jellyfin, nginx, openldap: do not restart

Create a single external network called "external".
Create container-specific networks.
Only a few containers need access to these.
So far: openldap, postgres.

README.adoc

@@ -12,14 +12,12 @@ homelab.
 
 === Containers
 
-* Authelia
-* Jellyfin
-* Keycloak
 * NGINX
+* Jellyfin
 * OpenLDAP
-* Portainer
 * PostgreSQL
-* Radarr
+* Keycloak
+* Authelia
 
 === Testing
 To run locally, specify the inventory file with `-i hosts`.

group_vars/all

@@ -14,8 +14,3 @@ tz: "Europe/Prague"
 media:
   tv: "{{ data_folder }}/media/tv"
   movies: "{{ data_folder }}/media/movies"
-downloads:
-  nzb: "{{ data_folder }}/downloads/nzb"
-  torrent: "{{ data_folder }}/downloads/torrent"
-  torrent_blackhole: "{{ data_folder }}/downloads/blackhole"
-  music: "{{ data_folder }}/downloads/music"

playbook.yml

@@ -9,7 +9,6 @@
     - postgres
     - authelia
     - keycloak
-    - radarr
   vars_files:
     - vault/certs/{{ base_domain }}.yml
     - vault/passwords.yml

roles/authelia/templates/configuration.yml.j2

@@ -39,8 +39,6 @@ access_control:
       policy: one_factor
     - domain: keycloak.{{ base_domain }}
       policy: one_factor
-    - domain: radarr.{{ base_domain }}
-      policy: two_factor
 session:
   name: authelia_session
   secret: somerandomsecret

roles/radarr/tasks/main.yml

@@ -1,34 +0,0 @@
-- name: ensure directories exist
-  file:
-    path: "{{ item }}"
-    state: directory
-    mode: '0755'
-  loop:
-    - "{{ data_folder }}/radarr"
-    - "{{ media.tv }}"
-    - "{{ media.movies }}"
-    - "{{ downloads.nzb }}"
-- name: run container
-  docker_container:
-    name: "{{ role_name }}"
-    image: "linuxserver/radarr"
-    networks:
-      - name: external
-    env:
-      "TZ": "{{ tz }}"
-      "PUID": "{{ puid }}"
-      "PGID": "{{  pgid }}"
-      "UMASK": "022"
-    volumes:
-      - "{{ data_folder }}/radarr:/config"
-      - "{{ downloads.nzb }}:/downloads"
-      - "{{ media.movies }}:/movies"
-    ports:
-      - "7878:7878"
-    state: started
-- name: copy nginx conf
-  template:
-    src: "{{ role_name }}.conf.j2"
-    dest: "{{ data_folder }}/nginx/conf.d/{{ role_name }}.{{ base_domain }}.conf"
-    mode: "755"
-  notify: reload nginx

roles/radarr/templates/radarr.conf.j2

@@ -1,20 +0,0 @@
-server {
-    server_name {{ role_name }}.{{ base_domain }};
-    listen 80;
-    return 301 https://$server_name$request_uri;
-}
-
-server {
-    server_name {{ role_name }}.{{ base_domain }};
-    listen 443 ssl http2;
-
-    include /etc/nginx/snippets/authelia-endpoint.conf;
-
-    location / {
-        include /etc/nginx/snippets/proxy.conf;
-        include /etc/nginx/snippets/authelia-auth.conf;
-
-        set $upstream http://{{ role_name }}:7878;
-        proxy_pass $upstream;
-    }
-}