From 8137b68676a0a7526a7da15dd04cc81984d56ced Mon Sep 17 00:00:00 2001 From: Marty Oehme Date: Thu, 4 Sep 2025 12:33:50 +0200 Subject: [PATCH 1/8] arr: Automatically update vpn server list --- roles/arr/templates/compose.yaml.jinja | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/arr/templates/compose.yaml.jinja b/roles/arr/templates/compose.yaml.jinja index c61e3d0..8647aae 100644 --- a/roles/arr/templates/compose.yaml.jinja +++ b/roles/arr/templates/compose.yaml.jinja @@ -156,6 +156,7 @@ services: - VPN_SERVICE_PROVIDER={{ arrstack_vpn_provider }} - OPENVPN_USER={{ arrstack_vpn_user }} - OPENVPN_PASSWORD={{ arrstack_vpn_pass }} + - UPDATER_PERIOD=48h - SERVER_REGIONS={{ arrstack_vpn_regions }} - PORT_FORWARD_ONLY=true - VPN_PORT_FORWARDING=on From 208cecd5efbd646046f1565bd57c442a02783053 Mon Sep 17 00:00:00 2001 From: Marty Oehme Date: Wed, 3 Sep 2025 15:48:56 +0200 Subject: [PATCH 2/8] paperless: Change script scan output dir Still a HACK should not be hard-coded but perhaps installed as a runnable script on localhost for the role (e.g. `scan-paperless`) which receives its scanner more dynamically. --- roles/paperless/scripts/scantopaperless.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/paperless/scripts/scantopaperless.sh b/roles/paperless/scripts/scantopaperless.sh index ad43f3e..004189a 100755 --- a/roles/paperless/scripts/scantopaperless.sh +++ b/roles/paperless/scripts/scantopaperless.sh @@ -24,5 +24,5 @@ if ! stat -t out*.png >/dev/null 2>&1; then fi magick out*.png out.pdf -mv out.pdf "$HOME/documents/consume/$(date +'%Y-%m-%dT%H-%M')_scan.pdf" +mv out.pdf "$HOME/Nextcloud/Apps/paperless_consume/$(date +'%Y-%m-%dT%H-%M')_scan.pdf" rm out*.png From 38ca54a027a7460d56bd42309e2e1a2461b7fe2d Mon Sep 17 00:00:00 2001 From: Marty Oehme Date: Wed, 13 Aug 2025 10:22:36 +0200 Subject: [PATCH 3/8] arr: Fix created torrent directory name --- roles/arr/tasks/main.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/arr/tasks/main.yaml b/roles/arr/tasks/main.yaml index 47e6a03..fd2d0db 100644 --- a/roles/arr/tasks/main.yaml +++ b/roles/arr/tasks/main.yaml @@ -18,7 +18,7 @@ loop: - "" - files - - files/torrents + - files/torrent - files/usenet - media - media/tv From 5d69d45b970ede64229586d2d65a55cb5b50707f Mon Sep 17 00:00:00 2001 From: Marty Oehme Date: Sat, 9 Aug 2025 23:25:36 +0200 Subject: [PATCH 4/8] arr: Add tdarr service --- roles/arr/defaults/main.yaml | 1 + roles/arr/templates/compose.yaml.jinja | 38 ++++++++++++++++++++++++++ 2 files changed, 39 insertions(+) diff --git a/roles/arr/defaults/main.yaml b/roles/arr/defaults/main.yaml index 40af124..8119892 100644 --- a/roles/arr/defaults/main.yaml +++ b/roles/arr/defaults/main.yaml @@ -8,6 +8,7 @@ arrstack_lidarr_subdomain: "{{ arrstack_protocol }}lidarr.{{ domain | default('e arrstack_readarr_subdomain: "{{ arrstack_protocol }}readarr.{{ domain | default('example.org') }}" arrstack_prowlarr_subdomain: "{{ arrstack_protocol }}prowlarr.{{ domain | default('example.org') }}" arrstack_beets_subdomain: "{{ arrstack_protocol }}beets.{{ domain | default('example.org') }}" +arrstack_tdarr_subdomain: "{{ arrstack_protocol }}tdarr.{{ domain | default('example.org') }}" arrstack_sabnzbd_subdomain: "{{ arrstack_protocol }}usenet.{{ domain | default('example.org') }}" arrstack_qbit_subdomain: "{{ arrstack_protocol }}torrent.{{ domain | default('example.org') }}" arrstack_jellyseerr_subdomain: "{{ arrstack_protocol }}get.{{ domain | default('example.org') }}" diff --git a/roles/arr/templates/compose.yaml.jinja b/roles/arr/templates/compose.yaml.jinja index 8647aae..ea8fd0b 100644 --- a/roles/arr/templates/compose.yaml.jinja +++ b/roles/arr/templates/compose.yaml.jinja @@ -122,6 +122,41 @@ services: caddy: "{{ arrstack_beets_subdomain }}" caddy.reverse_proxy: "{{ '{{' }}upstreams 8337{{ '}}'}}" + tdarr: + image: ghcr.io/haveagitgat/tdarr + container_name: tdarr + networks: + - caddy + group_add: + - video # video + # - render # render NOTE: Would have to be added for e.g. Ubuntu 20+ afaik + environment: + - PUID={{ arrstack_puid }} + - PGID={{ arrstack_pgid }} + - TZ={{ arrstack_tz }} + - UMASK_SET={{ arrstack_umask_set }} + - serverIP=0.0.0.0 + - serverPort=8266 + - webUIPort=8265 + - internalNode=true + - inContainer=true + - ffmpegVersion=7 + - auth=false + - maxLogSizeMB=10 + volumes: + - "{{ arrstack_env_dir }}/config/tdarr:/app/configs" + - "{{ arrstack_env_dir }}/data/tdarr:/app/server" + - "{{ arrstack_serve_dir }}/media/tv:/media/tv" + - "/mnt/ext/data/media/movies:/media/movies" # FIXME: To be changed? + - "/transcodes:/transcodes" # TODO: Implement dynamic form with variable? + restart: unless-stopped + devices: + - /dev/dri:/dev/dri + labels: + caddy: "{{ arrstack_tdarr_subdomain }}" + caddy.reverse_proxy: "{{ '{{' }}upstreams 8265{{ '}}'}}" + + sabnzbd: container_name: sabnzbd image: lscr.io/linuxserver/sabnzbd:latest @@ -254,6 +289,9 @@ services: - PGID={{ arrstack_pgid }} - TZ={{ arrstack_tz }} - UMASK_SET={{ arrstack_umask_set }} + group_add: + - video # video + # - render # render devices: - /dev/dri:/dev/dri #environment: From 30f068fd7ab096e73c93a10410fd6be9c378866d Mon Sep 17 00:00:00 2001 From: Marty Oehme Date: Mon, 11 Aug 2025 10:01:18 +0200 Subject: [PATCH 5/8] arr: Add bazarr to stack --- roles/arr/defaults/main.yaml | 1 + roles/arr/templates/compose.yaml.jinja | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+) diff --git a/roles/arr/defaults/main.yaml b/roles/arr/defaults/main.yaml index 8119892..d608686 100644 --- a/roles/arr/defaults/main.yaml +++ b/roles/arr/defaults/main.yaml @@ -9,6 +9,7 @@ arrstack_readarr_subdomain: "{{ arrstack_protocol }}readarr.{{ domain | default( arrstack_prowlarr_subdomain: "{{ arrstack_protocol }}prowlarr.{{ domain | default('example.org') }}" arrstack_beets_subdomain: "{{ arrstack_protocol }}beets.{{ domain | default('example.org') }}" arrstack_tdarr_subdomain: "{{ arrstack_protocol }}tdarr.{{ domain | default('example.org') }}" +arrstack_bazarr_subdomain: "{{ arrstack_protocol }}bazarr.{{ domain | default('example.org') }}" arrstack_sabnzbd_subdomain: "{{ arrstack_protocol }}usenet.{{ domain | default('example.org') }}" arrstack_qbit_subdomain: "{{ arrstack_protocol }}torrent.{{ domain | default('example.org') }}" arrstack_jellyseerr_subdomain: "{{ arrstack_protocol }}get.{{ domain | default('example.org') }}" diff --git a/roles/arr/templates/compose.yaml.jinja b/roles/arr/templates/compose.yaml.jinja index ea8fd0b..9a70e08 100644 --- a/roles/arr/templates/compose.yaml.jinja +++ b/roles/arr/templates/compose.yaml.jinja @@ -156,6 +156,25 @@ services: caddy: "{{ arrstack_tdarr_subdomain }}" caddy.reverse_proxy: "{{ '{{' }}upstreams 8265{{ '}}'}}" + bazarr: + image: lscr.io/linuxserver/bazarr:latest + container_name: bazarr + networks: + - caddy + environment: + - PUID={{ arrstack_puid }} + - PGID={{ arrstack_pgid }} + - TZ={{ arrstack_tz }} + volumes: + - "{{ arrstack_env_dir }}/config/sabnzbd:/config" + - "{{ arrstack_serve_dir }}/media/tv:/data/media/tv" + - "/mnt/ext/data/media/movies:/data/media/movies" # FIXME: To be changed? + ports: + - 6767:6767 + restart: unless-stopped + labels: + caddy: "{{ arrstack_bazarr_subdomain }}" + caddy.reverse_proxy: "{{ '{{' }}upstreams 6767{{ '}}'}}" sabnzbd: container_name: sabnzbd From 12e48b17b76a670ec107a18cf38d1f9771caa111 Mon Sep 17 00:00:00 2001 From: Marty Oehme Date: Wed, 13 Aug 2025 10:22:36 +0200 Subject: [PATCH 6/8] arr: Add quadnine DNS server check to vpn --- roles/arr/templates/compose.yaml.jinja | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/arr/templates/compose.yaml.jinja b/roles/arr/templates/compose.yaml.jinja index 9a70e08..0b1b5e9 100644 --- a/roles/arr/templates/compose.yaml.jinja +++ b/roles/arr/templates/compose.yaml.jinja @@ -212,6 +212,7 @@ services: - OPENVPN_PASSWORD={{ arrstack_vpn_pass }} - UPDATER_PERIOD=48h - SERVER_REGIONS={{ arrstack_vpn_regions }} + - DNS_ADDRESS=9.9.9.9 # TODO: implement variable - PORT_FORWARD_ONLY=true - VPN_PORT_FORWARDING=on - VPN_PORT_FORWARDING_PROVIDER={{ arrstack_vpn_provider }} From 2b05fc736348b2a846a0c94532d755e89ca8daed Mon Sep 17 00:00:00 2001 From: Marty Oehme Date: Mon, 20 Oct 2025 22:35:33 +0200 Subject: [PATCH 7/8] fix: Remove hardcoded arrstack dir in template --- roles/arr/templates/compose.yaml.jinja | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/arr/templates/compose.yaml.jinja b/roles/arr/templates/compose.yaml.jinja index 0b1b5e9..dde72e6 100644 --- a/roles/arr/templates/compose.yaml.jinja +++ b/roles/arr/templates/compose.yaml.jinja @@ -342,8 +342,8 @@ services: volumes: - "{{ arrstack_env_dir }}/data/gonic:/data" - "{{ arrstack_env_dir }}/data/gonic_playlists:/playlists" - - "/srv/media/music:/music:ro" - - "/srv/media/podcasts:/podcasts" + - "{{ arrstack_serve_dir }}/media/music:/music:ro" + - "{{ arrstack_serve_dir }}/media/podcasts:/podcasts" #- /path/to/cache:/cache # transcode / covers / etc cache dir labels: caddy: "{{ arrstack_gonic_subdomain }}" From 547ab91972e8ea8352d718757dd6677b990fbe60 Mon Sep 17 00:00:00 2001 From: Marty Oehme Date: Mon, 20 Oct 2025 10:47:32 +0200 Subject: [PATCH 8/8] feat: Add nfs server to host machines --- roles/nfs/defaults/main.yaml | 5 +++++ roles/nfs/handlers/main.yaml | 7 +++++++ roles/nfs/tasks/main.yaml | 30 ++++++++++++++++++++++++++++++ roles/nfs/templates/exports.jinja | 3 +++ site.yaml | 5 +++++ 5 files changed, 50 insertions(+) create mode 100644 roles/nfs/defaults/main.yaml create mode 100644 roles/nfs/handlers/main.yaml create mode 100644 roles/nfs/tasks/main.yaml create mode 100644 roles/nfs/templates/exports.jinja diff --git a/roles/nfs/defaults/main.yaml b/roles/nfs/defaults/main.yaml new file mode 100644 index 0000000..5e4bc96 --- /dev/null +++ b/roles/nfs/defaults/main.yaml @@ -0,0 +1,5 @@ +--- + +nfs_export_lines: + - "/srv/media 192.168.0.0/24(rw,async,nosuid,no_subtree_check)" + - "/srv/files 192.168.0.0/24(rw,async,nosuid,no_subtree_check)" diff --git a/roles/nfs/handlers/main.yaml b/roles/nfs/handlers/main.yaml new file mode 100644 index 0000000..515359b --- /dev/null +++ b/roles/nfs/handlers/main.yaml @@ -0,0 +1,7 @@ +--- +- name: Reload nfs service + ansible.builtin.systemd: + name: nfs-server.service + daemon_reload: true + state: restarted + become: true diff --git a/roles/nfs/tasks/main.yaml b/roles/nfs/tasks/main.yaml new file mode 100644 index 0000000..165ea36 --- /dev/null +++ b/roles/nfs/tasks/main.yaml @@ -0,0 +1,30 @@ +--- +- name: Install nfs kernel package + ansible.builtin.package: + name: nfs-kernel-server + state: present + become: true + notify: Reload nfs service + +- name: Create exports conf file + ansible.builtin.template: + src: exports.jinja + dest: /etc/exports + mode: '0644' + become: true + notify: Reload nfs service + +- name: Ensure share directories exist + ansible.builtin.file: + state: directory + # nfs conf lines start with the shared dir + path: "{{ item.split(' ')[0] }}" + become: true + loop: "{{ nfs_export_lines }}" + +- name: Enable nfs server unit + ansible.builtin.systemd: + enabled: true + name: nfs-server.service + state: started + become: true diff --git a/roles/nfs/templates/exports.jinja b/roles/nfs/templates/exports.jinja new file mode 100644 index 0000000..5ad57a7 --- /dev/null +++ b/roles/nfs/templates/exports.jinja @@ -0,0 +1,3 @@ +{% for line in nfs_export_lines %} + {{ line }} +{% endfor %} diff --git a/site.yaml b/site.yaml index bf4e33f..ce1b5c6 100644 --- a/site.yaml +++ b/site.yaml @@ -25,6 +25,11 @@ name: system tags: system + - name: Set up nfs shares + ansible.builtin.import_role: + name: nfs + tags: nfs + # FIXME: Role needs much fixup before it can run # - name: Prepare incus # ansible.builtin.import_role: