diff --git a/.ansible/home_server.yaml b/.ansible/home_server.yaml index f4002da..9dfc555 100644 --- a/.ansible/home_server.yaml +++ b/.ansible/home_server.yaml @@ -7,4 +7,5 @@ - media_server - haproxy_server - rclone_mount + - media_server # - traccar_server diff --git a/.ansible/roles/common_server/tasks/basics.yaml b/.ansible/roles/common_server/tasks/basics.yaml index 18572a3..9cebaad 100644 --- a/.ansible/roles/common_server/tasks/basics.yaml +++ b/.ansible/roles/common_server/tasks/basics.yaml @@ -18,6 +18,7 @@ - /srv - /srv/app - /srv/tmp + - /srv/etc become: yes - name: 'Basics: Temp dir perms' diff --git a/.ansible/roles/media_server/files/clonedrive.service b/.ansible/roles/media_server/files/clonedrive.service new file mode 100644 index 0000000..ca0ab41 --- /dev/null +++ b/.ansible/roles/media_server/files/clonedrive.service @@ -0,0 +1,15 @@ +[Unit] +Description=Clonedrive service +After=network.target +StartLimitIntervalSec=0 + +[Service] +Type=simple +Restart=always +RestartSec=60 +User=media +Group=media +ExecStart=/srv/app/clonedrive/clonedrive.py + +[Install] +WantedBy=multi-user.target diff --git a/.ansible/roles/media_server/files/cloudplow.service b/.ansible/roles/media_server/files/cloudplow.service new file mode 100644 index 0000000..e777156 --- /dev/null +++ b/.ansible/roles/media_server/files/cloudplow.service @@ -0,0 +1,16 @@ +[Unit] +Description=cloudplow +After=network-online.target + +[Service] +User=media +Group=media +Type=simple +WorkingDirectory=/srv/app/cloudplow/ +ExecStart=/srv/app/cloudplow/.venv/bin/python3 /srv/app/cloudplow/cloudplow.py run --loglevel=INFO +ExecStopPost=/bin/rm -rf /srv/app/cloudplow/locks +Restart=always +RestartSec=10 + +[Install] +WantedBy=default.target diff --git a/.ansible/roles/media_server/files/cloudplow_config.json b/.ansible/roles/media_server/files/cloudplow_config.json new file mode 100644 index 0000000..802fb1b --- /dev/null +++ b/.ansible/roles/media_server/files/cloudplow_config.json @@ -0,0 +1,61 @@ +{ + "core": { + "dry_run": false, + "rclone_binary_path": "/usr/bin/rclone", + "rclone_config_path": "/srv/etc/rclone.conf" + }, + "hidden": { + "/mnt/.media.cache/.unionfs": { + "hidden_remotes": [ + "google" + ] + } + }, + "notifications": {}, + "remotes": { + "google": { + "hidden_remote": "GoogleDriveCrypt:", + "rclone_command": "move", + "rclone_excludes": [ + "**partial~", + "**_HIDDEN~", + ".unionfs/**" + ], + "rclone_extras": { + "--bwlimit": "23:00,off 07:00,1M", + "--checkers": 16, + "--drive-chunk-size": "64M", + "--skip-links": null, + "--stats": "60s", + "--transfers": 4, + "--verbose": 1 + }, + "rclone_sleeps": { + "Failed to copy: googleapi: Error 403: User rate limit exceeded": { + "count": 5, + "sleep": 25, + "timeout": 3600 + } + }, + "remove_empty_dir_depth": 2, + "sync_remote": "GoogleDriveCrypt:", + "upload_folder": "/mnt/.media.cache", + "upload_remote": "GoogleDriveCloudplowUpload:" + } + }, + "syncer": {}, + "uploader": { + "google": { + "check_interval": 1, + "exclude_open_files": true, + "max_size_gb": 10, + "opened_excludes": [], + "schedule": { + "allowed_from": "04:00", + "allowed_until": "08:00", + "enabled": false + }, + "size_excludes": [] + } + } +} diff --git a/.ansible/roles/media_server/tasks/main.yaml b/.ansible/roles/media_server/tasks/main.yaml new file mode 100644 index 0000000..c8b52e1 --- /dev/null +++ b/.ansible/roles/media_server/tasks/main.yaml @@ -0,0 +1,157 @@ +- name: "Media Server" + tags: + - mediaserver + block: + - name: "Media Server: Group" + tags: + - install + - clonedrive + - cloudplow + group: + name: "media" + become: yes + + - name: "Media Server: User" + tags: + - install + - clonedrive + - cloudplow + user: + name: "media" + group: "media" + comment: "Media Server user" + expires: -1 + become: yes + + - name: "Media Server: Mountpoints" + tags: + - install + - clonedrive + file: + path: "{{ item }}" + state: directory + owner: "media" + group: "media" + loop: + - "/mnt/media" + - "/mnt/GoogleDriveCrypt" + - "/mnt/.media.cache" + - "/mnt/.overlay.work" + become: yes + + - name: "Media Server: Cloudplow: git repo" + tags: + - install + - cloudplow + git: + repo: "https://github.com/l3uddz/cloudplow.git" + dest: "/srv/app/cloudplow" + become: yes + + - name: "Media Server: Cloudplow: directory permissions" + tags: + - install + - cloudplow + file: + path: "/srv/app/cloudplow" + state: directory + mode: "u+w" + owner: "media" + group: "media" + recurse: yes + become: yes + + - name: "Media Server: Clonedrive: git repo" + tags: + - install + - clonedrive + git: + repo: "https://github.com/scottwallacesh/clonedrive.git" + dest: "/srv/app/clonedrive" + become: yes + + - name: "Media Server: Clonedrive: directory" + tags: + - install + - clonedrive + file: + path: "/srv/app/clonedrive" + state: directory + mode: "0755" + owner: "media" + group: "media" + become: yes + + - name: "Media Server: Cloudplow: config" + tags: + - config + - cloudplow + copy: + src: "files/cloudplow_config.json" + dest: "/srv/app/cloudplow/config.json" + mode: "0600" + owner: "media" + group: "media" + become: yes + + - name: "Media Server: Configuration: sudoers" + tags: + - config + - clonedrive + copy: + dest: "/etc/sudoers.d/media_clonedrive" + content: "media ALL = NOPASSWD: /usr/bin/mount,/usr/bin/umount\n" + mode: "0440" + become: yes + + - name: "Media Server: Clonedrive: service config" + tags: + - install + - clonedrive + copy: + dest: "/etc/systemd/system/clonedrive.service" + src: "files/clonedrive.service" + mode: "0644" + become: yes + + - name: "Media Server: Clonedrive: service" + tags: + - config + - clonedrive + systemd: + name: "clonedrive" + state: started + enabled: yes + daemon_reload: yes + become: yes + + - name: "Media Server: Cloudplow: Python dependencies" + tags: + - install + - cloudplow + pip: + requirements: "/srv/app/cloudplow/requirements.txt" + virtualenv: "/srv/app/cloudplow/.venv" + virtualenv_python: python3 + become: yes + + - name: "Media Server: Cloudplow: service config" + tags: + - install + - cloudplow + copy: + dest: "/etc/systemd/system/cloudplow.service" + src: "files/cloudplow.service" + mode: "0644" + become: yes + + - name: "Media Server: Cloudplow: service" + tags: + - config + - cloudplow + systemd: + name: "cloudplow" + state: started + enabled: yes + daemon_reload: yes + become: yes diff --git a/.ansible/roles/rclone_mount/tasks/main.yaml b/.ansible/roles/rclone_mount/tasks/main.yaml index 14ee38b..0e4fbed 100644 --- a/.ansible/roles/rclone_mount/tasks/main.yaml +++ b/.ansible/roles/rclone_mount/tasks/main.yaml @@ -16,6 +16,18 @@ - config template: src: "templates/rclone.conf.j2" - dest: "~/.rclone.conf" + dest: "/srv/etc/rclone.conf" mode: "0400" + owner: "media" force: no + become: yes + + - name: "Rclone: Configuration: FUSE" + tags: + - config + lineinfile: + path: /etc/fuse.conf + regexp: "^#?user_allow_other" + line: "user_allow_other" + become: yes +