++ .../do_domains/records_services.jowj.net.tf | 12 +++++++++++ 3 files changed, 35 insertions(+), 2 deletions(-) diff --git a/ansible/roles/abjure/tasks/main.yml b/ansible/roles/abjure/tasks/main.yml index ab288b0..b95492e 100644 --- a/ansible/roles/abjure/tasks/main.yml +++ b/ansible/roles/abjure/tasks/main.yml @@ -20,9 +20,9 @@ - name: ensure traefik.log exists file: state=file path=/home/josiah/apps/traefik/traefik.log owner=josiah group=josiah mode=0700 -- name: Create deploy configs dir if it does not exist +- name: Create calibre config dir file: - path: /home/josiah/deploys/abjure + path: /home/josiah/apps/calibre state: directory mode: '0755' diff --git a/ansible/roles/abjure/templates/abjure-compose.yml b/ansible/roles/abjure/templates/abjure-compose.yml index 4e16b75..7d1e067 100644 --- a/ansible/roles/abjure/templates/abjure-compose.yml +++ b/ansible/roles/abjure/templates/abjure-compose.yml @@ -88,6 +88,27 @@ services: networks: - pubnet + calibre-web: + image: lscr.io/linuxserver/calibre-web:latest + environment: + - PUID=1000 + - PGID=1000 + - TZ=Etc/UTC + - DOCKER_MODS=linuxserver/mods:universal-calibre #optional + - OAUTHLIB_RELAX_TOKEN_SCOPE=1 #optional + volumes: + - /home/josiah/apps/calibre/:/config + - /media/usenet/book-library/readarr/:/books + labels: + - "traefik.enable=true" + - "traefik.http.services.mediaserver-calibre.loadbalancer.server.port=8083" + - "traefik.http.routers.mediaserver-calibre.service=mediaserver-calibre" + - "traefik.http.routers.mediaserver-calibre.rule=Host(`calibre.services.jowj.net`)" + - "traefik.http.routers.mediaserver-calibre.tls.certResolver=mediaserver-resolver" + - "traefik.http.routers.mediaserver-calibre.tls=true" + networks: + - pubnet + volumes: traefik_acme: traefik_logs: diff --git a/terraform/do_domains/records_services.jowj.net.tf b/terraform/do_domains/records_services.jowj.net.tf index 5b13716..fa07279 100644 --- a/terraform/do_domains/records_services.jowj.net.tf +++ b/terraform/do_domains/records_services.jowj.net.tf @@ -216,3 +216,15 @@ resource "digitalocean_record" "pms-services-jowj-net" { value = "lair.home.jowj.net." weight = "0" } + +resource "digitalocean_record" "calibre-services-jowj-net" { + domain = "services.jowj.net" + flags = "0" + name = "calibre" + port = "0" + priority = "0" + ttl = "900" + type = "CNAME" + value = "lair.home.jowj.net." + weight = "0" +} \ No newline at end of file From 4d42bcae2efcb18910fed6bcf4b3e9dc67f2c44a Mon Sep 17 00:00:00 2001 From: josiah Date: Mon, 8 Jan 2024 16:44:40 -0600 Subject: [PATCH 8/9] Move to using the full calibre docker container, from calibre-web. This is much much better. --- .../roles/abjure/templates/abjure-compose.yml | 21 +++++++++++-------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/ansible/roles/abjure/templates/abjure-compose.yml b/ansible/roles/abjure/templates/abjure-compose.yml index 7d1e067..632e97f 100644 --- a/ansible/roles/abjure/templates/abjure-compose.yml +++ b/ansible/roles/abjure/templates/abjure-compose.yml @@ -10,7 +10,7 @@ services: ports: - 80:80/tcp - 443:443/tcp - - 8080:8080/tcp + - 8088:8088/tcp volumes: - /home/josiah/apps/traefik/acme.json:/acme.json - traefik_logs:/var/log/access.log @@ -31,7 +31,7 @@ services: - "traefik.http.routers.mediaserver-traefik-api.tls.certResolver=mediaserver-resolver" - "traefik.http.routers.mediaserver-traefik-api.rule=Host(`lair.home.jowj.net`)&&(PathPrefix(`/api`)||PathPrefix(`/dashboard`)||PathPrefix(`/debug`))" - "traefik.http.routers.mediaserver-traefik-api.service=api@internal" - - "traefik.http.services.mediaserver-traefik-api.loadbalancer.server.port=8080" + - "traefik.http.services.mediaserver-traefik-api.loadbalancer.server.port=8088" # - "traefik.http.routers.mediaserver-traefik-api.entrypoints=http" - "traefik.http.routers.mediaserver-traefik-api.entrypoints=https" # middleware redirect @@ -88,17 +88,20 @@ services: networks: - pubnet - calibre-web: - image: lscr.io/linuxserver/calibre-web:latest + calibre: + image: lscr.io/linuxserver/calibre:latest environment: - PUID=1000 - PGID=1000 - TZ=Etc/UTC - - DOCKER_MODS=linuxserver/mods:universal-calibre #optional - - OAUTHLIB_RELAX_TOKEN_SCOPE=1 #optional volumes: - - /home/josiah/apps/calibre/:/config - - /media/usenet/book-library/readarr/:/books + - /home/josiah/apps/calibre/:/config # this is where the config / metadata db / cache live + - /media/usenet/book-library/readarr/:/books # this is the library + ports: + # don't use traefik for non 443 / 80 ports. + - 8080:8080 + - 8181:8181 + - 8081:8081 labels: - "traefik.enable=true" - "traefik.http.services.mediaserver-calibre.loadbalancer.server.port=8083" @@ -107,7 +110,7 @@ services: - "traefik.http.routers.mediaserver-calibre.tls.certResolver=mediaserver-resolver" - "traefik.http.routers.mediaserver-calibre.tls=true" networks: - - pubnet + - pubnet volumes: traefik_acme: From 1b3f2a1e6dfd0c12079805818c1583eaf0f2bcc8 Mon Sep 17 00:00:00 2001 From: josiah Date: Mon, 8 Jan 2024 16:45:32 -0600 Subject: [PATCH 9/9] Remove mount argument, update bind mount. That nfs volume mount is not needed now that I figured out how to do LVM expansion within Proxmox. Still more to figure out, but for now this is great. --- ansible/roles/highsea/tasks/main.yml | 9 --------- ansible/roles/highsea/templates/highsea-compose.yml | 2 +- 2 files changed, 1 insertion(+), 10 deletions(-) diff --git a/ansible/roles/highsea/tasks/main.yml b/ansible/roles/highsea/tasks/main.yml index 27d0645..262391b 100644 --- a/ansible/roles/highsea/tasks/main.yml +++ b/ansible/roles/highsea/tasks/main.yml @@ -33,15 +33,6 @@ # TODO: Partition, detect PV, add new disk to LVM. -# Mount remote storage under ~/apps -- name: Mount an NFS volume - ansible.posix.mount: - src: sainthood.home.jowj.net:/volume1/bikeshed_workloads/highsea-apps/ - path: /home/josiah/backups - opts: rw,sync,hard - state: mounted - fstype: nfs - - name: Mount usenet volume ansible.posix.mount: src: storage.home.jowj.net:/volume1/usenet diff --git a/ansible/roles/highsea/templates/highsea-compose.yml b/ansible/roles/highsea/templates/highsea-compose.yml index b6f3dce..2715cee 100644 --- a/ansible/roles/highsea/templates/highsea-compose.yml +++ b/ansible/roles/highsea/templates/highsea-compose.yml @@ -167,7 +167,7 @@ services: - "/home/josiah/apps/readarr:/config" - "/media/usenet/audiobooks:/media/usenet/book-library/readarr/audiobooks" - "/media/usenet/book-library/readarr:/media/usenet/book-library/readarr" # not ready - - "/home/josiah/Downloads/usenet-complete/:/media/downloads" + - "/home/josiah/Downloads/usenet-complete/books:/data/downloads/books" labels: - "traefik.enable=true" - "traefik.http.services.highsea-readarr.loadbalancer.server.port=8787"