From a375049e1e5de6a049f4d27a91718fad2d61317e Mon Sep 17 00:00:00 2001 From: Lino Silva Date: Wed, 19 Apr 2023 18:38:25 +0100 Subject: [PATCH] feat: Arr stack --- inventory/my-cluster/host_vars/arr | 6 ++ inventory/my-cluster/hosts.ini | 1 + playbook-arr.yml | 23 +++++ roles/arr/enable-ssh/tasks/main.yml | 8 ++ roles/arr/install-app/tasks/main.yml | 28 ++++++ roles/arr/install-app/templates/.env | 3 + .../install-app/templates/docker-compose.yml | 89 +++++++++++++++++++ roles/arr/install-docker/tasks/main.yml | 27 ++++++ roles/arr/provision/create/tasks/main.yml | 34 +++++++ roles/arr/provision/delete/tasks/main.yml | 26 ++++++ roles/arr/provision/start/tasks/main.yml | 8 ++ roles/arr/update/tasks/main.yml | 6 ++ .../templates/bazarr.subdomain.conf | 4 +- .../templates/lidarr.subdomain.conf | 4 +- .../templates/overseerr.subdomain.conf | 4 +- .../templates/prowlarr.subdomain.conf | 4 +- .../templates/radarr.subdomain.conf | 6 +- .../templates/sonarr.subdomain.conf | 4 +- .../templates/transmission.subdomain.conf | 4 +- .../provision/create/tasks/main.yml | 2 +- 20 files changed, 275 insertions(+), 16 deletions(-) create mode 100644 inventory/my-cluster/host_vars/arr create mode 100644 playbook-arr.yml create mode 100644 roles/arr/enable-ssh/tasks/main.yml create mode 100644 roles/arr/install-app/tasks/main.yml create mode 100644 roles/arr/install-app/templates/.env create mode 100644 roles/arr/install-app/templates/docker-compose.yml create mode 100644 roles/arr/install-docker/tasks/main.yml create mode 100644 roles/arr/provision/create/tasks/main.yml create mode 100644 roles/arr/provision/delete/tasks/main.yml create mode 100644 roles/arr/provision/start/tasks/main.yml create mode 100644 roles/arr/update/tasks/main.yml diff --git a/inventory/my-cluster/host_vars/arr b/inventory/my-cluster/host_vars/arr new file mode 100644 index 0000000..ee1e6a3 --- /dev/null +++ b/inventory/my-cluster/host_vars/arr @@ -0,0 +1,6 @@ +--- + +ansible_user: root +ansible_host: 10.0.2.25 +ansible_ssh_pass: "{{ proxmox_api_password }}" +vmid: 616 diff --git a/inventory/my-cluster/hosts.ini b/inventory/my-cluster/hosts.ini index a42dfbe..e56570d 100644 --- a/inventory/my-cluster/hosts.ini +++ b/inventory/my-cluster/hosts.ini @@ -10,6 +10,7 @@ tautulli openvpn youtube-downloader changedetection +arr [baremetal] mipha diff --git a/playbook-arr.yml b/playbook-arr.yml new file mode 100644 index 0000000..b833f72 --- /dev/null +++ b/playbook-arr.yml @@ -0,0 +1,23 @@ +--- +# - hosts: localhost +# become: yes +# roles: +# - role: arr/provision/delete +# - role: arr/provision/create +# - role: arr/provision/start +# vars: +# vmid: 616 + +# - hosts: impa +# become: yes +# roles: +# - role: arr/enable-ssh +# vars: +# vmid: 616 + +- hosts: arr + become: yes + roles: + # - role: arr/update + # - role: arr/install-docker + - role: arr/install-app diff --git a/roles/arr/enable-ssh/tasks/main.yml b/roles/arr/enable-ssh/tasks/main.yml new file mode 100644 index 0000000..562256b --- /dev/null +++ b/roles/arr/enable-ssh/tasks/main.yml @@ -0,0 +1,8 @@ +--- +# Unable to use ansible.builtin.lineinfile, because we need to run this through the proxmox host (because SSH is not enabled duh) + +- name: Allow SSH into LXC + ansible.builtin.command: lxc-attach -n 616 -- sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g" /etc/ssh/sshd_config + +- name: Restart SSH Service + ansible.builtin.command: lxc-attach -n 616 service ssh restart diff --git a/roles/arr/install-app/tasks/main.yml b/roles/arr/install-app/tasks/main.yml new file mode 100644 index 0000000..98d60c2 --- /dev/null +++ b/roles/arr/install-app/tasks/main.yml @@ -0,0 +1,28 @@ +--- +- name: Create directory for docker-compose + ansible.builtin.file: + path: /root/docker/ + state: directory + mode: "0755" + +- name: Copy .env file + template: + src: ".env" + dest: /root/docker/.env + owner: root + group: root + mode: 0755 + +- name: Copy docker-compose file + template: + src: "docker-compose.yml" + dest: /root/docker/docker-compose.yml + owner: root + group: root + mode: 0755 + +- name: Run docker-compose + ansible.builtin.shell: + args: + cmd: docker compose up -d + chdir: /root/docker/ diff --git a/roles/arr/install-app/templates/.env b/roles/arr/install-app/templates/.env new file mode 100644 index 0000000..75c65ed --- /dev/null +++ b/roles/arr/install-app/templates/.env @@ -0,0 +1,3 @@ +PUID=1000 +PGID=1000 +TZ=Europe/Lisbon \ No newline at end of file diff --git a/roles/arr/install-app/templates/docker-compose.yml b/roles/arr/install-app/templates/docker-compose.yml new file mode 100644 index 0000000..0997de6 --- /dev/null +++ b/roles/arr/install-app/templates/docker-compose.yml @@ -0,0 +1,89 @@ +version: '3' +services: + radarr: + image: linuxserver/radarr + container_name: radarr + restart: unless-stopped + volumes: + - /data/radarr:/config + - /downloads:/downloads + - /movies:/movies + ports: + - 7878:7878 + env_file: + - .env + + prowlarr: + image: linuxserver/prowlarr + container_name: prowlarr + restart: unless-stopped + ports: + - 9696:9696 + env_file: + - .env + volumes: + - /data/prowlarr:/config + + sonarr: + image: linuxserver/sonarr + container_name: sonarr + restart: unless-stopped + volumes: + - /data/sonarr:/config + - /downloads:/downloads + - /tv:/tv + ports: + - 8989:8989 + env_file: + - .env + + overseerr: + image: ghcr.io/linuxserver/overseerr + container_name: overseerr + restart: unless-stopped + ports: + - 5055:5055 + env_file: + - .env + volumes: + - /data/overseerr:/config + + transmission: + image: ghcr.io/linuxserver/transmission + container_name: transmission + restart: unless-stopped + env_file: + - .env + volumes: + - /data/transmission:/config + - /downloads:/downloads + ports: + - 9091:9091 + - 51413:51413 + - 51413:51413/udp + + lidarr: + image: ghcr.io/linuxserver/lidarr + container_name: lidarr + ports: + - 8686:8686 + env_file: + - .env + volumes: + - /data/lidarr:/config + - /music:/music #optional + - /downloads:/downloads #optional + restart: unless-stopped + + bazarr: + image: lscr.io/linuxserver/bazarr + container_name: bazarr + restart: unless-stopped + ports: + - 6767:6767 + env_file: + - .env + volumes: + - /data/bazaar/config:/config + - /movies:/movies + - /tv:/tv diff --git a/roles/arr/install-docker/tasks/main.yml b/roles/arr/install-docker/tasks/main.yml new file mode 100644 index 0000000..d5baba9 --- /dev/null +++ b/roles/arr/install-docker/tasks/main.yml @@ -0,0 +1,27 @@ +--- +- name: Get convenience script + uri: + url: "https://get.docker.com" + method: GET + dest: /tmp/get-docker.sh + mode: a+x + creates: /tmp/get-docker.sh + +- name: Execute script + ansible.builtin.shell: /tmp/get-docker.sh + +- name: Ensure group "docker" exists + ansible.builtin.group: + name: docker + state: present + +- name: Add root user to docker group + ansible.builtin.user: + name: root + groups: docker + append: yes + +- name: Enable docker on startup + ansible.builtin.shell: | + systemctl enable docker.service + systemctl enable containerd.service diff --git a/roles/arr/provision/create/tasks/main.yml b/roles/arr/provision/create/tasks/main.yml new file mode 100644 index 0000000..3fdabc8 --- /dev/null +++ b/roles/arr/provision/create/tasks/main.yml @@ -0,0 +1,34 @@ +--- +- name: Create container + community.general.proxmox: + vmid: 616 + node: impa + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + password: "{{ lxc_password }}" + hostname: arr + ostemplate: "hyrule-8tb-nfs:vztmpl/debian-11-standard_11.3-1_amd64.tar.zst" + netif: "{'net0':'name=eth0,\ + gw=10.0.0.1,\ + ip=10.0.2.25/21,\ + hwaddr=cc:c6:cf:de:17:85,\ + bridge=vmbr0'}" + cores: 2 + memory: 4096 + unprivileged: no + swap: 0 + searchdomain: "home" + onboot: 1 + features: + - nesting=1 + - keyctl=1 + mounts: '{ + "mp0":"/mnt/8TB/Movies,mp=/movies", + "mp1":"/mnt/2TB/TVShows,mp=/tv", + "mp2":"/mnt/2TB/Music,mp=/music", + "mp3":"/mnt/8TB/uTorrent,mp=/downloads", + "mp4":"nvme:20,mp=/data,backup=1" + }' + disk: nvme:10 + force: yes diff --git a/roles/arr/provision/delete/tasks/main.yml b/roles/arr/provision/delete/tasks/main.yml new file mode 100644 index 0000000..a4dee4e --- /dev/null +++ b/roles/arr/provision/delete/tasks/main.yml @@ -0,0 +1,26 @@ +--- +- name: Stop container + community.general.proxmox: + vmid: "{{ vmid }}" + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: stopped + ignore_errors: true + timeout: 90 + +- name: Remove containers + community.general.proxmox: + vmid: "{{ vmid }}" + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: absent + ignore_errors: true + timeout: 90 + +- name: Remove .ssh/known_hosts lines + ansible.builtin.lineinfile: + path: /Users/lino.silva/.ssh/known_hosts + state: absent + regexp: "^10.0.2.25" diff --git a/roles/arr/provision/start/tasks/main.yml b/roles/arr/provision/start/tasks/main.yml new file mode 100644 index 0000000..de86b9b --- /dev/null +++ b/roles/arr/provision/start/tasks/main.yml @@ -0,0 +1,8 @@ +--- +- name: Start deployments + community.general.proxmox: + vmid: "{{ vmid }}" + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: started diff --git a/roles/arr/update/tasks/main.yml b/roles/arr/update/tasks/main.yml new file mode 100644 index 0000000..8227bf4 --- /dev/null +++ b/roles/arr/update/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- name: Update all packages to their latest version + become: true + ansible.builtin.apt: + update_cache: yes + upgrade: full diff --git a/roles/swag/install-app/templates/bazarr.subdomain.conf b/roles/swag/install-app/templates/bazarr.subdomain.conf index 93a3088..69cee94 100644 --- a/roles/swag/install-app/templates/bazarr.subdomain.conf +++ b/roles/swag/install-app/templates/bazarr.subdomain.conf @@ -37,7 +37,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app 10.0.2.1; + set $upstream_app 10.0.2.25; set $upstream_port 6767; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -47,7 +47,7 @@ server { location ~ (/bazarr)?/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app 10.0.2.1; + set $upstream_app 10.0.2.25; set $upstream_port 6767; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/lidarr.subdomain.conf b/roles/swag/install-app/templates/lidarr.subdomain.conf index 1303ee1..90ed04d 100644 --- a/roles/swag/install-app/templates/lidarr.subdomain.conf +++ b/roles/swag/install-app/templates/lidarr.subdomain.conf @@ -37,7 +37,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app 10.0.2.1; + set $upstream_app 10.0.2.25; set $upstream_port 8686; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -47,7 +47,7 @@ server { location ~ (/lidarr)?/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app 10.0.2.1; + set $upstream_app 10.0.2.25; set $upstream_port 8686; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/overseerr.subdomain.conf b/roles/swag/install-app/templates/overseerr.subdomain.conf index 7a2604c..ec58ccc 100644 --- a/roles/swag/install-app/templates/overseerr.subdomain.conf +++ b/roles/swag/install-app/templates/overseerr.subdomain.conf @@ -37,7 +37,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app 10.0.2.1; + set $upstream_app 10.0.2.25; set $upstream_port 5055; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -47,7 +47,7 @@ server { location ~ (/overseerr)?/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app 10.0.2.1; + set $upstream_app 10.0.2.25; set $upstream_port 5055; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/prowlarr.subdomain.conf b/roles/swag/install-app/templates/prowlarr.subdomain.conf index 1e16fe3..d68a23f 100644 --- a/roles/swag/install-app/templates/prowlarr.subdomain.conf +++ b/roles/swag/install-app/templates/prowlarr.subdomain.conf @@ -37,7 +37,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app 10.0.2.1; + set $upstream_app 10.0.2.25; set $upstream_port 9696; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -46,7 +46,7 @@ server { location ~ (/prowlarr)?(/[0-9]+)?/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app 10.0.2.1; + set $upstream_app 10.0.2.25; set $upstream_port 9696; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/radarr.subdomain.conf b/roles/swag/install-app/templates/radarr.subdomain.conf index a39794f..6c3e0f5 100644 --- a/roles/swag/install-app/templates/radarr.subdomain.conf +++ b/roles/swag/install-app/templates/radarr.subdomain.conf @@ -37,8 +37,8 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app 10.0.2.1; - set $upstream_port 7878; + set $upstream_app 10.0.2.25; + set $upstream_port 7878 set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -47,7 +47,7 @@ server { location ~ (/radarr)?/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app 10.0.2.1; + set $upstream_app 10.0.2.25; set $upstream_port 7878; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/sonarr.subdomain.conf b/roles/swag/install-app/templates/sonarr.subdomain.conf index cd1f55d..fe7c8a0 100644 --- a/roles/swag/install-app/templates/sonarr.subdomain.conf +++ b/roles/swag/install-app/templates/sonarr.subdomain.conf @@ -37,7 +37,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app 10.0.2.1; + set $upstream_app 10.0.2.25; set $upstream_port 8989; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -47,7 +47,7 @@ server { location ~ (/sonarr)?/api { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app 10.0.2.1; + set $upstream_app 10.0.2.25; set $upstream_port 8989; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/swag/install-app/templates/transmission.subdomain.conf b/roles/swag/install-app/templates/transmission.subdomain.conf index 1ffa528..da3a94e 100644 --- a/roles/swag/install-app/templates/transmission.subdomain.conf +++ b/roles/swag/install-app/templates/transmission.subdomain.conf @@ -46,7 +46,7 @@ server { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app 10.0.2.1; + set $upstream_app 10.0.2.25; set $upstream_port 9091; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; @@ -57,7 +57,7 @@ server { location ~ (/transmission)?/rpc { include /config/nginx/proxy.conf; include /config/nginx/resolver.conf; - set $upstream_app 10.0.2.1; + set $upstream_app 10.0.2.25; set $upstream_port 9091; set $upstream_proto http; proxy_pass $upstream_proto://$upstream_app:$upstream_port; diff --git a/roles/youtube-downloader/provision/create/tasks/main.yml b/roles/youtube-downloader/provision/create/tasks/main.yml index 571345b..ac375bf 100644 --- a/roles/youtube-downloader/provision/create/tasks/main.yml +++ b/roles/youtube-downloader/provision/create/tasks/main.yml @@ -25,7 +25,7 @@ - keyctl=1 disk: ssd250:5 mounts: '{ - "mp1":"/mnt/8TB/Youtube,mp=/downloads" + "mp0":"/mnt/8TB/Youtube,mp=/downloads" }' force: yes