diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index 61c2dd6..5afd11c 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -6,12 +6,12 @@ timezone: Europe/Berlin rclone_config: "/root/.config/rclone/" puid: 1000 pgid: 1000 -pk_path: "/mnt/veracrypt1/genesis" +pk_path: "/media/veracrypt1/genesis" local_domain: borg.land local_subdomains: "@" remote_domain: tudattr.dev -remote_subdomains: "www,plex,status," +remote_subdomains: "www,plex,status,tautulli" backup_domain: seyshiro.de backup_subdomains: "hass,qbit,zm," @@ -245,6 +245,7 @@ swag_email: "me+swag@tudattr.dev" swag_site_confs: - "templates/mii/swag/site-confs/plex.subdomain.conf" - "templates/mii/swag/site-confs/uptime-kuma.subdomain.conf" + - "templates/mii/swag/site-confs/tautulli.subdomain.conf" # - "templates/mii/swag/site-confs/homeassistant.subdomain.conf" # - "templates/mii/swag/site-confs/qbittorrent.subdomain.conf" # - "templates/mii/swag/site-confs/zoneminder.subdomain.conf" @@ -340,6 +341,14 @@ qbit_ssl: "no" qbit_lan: "192.168.20.0/24, 192.168.30.0/24, {{ docker_network }}" qbit_dns: "{{ aya01_ip }}, {{ pi_ip }}, 1.1.1.1" +# +# qbittorrentvpn - torrentleech +# + +qbit_private_port: "8083" +qbit_private_host: "torrentleech" +qbit_private_remote_config: "{{ docker_dir }}/{{ qbit_private_host }}/config" + # # Home Assistant # diff --git a/qbit_private.yml b/qbit_private.yml new file mode 100644 index 0000000..68a90bf --- /dev/null +++ b/qbit_private.yml @@ -0,0 +1,22 @@ +--- +- name: Create qbit_torrentleech-config directory + file: + path: "{{ item }}" + owner: "{{ puid }}" + group: "{{ pgid }}" + mode: '775' + state: directory + loop: + - "{{ qbit_private_remote_config }}" + - "{{ qbit_private_remote_config }}/openvpn" + - "{{ qbit_downloads }}" + become: true + +- name: Copy ovpn_torrentleech-config + template: + owner: "{{ puid }}" + group: "{{ pgid }}" + src: "{{ qbit_config }}/{{ qbit_ovpn_config }}" + dest: "{{ qbit_private_remote_config }}/{{ qbit_ovpn_config }}" + mode: '664' + become: true diff --git a/roles/docker/tasks/aya01_compose.yml b/roles/docker/tasks/aya01_compose.yml index 866704d..b71262e 100644 --- a/roles/docker/tasks/aya01_compose.yml +++ b/roles/docker/tasks/aya01_compose.yml @@ -60,6 +60,10 @@ tags: - qbit +- include_tasks: qbit_private.yml + tags: + - qbit_private + - name: Copy the compose file template: src: templates/aya01/compose.yaml diff --git a/roles/docker/tasks/qbit.yml b/roles/docker/tasks/qbit.yml index a28653b..4999a13 100644 --- a/roles/docker/tasks/qbit.yml +++ b/roles/docker/tasks/qbit.yml @@ -7,7 +7,8 @@ mode: '775' state: directory loop: - - "{{ qbit_config }}" + - "{{ qbit_remote_config }}" + - "{{ qbit_remote_config }}/openvpn" - "{{ qbit_downloads }}" become: true diff --git a/roles/docker/templates/aya01/compose.yaml b/roles/docker/templates/aya01/compose.yaml index 36a2a66..e1ea647 100644 --- a/roles/docker/templates/aya01/compose.yaml +++ b/roles/docker/templates/aya01/compose.yaml @@ -226,7 +226,7 @@ services: container_name: sonarr restart: unless-stopped depends_on: - - pihole + - prowlarr networks: - net environment: @@ -249,7 +249,7 @@ services: container_name: radarr restart: unless-stopped depends_on: - - pihole + - prowlarr networks: - net environment: @@ -272,7 +272,7 @@ services: container_name: lidarr restart: unless-stopped depends_on: - - pihole + - prowlarr networks: - net environment: @@ -340,7 +340,9 @@ services: restart: unless-stopped privileged: true depends_on: - - pihole + - sonarr + - radarr + - lidarr networks: - net ports: @@ -363,12 +365,43 @@ services: - "traefik.http.routers.{{ qbit_host }}.rule=Host(`{{ qbit_host }}.{{ aya01_host }}.{{ local_domain }}`)" - "traefik.http.services.{{ qbit_host }}.loadbalancer.server.port=8080" + + qbittorrentvpnprivate: + image: dyonr/qbittorrentvpn + container_name: {{ qbit_private_host }} + restart: unless-stopped + privileged: true + depends_on: + - sonarr + - radarr + - lidarr + networks: + - net + ports: + - "{{ qbit_private_port }}:8080" + environment: + - PUID={{ puid }} + - PGID={{ pgid }} + - TZ={{ timezone }} + - VPN_TYPE={{ qbit_type }} + - LAN_NETWORK={{ qbit_lan }} + - NAME_SERVERS={{ qbit_dns }} + - ENABLE_SSL={{ qbit_ssl }} + - VPN_USERNAME={{ vault_qbit_vpn_user }} + - VPN_PASSWORD={{ vault_qbit_vpn_password }} + volumes: + - {{ qbit_private_remote_config }}:/config + - {{ qbit_downloads }}:/downloads + labels: + - "traefik.enable=true" + - "traefik.http.routers.{{ qbit_private_host }}.rule=Host(`{{ qbit_private_host }}.{{ aya01_host }}.{{ local_domain }}`)" + - "traefik.http.services.{{ qbit_private_host }}.loadbalancer.server.port=8080" tautulli: image: lscr.io/linuxserver/tautulli:latest container_name: tautulli restart: unless-stopped depends_on: - - pihole + - plex networks: - net environment: diff --git a/roles/docker/templates/mii/swag/site-confs/tautulli.subdomain.conf b/roles/docker/templates/mii/swag/site-confs/tautulli.subdomain.conf new file mode 100644 index 0000000..35b6912 --- /dev/null +++ b/roles/docker/templates/mii/swag/site-confs/tautulli.subdomain.conf @@ -0,0 +1,34 @@ +## Version 2023/02/05 +# make sure that your tautulli container is named tautulli +# make sure that your dns has a cname set for tautulli + +server { + listen 443 ssl; + listen [::]:443 ssl; + + server_name {{ tautulli_host }}.{{ remote_domain }}; + + include /config/nginx/ssl.conf; + + client_max_body_size 0; + + location / { + include /config/nginx/resolver.conf; + proxy_pass http://{{ tautulli_host }}.{{ aya01_host }}.{{ local_domain }}; + } + + location ~ (/tautulli)?/api { + include /config/nginx/resolver.conf; + proxy_pass http://{{ tautulli_host }}.{{ aya01_host }}.{{ local_domain }}; + } + + location ~ (/tautulli)?/newsletter { + include /config/nginx/resolver.conf; + proxy_pass http://{{ tautulli_host }}.{{ aya01_host }}.{{ local_domain }}; + } + + location ~ (/tautulli)?/image { + include /config/nginx/resolver.conf; + proxy_pass http://{{ tautulli_host }}.{{ aya01_host }}.{{ local_domain }}; + } +}