Compare commits
4 Commits
b8364d8163
...
5e5cb703a6
Author | SHA1 | Date |
---|---|---|
Lukáš Kucharczyk | 5e5cb703a6 | |
Lukáš Kucharczyk | 9c50a6dcaf | |
Lukáš Kucharczyk | 2269007083 | |
Lukáš Kucharczyk | 6ebb25af72 |
|
@ -13,4 +13,9 @@ pgid: "1000"
|
||||||
tz: "Europe/Prague"
|
tz: "Europe/Prague"
|
||||||
media:
|
media:
|
||||||
tv: "{{ data_folder }}/media/tv"
|
tv: "{{ data_folder }}/media/tv"
|
||||||
movies: "{{ data_folder }}/media/movies"
|
movies: "{{ data_folder }}/media/movies"
|
||||||
|
downloads:
|
||||||
|
nzb: "{{ data_folder }}/downloads/nzb"
|
||||||
|
torrent: "{{ data_folder }}/downloads/torrent"
|
||||||
|
torrent_blackhole: "{{ data_folder }}/downloads/blackhole"
|
||||||
|
music: "{{ data_folder }}/downloads/music"
|
|
@ -9,6 +9,7 @@
|
||||||
- postgres
|
- postgres
|
||||||
- authelia
|
- authelia
|
||||||
- keycloak
|
- keycloak
|
||||||
|
- radarr
|
||||||
vars_files:
|
vars_files:
|
||||||
- vault/certs/{{ base_domain }}.yml
|
- vault/certs/{{ base_domain }}.yml
|
||||||
- vault/passwords.yml
|
- vault/passwords.yml
|
||||||
|
|
|
@ -39,6 +39,8 @@ access_control:
|
||||||
policy: one_factor
|
policy: one_factor
|
||||||
- domain: keycloak.{{ base_domain }}
|
- domain: keycloak.{{ base_domain }}
|
||||||
policy: one_factor
|
policy: one_factor
|
||||||
|
- domain: radarr.{{ base_domain }}
|
||||||
|
policy: two_factor
|
||||||
session:
|
session:
|
||||||
name: authelia_session
|
name: authelia_session
|
||||||
secret: somerandomsecret
|
secret: somerandomsecret
|
||||||
|
|
|
@ -0,0 +1,34 @@
|
||||||
|
- name: ensure directories exist
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
mode: '0755'
|
||||||
|
loop:
|
||||||
|
- "{{ data_folder }}/radarr"
|
||||||
|
- "{{ media.tv }}"
|
||||||
|
- "{{ media.movies }}"
|
||||||
|
- "{{ downloads.nzb }}"
|
||||||
|
- name: run container
|
||||||
|
docker_container:
|
||||||
|
name: "{{ role_name }}"
|
||||||
|
image: "linuxserver/radarr"
|
||||||
|
networks:
|
||||||
|
- name: external
|
||||||
|
env:
|
||||||
|
"TZ": "{{ tz }}"
|
||||||
|
"PUID": "{{ puid }}"
|
||||||
|
"PGID": "{{ pgid }}"
|
||||||
|
"UMASK": "022"
|
||||||
|
volumes:
|
||||||
|
- "{{ data_folder }}/radarr:/config"
|
||||||
|
- "{{ downloads.nzb }}:/downloads"
|
||||||
|
- "{{ media.movies }}:/movies"
|
||||||
|
ports:
|
||||||
|
- "7878:7878"
|
||||||
|
state: started
|
||||||
|
- name: copy nginx conf
|
||||||
|
template:
|
||||||
|
src: "{{ role_name }}.conf.j2"
|
||||||
|
dest: "{{ data_folder }}/nginx/conf.d/{{ role_name }}.{{ base_domain }}.conf"
|
||||||
|
mode: "755"
|
||||||
|
notify: reload nginx
|
|
@ -0,0 +1,20 @@
|
||||||
|
server {
|
||||||
|
server_name {{ role_name }}.{{ base_domain }};
|
||||||
|
listen 80;
|
||||||
|
return 301 https://$server_name$request_uri;
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
server_name {{ role_name }}.{{ base_domain }};
|
||||||
|
listen 443 ssl http2;
|
||||||
|
|
||||||
|
include /etc/nginx/snippets/authelia-endpoint.conf;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
include /etc/nginx/snippets/proxy.conf;
|
||||||
|
include /etc/nginx/snippets/authelia-auth.conf;
|
||||||
|
|
||||||
|
set $upstream http://{{ role_name }}:7878;
|
||||||
|
proxy_pass $upstream;
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue