diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..13275b0 --- /dev/null +++ b/.gitignore @@ -0,0 +1,6 @@ +.terraform/ +*.tfstate +*.tfstate.backup +*.tfplan +backend.tf +.terragrunt-cache/ diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..03d83e2 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,26 @@ +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.4.0 + hooks: + - id: end-of-file-fixer + types: [yaml] + - id: trailing-whitespace + types: [yaml] + - repo: https://github.com/gruntwork-io/pre-commit + rev: v0.1.30 + hooks: + - id: tofu-fmt + - id: tofu-validate + exclude: ^modules/ + - id: tflint + exclude: ^modules/ + - id: terragrunt-hcl-fmt + - repo: https://github.com/adrienverge/yamllint.git + rev: v1.37.1 + hooks: + - id: yamllint + args: + [ + "-d {extends: relaxed, rules: {line-length: disable}, ignore: chart}", + "-s", + ] diff --git a/.woodpecker/apply.yaml b/.woodpecker/apply.yaml new file mode 100644 index 0000000..1f17ac4 --- /dev/null +++ b/.woodpecker/apply.yaml @@ -0,0 +1,23 @@ +when: + - event: push + branch: main + +steps: + - name: apply + image: git.unkin.net/unkin/almalinux9-opentofu:20260606 + environment: + VAULT_AUTH_METHOD: kubernetes + commands: + - dnf install vault -y + - make plan + - make apply + backend_options: + kubernetes: + serviceAccountName: terraform-radarr + resources: + requests: + memory: 512Mi + cpu: 1 + limits: + memory: 2Gi + cpu: 2 diff --git a/.woodpecker/plan.yaml b/.woodpecker/plan.yaml new file mode 100644 index 0000000..f6c4432 --- /dev/null +++ b/.woodpecker/plan.yaml @@ -0,0 +1,21 @@ +when: + - event: pull_request + +steps: + - name: plan + image: git.unkin.net/unkin/almalinux9-opentofu:20260606 + environment: + VAULT_AUTH_METHOD: kubernetes + commands: + - dnf install vault -y + - make plan + backend_options: + kubernetes: + serviceAccountName: terraform-radarr + resources: + requests: + memory: 512Mi + cpu: 1 + limits: + memory: 2Gi + cpu: 2 diff --git a/.woodpecker/pre-commit.yaml b/.woodpecker/pre-commit.yaml new file mode 100644 index 0000000..5c5738f --- /dev/null +++ b/.woodpecker/pre-commit.yaml @@ -0,0 +1,18 @@ +when: + - event: pull_request + +steps: + - name: pre-commit + image: git.unkin.net/unkin/almalinux9-opentofu:20260606 + commands: + - uvx pre-commit run --all-files + backend_options: + kubernetes: + serviceAccountName: default + resources: + requests: + memory: 512Mi + cpu: 1 + limits: + memory: 2Gi + cpu: 2 diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..fa4a832 --- /dev/null +++ b/Makefile @@ -0,0 +1,35 @@ +.PHONY: init plan apply format + +VAULT_AUTH_METHOD ?= approle +VAULT_K8S_ROLE ?= woodpecker_terraform_radarr +VAULT_K8S_MOUNT ?= auth/k8s/au/syd1 +VAULT_K8S_JWT_PATH ?= /var/run/secrets/kubernetes.io/serviceaccount/token + +define vault_env + @export VAULT_ADDR="https://vault.service.consul:8200" && \ + if [ "$(VAULT_AUTH_METHOD)" = "kubernetes" ]; then \ + export VAULT_TOKEN=$$(vault write -field=token $(VAULT_K8S_MOUNT)/login role=$(VAULT_K8S_ROLE) jwt=$$(cat $(VAULT_K8S_JWT_PATH))); \ + else \ + export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID); \ + fi && \ + export CONSUL_HTTP_TOKEN=$$(vault read -field=token consul_root/au/syd1/creds/terraform-radarr) && \ + export TF_VAR_radarr_api_key=$$(vault kv get -field=apitoken kv/service/media-apps/radarr) +endef + +init: + @$(call vault_env) && \ + terragrunt run --all --non-interactive init -- -upgrade + +plan: init + @$(call vault_env) && \ + terragrunt run --all --parallelism 4 --non-interactive plan + +apply: init + @$(call vault_env) && \ + terragrunt run --all --parallelism 2 --non-interactive apply + +format: + @echo "Formatting OpenTofu files..." + @tofu fmt -recursive . + @echo "Formatting Terragrunt files..." + @terragrunt hcl fmt diff --git a/config/config.hcl b/config/config.hcl new file mode 100644 index 0000000..d112876 --- /dev/null +++ b/config/config.hcl @@ -0,0 +1,46 @@ +locals { + config_files = fileset(".", "**/*.yaml") + + all_configs = { + for file_path in local.config_files : + file_path => yamldecode(file(file_path)) + } + + config = { + custom_formats = { + for file_path, content in local.all_configs : + trimsuffix(basename(file_path), ".yaml") => content + if startswith(file_path, "custom_format/") + } + quality_profiles = { + for file_path, content in local.all_configs : + trimsuffix(basename(file_path), ".yaml") => content + if startswith(file_path, "quality_profile/") + } + download_clients = { + for file_path, content in local.all_configs : + trimsuffix(basename(file_path), ".yaml") => content + if startswith(file_path, "download_client/") + } + indexers = { + for file_path, content in local.all_configs : + trimsuffix(basename(file_path), ".yaml") => content + if startswith(file_path, "indexer/") + } + notifications = { + for file_path, content in local.all_configs : + trimsuffix(basename(file_path), ".yaml") => content + if startswith(file_path, "notification/") + } + delay_profiles = { + for file_path, content in local.all_configs : + trimsuffix(basename(file_path), ".yaml") => content + if startswith(file_path, "delay_profile/") + } + root_folders = { + for file_path, content in local.all_configs : + trimsuffix(basename(file_path), ".yaml") => content + if startswith(file_path, "root_folder/") + } + } +} diff --git a/config/custom_format/1080p.yaml b/config/custom_format/1080p.yaml new file mode 100644 index 0000000..b5bf75d --- /dev/null +++ b/config/custom_format/1080p.yaml @@ -0,0 +1,7 @@ +include_custom_format_when_renaming: false +specifications: +- name: 1080p + implementation: ResolutionSpecification + negate: false + required: false + value: '1080' diff --git a/config/custom_format/2160p.yaml b/config/custom_format/2160p.yaml new file mode 100644 index 0000000..9f759b7 --- /dev/null +++ b/config/custom_format/2160p.yaml @@ -0,0 +1,7 @@ +include_custom_format_when_renaming: false +specifications: +- name: 2160p + implementation: ResolutionSpecification + negate: false + required: false + value: '2160' diff --git a/config/custom_format/720p.yaml b/config/custom_format/720p.yaml new file mode 100644 index 0000000..4a16fa7 --- /dev/null +++ b/config/custom_format/720p.yaml @@ -0,0 +1,7 @@ +include_custom_format_when_renaming: false +specifications: +- name: 720p + implementation: ResolutionSpecification + negate: false + required: false + value: '720' diff --git a/config/custom_format/x264.yaml b/config/custom_format/x264.yaml new file mode 100644 index 0000000..a06824e --- /dev/null +++ b/config/custom_format/x264.yaml @@ -0,0 +1,7 @@ +include_custom_format_when_renaming: false +specifications: +- name: x264 + implementation: ReleaseTitleSpecification + negate: false + required: false + value: (x|h)\.?264 diff --git a/config/custom_format/x265.yaml b/config/custom_format/x265.yaml new file mode 100644 index 0000000..e357a62 --- /dev/null +++ b/config/custom_format/x265.yaml @@ -0,0 +1,7 @@ +include_custom_format_when_renaming: false +specifications: +- name: x265 + implementation: ReleaseTitleSpecification + negate: false + required: false + value: (((x|h)\.?265)|(HEVC)) diff --git a/config/delay_profile/default.yaml b/config/delay_profile/default.yaml new file mode 100644 index 0000000..9e5e19f --- /dev/null +++ b/config/delay_profile/default.yaml @@ -0,0 +1,7 @@ +enable_usenet: true +enable_torrent: true +preferred_protocol: usenet +usenet_delay: 0 +torrent_delay: 0 +bypass_if_highest_quality: true +tags: [] diff --git a/config/download_client/NZBGet.yaml b/config/download_client/NZBGet.yaml new file mode 100644 index 0000000..3c25195 --- /dev/null +++ b/config/download_client/NZBGet.yaml @@ -0,0 +1,10 @@ +enable: true +priority: 1 +host: nzbget.service.consul +port: 443 +use_ssl: true +username: "svc_nzbsubmit" +password: "" +movie_category: movies +remove_completed_downloads: true +remove_failed_downloads: true diff --git a/config/indexer/NZBgeek_Prowlarr.yaml b/config/indexer/NZBgeek_Prowlarr.yaml new file mode 100644 index 0000000..4c7ac8d --- /dev/null +++ b/config/indexer/NZBgeek_Prowlarr.yaml @@ -0,0 +1,17 @@ +name: "NZBgeek (Prowlarr)" +enable_automatic_search: true +enable_interactive_search: true +enable_rss: true +priority: 25 +base_url: "https://prowlarr.service.consul/1/" +api_path: "/api" +api_key: "" +categories: + - 2000 + - 2010 + - 2020 + - 2030 + - 2040 + - 2045 + - 2050 + - 2060 diff --git a/config/notification/Jellyfin.yaml b/config/notification/Jellyfin.yaml new file mode 100644 index 0000000..956235f --- /dev/null +++ b/config/notification/Jellyfin.yaml @@ -0,0 +1,15 @@ +name: "Emby / Jellyfin" +host: jellyfin.service.consul +port: 443 +use_ssl: true +api_key: "" +notify: false +update_library: true +on_grab: true +on_download: true +on_upgrade: true +on_rename: true +on_movie_delete: true +on_movie_file_delete: true +on_movie_file_delete_for_upgrade: true +on_application_update: true diff --git a/config/quality_profile/BestQuality_1080p.yaml b/config/quality_profile/BestQuality_1080p.yaml new file mode 100644 index 0000000..a826826 --- /dev/null +++ b/config/quality_profile/BestQuality_1080p.yaml @@ -0,0 +1,73 @@ +upgrade_allowed: true +cutoff: 7 +cutoff_format_score: 5000 +min_format_score: 0 +language: + id: -2 + name: Original +quality_groups: + - qualities: + - id: 7 + name: Bluray-1080p + source: bluray + resolution: 1080 + - id: 1002 + name: "WEB 1080p" + qualities: + - id: 3 + name: WEBDL-1080p + source: webdl + resolution: 1080 + - id: 15 + name: WEBRip-1080p + source: webrip + resolution: 1080 + - qualities: + - id: 9 + name: HDTV-1080p + source: tv + resolution: 1080 + - qualities: + - id: 6 + name: Bluray-720p + source: bluray + resolution: 720 + - id: 1001 + name: "WEB 720p" + qualities: + - id: 5 + name: WEBDL-720p + source: webdl + resolution: 720 + - id: 14 + name: WEBRip-720p + source: webrip + resolution: 720 + - qualities: + - id: 4 + name: HDTV-720p + source: tv + resolution: 720 + - qualities: + - id: 21 + name: Bluray-576p + source: bluray + resolution: 576 + - qualities: + - id: 20 + name: Bluray-480p + source: bluray + resolution: 480 +format_items: + - name: x264 + format: x264 + score: -200 + - name: x265 + format: x265 + score: 1000 + - name: 1080p + format: 1080p + score: 500 + - name: 720p + format: 720p + score: 200 diff --git a/config/quality_profile/BestQuality_2160p.yaml b/config/quality_profile/BestQuality_2160p.yaml new file mode 100644 index 0000000..994da93 --- /dev/null +++ b/config/quality_profile/BestQuality_2160p.yaml @@ -0,0 +1,37 @@ +upgrade_allowed: true +cutoff: 19 +cutoff_format_score: 5000 +min_format_score: 0 +language: + id: -2 + name: Original +quality_groups: + - qualities: + - id: 19 + name: Bluray-2160p + source: bluray + resolution: 2160 + - id: 1003 + name: "WEB 2160p" + qualities: + - id: 18 + name: WEBDL-2160p + source: webdl + resolution: 2160 + - id: 17 + name: WEBRip-2160p + source: webrip + resolution: 2160 +format_items: + - name: 2160p + format: 2160p + score: 2000 + - name: 1080p + format: 1080p + score: 500 + - name: x265 + format: x265 + score: 2000 + - name: x264 + format: x264 + score: -5000 diff --git a/config/quality_profile/DONT_USE_WEBDL.yaml b/config/quality_profile/DONT_USE_WEBDL.yaml new file mode 100644 index 0000000..601988e --- /dev/null +++ b/config/quality_profile/DONT_USE_WEBDL.yaml @@ -0,0 +1,35 @@ +upgrade_allowed: true +cutoff: 1002 +cutoff_format_score: 300 +min_format_score: 300 +language: + id: 1 + name: English +quality_groups: + - id: 1002 + name: "WEB 1080p" + qualities: + - id: 3 + name: WEBDL-1080p + source: webdl + resolution: 1080 + - id: 15 + name: WEBRip-1080p + source: webrip + resolution: 1080 +format_items: + - name: 2160p + format: 2160p + score: -300 + - name: x264 + format: x264 + score: -200 + - name: x265 + format: x265 + score: -200 + - name: 1080p + format: 1080p + score: -200 + - name: 720p + format: 720p + score: 300 diff --git a/config/root_folder/movies.yaml b/config/root_folder/movies.yaml new file mode 100644 index 0000000..b5e35aa --- /dev/null +++ b/config/root_folder/movies.yaml @@ -0,0 +1 @@ +path: "/shared/media/movies" diff --git a/environments/radarr.service.consul/.terraform.lock.hcl b/environments/radarr.service.consul/.terraform.lock.hcl new file mode 100644 index 0000000..6f49c48 --- /dev/null +++ b/environments/radarr.service.consul/.terraform.lock.hcl @@ -0,0 +1,25 @@ +# This file is maintained automatically by "tofu init". +# Manual edits may be lost in future updates. + +provider "registry.opentofu.org/devopsarr/radarr" { + version = "2.3.5" + constraints = "2.3.5" + hashes = [ + "h1:wrU8A9nJHJ1W1VUSGC9O/J7AUJQOyY1OvKMDuL4W4Kw=", + "zh:18cb2579f9312aee8d17ffa938664f71c9376abea0a6da3d053ebdaef66a2f62", + "zh:19dbdff678f6f5b90da2f61ef4b1afed619a317474b344f9de15db35c57e2e47", + "zh:21af82e9cdd7b85f6a943655675bae1d330d225e6c4c683f9bbabfc938280228", + "zh:26bebd01c85d457dbe7e80978456695f00396ed830878b0151d495a4ce7ef4ba", + "zh:66eba536cf2b5de49c62386e65910347cb4deac6cdf9bec920a1090db6a8a5a4", + "zh:6905bbfbec2b7d67cab381c6491c018163e7cb410e55bfedc598ada378643c56", + "zh:78bdf398fe1db2c63c2ccc9da1b8fc27fb711ae831bef91e3ea198d7d684dc98", + "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f", + "zh:8cff19564bf543894fbbca5c936f47fa9446724cefbaa2f63dedd79feb3ca52a", + "zh:94be12c4165d5fda164aff3e7b600e9dab40528563a0758dd198c9ace69437b6", + "zh:9c22c104248cb8022935df1674404bded46a4f4f54daf6ba96ee800316eb95b9", + "zh:a5d217038373d605531537ebaecae8ba136b8c7198a50c6a47c6932cb8485737", + "zh:c244be13b67eecbd395b123986343e77f168dc07eaaf888bc8206db2ba4a6cfc", + "zh:cee38aa1920f5d37ea56421b0ea57ebcefde87b0c57a61c5aa6476d4f185291a", + "zh:e95c3c4caad13cf1e4e37b721205d09564978d514f42ccb56d7ea94a498dad7e", + ] +} diff --git a/environments/radarr.service.consul/terragrunt.hcl b/environments/radarr.service.consul/terragrunt.hcl new file mode 100644 index 0000000..75747fd --- /dev/null +++ b/environments/radarr.service.consul/terragrunt.hcl @@ -0,0 +1,27 @@ +include "root" { + path = find_in_parent_folders("root.hcl") + expose = true +} + +include "config" { + path = "${get_repo_root()}/config/config.hcl" + expose = true +} + +locals { + config = include.config.locals.config +} + +terraform { + source = "../../modules/radarr" +} + +inputs = { + custom_formats = local.config.custom_formats + quality_profiles = local.config.quality_profiles + download_clients = local.config.download_clients + indexers = local.config.indexers + notifications = local.config.notifications + delay_profiles = local.config.delay_profiles + root_folders = local.config.root_folders +} diff --git a/environments/root.hcl b/environments/root.hcl new file mode 100644 index 0000000..69e68cd --- /dev/null +++ b/environments/root.hcl @@ -0,0 +1,32 @@ +generate "backend" { + path = "backend.tf" + if_exists = "overwrite" + contents = <