Compare commits
No commits in common. "prod" and "nginx" have entirely different histories.
19 changed files with 8 additions and 189 deletions
|
|
@ -1,20 +0,0 @@
|
|||
nginx:
|
||||
jellyseerr:
|
||||
auth: none
|
||||
default: no
|
||||
https:
|
||||
port: 5055
|
||||
prot: http
|
||||
request:
|
||||
auth: none
|
||||
default: no
|
||||
https:
|
||||
port: 5055
|
||||
prot: http
|
||||
|
||||
portal:
|
||||
Media:
|
||||
request:
|
||||
name: Mediar Request Server
|
||||
summary: Jellyseerr media request server
|
||||
public: false
|
||||
|
|
@ -1,11 +1,10 @@
|
|||
|
||||
nginx:
|
||||
cloud:
|
||||
auth: none
|
||||
https:
|
||||
port: 8080
|
||||
prot: http
|
||||
nolocal: true
|
||||
|
||||
portal:
|
||||
Misc:
|
||||
cloud:
|
||||
|
|
|
|||
|
|
@ -1,14 +0,0 @@
|
|||
nginx:
|
||||
prowlarr:
|
||||
auth: 2fa
|
||||
default: no
|
||||
https:
|
||||
port: 9696
|
||||
prot: http
|
||||
|
||||
portal:
|
||||
Media:
|
||||
prowlarr:
|
||||
name: Torrent Indexers
|
||||
summary: Prowlarr Server
|
||||
public: false
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
nginx:
|
||||
readarr:
|
||||
auth: 2fa
|
||||
default: no
|
||||
https:
|
||||
port: 8787
|
||||
prot: http
|
||||
|
||||
portal:
|
||||
Media:
|
||||
readarr:
|
||||
name: Audiobook/ebook Downloader
|
||||
summary: Readarr Server
|
||||
public: false
|
||||
|
|
@ -6,9 +6,8 @@ roles:
|
|||
- arr
|
||||
- sonarr
|
||||
- radarr
|
||||
- readarr
|
||||
- lidarr
|
||||
- bazarr
|
||||
- prowlarr
|
||||
- jackett
|
||||
- ytdownloader
|
||||
- podfox
|
||||
|
|
|
|||
|
|
@ -1,7 +0,0 @@
|
|||
roles:
|
||||
- server
|
||||
- ssh
|
||||
- nrpe
|
||||
- saltminion
|
||||
- nginx-proxy
|
||||
- jellyseerr
|
||||
|
|
@ -1,6 +1,3 @@
|
|||
echo "Running certbot renew" > /root/scripts/certbot.log
|
||||
/bin/certbot renew >> /root/scripts/certbot.log
|
||||
echo "Finished certbot renew" >> /root/scripts/certbot.log
|
||||
echo "Copying certs to /secure" >> /root/scripts/certbot.log
|
||||
cp -rL /etc/letsencrypt/live/* /secure/certs/
|
||||
echo "Done copying certs to /secure" >> /root/scripts/certbot.log
|
||||
|
|
|
|||
|
|
@ -1,10 +0,0 @@
|
|||
[Unit]
|
||||
Description=Automatically adjust balloon size to free up unused memory
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=no
|
||||
ExecStart=/bin/bash /root/scripts/balloon.sh
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
@ -1,21 +0,0 @@
|
|||
for domain in `virsh list --name`
|
||||
do
|
||||
virsh dommemstat --period 5 $domain
|
||||
max=`virsh dominfo $domain | grep Max | grep -Po "\d+"`
|
||||
current=`virsh dominfo $domain | grep Used | grep -Po "\d+"`
|
||||
unused=`virsh dommemstat $domain | grep unused | grep -Po "\d+"`
|
||||
used=$(($current - $unused))
|
||||
newfree=$((($max - $used) / 5))
|
||||
if test $newfree -gt 524288
|
||||
then
|
||||
target=$(($newfree + $used))
|
||||
else
|
||||
target=$((524288 + $used))
|
||||
fi
|
||||
if test $target -gt $max
|
||||
then
|
||||
target=$max
|
||||
fi
|
||||
echo "$domain: $target"
|
||||
virsh setmem $domain --size $target
|
||||
done
|
||||
|
|
@ -1,9 +0,0 @@
|
|||
[Unit]
|
||||
Description=Update balloon sizes every 10 minutes
|
||||
|
||||
[Timer]
|
||||
OnCalendar=*:0/10
|
||||
Unit=balloon.service
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
@ -99,35 +99,3 @@ libvirtd:
|
|||
# - file: /etc/systemd/network/br1.netdev
|
||||
# - file: /etc/systemd/network/br1.network
|
||||
# - file: /etc/systemd/network/uplink.network
|
||||
|
||||
|
||||
/root/scripts/balloon.sh:
|
||||
file.managed:
|
||||
- source: salt://roles/maintain/host/balloon.sh
|
||||
- user: root
|
||||
- group: root
|
||||
- mode: 644
|
||||
|
||||
/lib/systemd/system/balloon.service:
|
||||
file.managed:
|
||||
- source: salt://roles/maintain/host/balloon.service
|
||||
- user: root
|
||||
- group: root
|
||||
- mode: 644
|
||||
|
||||
/lib/systemd/system/balloon.timer:
|
||||
file.managed:
|
||||
- source: salt://roles/maintain/host/balloon.timer
|
||||
- user: root
|
||||
- group: root
|
||||
- mode: 644
|
||||
|
||||
balloon-reload:
|
||||
module.run:
|
||||
- name: service.systemctl_reload
|
||||
- onchanges:
|
||||
- file: /lib/systemd/system/*
|
||||
|
||||
balloon.timer:
|
||||
service.running:
|
||||
- enable: true
|
||||
|
|
|
|||
|
|
@ -1,14 +0,0 @@
|
|||
{%- set os=grains['os'] -%}
|
||||
|
||||
jellyseerr:
|
||||
pkg.installed:
|
||||
- name: jellyseerr
|
||||
service.running:
|
||||
- enable: true
|
||||
|
||||
#/etc/conf.d/jellyfin:
|
||||
# file.managed:
|
||||
# - source: salt://roles/maintain/jellyfin/jellyfin
|
||||
# - user: root
|
||||
# - group: root
|
||||
# - mode: 644
|
||||
|
|
@ -49,8 +49,6 @@ nginx:
|
|||
- makedirs: true
|
||||
{%- if portal is defined %}
|
||||
- source: salt://roles/maintain/nginx-proxy/remote.conf
|
||||
{%- elif pillar['nginx'][name]['nolocal'] is defined and pillar['nginx'][name]['nolocal'] == 'true' %}
|
||||
- source: salt://roles/maintain/nginx-proxy/empty.conf
|
||||
{%- else %}
|
||||
- source: salt://roles/maintain/nginx-proxy/local.conf
|
||||
{%- endif %}
|
||||
|
|
|
|||
|
|
@ -19,12 +19,13 @@
|
|||
{%- set prot = "https" -%}
|
||||
{%- endif -%}
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen 443;
|
||||
server_name {{server}}.actcur.com {{wildcard}};
|
||||
|
||||
# resolver {{ resolver }};
|
||||
set $backend "{{prot}}://127.0.0.1{%- if port is defined -%}:{{port}}{%- endif -%}";
|
||||
|
||||
ssl on;
|
||||
ssl_certificate /etc/nginx/certs/{{server}}.actcur.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/nginx/certs/{{server}}.actcur.com/privkey.pem;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
|
|
|
|||
|
|
@ -1,11 +1,12 @@
|
|||
server {
|
||||
|
||||
listen 443 ssl default_server;
|
||||
listen 443 default_server;
|
||||
server_name portal.actcur.com;
|
||||
|
||||
resolver {{resolver}};
|
||||
set $certbot "https://salt.actcur.com";
|
||||
|
||||
ssl on;
|
||||
ssl_certificate /etc/nginx/certs/portal.actcur.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/nginx/certs/portal.actcur.com/privkey.pem;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
|
|
|
|||
|
|
@ -12,13 +12,14 @@
|
|||
{%- endif -%}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen 443;
|
||||
server_name {{server}}.actcur.com {{wildcard}};
|
||||
|
||||
resolver {{resolver}};
|
||||
set $backend "https://{{server}}.actcur.com";
|
||||
set $certbot "https://salt.actcur.com";
|
||||
|
||||
ssl on;
|
||||
ssl_certificate /etc/nginx/certs/{{server}}.actcur.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/nginx/certs/{{server}}.actcur.com/privkey.pem;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
|
|
|
|||
|
|
@ -1,22 +0,0 @@
|
|||
/var/lib/prowlarr:
|
||||
file.symlink:
|
||||
- target: /mnt/data/prowlarr
|
||||
- force: true
|
||||
- mkdirs: true
|
||||
|
||||
#package is in aur repo
|
||||
prowlarr:
|
||||
pkg.installed
|
||||
|
||||
prowlarr_service:
|
||||
service.running:
|
||||
- name: prowlarr
|
||||
- enable: true
|
||||
|
||||
flaresolverr:
|
||||
pkg.installed
|
||||
|
||||
flaresolverr_service:
|
||||
service.running:
|
||||
- name: flaresolverr
|
||||
- enable: true
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
/var/lib/readarr:
|
||||
file.symlink:
|
||||
- target: /mnt/data/readarr
|
||||
- force: true
|
||||
- mkdirs: true
|
||||
|
||||
#package is in aur repo
|
||||
readarr-develop:
|
||||
pkg.installed
|
||||
|
||||
readarr_service:
|
||||
service.running:
|
||||
- name: readarr
|
||||
- enable: true
|
||||
Loading…
Add table
Reference in a new issue