fenix-gitea-admin/iac-ansible-public
1
0
Fork 0
mirror of https://gitea.fenix-dev.com/fenix-gitea-admin/iac-ansible-private.git synced 2025-12-16 11:27:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

added prowlarr

Browse Source
This commit is contained in:
Tomás Limpinho
2025-11-11 21:47:46 +00:00
parent fecbc54b79
commit 11dbff9b8a
9 changed files with 183 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@ -3,4 +3,7 @@
iac-ansible-private
stolon comes from https://github.com/sorintlab/stolon/blob/master/examples/kubernetes/README.md
qbittorrent comes from https://github.com/j4ym0/pia-qbittorrent-docker?tab=readme-ov-file
qbittorrent comes from https://github.com/j4ym0/pia-qbittorrent-docker?tab=readme-ov-file
prowlarr comes from https://docs.linuxserver.io/images/docker-prowlarr/#docker-mods
and https://wiki.servarr.com/prowlarr/environment-variables

67
roles/prowlarr/files/prowlarr-deployment.yaml Normal file
View File

@ -0,0 +1,67 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: prowlarr
namespace: stack-arr
spec:
replicas: 1
selector:
matchLabels:
app: prowlarr
template:
metadata:
labels:
app: prowlarr
spec:
imagePullSecrets:
- name: regcred
containers:
- name: prowlarr
image: lscr.io/linuxserver/prowlarr:latest
securityContext:
capabilities:
add:
- NET_ADMIN
ports:
- containerPort: 9696
name: webui
env:
- name: PUID
value: "1013"
- name: PGID
value: "1013"
- name: TZ
value: 'Etc/UTC'
- name: PROWLARR__POSTGRES__HOST
value: 'qbittorrent-service.stack-arr.svc.cluster.local'
- name: PROWLARR__POSTGRES__USER
valueFrom:
secretKeyRef:
name: prowlarr-secret
key: username
- name: PROWLARR__POSTGRES__PASSWORD
valueFrom:
secretKeyRef:
name: prowlarr-secret
key: password
- name: PROWLARR__POSTGRES__MAINDB
valueFrom:
secretKeyRef:
name: prowlarr-secret
key: maindb
- name: PROWLARR__POSTGRES__LOGDB
valueFrom:
secretKeyRef:
name: prowlarr-secret
key: logsdb
volumeMounts:
- name: config
mountPath: /config
volumes:
- name: config
persistentVolumeClaim:
claimName: prowlarr-config-pvc

11
roles/prowlarr/files/prowlarr-nfs-csi.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: prowlarr-nfs-csi
namespace: stack-arr
provisioner: nfs.csi.k8s.io
parameters:
server: 192.168.1.22
share: /mnt/fenix-main-nas-pool-0/data/k8s-Volumes/k8s-cluster-iac-deployed/stack-arr/prowlarr
allowVolumeExpansion: true
reclaimPolicy: Retain

30
roles/prowlarr/files/prowlarr-pvcs.yaml Normal file
View File

@ -0,0 +1,30 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: prowlarr-config-pv
namespace: stack-arr
spec:
capacity:
storage: 2Gi
storageClassName: prowlarr-nfs-csi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
nfs:
server: 192.168.1.22
path: /mnt/fenix-main-nas-pool-0/data/k8s-Volumes/k8s-cluster-iac-deployed/stack-arr/prowlarr/config
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: prowlarr-config-pvc
namespace: stack-arr
spec:
storageClassName: prowlarr-nfs-csi
accessModes:
- ReadWriteOnce
volumeName: prowlarr-config-pv
resources:
requests:
storage: 2Gi
---

11
roles/prowlarr/files/prowlarr-secret.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: v1
kind: Secret
metadata:
name: prowlarr-secret
namespace: stack-arr
type: Opaque
data:
username: dXNlcm5hbWU=
password: cGFzc3dvcmQ=
maindb: bWFpbmRiLXByb3dsYXJy
logsdb: bG9nZGItcHJvd2xhcnI=

51
roles/prowlarr/tasks/main.yml Normal file
View File

@ -0,0 +1,51 @@
- name: Remover o diretório /tmp/stack-arr/prowlarr/kubernetes-files
ansible.builtin.file:
path: /tmp/stack-arr/prowlarr/kubernetes-files
state: absent
- name: Criar diretório temporário no remoto
file:
path: /tmp/stack-arr/prowlarr/kubernetes-files
state: directory
mode: '0755'
- name: Copy file with owner and permissions
ansible.builtin.copy:
src: ../files
dest: /tmp/stack-arr/prowlarr/kubernetes-files
owner: fenix
group: root
mode: '0644'
- name: Obter várias notas do Bitwarden
shell: |
echo "unlock"
BW_SESSION=$(bw unlock {{ bw_password }} --raw)
echo "get item"
bw get item "{{ item.id }}" --session $BW_SESSION | jq -r '.notes' > {{ item.dest }}
loop:
- { id: "iac.ansible.stackarr.prowlarr.secret", dest: "/tmp/stack-arr/prowlarr/kubernetes-files/files/vpn-secret.yaml" }
args:
executable: /bin/bash
environment:
BW_PASSWORD: "{{ BW_PASSWORD }}"
- name: Listar conteúdo do diretório remoto
shell: ls -l /tmp/stack-arr/prowlarr/kubernetes-files/files
register: resultado_ls
- name: Mostrar resultado do ls
debug:
var: resultado_ls.stdout_lines
- name: Aplicar o stolon
become: yes
become_user: fenix
shell: |
kubectl apply -f /tmp/stack-arr/prowlarr/kubernetes-files/files/
environment:
KUBECONFIG: /home/fenix/.kube/config

4
roles/prowlarr/vars/main.yml Normal file
View File

@ -0,0 +1,4 @@
bw_password: "{{ lookup('env', 'BW_PASSWORD') }}"
VAULTWARDEN_LINK: "{{ lookup('env', 'VAULTWARDEN_LINK') }}"
BW_CLIENTID: "{{ lookup('env', 'BW_CLIENTID') }}"
BW_CLIENTSECRET : "{{ lookup('env', 'BW_CLIENTSECRET') }}"

0
roles/qbittorrent/files/stolon-nfs-csi.yaml → roles/qbittorrent/files/qbittorrent-nfs-csi.yaml
View File

11
roles/qbittorrent/tasks/main.yml
View File

@ -17,11 +17,6 @@
group: root
mode: '0644'
- name: Listar conteúdo do diretório remoto
shell: ls -l /tmp/stack-arr/qbittorrent/kubernetes-files
register: resultado_ls
- name: Obter várias notas do Bitwarden
shell: |
echo "unlock"
@ -37,12 +32,16 @@
BW_PASSWORD: "{{ BW_PASSWORD }}"
- name: Listar conteúdo do diretório remoto
shell: ls -l /tmp/stack-arr/qbittorrent/kubernetes-files/files
register: resultado_ls
- name: Mostrar resultado do ls
debug:
var: resultado_ls.stdout_lines
- name: Aplicar o stolon
- name: Aplicar o qbittorrent
become: yes
become_user: fenix
shell: |