infra/roles/jellyfin/tasks/jellyfin.yml

266 lines
5.7 KiB
YAML

---
# subtitles: https://jellyfin.org/docs/general/server/media/subtitles.html
- name: install certs
copy:
src: "/usr/local/etc/letsencrypt/live/{{ item }}"
dest: "/usr/local/etc/certs/"
owner: root
group: root
mode: 0755
tags:
- letsencrypt-certs
notify: reload nginx
vars:
prediff_cmd: echo
with_items:
- "{{ jellyfin_url }}"
- name: install packages for hardware acceleration
apt:
state: latest
name:
- vainfo
- i965-va-driver
tags:
- packages
when:
- jellyfin_hardware_acceleration_available|default(false)
- name: create dir structure
file:
path: "{{ jellyfin_root }}/{{ item }}"
state: directory
mode: 0750
owner: jellyfin
group: jellyfin
with_items:
- config
- config/plugins/configurations
- cache
tags: jellyfin-dirs
- name: create nginx cache dir
file:
path: "{{ jellyfin_root }}/nginx-cache"
state: directory
mode: 0750
owner: www-data
group: jellyfin
tags: jellyfin-dirs
- name: make dirs for auth stuff
file:
state: directory
path: "{{ jellyfin_auth_path }}"
owner: www-data
group: www-data
mode: 0755
tags:
- nginx-config
- jellyfin-conf
notify: reload nginx
- name: template html
template:
src: private/{{ item }}.j2
dest: "{{ jellyfin_auth_path }}/{{ item }}"
owner: www-data
group: www-data
mode: 0755
with_items:
- jellyfin_auth_ok.html
- jellyfin_auth_prompt.html
tags:
- nginx-config
- jellyfin-conf
- name: template jellyfin-web/config.json
template:
src: jellyfin-web-config.json.j2
dest: "{{ jellyfin_root }}/jellyfin-web/config.json"
owner: www-data
group: www-data
mode: 0755
- name: start container
docker_container:
name: jellyfin
image: jellyfin/jellyfin:10.8.7
auto_remove: no
detach: yes
pull: yes
restart_policy: "unless-stopped"
state: started
user: "{{ systemuserlist.jellyfin.uid }}:{{ grouplist.media.gid }}"
container_default_behavior: compatibility
hostname: "{{ jellyfin_url.split('.')[0] }}"
labels:
dockerlogs_format: jellyfin
ports:
- 127.0.0.1:8096:8096
networks_cli_compatible: no
networks:
- name: bridgewithdns
ipv4_address: "{{ bridgewithdns.notflix }}"
mounts:
- type: bind
source: "{{ jellyfin_root }}/config"
target: /config
- type: bind
source: "{{ jellyfin_root }}/cache"
target: /cache
- type: bind
source: "{{ jellyfin_media }}"
target: /media
- type: bind
source: "{{ jellyfin_root }}/jellyfin-web/config.json"
target: /jellyfin/jellyfin-web/config.json
# - type: bind
# source: "{{ jellyfin_root }}/index.html"
# target: /jellyfin/jellyfin-web/index.html
# read_only: yes
env:
JELLYFIN_PublishedServerUrl: "{{ jellyfin_url }}"
tags:
- jellyfin-container
- docker-containers
# - name: get jellyfin container ip
# shell: "docker inspect jellyfin | jq -r '.[].NetworkSettings.IPAddress'"
# register: jellyfin_ip
# changed_when: no
# tags:
# - jellyfin-container
- name: ldap config for jellyfin
template:
src: LDAP-Auth.xml.j2
dest: "{{ jellyfin_root }}/config/plugins/configurations/LDAP-Auth.xml"
owner: jellyfin
group: jellyfin
mode: 0644
tags:
- ldap
- openldap
- jellyfin-ldap
- name: template logging.json
template:
src: logging.json.j2
dest: "{{ jellyfin_root }}/config/config/logging.json"
owner: jellyfin
group: jellyfin
mode: 0644
- name: jellyfin nginx dir
file:
path: /etc/nginx/jellyfin
state: directory
owner: www-data
group: www-data
- name: acl exists
file:
state: touch
path: "/etc/nginx/jellyfin/acl.conf"
owner: jellyfin
group: jellyfin
mode: 0775
changed_when: false
- name: template auth stuff
template:
src: "private/{{ item }}.j2"
dest: "/etc/nginx/jellyfin/{{ item }}"
notify: reload nginx
tags:
- jellyfin-conf
- jellyfin-users
- jellyfin-auth
- nginx-conf
with_items:
- users.digest
- jellyfin_auth.conf
- name: template acl script
template:
src: jellyfin_auth.py.j2
dest: /usr/local/bin/jellyfin_auth.py
mode: 0755
owner: www-data
group: www-data
tags:
- jellyfin-auth
- name: install systemd config for auth stuff
template:
src: private/jellyfin_auth.service.j2
dest: "/etc/systemd/system/jellyfin_auth.service"
tags:
- jellyfin-auth
- name: disable jellyfin_auth
systemd:
state: stopped
enabled: false
daemon_reload: true
name: jellyfin_auth
- name: template robots.txt
template:
src: "robots.txt.j2"
dest: "{{ systemuserlist.jellyfin.home }}/robots.txt"
owner: jellyfin
group: jellyfin
mode: 0755
tags:
- jellyfin-nginx
- jellyfin-robots
notify: reload nginx
- name: template jellyfin nginx config
template:
src: 01-jellyfin.j2
dest: /etc/nginx/sites-enabled/01-jellyfin
owner: root
group: root
mode: 0775
tags:
- nginx-config
- jellyfin-conf
- nginx-jellyfin
- jellyfin-nginx
notify: reload nginx
# - name: wait for jellyfin container on {{ jellyfin_ip.stdout }}
# wait_for:
# port: 8096
# host: "{{ jellyfin_ip.stdout }}"
# tags:
# - jellyfin-container
- name: telegraf file
template:
src: jellyfin-telegraf.conf.j2
dest: /etc/telegraf/telegraf.d/jellyfin.conf
notify:
- restart telegraf
tags:
- telegraf-config
- name: template filebeat config
template:
src: filebeat-jellyfin.yml.j2
dest: "/etc/filebeat/inputs.d/jellyfin.yml"
owner: root
group: root
mode: 0644
tags:
- filebeat
- filebeat-input
notify: restart filebeat