Add music service
This commit is contained in:
parent
7a15e2b981
commit
76285164d1
@ -86,6 +86,9 @@ services:
|
|||||||
smtp_host: "{{ vault_services.notes.smtp_host }}"
|
smtp_host: "{{ vault_services.notes.smtp_host }}"
|
||||||
smtp_name: "{{ vault_services.notes.smtp_name }}"
|
smtp_name: "{{ vault_services.notes.smtp_name }}"
|
||||||
smtp_password: "{{ vault_services.notes.smtp_password }}"
|
smtp_password: "{{ vault_services.notes.smtp_password }}"
|
||||||
|
music:
|
||||||
|
domain: "{{ vault_services.music.domain }}"
|
||||||
|
password_encryption_key: "{{ vault_services.music.password_encryption_key }}"
|
||||||
|
|
||||||
# --------------------------------------------------------------------------------------------------
|
# --------------------------------------------------------------------------------------------------
|
||||||
# services:user_setup
|
# services:user_setup
|
||||||
|
@ -28,5 +28,7 @@ services_host_services:
|
|||||||
tcp: ["{{ services.git.ssh_port }}"]
|
tcp: ["{{ services.git.ssh_port }}"]
|
||||||
notes:
|
notes:
|
||||||
address: "{{ vpn_bridge_prefix }}.6"
|
address: "{{ vpn_bridge_prefix }}.6"
|
||||||
www:
|
music:
|
||||||
address: "{{ vpn_bridge_prefix }}.7"
|
address: "{{ vpn_bridge_prefix }}.7"
|
||||||
|
www:
|
||||||
|
address: "{{ vpn_bridge_prefix }}.8"
|
||||||
|
@ -136,6 +136,9 @@ services_host_services:
|
|||||||
tcp: ["{{ services.git.ssh_port }}"]
|
tcp: ["{{ services.git.ssh_port }}"]
|
||||||
notes:
|
notes:
|
||||||
address: "{{ vpn_bridge_prefix }}.6"
|
address: "{{ vpn_bridge_prefix }}.6"
|
||||||
|
music:
|
||||||
|
address: "{{ vpn_bridge_prefix }}.7"
|
||||||
|
music_path: "{{ music_user_data_directory }}/flac"
|
||||||
|
|
||||||
# --------------------------------------------------------------------------------------------------
|
# --------------------------------------------------------------------------------------------------
|
||||||
# services:backups
|
# services:backups
|
||||||
|
6
main.yml
6
main.yml
@ -6,9 +6,11 @@
|
|||||||
|
|
||||||
- ansible.builtin.import_playbook: "playbooks/system.yml"
|
- ansible.builtin.import_playbook: "playbooks/system.yml"
|
||||||
tags: "system"
|
tags: "system"
|
||||||
- ansible.builtin.import_playbook: "playbooks/vpn.yml"
|
|
||||||
tags: "vpn"
|
|
||||||
- ansible.builtin.import_playbook: "playbooks/backups.yml"
|
- ansible.builtin.import_playbook: "playbooks/backups.yml"
|
||||||
tags: "backups"
|
tags: "backups"
|
||||||
|
- ansible.builtin.import_playbook: "playbooks/music.yml"
|
||||||
|
tags: "music"
|
||||||
|
- ansible.builtin.import_playbook: "playbooks/vpn.yml"
|
||||||
|
tags: "vpn"
|
||||||
- ansible.builtin.import_playbook: "playbooks/services.yml"
|
- ansible.builtin.import_playbook: "playbooks/services.yml"
|
||||||
tags: "services"
|
tags: "services"
|
||||||
|
@ -15,3 +15,5 @@ services_deploy_versions:
|
|||||||
gitea: "1"
|
gitea: "1"
|
||||||
notes:
|
notes:
|
||||||
joplin: "2.10-beta"
|
joplin: "2.10-beta"
|
||||||
|
music:
|
||||||
|
navidrome: "latest"
|
||||||
|
@ -0,0 +1,37 @@
|
|||||||
|
---
|
||||||
|
argument_specs:
|
||||||
|
main:
|
||||||
|
options:
|
||||||
|
ansible_hostname:
|
||||||
|
type: "str"
|
||||||
|
required: true
|
||||||
|
services_root_directory:
|
||||||
|
type: "str"
|
||||||
|
required: true
|
||||||
|
services_home_directory:
|
||||||
|
type: "str"
|
||||||
|
required: true
|
||||||
|
services_data_directory:
|
||||||
|
type: "str"
|
||||||
|
required: true
|
||||||
|
services_containers_directory:
|
||||||
|
type: "str"
|
||||||
|
required: true
|
||||||
|
services_service_name:
|
||||||
|
type: "str"
|
||||||
|
required: true
|
||||||
|
services_all_services:
|
||||||
|
database:
|
||||||
|
address:
|
||||||
|
type: "str"
|
||||||
|
required: true
|
||||||
|
services:
|
||||||
|
music:
|
||||||
|
domain:
|
||||||
|
type: "str"
|
||||||
|
required: true
|
||||||
|
services_host_services:
|
||||||
|
music:
|
||||||
|
music_path:
|
||||||
|
type: "str"
|
||||||
|
required: true
|
54
playbooks/roles/services/deploy/music/tasks/main.yml
Normal file
54
playbooks/roles/services/deploy/music/tasks/main.yml
Normal file
@ -0,0 +1,54 @@
|
|||||||
|
---
|
||||||
|
- name: "set the user variables"
|
||||||
|
ansible.builtin.import_role:
|
||||||
|
name: "services/include"
|
||||||
|
vars_from: "user"
|
||||||
|
|
||||||
|
- name: "set the version variables"
|
||||||
|
ansible.builtin.import_role:
|
||||||
|
name: "services/deploy/include"
|
||||||
|
vars_from: "versions"
|
||||||
|
|
||||||
|
- block:
|
||||||
|
|
||||||
|
- name: "configure systemd service"
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: "./systemd/{{ item }}.j2"
|
||||||
|
dest: "{{ services_service_user_home }}/.config/systemd/user/{{ item }}"
|
||||||
|
mode: 0600
|
||||||
|
loop:
|
||||||
|
- "pod-music.service"
|
||||||
|
- "container-music-navidrome.service"
|
||||||
|
register: services_deploy_music_systemd_files
|
||||||
|
|
||||||
|
- name: "systemd user daemon reload"
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
daemon_reload: true
|
||||||
|
scope: "user"
|
||||||
|
when:
|
||||||
|
services_deploy_music_systemd_files.changed
|
||||||
|
|
||||||
|
- name: "get uid"
|
||||||
|
ansible.builtin.getent:
|
||||||
|
database: "passwd"
|
||||||
|
key: "{{ services_service_user_name }}"
|
||||||
|
|
||||||
|
- name: "get service status"
|
||||||
|
ansible.builtin.command: >-
|
||||||
|
systemctl --user show --property ActiveState --value
|
||||||
|
{{ services_service_user_name }}.service
|
||||||
|
environment:
|
||||||
|
XDG_RUNTIME_DIR: "/run/user/{{ getent_passwd[services_service_user_name].1 }}"
|
||||||
|
changed_when: false
|
||||||
|
register: services_deploy_music_service_active_state
|
||||||
|
|
||||||
|
- name: "restart the service"
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: "pod-{{ services_service_name }}.service"
|
||||||
|
state: "restarted"
|
||||||
|
scope: "user"
|
||||||
|
when:
|
||||||
|
services_deploy_music_systemd_files.changed and
|
||||||
|
services_deploy_music_service_active_state.stdout == "active"
|
||||||
|
|
||||||
|
become_user: "{{ services_service_user_name }}"
|
@ -0,0 +1,38 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Podman container-music-navidrome.service
|
||||||
|
Documentation=man:podman-generate-systemd(1)
|
||||||
|
Wants=network.target
|
||||||
|
After=network-online.target
|
||||||
|
BindsTo=pod-music.service
|
||||||
|
After=pod-music.service
|
||||||
|
OnFailure=status-mail@%n.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||||
|
Restart=on-failure
|
||||||
|
TimeoutStopSec=70
|
||||||
|
ExecStartPre=/bin/rm -f %t/container-music-navidrome.pid %t/container-music-navidrome.ctr-id
|
||||||
|
ExecStart=/usr/bin/podman run \
|
||||||
|
--conmon-pidfile %t/container-music-navidrome.pid \
|
||||||
|
--cidfile %t/container-music-navidrome.ctr-id \
|
||||||
|
--cgroups=no-conmon \
|
||||||
|
--pod-id-file %t/pod-music.pod-id \
|
||||||
|
--replace \
|
||||||
|
--label "io.containers.autoupdate=image" \
|
||||||
|
-dt \
|
||||||
|
-v {{ services_root_directory }}/{{ services_resolv_host }}-resolv.conf:/etc/resolv.conf:ro \
|
||||||
|
-v {{ services_data_directory }}/pod-music/data/_data:/data \
|
||||||
|
-v {{ services_host_services[services_service_name].music_path }}:/music:ro \
|
||||||
|
-e ND_PORT="80" \
|
||||||
|
-e ND_ENABLESTARRATING="false" \
|
||||||
|
-e ND_LASTFM_ENABLED="false" \
|
||||||
|
-e ND_PASSWORDENCRYPTIONKEY={{ services[services_service_name].password_encryption_key }} \
|
||||||
|
--name=pod-music-navidrome \
|
||||||
|
docker.io/deluan/navidrome:{{ services_deploy_versions.music.navidrome }}
|
||||||
|
ExecStop=/usr/bin/podman stop --ignore --cidfile %t/container-music-navidrome.ctr-id -t 10
|
||||||
|
ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/container-music-navidrome.ctr-id
|
||||||
|
PIDFile=%t/container-music-navidrome.pid
|
||||||
|
Type=forking
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target default.target
|
@ -0,0 +1,24 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Podman pod-music.service
|
||||||
|
Documentation=man:podman-generate-systemd(1)
|
||||||
|
Wants=network.target
|
||||||
|
After=network-online.target
|
||||||
|
Requires=container-music-navidrome.service
|
||||||
|
Before=container-music-navidrome.service
|
||||||
|
OnFailure=status-mail@%n.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Environment=PODMAN_SYSTEMD_UNIT=%n
|
||||||
|
Restart=on-failure
|
||||||
|
TimeoutStopSec=70
|
||||||
|
ExecStartPre=/bin/rm -f %t/pod-music.pid %t/pod-music.pod-id
|
||||||
|
ExecStartPre=/usr/bin/podman pod create --infra-conmon-pidfile %t/pod-music.pid --pod-id-file %t/pod-music.pod-id --name=music --network=none --replace
|
||||||
|
ExecStart=/usr/bin/podman pod start --pod-id-file %t/pod-music.pod-id
|
||||||
|
ExecStartPost=/usr/bin/sh -c 'podman inspect --format "{% raw %}{{ .State.Pid }}{% endraw %}" $(podman inspect --format "{% raw %}{{ .InfraContainerID }}{% endraw %}" music) > {{ services_containers_directory }}/pod-music/pidfile'
|
||||||
|
ExecStop=/usr/bin/podman pod stop --ignore --pod-id-file %t/pod-music.pod-id -t 10
|
||||||
|
ExecStopPost=/usr/bin/podman pod rm --ignore -f --pod-id-file %t/pod-music.pod-id
|
||||||
|
PIDFile=%t/pod-music.pid
|
||||||
|
Type=forking
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target default.target
|
@ -0,0 +1,35 @@
|
|||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
server_name music.wojciechkozlowski.eu;
|
||||||
|
|
||||||
|
location ^~ /.well-known {
|
||||||
|
allow all;
|
||||||
|
root /var/www/html;
|
||||||
|
}
|
||||||
|
|
||||||
|
location / {
|
||||||
|
return 301 https://$server_name$request_uri;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 443 ssl;
|
||||||
|
server_name music.wojciechkozlowski.eu;
|
||||||
|
|
||||||
|
ssl_certificate /etc/letsencrypt/live/music.wojciechkozlowski.eu/fullchain.pem;
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/music.wojciechkozlowski.eu/privkey.pem;
|
||||||
|
ssl_trusted_certificate /etc/letsencrypt/live/music.wojciechkozlowski.eu/chain.pem;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $remote_addr;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_pass http://pod-music;
|
||||||
|
}
|
||||||
|
|
||||||
|
error_page 500 502 503 504 /50x.html;
|
||||||
|
location = /50x.html {
|
||||||
|
root /usr/share/nginx/html;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
@ -9,5 +9,6 @@ services_rproxy_nginx_conf_d_files:
|
|||||||
- "nginx.conf"
|
- "nginx.conf"
|
||||||
- "nginx-conf.d/cloud.wojciechkozlowski.eu.conf"
|
- "nginx-conf.d/cloud.wojciechkozlowski.eu.conf"
|
||||||
- "nginx-conf.d/git.wojciechkozlowski.eu.conf"
|
- "nginx-conf.d/git.wojciechkozlowski.eu.conf"
|
||||||
|
- "nginx-conf.d/music.wojciechkozlowski.eu.conf"
|
||||||
- "nginx-conf.d/notes.wojciechkozlowski.eu.conf"
|
- "nginx-conf.d/notes.wojciechkozlowski.eu.conf"
|
||||||
- "nginx-conf.d/wojciechkozlowski.eu.conf"
|
- "nginx-conf.d/wojciechkozlowski.eu.conf"
|
||||||
|
@ -20,3 +20,5 @@ services_volumes:
|
|||||||
data:
|
data:
|
||||||
notes:
|
notes:
|
||||||
data:
|
data:
|
||||||
|
music:
|
||||||
|
data:
|
||||||
|
Loading…
Reference in New Issue
Block a user