KeyArgo
/
seedbox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Cleanup and refactoring

This commit is contained in:
Jean Froment 2018-06-19 20:45:37 +02:00
parent 8257f07fa7
commit 3cd72ed641
20 changed files with 4 additions and 381 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
Dockerfiles/deluge/Dockerfile
View File

@ -1,16 +0,0 @@
FROM buildpack-deps:xenial-scm
MAINTAINER Jean Froment <froment.je@gmail.com>
RUN apt-get update; apt-get install -y \
deluged \
deluge-web
ADD entrypoint.sh /opt/entrypoint.sh
RUN chmod a+x /opt/entrypoint.sh
VOLUME /config
VOLUME /torrents
EXPOSE 8112 58846 53160 53160/udp
CMD ["/opt/entrypoint.sh"]

8
Dockerfiles/deluge/entrypoint.sh
View File

@ -1,8 +0,0 @@
#!/bin/sh
rm -f /config/deluged.pid
mkdir -p /config/deluge
deluged -c /config/deluge -L info -l /config/deluge/deluged.log
deluge-web -c /config/deluge

18
Dockerfiles/frontend/Dockerfile
View File

@ -1,18 +0,0 @@
FROM nginx:1.11-alpine
MAINTAINER Jean Froment <froment.je@gmail.com>
RUN apk add --no-cache apache2-utils openssl
VOLUME /config
EXPOSE 80 443
ENV USERNAME=user \
PASSWORD=h4ckMePleAse \
USE_SSL=true
COPY nginx.conf common_default.conf ssl.conf /etc/nginx/
COPY init /
COPY ssl-gen /usr/local/bin
CMD ["/init"]

14
Dockerfiles/frontend/common_default.conf
View File

@ -1,14 +0,0 @@
# vim: ft=nginx
listen 80;
listen [::]:80;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_redirect off;
proxy_buffering off;
proxy_http_version 1.1;

23
Dockerfiles/frontend/init
View File

@ -1,23 +0,0 @@
#!/usr/bin/env sh
# Make placeholder config directory
mkdir -p /config/frontend
# Set basic auth credentials
htpasswd -cb /etc/nginx/.htpasswd $USERNAME $PASSWORD
# Replace common.conf with default
cp -f /etc/nginx/common_default.conf /etc/nginx/common.conf
${USE_SSL:=false}
if $USE_SSL ; then
echo "include ssl.conf;" >> /etc/nginx/common.conf
# Create self-signed certificate if using ssl and keys do not exist.
# You can always replace these with your own keys later.
if [[ ! -f /config/frontend/ssl.key || ! -f /config/frontend/ssl.crt ]]; then
ssl-gen seedbox
fi
fi
exec nginx -g "daemon off;"

133
Dockerfiles/frontend/nginx.conf
View File

@ -1,133 +0,0 @@
worker_processes auto;
user root root;
pid /run/nginx.pid;
events {
worker_connections 4096;
use epoll;
multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA';
access_log off;
error_log off;
gzip on;
gzip_disable "msie6";
client_max_body_size 0;
auth_basic "Restricted";
auth_basic_user_file .htpasswd;
# Use builtin Docker DNS as resolver for services
resolver 127.0.0.11;
server {
include common.conf;
server_name ~^(organizr)(\.\w+)+$;
location / {
set $organizr http://organizr:80;
proxy_pass $organizr;
}
}
server {
include common.conf;
server_name ~^(deluge)(\.\w+)+$;
location / {
set $deluge http://deluge:8112;
proxy_pass $deluge;
}
}
server {
include common.conf;
server_name ~^(owncloud)(\.\w+)+$;
location / {
set $owncloud http://owncloud:80;
proxy_pass $owncloud;
}
}
server {
include common.conf;
server_name ~^(explore)(\.\w+)+$;
location / {
set $h5ai http://h5ai:12333;
proxy_pass $h5ai;
}
}
server {
include common.conf;
server_name ~^(plex)(\.\w+)+$;
auth_basic "off";
location / {
set $plex http://plex:32400;
proxy_pass $plex;
}
}
server {
include common.conf;
server_name ~^(webtools)(\.\w+)+$;
location / {
set $webtools http://plex:33442;
proxy_pass $webtools;
}
}
server {
include common.conf;
server_name ~^(sonarr)(\.\w+)+$;
location / {
set $sonarr http://sonarr:8989;
proxy_pass $sonarr;
}
}
server {
include common.conf;
server_name ~^(jackett)(\.\w+)+$;
location / {
set $sonarr http://sonarr:9117;
proxy_pass $sonarr;
}
}
server {
include common.conf;
server_name ~^(radarr)(\.\w+)+$;
location / {
set $radarr http://radarr:7878;
proxy_pass $radarr;
}
}
}
# vim: ft=nginx

9
Dockerfiles/frontend/ssl-gen
View File

@ -1,9 +0,0 @@
#!/usr/bin/env sh
# Short helper script to generate self signed SSL certificates.
mkdir -p /config/frontend
openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 \
-subj "/C=SB/ST=Seedbox/L=Seedbox/O=Seedbox/CN=$1" \
-keyout /config/frontend/ssl.key -out /config/frontend/ssl.crt

11
Dockerfiles/frontend/ssl.conf
View File

@ -1,11 +0,0 @@
# vim: ft=nginx
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /config/frontend/ssl.crt;
ssl_certificate_key /config/frontend/ssl.key;
if ($ssl_protocol = "") {
rewrite ^ https://$host$request_uri? permanent;
}

26
Dockerfiles/radarr/Dockerfile
View File

@ -1,26 +0,0 @@
FROM lsiobase/mono
MAINTAINER sparklyballs
# environment settings
ENV XDG_CONFIG_HOME="/config/xdg"
# install radarr
RUN \
radarr_tag=$(curl -sX GET "https://api.github.com/repos/Radarr/Radarr/releases" \
| awk '/tag_name/{print $4;exit}' FS='[""]') && \
mkdir -p \
/opt/radarr && \
curl -o \
/tmp/radar.tar.gz -L \
"https://github.com/galli-leo/Radarr/releases/download/${radarr_tag}/Radarr.develop.${radarr_tag#v}.linux.tar.gz" && \
tar ixzf \
/tmp/radar.tar.gz -C \
/opt/radarr --strip-components=1 && \
rm -rf /tmp/*
# add local files
COPY /root /
# ports and volumes
EXPOSE 7878
VOLUME /config /torrents

7
Dockerfiles/radarr/root/etc/cont-init.d/30-config
View File

@ -1,7 +0,0 @@
#!/usr/bin/with-contenv bash
# permissions
chown -R abc:abc \
/config \
/opt

7
Dockerfiles/radarr/root/etc/services.d/radarr/run
View File

@ -1,7 +0,0 @@
#!/usr/bin/with-contenv bash
cd /opt/radarr || exit
exec \
s6-setuidgid abc mono --debug Radarr.exe \
-nobrowser -data=/config

30
Dockerfiles/sonarr/Dockerfile
View File

@ -1,30 +0,0 @@
FROM buildpack-deps:xenial-scm
MAINTAINER Jean Froment <froment.je@gmail.com>
# Install Sonarr, S6, and Jackett
RUN echo "deb http://apt.sonarr.tv/ master main" \
> /etc/apt/sources.list.d/sonarr.list \
&& echo "deb http://download.mono-project.com/repo/ubuntu xenial main" \
> /etc/apt/sources.list.d/mono.list \
&& apt-key adv --keyserver keyserver.ubuntu.com --recv-keys FDA5DFFC \
&& apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF \
&& apt-get update \
&& apt-get install -y mono-complete nzbdrone libcurl4-openssl-dev \
&& curl -sL "https://github.com/just-containers/s6-overlay/releases/download/v1.18.1.5/s6-overlay-amd64.tar.gz" \
| tar xz -C / \
&& curl -sL $(curl -sL https://api.github.com/repos/Jackett/Jackett/releases | grep browser_download_url | grep Mono | head -n 1 | cut -d '"' -f 4) \
| tar xz -C /opt \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
# Set Jackett config path
ENV XDG_DATA_HOME="/config" \
XDG_CONFIG_HOME="/config"
VOLUME /config
# 8989 is Sonarr, 9117 is Jackett
EXPOSE 8989 9117
COPY services.d /etc/services.d
CMD ["/init"]

3
Dockerfiles/sonarr/services.d/jackett/run
View File

@ -1,3 +0,0 @@
#!/usr/bin/with-contenv sh
exec mono /opt/Jackett/JackettConsole.exe

7
Dockerfiles/sonarr/services.d/sonarr/run
View File

@ -1,7 +0,0 @@
#!/usr/bin/with-contenv sh
mkdir -p /config/sonarr
rm -f /config/sonarr/nzbdrone.pid
exec mono /opt/NzbDrone/NzbDrone.exe -nobrowser -data=/config/sonarr

19
README.md
View File

@ -10,14 +10,12 @@ Go to `x.hostname` where `x` is the service you want to access.
Included services are: Included services are:
- deluge - deluge
- sonarr - sonarr
- jackett (included in the sonarr image) - jackett
- plex - plex
- h5ai (service accessible via `explore.hostname`) - h5ai (service accessible via `explore.hostname`)
- radarr - radarr
- ownCloud (still in testing phase)
- organizr
The front-end reverse proxy routes based on the lowest level subdomain (e.g. The front-end reverse proxy (Traefik) routes based on the lowest level subdomain (e.g.
`deluge.example.com` would route to deluge). Since this is how the router `deluge.example.com` would route to deluge). Since this is how the router
works, it is recommended for you to get a top level domain. If you do not have works, it is recommended for you to get a top level domain. If you do not have
one, you can edit your domains locally by changing your hosts file or use a one, you can edit your domains locally by changing your hosts file or use a
@ -54,20 +52,11 @@ You may optionally build the images yourself instead of pulling by running
`./build-all.sh`. `./build-all.sh`.
## Configuration ## Configuration
Copy the `config.default` file to `config` and change the variables as desired. Copy the `.env.sample` file to `.env` and change the variables as desired.
The variables are all self-explanatory. The variables are all self-explanatory.
If you want to enable SSL, you would need to have your certificate and key be
at `/config/frontend/ssl.crt` and `/config/frontend/ssl.key` respectively. The
frontend image includes a command `ssl-gen` to automatically create self signed
certificates for you.
## PlexPass ## PlexPass
If you own PlexPass, you can get the docker image to auto-update to the latest More info soon.
PlexPass version when the container starts up. This is arguably bad docker
practice since containers are supposed to be immutable, but in this case, I
think the convenience outweighs that. All you have to do is set the
`PLEX_EMAIL` and `PLEX_PASSWORD` variables in the config file.
## Where is my data? ## Where is my data?
All data is saved in the docker volumes `seedbox_config` or All data is saved in the docker volumes `seedbox_config` or

4
build-all.sh
View File

@ -22,11 +22,7 @@ while getopts ":nq" opt; do
esac esac
done done
docker build -t fromenje/seedbox:frontend $ARGS Dockerfiles/frontend &
docker build -t fromenje/seedbox:plex $ARGS Dockerfiles/plex & docker build -t fromenje/seedbox:plex $ARGS Dockerfiles/plex &
docker build -t fromenje/seedbox:deluge $ARGS Dockerfiles/deluge &
docker build -t fromenje/seedbox:sonarr $ARGS Dockerfiles/sonarr &
docker build -t fromenje/seedbox:h5ai $ARGS Dockerfiles/h5ai & docker build -t fromenje/seedbox:h5ai $ARGS Dockerfiles/h5ai &
docker build -t fromenje/seedbox:radarr $ARGS Dockerfiles/radarr &
wait wait

8
config.default
View File

@ -1,8 +0,0 @@
USERNAME=username
PASSWORD=h4ckMePleAse
USE_SSL=true
MYSQL_ROOT_PASSWORD=h4ckMePleAse
# For Plex Pass download only
PLEX_EMAIL=
PLEX_PASSWORD=

26
docker-compose.yml
View File

@ -1,20 +1,6 @@
version: '3' version: '3'
services: services:
# frontend:
# image: fromenje/seedbox:frontend
# build: Dockerfiles/frontend
# restart: always
# networks:
# - main
# ports:
# - "80:80"
# - "443:443"
# volumes:
# - config:/config
# env_file:
# - config
traefik: traefik:
image: traefik image: traefik
container_name: traefik container_name: traefik
@ -183,18 +169,6 @@ services:
- 'traefik.frontend.auth.basic=${HTTP_USER}:${HTTP_PASSWORD}' - 'traefik.frontend.auth.basic=${HTTP_USER}:${HTTP_PASSWORD}'
- 'traefik.enable=true' - 'traefik.enable=true'
# organizr:
# image: lsiocommunity/organizr
# restart: always
# networks:
# - main
# volumes:
# - config:/config
# environment:
# - PGID=33
# - PUID=33
# - TZ=Europe/Paris
portainer: portainer:
image: portainer/portainer image: portainer/portainer
volumes: volumes:

4
push-images.sh
View File

@ -2,9 +2,5 @@
# Push all images to the docker registry. # Push all images to the docker registry.
docker push fromenje/seedbox:frontend
docker push fromenje/seedbox:plex docker push fromenje/seedbox:plex
docker push fromenje/seedbox:sonarr
docker push fromenje/seedbox:deluge
docker push fromenje/seedbox:h5ai docker push fromenje/seedbox:h5ai
docker push fromenje/seedbox:radarr

12
traefik.toml
View File

@ -17,18 +17,6 @@ defaultEntryPoints = ["http", "https"]
[retry] [retry]
# [acme]
# email = "email@company.com"
# storage = "acme.json"
# onDemande = true
# caServer = "https://acme-v02.api.letsencrypt.org/directory"
# entryPoint = "https"
# [acme.httpChallenge]
# entryPoint = "http"
# [[acme.domains]]
# main = "sub.domain.com"
# sans = ["sub.domain.com", "sub2.domain.com"]
[acme] [acme]
email = "overriden@in-traefik.yml" email = "overriden@in-traefik.yml"
storage = "acme.json" storage = "acme.json"