From 681f9e3eb8b05ca714e4092b537723df0715b642 Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Mon, 10 Jun 2024 21:28:08 +1000 Subject: [PATCH] feat: deploy sonarr - add required hieradata/role data to deploy sonarr - add nginx simpleproxy - add consul service/query - add vault certificates --- hieradata/common.yaml | 3 ++ hieradata/roles/apps/media/sonarr.yaml | 55 ++++++++++++++++++++++++++ modules/sonarr/manifests/params.pp | 2 +- site/profiles/manifests/base.pp | 3 +- 4 files changed, 61 insertions(+), 2 deletions(-) create mode 100644 hieradata/roles/apps/media/sonarr.yaml diff --git a/hieradata/common.yaml b/hieradata/common.yaml index 050b95e..9021d41 100644 --- a/hieradata/common.yaml +++ b/hieradata/common.yaml @@ -158,6 +158,7 @@ profiles::packages::install: - curl - dstat - expect + - gcc - gzip - git - htop @@ -178,8 +179,10 @@ profiles::packages::install: - socat - strace - sysstat + - tar - tmux - traceroute + - unar - unzip - vim - vnstat diff --git a/hieradata/roles/apps/media/sonarr.yaml b/hieradata/roles/apps/media/sonarr.yaml new file mode 100644 index 0000000..683db99 --- /dev/null +++ b/hieradata/roles/apps/media/sonarr.yaml @@ -0,0 +1,55 @@ +--- +hiera_include: + - sonarr + - profiles::nginx::simpleproxy + +# manage sonarr +sonarr: + user: sonarr + group: sonarr + base_path: /opt/sonarr + install_path: /opt/sonarr/bin + archive_version: 4.0.5 + archive_name: Sonarr.main.linux-x64.tar.gz + service_enable: true + service_name: sonarr + +# additional altnames +profiles::pki::vault::alt_names: + - sonarr.main.unkin.net + - sonarr.service.consul + - sonarr.query.consul + - "sonarr.service.%{facts.country}-%{facts.region}.consul" + +# manage a simple nginx reverse proxy +profiles::nginx::simpleproxy::nginx_vhost: 'sonarr.query.consul' +profiles::nginx::simpleproxy::nginx_aliases: + - sonarr.main.unkin.net + - sonarr.service.consul + - sonarr.query.consul + - "sonarr.service.%{facts.country}-%{facts.region}.consul" +profiles::nginx::simpleproxy::proxy_port: 8989 +profiles::nginx::simpleproxy::proxy_path: '/' + +# configure consul service +nginx::client_max_body_size: 10M +consul::services: + sonarr: + service_name: 'sonarr' + tags: + - 'media' + - 'sonarr' + address: "%{facts.networking.ip}" + port: 443 + checks: + - id: 'sonarr_http_check' + name: 'Sonarr HTTP Check' + http: "https://%{facts.networking.fqdn}:443" + method: 'GET' + tls_skip_verify: true + interval: '10s' + timeout: '1s' +profiles::consul::client::node_rules: + - resource: service + segment: sonarr + disposition: write diff --git a/modules/sonarr/manifests/params.pp b/modules/sonarr/manifests/params.pp index 9ece7a9..339e71d 100644 --- a/modules/sonarr/manifests/params.pp +++ b/modules/sonarr/manifests/params.pp @@ -21,7 +21,7 @@ class sonarr::params ( $archive_version = '4.0.5', $archive_name = 'Sonarr.main.linux-x64.tar.gz', $archive_url = "https://git.query.consul/api/packages/unkinben/generic/sonarr/${archive_version}/", - $executable = 'Sonarr', + $executable = 'Sonarr/Sonarr', $service_enable = true, $service_name = 'sonarr', ){} diff --git a/site/profiles/manifests/base.pp b/site/profiles/manifests/base.pp index 13d18dd..7eec9ab 100644 --- a/site/profiles/manifests/base.pp +++ b/site/profiles/manifests/base.pp @@ -63,7 +63,8 @@ class profiles::base ( ($hiera_include - $hiera_exclude).include # specifc ordering constraints - Class['profiles::pki::vaultca'] + Class['profiles::defaults'] + -> Class['profiles::pki::vaultca'] -> Class['profiles::base::repos'] -> Class['profiles::packages'] }