feat: Add nfs server to host machines

Still a HACK should not be hard-coded but perhaps installed as a
runnable script on localhost for the role (e.g. `scan-paperless`)
which receives its scanner more dynamically.

roles/arr/defaults/main.yaml

@@ -8,6 +8,8 @@ arrstack_lidarr_subdomain: "{{ arrstack_protocol }}lidarr.{{ domain | default('e
 arrstack_readarr_subdomain: "{{ arrstack_protocol }}readarr.{{ domain | default('example.org') }}"
 arrstack_prowlarr_subdomain: "{{ arrstack_protocol }}prowlarr.{{ domain | default('example.org') }}"
 arrstack_beets_subdomain: "{{ arrstack_protocol }}beets.{{ domain | default('example.org') }}"
+arrstack_tdarr_subdomain: "{{ arrstack_protocol }}tdarr.{{ domain | default('example.org') }}"
+arrstack_bazarr_subdomain: "{{ arrstack_protocol }}bazarr.{{ domain | default('example.org') }}"
 arrstack_sabnzbd_subdomain: "{{ arrstack_protocol }}usenet.{{ domain | default('example.org') }}"
 arrstack_qbit_subdomain:  "{{ arrstack_protocol }}torrent.{{ domain | default('example.org') }}"
 arrstack_jellyseerr_subdomain: "{{ arrstack_protocol }}get.{{ domain | default('example.org') }}"

roles/arr/tasks/main.yaml

@@ -18,7 +18,7 @@
   loop:
     - ""
     - files
-    - files/torrents
+    - files/torrent
     - files/usenet
     - media
     - media/tv

roles/arr/templates/compose.yaml.jinja

@@ -122,6 +122,60 @@ services:
       caddy: "{{ arrstack_beets_subdomain }}"
       caddy.reverse_proxy: "{{ '{{' }}upstreams 8337{{ '}}'}}"
 
+  tdarr:
+    image: ghcr.io/haveagitgat/tdarr
+    container_name: tdarr
+    networks:
+      - caddy
+    group_add:
+      - video  # video
+      # - render # render NOTE: Would have to be added for e.g. Ubuntu 20+ afaik
+    environment:
+      - PUID={{ arrstack_puid }}
+      - PGID={{ arrstack_pgid }}
+      - TZ={{ arrstack_tz }}
+      - UMASK_SET={{ arrstack_umask_set }}
+      - serverIP=0.0.0.0
+      - serverPort=8266
+      - webUIPort=8265
+      - internalNode=true
+      - inContainer=true
+      - ffmpegVersion=7
+      - auth=false
+      - maxLogSizeMB=10
+    volumes:
+      - "{{ arrstack_env_dir }}/config/tdarr:/app/configs"
+      - "{{ arrstack_env_dir }}/data/tdarr:/app/server"
+      - "{{ arrstack_serve_dir }}/media/tv:/media/tv"
+      - "/mnt/ext/data/media/movies:/media/movies" # FIXME: To be changed?
+      - "/transcodes:/transcodes" # TODO: Implement dynamic form with variable?
+    restart: unless-stopped
+    devices:
+      - /dev/dri:/dev/dri
+    labels:
+      caddy: "{{ arrstack_tdarr_subdomain }}"
+      caddy.reverse_proxy: "{{ '{{' }}upstreams 8265{{ '}}'}}"
+
+  bazarr:
+    image: lscr.io/linuxserver/bazarr:latest
+    container_name: bazarr
+    networks:
+      - caddy
+    environment:
+      - PUID={{ arrstack_puid }}
+      - PGID={{ arrstack_pgid }}
+      - TZ={{ arrstack_tz }}
+    volumes:
+      - "{{ arrstack_env_dir }}/config/sabnzbd:/config"
+      - "{{ arrstack_serve_dir }}/media/tv:/data/media/tv"
+      - "/mnt/ext/data/media/movies:/data/media/movies" # FIXME: To be changed?
+    ports:
+      - 6767:6767
+    restart: unless-stopped
+    labels:
+      caddy: "{{ arrstack_bazarr_subdomain }}"
+      caddy.reverse_proxy: "{{ '{{' }}upstreams 6767{{ '}}'}}"
+
   sabnzbd:
     container_name: sabnzbd
     image: lscr.io/linuxserver/sabnzbd:latest
@@ -156,7 +210,9 @@ services:
       - VPN_SERVICE_PROVIDER={{ arrstack_vpn_provider }}
       - OPENVPN_USER={{ arrstack_vpn_user }}
       - OPENVPN_PASSWORD={{ arrstack_vpn_pass }}
+      - UPDATER_PERIOD=48h
       - SERVER_REGIONS={{ arrstack_vpn_regions }}
+      - DNS_ADDRESS=9.9.9.9 # TODO: implement variable
       - PORT_FORWARD_ONLY=true
       - VPN_PORT_FORWARDING=on
       - VPN_PORT_FORWARDING_PROVIDER={{ arrstack_vpn_provider }}
@@ -253,6 +309,9 @@ services:
       - PGID={{ arrstack_pgid }}
       - TZ={{ arrstack_tz }}
       - UMASK_SET={{ arrstack_umask_set }}
+    group_add:
+      - video  # video
+      # - render # render
     devices:
       - /dev/dri:/dev/dri
     #environment:
@@ -283,8 +342,8 @@ services:
     volumes:
       - "{{ arrstack_env_dir }}/data/gonic:/data"
       - "{{ arrstack_env_dir }}/data/gonic_playlists:/playlists"
-      - "/srv/media/music:/music:ro"
-      - "/srv/media/podcasts:/podcasts"
+      - "{{ arrstack_serve_dir }}/media/music:/music:ro"
+      - "{{ arrstack_serve_dir }}/media/podcasts:/podcasts"
         #- /path/to/cache:/cache # transcode / covers / etc cache dir
     labels:
       caddy: "{{ arrstack_gonic_subdomain }}"

roles/nfs/defaults/main.yaml

@@ -0,0 +1,5 @@
+---
+
+nfs_export_lines:
+  - "/srv/media 192.168.0.0/24(rw,async,nosuid,no_subtree_check)"
+  - "/srv/files 192.168.0.0/24(rw,async,nosuid,no_subtree_check)"

roles/nfs/handlers/main.yaml

@@ -0,0 +1,7 @@
+---
+- name: Reload nfs service
+  ansible.builtin.systemd:
+    name: nfs-server.service
+    daemon_reload: true
+    state: restarted
+  become: true

roles/nfs/tasks/main.yaml

@@ -0,0 +1,30 @@
+---
+- name: Install nfs kernel package
+  ansible.builtin.package:
+    name: nfs-kernel-server
+    state: present
+  become: true
+  notify: Reload nfs service
+
+- name: Create exports conf file
+  ansible.builtin.template:
+    src: exports.jinja
+    dest: /etc/exports
+    mode: '0644'
+  become: true
+  notify: Reload nfs service
+
+- name: Ensure share directories exist
+  ansible.builtin.file:
+    state: directory
+    # nfs conf lines start with the shared dir
+    path: "{{ item.split(' ')[0] }}"
+  become: true
+  loop: "{{ nfs_export_lines }}"
+
+- name: Enable nfs server unit
+  ansible.builtin.systemd:
+    enabled: true
+    name: nfs-server.service
+    state: started
+  become: true

roles/nfs/templates/exports.jinja

@@ -0,0 +1,3 @@
+{% for line in nfs_export_lines %}
+    {{ line }}
+{% endfor %}

roles/paperless/scripts/scantopaperless.sh

@@ -24,5 +24,5 @@ if ! stat -t out*.png >/dev/null 2>&1; then
 fi
 
 magick out*.png out.pdf
-mv out.pdf "$HOME/documents/consume/$(date +'%Y-%m-%dT%H-%M')_scan.pdf"
+mv out.pdf "$HOME/Nextcloud/Apps/paperless_consume/$(date +'%Y-%m-%dT%H-%M')_scan.pdf"
 rm out*.png

site.yaml

@@ -25,6 +25,11 @@
         name: system
       tags: system
 
+    - name: Set up nfs shares
+      ansible.builtin.import_role:
+        name: nfs
+      tags: nfs
+
       # FIXME: Role needs much fixup before it can run
     # - name: Prepare incus
     #   ansible.builtin.import_role: