actcur/salt
3
0
Fork 0
Code Issues5 Pull requests Projects Releases Wiki Activity

Eliminated video lxc, moved sonarr, radarr, lidarr, and jackett to single VM and moved rtorrent to separate VM. Switched windscribe back to openvpn. Still need to migrate ombi to separate VM.

Browse source
This commit is contained in:
Beth Parker 2019-09-02 15:47:42 -05:00
parent 1e0f39f3a1
commit 7cab1bb7e8
23 changed files with 244 additions and 104 deletions

28
pillars/roles/lxc/video.sls
View file

@ -1,19 +1,19 @@
lxc:
rtorrent:
bind_dirs:
- mnt/video
sonarr:
bind_dirs:
- mnt/video
radarr:
bind_dirs:
- mnt/video
lidarr:
bind_dirs:
- mnt/video
# rtorrent:
# bind_dirs:
# - mnt/video
# sonarr:
# bind_dirs:
# - mnt/video
# radarr:
# bind_dirs:
# - mnt/video
# lidarr:
# bind_dirs:
# - mnt/video
# emby:
# bind_dirs:
# - mnt/video
# - mnt/emby
ombi: []
jackett: []
# ombi: []
# jackett: []

4
pillars/roles/mount/video.sls → pillars/roles/mount/arr.sls
View file

@ -6,5 +6,5 @@ mount:
directory: /mnt/butter/video
user: mount
ext4:
/mnt/lxc:
device: UUID=a11c4225-bf55-4888-ab15-589afde95510
/mnt/data:
device: UUID=a11c4225-bf55-4888-ab15-589afde95510

7
pillars/roles/mount/rtorrent.sls Normal file
View file

@ -0,0 +1,7 @@
mount:
sshfs:
/mnt/video:
name: video
host: host.actcur.com
directory: /mnt/butter/video
user: mount

14
pillars/roles/nginx/jackett.sls Normal file
View file

@ -0,0 +1,14 @@
nginx:
jackett:
auth: 2fa
default: no
https:
port: 9117
prot: http
portal:
Media:
jackett:
name: Torrent Indexers
summary: Jackett Server
public: false

14
pillars/roles/nginx/lidarr.sls Normal file
View file

@ -0,0 +1,14 @@
nginx:
lidarr:
auth: 2fa
default: no
https:
port: 8686
prot: http
portal:
Media:
lidarr:
name: Music Downloader
summary: Music Server
public: false

14
pillars/roles/nginx/ombi.sls Normal file
View file

@ -0,0 +1,14 @@
nginx:
ombi:
auth: none
default: no
https:
port: 5000
prot: http
portal:
Media:
ombi:
name: TV/Movie Requests
summary: OMBI Plex Requests Server
public: true

14
pillars/roles/nginx/radarr.sls Normal file
View file

@ -0,0 +1,14 @@
nginx:
radarr:
auth: 2fa
default: no
https:
port: 7878
prot: http
portal:
Media:
radarr:
name: Movie Downloader
summary: Radarr Server
public: false

14
pillars/roles/nginx/rtorrent.sls Normal file
View file

@ -0,0 +1,14 @@
nginx:
rtorrent:
auth: 2fa
default: no
https:
port: 5080
prot: http
portal:
Media:
rtorrent:
name: Torrents
summary: Rtorrent Torrent Server
public: false

14
pillars/roles/nginx/sonarr.sls Normal file
View file

@ -0,0 +1,14 @@
nginx:
sonarr:
auth: 2fa
default: no
https:
port: 8989
prot: http
portal:
Media:
sonarr:
name: TV Show Downloader
summary: Sonarr Server
public: false

1
pillars/servers/env/server/arr.sls vendored Normal file
View file

@ -0,0 +1 @@
env: prod

12
pillars/servers/roles/server/arr.sls Normal file
View file

@ -0,0 +1,12 @@
grains:
roles:
- server
- nrpe
- saltminion
- nginx-proxy
- arr
- sonarr
- radarr
- lidarr
- jackett
- ytdownloader

2
pillars/servers/roles/server/ombi.sls
View file

@ -3,5 +3,5 @@ grains:
- server
- nrpe
- saltminion
- lxc_container
- nginx-proxy
- ombi

6
pillars/servers/roles/server/rtorrent.sls
View file

@ -3,6 +3,6 @@ grains:
- server
- nrpe
- saltminion
- lxc_container
- rtorrent
- windscribe
- nginx-proxy
- windscribe
- rtorrent

6
states/roles/maintain/jackett/init.sls
View file

@ -1,3 +1,9 @@
/var/lib/jackett:
file.symlink:
- target: /mnt/data/jackett
- force: true
- mkdirs: true
#package is in aur repo
jackett:
pkg.installed

6
states/roles/maintain/lidarr/init.sls
View file

@ -1,3 +1,9 @@
/var/lib/lidarr:
file.symlink:
- target: /mnt/data/lidarr
- force: true
- mkdirs: true
#package is in aur repo
lidarr:
pkg.installed

6
states/roles/maintain/radarr/init.sls
View file

@ -1,3 +1,9 @@
/var/lib/radarr:
file.symlink:
- target: /mnt/data/radarr
- force: true
- mkdirs: true
#package is in aur repo
radarr:
pkg.installed

26
states/roles/maintain/rtorrent/init.sls
View file

@ -2,14 +2,6 @@ rtorrent:
pkg.installed
rutorrent:
pkg.installed
rtorrent_nginx:
pkg.installed:
- name: nginx
service.running:
- name: nginx
- enable: true
- watch:
- file: /etc/nginx/nginx.conf
rtorrent-screen:
pkg.installed:
- name: screen
@ -34,7 +26,7 @@ rtorrent-php-fpm:
- watch:
- file: /etc/php/php.ini
/etc/nginx/nginx.conf:
/etc/nginx/conf.d/rtorrent-backend.conf:
file.managed:
- source: salt://roles/maintain/rtorrent/nginx.conf
- user: root
@ -78,9 +70,15 @@ rtorrent-php-fpm:
- group: root
- mode: 644
- mkdirs: true
rtorrent_service:
/etc/systemd/system/rtorrent.timer:
file.managed:
- source: salt://roles/maintain/rtorrent/rtorrent.timer
- user: root
- group: root
- mode: 644
- mkdirs: true
rtorrent_timer:
service.running:
- name: rtorrent
- enable: false
- watch:
- file: /root/.rtorrent.rc
- name: rtorrent.timer
- enable: true

48
states/roles/maintain/rtorrent/nginx.conf
View file

@ -1,31 +1,21 @@
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 5080;
server_name localhost;
root /usr/share/webapps/rutorrent;
location / {
index index.html index.htm;
}
location ~ \.php$ {
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
location /RPC2 {
include scgi_params;
scgi_pass localhost:5050;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
server {
listen 5080;
server_name localhost;
root /usr/share/webapps/rutorrent;
location / {
index index.html index.htm;
}
location ~ \.php$ {
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
location /RPC2 {
include scgi_params;
scgi_pass localhost:5050;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}

25
states/roles/maintain/rtorrent/rtorrent.service
View file

@ -1,18 +1,11 @@
[Unit]
Description=rTorrent
After=network.target
After=openvpn-client@windscribe-denmark
[Unit]
Description=rTorrent
[Service]
User=root
Type=notify
KillMode=none
ExecStartPre=/usr/bin/bash -c 'if test -e /mnt/video/rtorrent/.session/rtorrent.lock && test -z `pidof rtorrent`; then rm -f /mnt/video/rtorrent/.session/rtorrent.lock; fi'
ExecStart=/bin/bash -c 'sleep 10;/usr/bin/screen -dmfa -S rtorrent /usr/bin/rtorrent -b `ifconfig tun0 | grep "inet " | grep -Po "(?<=inet).*(?=net)"`'
ExecStop=/usr/bin/bash -c "test `pidof rtorrent` && killall -w -s 2 /usr/bin/rtorrent"
WorkingDirectory=/mnt/video/rtorrent
WatchdogSec=420
Restart=always
[Service]
User=root
Type=simple
KillMode=none
ExecStart=/bin/bash /opt/scripts/rtorrent.sh
[Install]
WantedBy=default.target
[Install]
WantedBy=default.target

22
states/roles/maintain/rtorrent/rtorrent.sh
View file

@ -1,2 +1,22 @@
#!/bin/bash
/usr/bin/screen -dmfa -S rtorrent /usr/bin/rtorrent -b /usr/bin/screen -dmfa -S rtorrent /usr/bin/rtorrent -b `ifconfig tun0 | grep "inet " | grep -Po "(?<=inet).*(?=net)"`
#resurrect rtorrent when it dies and restart every 6 hours
hour=`date | grep -Po "\d\d:\d\d:\d\d" | grep -Po "^\d\d:\d\d"`
if [ "$hour" = "00:00" ] || [ "$hour" = "06:00" ] || [ "$hour" = "12:00" ] || [ "$hour" = "18:00" ];then
killall -w -s 2 /usr/bin/rtorrent
systemctl restart openvpn-client@windscribe-denmark.service
fi
currentip=`ps aux | grep rtorrent | grep -v "SCREEN" | grep -Po "\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}"`
tunip=`ip addr show tun0 | grep -Po "inet \d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}" | grep -Po "\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}"`
if [ "$currentip" = "$tunip" ];then
echo "rtorrent is up"
else
echo "restarting rtorrent"
killall -w -s 2 /usr/bin/rtorrent
rm -f /mnt/video/rtorrent/.session/rtorrent.lock
sleep 5;/usr/bin/screen -dmfa -S rtorrent /usr/bin/rtorrent -b $tunip
fi

11
states/roles/maintain/rtorrent/rtorrent.timer Normal file
View file

@ -0,0 +1,11 @@
[Unit]
Description=Verify that rtorrent is running
[Timer]
OnBootSec=2min
OnUnitActiveSec=1min
Unit=rtorrent.service
[Install]
WantedBy=timers.target

6
states/roles/maintain/sonarr/init.sls
View file

@ -1,3 +1,9 @@
/var/lib/sonarr:
file.symlink:
- target: /mnt/data/sonarr
- force: true
- mkdirs: true
#package is in aur repo
sonarr:
pkg.installed

48
states/roles/maintain/windscribe/init.sls
View file

@ -1,10 +1,10 @@
windscribe:
service.running:
- enable: true
#windscribe:
# service.running:
# - enable: true
#windscribe-vpn-pkg:
# pkg.installed:
# - name: openvpn
windscribe-vpn-pkg:
pkg.installed:
- name: openvpn
#/etc/firewalld/direct.xml:
# file.managed:
@ -13,26 +13,26 @@ windscribe:
# - group: root
# - mode: 644
#/etc/openvpn/client/windscribe-denmark.conf:
# file.managed:
# - source: salt://roles/maintain/windscribe/windscribe-denmark.conf
# - user: root
# - group: root
# - mode: 644
/etc/openvpn/client/windscribe-denmark.conf:
file.managed:
- source: salt://roles/maintain/windscribe/windscribe-denmark.conf
- user: root
- group: root
- mode: 644
#/etc/openvpn/client/windscribe.login:
# file.managed:
# - source: salt://secure/files/windscribe.login
# - user: root
# - group: root
# - mode: 600
/etc/openvpn/client/windscribe.login:
file.managed:
- source: salt://secure/files/windscribe.login
- user: root
- group: root
- mode: 600
#openvpn-client@windscribe-denmark:
# service.running:
# - enable: true
# - watch:
# - file: /etc/openvpn/client/windscribe-denmark.conf
# - file: /etc/openvpn/client/windscribe.login
openvpn-client@windscribe-denmark:
service.running:
- enable: true
- watch:
- file: /etc/openvpn/client/windscribe-denmark.conf
- file: /etc/openvpn/client/windscribe.login
#windscribe-firewall:
# service.running: