├── LICENSE ├── README.md └── playbooks ├── roles ├── couchpotato │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── templates │ │ └── couchpotato.default.j2 │ └── vars │ │ └── main.yml ├── mastermind │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── meta │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── templates │ │ └── mastermind.nginx.j2 │ └── vars │ │ └── main.yml ├── newrelic │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ └── tasks │ │ ├── main.yml │ │ └── nginx.yml ├── plexmediaserver │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ └── templates │ │ └── default.j2 ├── rtorrent │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── tasks │ │ ├── main.yml │ │ ├── monit.yml │ │ └── rutorrent.yml │ ├── templates │ │ ├── rtorrent.default.j2 │ │ ├── rtorrent.init.j2 │ │ ├── rtorrent.monit.j2 │ │ └── rtorrent.rc.j2 │ └── vars │ │ └── main.yml ├── sabnzbd │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── templates │ │ ├── sabnzbd.ini.j2 │ │ └── sabnzbdplus.default.j2 │ └── vars │ │ └── main.yml ├── sickbeard │ ├── defaults │ │ └── main.yml │ ├── handlers │ │ └── main.yml │ ├── tasks │ │ └── main.yml │ ├── templates │ │ ├── autoProcessTV.cfg.j2 │ │ └── sickbeard.default.j2 │ └── vars │ │ └── main.yml └── sonarr │ ├── defaults │ └── main.yml │ ├── handlers │ └── main.yml │ ├── tasks │ └── main.yml │ └── templates │ ├── sonarr.config.j2 │ └── sonarr.upstart.j2 ├── site.yml.example └── vars └── secret.yml.example /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2015 Jameel Al-Aziz 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | mastermind 2 | ========== 3 | 4 | ## Instructions 5 | 6 | 1. Modify the example site.yml and vars/secret.yml according to your needs 7 | 8 | ```sh 9 | cd playbooks 10 | mv site.yml.example site.yml 11 | mv vars/secret.yml.example vars/secret.yml 12 | ``` 13 | 14 | 2. Install ansible 15 | 16 | ```sh 17 | pip install "ansible>=2.0" 18 | ``` 19 | 20 | 3. Run the playbooks 21 | ```sh 22 | ansible-playbook -i change.me, site.yml 23 | ``` 24 | 25 | ## TO DO 26 | 27 | - [x] ~~Upgrade ruTorrent to 3.7 (changed packaging)~~ - Using the Github repo instead 28 | - [x] ~~Upgrade rTorrent to 0.9.6 (need to update the PPA)~~ - 0.9.6 is available on my [PPA](https://launchpad.net/~jalaziz/+archive/ubuntu/rtorrent) 29 | - [ ] Add configuration instructions to README 30 | -------------------------------------------------------------------------------- /playbooks/roles/couchpotato/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | couchpotato_repo: https://github.com/RuudBurger/CouchPotatoServer.git 3 | couchpotato_install_dir: /opt/couchpotato 4 | couchpotato_data_dir: /var/lib/couchpotato 5 | couchpotato_config_dir: /etc/couchpotato 6 | couchpotato_config_file: "{{ couchpotato_config_dir }}/settings.conf" 7 | couchpotato_pid_dir: /var/run/couchpotato 8 | 9 | couchpotato_host: localhost 10 | couchpotato_port: 5050 11 | couchpotato_url_base: "" 12 | couchpotato_ssl_key: "" 13 | couchpotato_ssl_cert: "" 14 | 15 | couchpotato_api_key: "" 16 | couchpotato_permission_folder: "0755" 17 | couchpotato_permission_file: "0644" 18 | couchpotato_launch_browser: 0 19 | 20 | couchpotato_manage_enabled: 0 21 | couchpotato_manage_startup_scan: 1 22 | couchpotato_manage_library_refresh_interval: 0 23 | couchpotato_manage_cleanup: 1 24 | couchpotato_manage_library: "" 25 | 26 | couchpotato_renamer_enabled: 0 27 | couchpotato_renamer_from: "" 28 | couchpotato_renamer_to: "" 29 | couchpotato_renamer_force_every: 2 30 | couchpotato_renamer_file_name: "." 31 | couchpotato_renamer_default_file_action: move 32 | couchpotato_renamer_unrar: 0 33 | couchpotato_renamer_cleanup: 0 34 | couchpotato_renamer_folder_name: " ()" 35 | couchpotato_renamer_run_every: 1 36 | couchpotato_renamer_file_action: link 37 | 38 | couchpotato_blackhole_dir: "{{ couchpotato_data_dir }}" 39 | couchpotato_blackhole_manual: 0 40 | couchpotato_blackhole_enabled: 0 41 | couchpotato_blackhole_use_for: both 42 | couchpotato_blackhole_create_subdir: 0 43 | 44 | couchpotato_sabnzbd_category: movies 45 | couchpotato_sabnzbd_delete_failed: 1 46 | couchpotato_sabnzbd_manual: 0 47 | couchpotato_sabnzbd_enabled: 0 48 | couchpotato_sabnzbd_priority: 0 49 | couchpotato_sabnzbd_ssl: 0 50 | couchpotato_sabnzbd_host: localhost:8080 51 | couchpotato_sabnzbd_remove_complete: 0 52 | couchpotato_sabnzbd_api_key: "" 53 | 54 | couchpotato_rtorrent_username: "" 55 | couchpotato_rtorrent_password: "" 56 | couchpotato_rtorrent_manual: 0 57 | couchpotato_rtorrent_enabled: 0 58 | couchpotato_rtorrent_label: movies 59 | couchpotato_rtorrent_paused: 0 60 | couchpotato_rtorrent_delete_files: 1 61 | couchpotato_rtorrent_remove_complete: 0 62 | couchpotato_rtorrent_directory: "" 63 | couchpotato_rtorrent_rpc_url: RPC2 64 | couchpotato_rtorrent_ssl: 0 65 | couchpotato_rtorrent_host: localhost:80 66 | 67 | couchpotato_plex_enabled: 0 68 | couchpotato_plex_on_snatch: 0 69 | couchpotato_plex_clients: "" 70 | couchpotato_plex_media_server: localhost 71 | 72 | couchpotato_searcher_preferred_method: both 73 | couchpotato_searcher_preferred_words: "" 74 | 75 | couchpotato_nzb_retention: 1500 76 | 77 | couchpotato_torrent_minimum_seeders: 1 78 | 79 | couchpotato_core_config_options: 80 | api_key: "{{ couchpotato_api_key }}" 81 | ssl_key: "{{ couchpotato_ssl_key }}" 82 | ssl_cert: "{{ couchpotato_ssl_cert }}" 83 | data_dir: "{{ couchpotato_data_dir }}" 84 | permission_folder: "{{ couchpotato_permission_folder }}" 85 | url_base: "{{ couchpotato_url_base }}" 86 | launch_browser: "{{ couchpotato_launch_browser }}" 87 | host: "{{ couchpotato_host }}" 88 | port: "{{ couchpotato_port }}" 89 | permission_file: "{{ couchpotato_permission_file }}" 90 | 91 | couchpotato_manage_config_options: 92 | startup_scan: "{{ couchpotato_manage_startup_scan }}" 93 | library_refresh_interval: "{{ couchpotato_manage_library_refresh_interval }}" 94 | cleanup: "{{ couchpotato_manage_cleanup }}" 95 | enabled: "{{ couchpotato_manage_enabled }}" 96 | library: "{{ couchpotato_manage_library }}" 97 | 98 | couchpotato_renamer_config_options: 99 | from: "{{ couchpotato_renamer_from }}" 100 | force_every: "{{ couchpotato_renamer_force_every }}" 101 | to: "{{ couchpotato_renamer_to }}" 102 | file_name: "{{ couchpotato_renamer_file_name }}" 103 | enabled: "{{ couchpotato_renamer_enabled }}" 104 | default_file_action: "{{ couchpotato_renamer_default_file_action }}" 105 | unrar: "{{ couchpotato_renamer_unrar }}" 106 | cleanup: "{{ couchpotato_renamer_cleanup }}" 107 | folder_name: "{{ couchpotato_renamer_folder_name }}" 108 | run_every: "{{ couchpotato_renamer_run_every }}" 109 | file_action: "{{ couchpotato_renamer_file_action }}" 110 | 111 | couchpotato_blackhole_config_options: 112 | directory: "{{ couchpotato_blackhole_dir }}" 113 | manual: "{{ couchpotato_blackhole_manual }}" 114 | enabled: "{{ couchpotato_blackhole_enabled }}" 115 | create_subdir: "{{ couchpotato_blackhole_create_subdir }}" 116 | use_for: "{{ couchpotato_blackhole_use_for }}" 117 | 118 | couchpotato_sabnzbd_config_options: 119 | category: "{{ couchpotato_sabnzbd_category }}" 120 | delete_failed: "{{ couchpotato_sabnzbd_delete_failed }}" 121 | manual: "{{ couchpotato_sabnzbd_manual }}" 122 | enabled: "{{ couchpotato_sabnzbd_enabled }}" 123 | priority: "{{ couchpotato_sabnzbd_priority }}" 124 | ssl: "{{ couchpotato_sabnzbd_ssl }}" 125 | host: "{{ couchpotato_sabnzbd_host }}" 126 | remove_complete: "{{ couchpotato_sabnzbd_remove_complete }}" 127 | api_key: "{{ couchpotato_sabnzbd_api_key }}" 128 | 129 | couchpotato_rtorrent_config_options: 130 | username: "{{ couchpotato_rtorrent_username }}" 131 | password: "{{ couchpotato_rtorrent_password }}" 132 | manual: "{{ couchpotato_rtorrent_manual }}" 133 | enabled: "{{ couchpotato_rtorrent_enabled }}" 134 | label: "{{ couchpotato_rtorrent_label }}" 135 | paused: "{{ couchpotato_rtorrent_paused }}" 136 | delete_files: "{{ couchpotato_rtorrent_delete_files }}" 137 | remove_complete: "{{ couchpotato_rtorrent_remove_complete }}" 138 | directory: "{{ couchpotato_rtorrent_directory }}" 139 | rpc_url: "{{ couchpotato_rtorrent_rpc_url }}" 140 | ssl: "{{ couchpotato_rtorrent_ssl }}" 141 | host: "{{ couchpotato_rtorrent_host }}" 142 | 143 | couchpotato_plex_config_options: 144 | on_snatch: "{{ couchpotato_plex_on_snatch }}" 145 | clients: "{{ couchpotato_plex_clients }}" 146 | enabled: "{{ couchpotato_plex_enabled }}" 147 | media_server: "{{ couchpotato_plex_media_server }}" 148 | 149 | couchpotato_searcher_config_options: 150 | preferred_method: "{{ couchpotato_searcher_preferred_method }}" 151 | preferred_words: "{{ couchpotato_searcher_preferred_words }}" 152 | 153 | couchpotato_nzb_config_options: 154 | retention: "{{ couchpotato_nzb_retention }}" 155 | 156 | couchpotato_torrent_config_options: 157 | minimum_seeders: "{{ couchpotato_torrent_minimum_seeders }}" 158 | -------------------------------------------------------------------------------- /playbooks/roles/couchpotato/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart couchpotato 3 | service: name=couchpotato state=restarted 4 | -------------------------------------------------------------------------------- /playbooks/roles/couchpotato/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: install dependencies 3 | apt: name={{ item }} state=present 4 | with_items: 5 | - git-core 6 | - python-lxml 7 | - name: create {{ couchpotato_user }} user 8 | user: name={{ couchpotato_user }} home={{ couchpotato_data_dir }} createhome=no system=yes shell=/bin/bash 9 | - name: create directories 10 | file: path={{ item.path }} owner={{ couchpotato_user }} group={{ couchpotato_user }} mode={{ item.mode|default("755") }} state=directory 11 | with_items: 12 | - path: "{{ couchpotato_install_dir }}" 13 | - path: "{{ couchpotato_data_dir }}" 14 | - path: "{{ couchpotato_config_dir }}" 15 | - path: "{{ couchpotato_pid_dir }}" 16 | - path: "{{ couchpotato_manage_library }}" 17 | - path: "{{ couchpotato_renamer_to }}" 18 | - name: clone couchpotato repo 19 | git: repo={{ couchpotato_repo }} dest={{ couchpotato_install_dir }} 20 | notify: restart couchpotato 21 | - name: fix repo permissions 22 | file: path={{ couchpotato_install_dir }} owner={{ couchpotato_user }} group={{ couchpotato_user }} recurse=yes 23 | - name: symlink couchpotato init 24 | file: src={{ couchpotato_install_dir }}/init/ubuntu dest=/etc/init.d/couchpotato state=link mode=755 25 | - name: enable couchpotato service 26 | service: name=couchpotato enabled=yes 27 | - name: default config file 28 | template: src=couchpotato.default.j2 dest=/etc/default/couchpotato 29 | notify: restart couchpotato 30 | - name: set core config options 31 | ini_file: dest={{ couchpotato_config_file }} section=core option={{ item.key }} value="{{ item.value }}" owner={{ couchpotato_user }} group={{ couchpotato_user }} 32 | with_dict: couchpotato_core_config_options 33 | notify: restart couchpotato 34 | - name: set manage config options 35 | ini_file: dest={{ couchpotato_config_file }} section=manage option={{ item.key }} value="{{ item.value }}" owner={{ couchpotato_user }} group={{ couchpotato_user }} 36 | with_dict: couchpotato_manage_config_options 37 | notify: restart couchpotato 38 | - name: set renamer config options 39 | ini_file: dest={{ couchpotato_config_file }} section=renamer option={{ item.key }} value="{{ item.value }}" owner={{ couchpotato_user }} group={{ couchpotato_user }} 40 | with_dict: couchpotato_renamer_config_options 41 | notify: restart couchpotato 42 | - name: set blackhole config options 43 | ini_file: dest={{ couchpotato_config_file }} section=blackhole option={{ item.key }} value="{{ item.value }}" owner={{ couchpotato_user }} group={{ couchpotato_user }} 44 | with_dict: couchpotato_blackhole_config_options 45 | notify: restart couchpotato 46 | - name: set sabnzbd config options 47 | ini_file: dest={{ couchpotato_config_file }} section=sabnzbd option={{ item.key }} value="{{ item.value }}" owner={{ couchpotato_user }} group={{ couchpotato_user }} 48 | with_dict: couchpotato_sabnzbd_config_options 49 | notify: restart couchpotato 50 | - name: set rtorrent config options 51 | ini_file: dest={{ couchpotato_config_file }} section=rtorrent option={{ item.key }} value="{{ item.value }}" owner={{ couchpotato_user }} group={{ couchpotato_user }} 52 | with_dict: couchpotato_rtorrent_config_options 53 | notify: restart couchpotato 54 | - name: set plex config options 55 | ini_file: dest={{ couchpotato_config_file }} section=plex option={{ item.key }} value="{{ item.value }}" owner={{ couchpotato_user }} group={{ couchpotato_user }} 56 | with_dict: couchpotato_plex_config_options 57 | notify: restart couchpotato 58 | - name: set searcher config options 59 | ini_file: dest={{ couchpotato_config_file }} section=searcher option={{ item.key }} value="{{ item.value }}" owner={{ couchpotato_user }} group={{ couchpotato_user }} 60 | with_dict: couchpotato_searcher_config_options 61 | notify: restart couchpotato 62 | - name: set nzb config options 63 | ini_file: dest={{ couchpotato_config_file }} section=nzb option={{ item.key }} value="{{ item.value }}" owner={{ couchpotato_user }} group={{ couchpotato_user }} 64 | with_dict: couchpotato_nzb_config_options 65 | notify: restart couchpotato 66 | - name: set torrent config options 67 | ini_file: dest={{ couchpotato_config_file }} section=torrent option={{ item.key }} value="{{ item.value }}" owner={{ couchpotato_user }} group={{ couchpotato_user }} 68 | with_dict: couchpotato_torrent_config_options 69 | notify: restart couchpotato 70 | -------------------------------------------------------------------------------- /playbooks/roles/couchpotato/templates/couchpotato.default.j2: -------------------------------------------------------------------------------- 1 | CP_USER={{ couchpotato_user }} 2 | CP_HOME={{ couchpotato_install_dir }} 3 | CP_DATA={{ couchpotato_data_dir }} 4 | CP_OPTS="--config_file={{ couchpotato_config_file }}" 5 | CP_PIDFILE={{ couchpotato_pid_dir }}/couchpotato.pid 6 | -------------------------------------------------------------------------------- /playbooks/roles/couchpotato/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | couchpotato_user: couchpotato 3 | -------------------------------------------------------------------------------- /playbooks/roles/mastermind/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mastermind_domain: mastermind 3 | mastermind_ssl_cert_path: /etc/ssl/certs/{{ mastermind_domain }}.pem 4 | mastermind_ssl_key_path: /etc/ssl/private/{{ mastermind_domain }}.key 5 | mastermind_install_newrelic: yes 6 | mastermind_download_dir: /srv/mastermind/downloads 7 | mastermind_media_dir: /srv/mastermind/media 8 | -------------------------------------------------------------------------------- /playbooks/roles/mastermind/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: reload nginx 3 | service: name=nginx state=reloaded 4 | -------------------------------------------------------------------------------- /playbooks/roles/mastermind/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: sabnzbd, tags: ['sabnzbd'] } 4 | - { role: rtorrent, tags: ['rtorrent'] } 5 | - { role: plexmediaserver, tags: ['plexmediaserver'] } 6 | - { role: sickbeard, tags: ['sickbeard'] } 7 | - { role: couchpotato, tags: ['couchpotato'] } 8 | - { role: sonarr, tags: ['sonarr'] } 9 | - { role: newrelic, tags: ['newrelic'], when: mastermind_install_newrelic } 10 | -------------------------------------------------------------------------------- /playbooks/roles/mastermind/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: install dependencies 3 | apt: name={{ item }} state=present 4 | with_items: 5 | - python-passlib 6 | - name: create {{ mastermind_group }} group 7 | group: name={{ mastermind_group }} system=yes state=present 8 | - name: create directories 9 | file: path={{ item.path }} group={{ mastermind_group }} mode={{ item.mode|default("775") }} state=directory 10 | with_items: 11 | - path: "{{ mastermind_download_dir }}" 12 | mode: "755" 13 | - path: "{{ mastermind_media_dir }}" 14 | mode: "755" 15 | - path: "{{ sickbeard_tv_download_dir }}" 16 | - path: "{{ sickbeard_torrent_dir }}" 17 | - path: "{{ couchpotato_renamer_from }}" 18 | - name: install nginx-extras 19 | apt: name=nginx-extras update_cache=yes state=latest 20 | - name: delete default site symlink 21 | file: path=/etc/nginx/sites-enabled/default state=absent 22 | - name: install ssl key 23 | copy: 24 | content: "{{ mastermind_ssl_key }}" 25 | dest: "{{ mastermind_ssl_key_path }}" 26 | mode: 600 27 | notify: reload nginx 28 | - name: install ssl certificate 29 | copy: 30 | content: "{{ mastermind_ssl_cert }}" 31 | dest: "{{ mastermind_ssl_cert_path }}" 32 | mode: 644 33 | notify: reload nginx 34 | - name: setup htpasswd 35 | htpasswd: path=/etc/nginx/.htpasswd name={{ mastermind_user }} password={{ mastermind_password }} 36 | owner=root group=www-data mode=0640 37 | - name: install mastermind site 38 | template: src=mastermind.nginx.j2 dest=/etc/nginx/sites-available/mastermind 39 | notify: reload nginx 40 | - name: create mastermind site symlink 41 | file: src=/etc/nginx/sites-available/mastermind dest=/etc/nginx/sites-enabled/mastermind state=link 42 | notify: reload nginx 43 | - name: add services to mastermind group 44 | user: name={{ item }} groups={{ mastermind_group }} append=yes 45 | with_items: 46 | - "{{ sickbeard_user }}" 47 | - "{{ couchpotato_user }}" 48 | - "{{ sabnzbd_user }}" 49 | - "{{ sonarr_user }}" 50 | - "{{ rtorrent_user }}" 51 | notify: 52 | - restart sickbeard 53 | - restart couchpotato 54 | - restart sabnzbdplus 55 | - restart sonarr 56 | - restart rtorrent 57 | - name: add services to sabnzbd and rtorrent group 58 | user: name={{ item }} groups={{ sabnzbd_user }},{{ rtorrent_user }} append=yes 59 | with_items: 60 | - "{{ sickbeard_user }}" 61 | - "{{ sonarr_user }}" 62 | - "{{ couchpotato_user }}" 63 | notify: 64 | - restart sickbeard 65 | - restart couchpotato 66 | - restart sonarr 67 | - name: add rtorrent to service groups 68 | user: name={{ rtorrent_user }} groups={{ item }} append=yes 69 | with_items: 70 | - "{{ sickbeard_user }}" 71 | - "{{ sonarr_user }}" 72 | - "{{ couchpotato_user }}" 73 | notify: 74 | - restart rtorrent 75 | -------------------------------------------------------------------------------- /playbooks/roles/mastermind/templates/mastermind.nginx.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | 3 | map $uri $auth_msg { 4 | default "No soup for you!"; 5 | ~/sabnzbd/api "off"; 6 | ~/sickbeard/api "off"; 7 | ~/couchpotato/api "off"; 8 | ~/sonarr/api "off"; 9 | } 10 | 11 | server { 12 | listen 80 default_server; 13 | listen [::]:80 default_server ipv6only=on; 14 | 15 | location / { 16 | rewrite ^ https://$host$request_uri permanent; 17 | } 18 | 19 | location = /nginx_stub_status { 20 | allow 127.0.0.1; 21 | deny all; 22 | 23 | stub_status on; 24 | } 25 | } 26 | 27 | server { 28 | listen 443 default; 29 | 30 | root /var/www/; 31 | index index.php index.html index.htm; 32 | 33 | ssl on; 34 | ssl_certificate {{ mastermind_ssl_cert_path }}; 35 | ssl_certificate_key {{ mastermind_ssl_key_path }}; 36 | 37 | ssl_session_timeout 5m; 38 | 39 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 40 | ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES"; 41 | ssl_prefer_server_ciphers on; 42 | 43 | auth_basic $auth_msg; 44 | auth_basic_user_file /etc/nginx/.htpasswd; 45 | 46 | proxy_set_header Host $host; 47 | proxy_set_header X-Real-IP $remote_addr; 48 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 49 | proxy_set_header X-Forwarded-Proto https; 50 | proxy_redirect off; 51 | proxy_http_version 1.1; 52 | proxy_set_header Connection ""; 53 | proxy_cache_bypass $cookie_session; 54 | proxy_no_cache $cookie_session; 55 | proxy_buffers 32 4k; 56 | 57 | location / { 58 | if ($http_x_plex_device_name != '') { 59 | rewrite ^/(.*)$ https://$host/plex/$1; 60 | } 61 | 62 | # First attempt to serve request as file, then 63 | # as directory, then fall back to displaying a 404. 64 | try_files $uri $uri/ =404; 65 | # Uncomment to enable naxsi on this location 66 | # include /etc/nginx/naxsi.rules 67 | } 68 | 69 | location /sabnzbd { 70 | proxy_redirect http:// https://; 71 | 72 | proxy_pass http://{{ sabnzbd_host }}:{{ sabnzbd_port }}/sabnzbd; 73 | } 74 | 75 | location /plex { 76 | if ($http_x_plex_device_name = '') { 77 | rewrite ^/plex$ https://$host/plex/web/index.html; 78 | } 79 | 80 | rewrite /plex(/.*) $1 break; 81 | 82 | proxy_set_header Upgrade $http_upgrade; 83 | proxy_set_header Connection "upgrade"; 84 | 85 | proxy_pass http://localhost:32400/; 86 | } 87 | 88 | location /sickbeard { 89 | proxy_redirect http:// https://; 90 | 91 | proxy_pass http://{{ sickbeard_host }}:{{ sickbeard_port }}/{{ sickbeard_web_root.lstrip('/') }}; 92 | } 93 | 94 | location /couchpotato { 95 | proxy_pass http://{{ couchpotato_host }}:{{ couchpotato_port }}/{{ couchpotato_url_base.lstrip('/') }}; 96 | } 97 | 98 | location /sonarr { 99 | proxy_redirect http:// https://; 100 | 101 | proxy_pass http://{{ sonarr_host }}:{{ sonarr_port }}/{{ sonarr_url_base.lstrip('/') }}; 102 | } 103 | 104 | location ~ \.php$ { 105 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 106 | # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini 107 | 108 | fastcgi_pass unix:/var/run/php5-fpm.sock; 109 | fastcgi_index index.php; 110 | fastcgi_param PATH /usr/local/bin:/usr/bin:/bin; 111 | include fastcgi_params; 112 | } 113 | 114 | location /RPC2 { 115 | include scgi_params; 116 | scgi_pass {{ rtorrent_scgi_host }}:{{ rtorrent_scgi_port }}; 117 | } 118 | 119 | # deny access to .htaccess files, if Apache's document root 120 | # concurs with nginx's one 121 | # 122 | location ~ /\.ht { 123 | deny all; 124 | } 125 | } 126 | -------------------------------------------------------------------------------- /playbooks/roles/mastermind/vars/main.yml: -------------------------------------------------------------------------------- 1 | mastermind_group: mastermind 2 | 3 | sabnzbd_download_dir: "{{ mastermind_download_dir }}/incomplete" 4 | sabnzbd_complete_dir: "{{ mastermind_download_dir }}/usenet" 5 | sabnzbd_script_dir: "{{ sickbeard_autoprocesstv_script_dir }}" 6 | sabnzbd_web_color: gold 7 | sabnzbd_permissions: 775 8 | rtorrent_download_dir: "{{ mastermind_download_dir }}/torrents" 9 | rtorrent_watch_dir: "{{ mastermind_download_dir }}/watch" 10 | rtorrent_install_rutorrent: yes 11 | rtorrent_install_rutorrent_plugins: yes 12 | rtorrent_umask: "002" 13 | rtorrent_service_enable: yes 14 | rtorrent_rutorrent_autotools_interval: 15 15 | sickbeard_web_root: /sickbeard 16 | sickbeard_root_dir: "{{ mastermind_media_dir }}/tv" 17 | sickbeard_tv_download_dir: "{{ mastermind_download_dir }}/tv" 18 | sickbeard_process_automatically: 1 19 | sickbeard_nzb_method: sabnzbd 20 | sickbeard_sab_apikey: "{{ sabnzbd_api_key }}" 21 | sickbeard_sab_host: http://{{ sabnzbd_host }}:{{ sabnzbd_port }}/ 22 | sickbeard_torrent_dir: "{{ rtorrent_watch_dir }}/tv" 23 | sickbeard_use_plex: 1 24 | sickbeard_plex_update_library: 1 25 | sickbeard_plex_server_host: localhost:32400 26 | couchpotato_url_base: /couchpotato 27 | couchpotato_manage_enabled: 1 28 | couchpotato_manage_library: "{{ mastermind_media_dir }}/movies" 29 | couchpotato_renamer_enabled: 1 30 | couchpotato_renamer_from: "{{ mastermind_download_dir }}/movies" 31 | couchpotato_renamer_to: "{{ couchpotato_manage_library }}" 32 | couchpotato_sabnzbd_enabled: 1 33 | couchpotato_sabnzbd_host: "{{ sabnzbd_host }}:{{ sabnzbd_port }}" 34 | couchpotato_sabnzbd_api_key: "{{ sabnzbd_api_key }}" 35 | couchpotato_rtorrent_enabled: 1 36 | couchpotato_rtorrent_host: "scgi://{{ rtorrent_scgi_host }}:{{ rtorrent_scgi_port }}" 37 | couchpotato_rtorrent_remove_complete: 1 38 | couchpotato_plex_enabled: 1 39 | couchpotato_plex_media_server: localhost 40 | couchpotato_renamer_file_name: "." 41 | couchpotato_renamer_folder_name: " ()" 42 | couchpotato_renamer_unrar: 1 43 | couchpotato_renamer_cleanup: 1 44 | couchpotato_renamer_run_every: 1 45 | couchpotato_renamer_force_every: 1 46 | newrelic_install_nginx_plugin: yes 47 | newrelic_nginx_plugin_status_name: mastermind 48 | newrelic_nginx_plugin_status_url: http://localhost/nginx_stub_status 49 | sonarr_url_base: /sonarr 50 | -------------------------------------------------------------------------------- /playbooks/roles/newrelic/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | newrelic_license_key: "" 3 | newrelic_apt_repo: deb http://apt.newrelic.com/debian/ newrelic non-free 4 | newrelic_apt_key_url: https://download.newrelic.com/548C16BF.gpg 5 | newrelic_package_name: newrelic-sysmond 6 | newrelic_service_name: newrelic-sysmond 7 | newrelic_config_file: /etc/newrelic/nrsysmond.cfg 8 | newrelic_install_nginx_plugin: no 9 | newrelic_nginx_plugin_apt_repo: deb http://nginx.org/packages/ubuntu/ {{ ansible_distribution_release }} nginx 10 | newrelic_nginx_plugin_apt_key_url: http://nginx.org/keys/nginx_signing.key 11 | newrelic_nginx_plugin_package_name: nginx-nr-agent 12 | newrelic_nginx_plugin_service_name: nginx-nr-agent 13 | newrelic_nginx_plugin_config_file: /etc/nginx-nr-agent/nginx-nr-agent.ini 14 | newrelic_nginx_plugin_status_name: examplecom 15 | newrelic_nginx_plugin_status_url: http://localhost/nginx_stub_status 16 | -------------------------------------------------------------------------------- /playbooks/roles/newrelic/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart newrelic sysmon 3 | service: name={{ newrelic_service_name }} state=restarted 4 | - name: restart newrelic nginx plugin 5 | service: name={{ newrelic_nginx_plugin_service_name }} state=restarted 6 | -------------------------------------------------------------------------------- /playbooks/roles/newrelic/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: install newrelic apt key 3 | apt_key: url={{ newrelic_apt_key_url }} state=present 4 | - name: install newrelic apt repo 5 | apt_repository: repo="{{ newrelic_apt_repo }}" state=present 6 | - name: install newrelic sysmon 7 | apt: name={{ newrelic_package_name }} update_cache=yes state=latest 8 | notify: restart newrelic sysmon 9 | - name: set license key 10 | lineinfile: > 11 | dest={{ newrelic_config_file }} 12 | regexp="^license_key=" line="license_key={{ newrelic_license_key }}" state=present 13 | notify: restart newrelic sysmon 14 | - include: nginx.yml 15 | when: newrelic_install_nginx_plugin 16 | -------------------------------------------------------------------------------- /playbooks/roles/newrelic/tasks/nginx.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: install newrelic nginx plugin apt key 3 | apt_key: url={{ newrelic_nginx_plugin_apt_key_url }} state=present 4 | - name: install nginx apt repo 5 | apt_repository: repo="{{ newrelic_nginx_plugin_apt_repo }}" state=present 6 | - name: install newrelic nginx plugin 7 | apt: name={{ newrelic_nginx_plugin_package_name }} update_cache=yes state=latest 8 | notify: restart newrelic nginx plugin 9 | - name: set license key 10 | ini_file: dest={{ newrelic_nginx_plugin_config_file }} section=global option=newrelic_license_key value="{{ newrelic_license_key }}" 11 | - name: set nginx status url 12 | ini_file: dest={{ newrelic_nginx_plugin_config_file }} section=source option={{ item.key }} value="{{ item.value }}" 13 | with_dict: 14 | name: "{{ newrelic_nginx_plugin_status_name }}" 15 | url: "{{ newrelic_nginx_plugin_status_url }}" 16 | -------------------------------------------------------------------------------- /playbooks/roles/plexmediaserver/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | plex_version: 0.9.15.2.1663-7efd046 3 | plex_deb_package: plexmediaserver_{{ plex_version }}_amd64.deb 4 | plex_download_url: https://downloads.plex.tv/plex-media-server/{{ plex_version }}/{{ plex_deb_package }} 5 | plex_application_support_dir: "${HOME}/Library/Application\ Support" 6 | -------------------------------------------------------------------------------- /playbooks/roles/plexmediaserver/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart plexmediaserver 3 | service: name=plexmediaserver state=restarted 4 | -------------------------------------------------------------------------------- /playbooks/roles/plexmediaserver/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: install dependencies 3 | apt: name={{ item }} state=present 4 | with_items: 5 | - avahi-daemon 6 | - avahi-utils 7 | - name: download plex media server 8 | get_url: url={{ plex_download_url }} dest=/tmp/{{ plex_deb_package }} 9 | - name: install plex media server 10 | apt: deb=/tmp/{{ plex_deb_package }} state=installed 11 | notify: restart plexmediaserver 12 | - name: default config file 13 | template: src=default.j2 dest=/etc/default/plexmediaserver 14 | notify: restart plexmediaserver 15 | #- name: install plex keyring 16 | # apt: name=plex-archive-keyring update_cache=yes state=latest 17 | - name: upgrade plex media server 18 | apt: name=plexmediaserver update_cache=yes state=latest 19 | notify: restart plexmediaserver 20 | -------------------------------------------------------------------------------- /playbooks/roles/plexmediaserver/templates/default.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | # default script for Plex Media Server 3 | 4 | # the number of plugins that can run at the same time 5 | PLEX_MEDIA_SERVER_MAX_PLUGIN_PROCS=6 6 | 7 | # ulimit -s $PLEX_MEDIA_SERVER_MAX_STACK_SIZE 8 | PLEX_MEDIA_SERVER_MAX_STACK_SIZE=3000 9 | 10 | # where the mediaserver should store the transcodes 11 | PLEX_MEDIA_SERVER_TMPDIR=/tmp 12 | 13 | # uncomment to set it to something else 14 | PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR="{{ plex_application_support_dir }}" 15 | 16 | # the user that PMS should run as, defaults to 'plex' 17 | # note that if you change this you might need to move 18 | # the Application Support directory to not lose your 19 | # media library 20 | PLEX_MEDIA_SERVER_USER=plex 21 | -------------------------------------------------------------------------------- /playbooks/roles/rtorrent/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | rtorrent_data_dir: /var/lib/rtorrent 3 | rtorrent_download_dir: "{{ rtorrent_data_dir }}/download" 4 | rtorrent_session_dir: "{{ rtorrent_data_dir }}/session" 5 | rtorrent_watch_dir: "{{ rtorrent_data_dir }}/watch" 6 | rtorrent_port_range: 49164-49164 7 | rtorrent_scgi_host: 127.0.0.1 8 | rtorrent_scgi_port: 5000 9 | rtorrent_umask: "022" 10 | rtorrent_download_rate: 0 11 | rtorrent_upload_rate: 0 12 | rtorrent_service_enable: yes 13 | rtorrent_pid_file: /var/run/rtorrent.pid 14 | rtorrent_log_file: /var/log/rtorrent.log 15 | rtorrent_screen_name: rtorrent 16 | rtorrent_install_rutorrent: yes 17 | rtorrent_install_rutorrent_plugins: yes 18 | rtorrent_rutorrent_version: master 19 | rtorrent_rutorrent_repo: https://github.com/Novik/ruTorrent.git 20 | rtorrent_rutorrent_install_path: /var/www/rutorrent 21 | rtorrent_rutorrent_autotools_interval: 300 22 | rtorrent_install_monit: yes 23 | -------------------------------------------------------------------------------- /playbooks/roles/rtorrent/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart rtorrent 3 | service: name=rtorrent state=restarted 4 | when: rtorrent_service_enable 5 | - name: restart php5-fpm 6 | service: name=php5-fpm state=restarted 7 | - name: reload monit 8 | service: name=monit state=reloaded 9 | ignore_errors: yes 10 | -------------------------------------------------------------------------------- /playbooks/roles/rtorrent/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: install rtorrent PPA 3 | apt_repository: repo='ppa:jalaziz/rtorrent' update_cache=no 4 | - name: install rtorrent 5 | apt: name=rtorrent update_cache=yes state=latest 6 | - name: create {{ rtorrent_user }} user 7 | user: name={{ rtorrent_user }} home={{ rtorrent_data_dir }} system=yes shell=/bin/bash 8 | - name: create rtorrent directories 9 | file: path={{ item.path }} owner={{ rtorrent_user }} group={{ rtorrent_user }} mode={{ item.mode|default("755") }} state=directory 10 | with_items: 11 | - path: "{{ rtorrent_session_dir }}" 12 | - path: "{{ rtorrent_download_dir }}" 13 | mode: 775 14 | - path: "{{ rtorrent_watch_dir }}" 15 | mode: 775 16 | - name: create log file 17 | file: path={{ rtorrent_log_file }} owner={{ rtorrent_user }} group={{ rtorrent_user }} state=touch 18 | - name: copy rtorrent config 19 | template: src=rtorrent.rc.j2 dest={{ rtorrent_data_dir }}/.rtorrent.rc owner={{ rtorrent_user }} group={{ rtorrent_user }} 20 | notify: restart rtorrent 21 | - block: 22 | - name: install screen 23 | apt: name=screen state=present 24 | - name: create rtorrent init 25 | template: src=rtorrent.init.j2 dest=/etc/init.d/rtorrent mode=755 26 | notify: restart rtorrent 27 | - name: enable rtorrent service 28 | service: name=rtorrent enabled=yes 29 | - name: create rtorrent default config 30 | template: src=rtorrent.default.j2 dest=/etc/default/rtorrent 31 | notify: restart rtorrent 32 | when: rtorrent_service_enable 33 | - include: rutorrent.yml 34 | when: rtorrent_install_rutorrent 35 | -------------------------------------------------------------------------------- /playbooks/roles/rtorrent/tasks/monit.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: install monit 3 | apt: name=monit update_cache=yes state=present 4 | - name: create monit config 5 | template: src=rtorrent.monit.j2 dest=/etc/monit/conf.d 6 | notify: reload monit 7 | -------------------------------------------------------------------------------- /playbooks/roles/rtorrent/tasks/rutorrent.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: install dependencies 3 | apt: name={{ item }} state=present 4 | with_items: 5 | - unzip 6 | - unrar 7 | - mediainfo 8 | - curl 9 | - php5-fpm 10 | - php5-cli 11 | - php5-geoip 12 | - php5-curl 13 | - git-core 14 | - name: create install directory 15 | file: path={{ rtorrent_rutorrent_install_path|dirname }} state=directory owner=www-data group=www-data 16 | - name: download rutorrent 17 | git: > 18 | repo={{ rtorrent_rutorrent_repo }} dest={{ rtorrent_rutorrent_install_path }} 19 | version={{ rtorrent_rutorrent_version }} update=yes force=yes 20 | notify: 21 | - restart php5-fpm 22 | - restart rtorrent 23 | - name: adjust rutorrent autotools plugin inteval 24 | lineinfile: > 25 | dest={{ rtorrent_rutorrent_install_path }}/plugins/autotools/conf.php 26 | regexp="^(\s*)\$autowatch_interval" line="\1$autowatch_interval = {{ rtorrent_rutorrent_autotools_interval }};" 27 | backrefs=yes state=present 28 | notify: restart rtorrent 29 | - name: fix share directory ownership 30 | file: path={{ rtorrent_rutorrent_install_path }}/share owner=www-data group=www-data recurse=yes 31 | -------------------------------------------------------------------------------- /playbooks/roles/rtorrent/templates/rtorrent.default.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | 3 | USER={{ rtorrent_user }} 4 | SCREEN_NAME={{ rtorrent_screen_name }} 5 | PIDFILE={{ rtorrent_pid_file }} 6 | -------------------------------------------------------------------------------- /playbooks/roles/rtorrent/templates/rtorrent.init.j2: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # {{ ansible_managed }} 3 | 4 | ### BEGIN INIT INFO 5 | # Provides: rtorrent 6 | # Required-Start: $local_fs $remote_fs $network $syslog 7 | # Required-Stop: $local_fs $remote_fs $network $syslog 8 | # Default-Start: 2 3 4 5 9 | # Default-Stop: 0 1 6 10 | # Short-Description: Start/stop rtorrent daemon 11 | ### END INIT INFO 12 | 13 | # This script is an init script to run rtorrent in the background, 14 | # using a screen. The script was designed and tested for Debian 15 | # systems, but may work on other systems. On Debian, enable it by 16 | # moving the script to "/etc/init.d/rtorrent" and issuing the command 17 | # "update-rc.d rtorrent defaults 99" 18 | 19 | USER=rtorrent # username to run rtorrent under 20 | RTORRENT=/usr/bin/rtorrent # rtorrent binary 21 | SCREEN=/usr/bin/screen # screen binary 22 | SCREEN_NAME=rtorrent # screen name (this way you can screen -r rtorrent) 23 | PIDFILE=/var/run/rtorrent.pid # pidfile 24 | 25 | # Include rtorrent defaults if available 26 | if [ -r /etc/default/rtorrent ]; then 27 | . /etc/default/rtorrent 28 | fi 29 | 30 | . /lib/lsb/init-functions 31 | 32 | case "$1" in 33 | 34 | start) 35 | log_daemon_msg "Starting rtorrent." 36 | start-stop-daemon --start --background --oknodo \ 37 | --pidfile "$PIDFILE" --make-pidfile \ 38 | --chuid $USER \ 39 | --exec $SCREEN -- -D -m -S $SCREEN_NAME $RTORRENT 40 | log_end_msg $? 41 | ;; 42 | 43 | stop) 44 | log_daemon_msg "Stopping rtorrent." 45 | start-stop-daemon --stop --oknodo --retry INT/15/INT/5/KILL/5 --pidfile "$PIDFILE" 46 | log_end_msg $? 47 | ;; 48 | 49 | restart|force-reload) 50 | "$0" stop 51 | sleep 1 52 | "$0" start 53 | ;; 54 | 55 | *) 56 | echo "Usage: $0 [start|stop|restart]" 57 | exit 1 58 | ;; 59 | esac 60 | -------------------------------------------------------------------------------- /playbooks/roles/rtorrent/templates/rtorrent.monit.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | check process rtorrent with pidfile {{ rtorrent_pid_file }} 3 | start program = "/etc/init.d/rtorrent start" 4 | stop program = "/etc/init.d/rtorrent stop" 5 | -------------------------------------------------------------------------------- /playbooks/roles/rtorrent/templates/rtorrent.rc.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | 3 | # This is an example resource file for rTorrent. Copy to 4 | # ~/.rtorrent.rc and enable/modify the options as needed. Remember to 5 | # uncomment the options you wish to enable. 6 | 7 | # Maximum and minimum number of peers to connect to per torrent. 8 | #min_peers = 40 9 | #max_peers = 100 10 | 11 | # Same as above but for seeding completed torrents (-1 = same as downloading) 12 | #min_peers_seed = 10 13 | #max_peers_seed = 50 14 | 15 | # Maximum number of simultanious uploads per torrent. 16 | #max_uploads = 15 17 | 18 | # Global upload and download rate in KiB. "0" for unlimited. 19 | download_rate = {{ rtorrent_download_rate }} 20 | upload_rate = {{ rtorrent_upload_rate }} 21 | 22 | # Default directory to save the downloaded torrents. 23 | directory = {{ rtorrent_download_dir }} 24 | 25 | # Default session directory. Make sure you don't run multiple instance 26 | # of rtorrent using the same session directory. Perhaps using a 27 | # relative path? 28 | session = {{ rtorrent_session_dir }} 29 | 30 | # Watch a directory for new torrents, and stop those that have been 31 | # deleted. 32 | #schedule = watch_directory,5,5,load_start={{ rtorrent_watch_dir }}/*.torrent 33 | #schedule = untied_directory,5,5,stop_untied= 34 | 35 | # Close torrents when diskspace is low. 36 | #schedule = low_diskspace,5,60,close_low_diskspace=100M 37 | 38 | # The ip address reported to the tracker. 39 | #ip = 127.0.0.1 40 | #ip = rakshasa.no 41 | 42 | # The ip address the listening socket and outgoing connections is 43 | # bound to. 44 | #bind = 127.0.0.1 45 | #bind = rakshasa.no 46 | 47 | # Port range to use for listening. 48 | port_range = {{ rtorrent_port_range }} 49 | 50 | # Start opening ports at a random position within the port range. 51 | #port_random = no 52 | 53 | # Check hash for finished torrents. Might be usefull until the bug is 54 | # fixed that causes lack of diskspace not to be properly reported. 55 | #check_hash = no 56 | 57 | # Set whether the client should try to connect to UDP trackers. 58 | #use_udp_trackers = yes 59 | 60 | # Alternative calls to bind and ip that should handle dynamic ip's. 61 | #schedule = ip_tick,0,1800,ip=rakshasa 62 | #schedule = bind_tick,0,1800,bind=rakshasa 63 | 64 | # Encryption options, set to none (default) or any combination of the following: 65 | # allow_incoming, try_outgoing, require, require_RC4, enable_retry, prefer_plaintext 66 | # 67 | # The example value allows incoming encrypted connections, starts unencrypted 68 | # outgoing connections but retries with encryption if they fail, preferring 69 | # plaintext to RC4 encryption after the encrypted handshake 70 | # 71 | # encryption = allow_incoming,enabley_retry,prefer_plaintext 72 | encryption = allow_incoming,try_outgoing,enable_retry 73 | 74 | # Enable DHT support for trackerless torrents or when all trackers are down. 75 | # May be set to "disable" (completely disable DHT), "off" (do not start DHT), 76 | # "auto" (start and stop DHT as needed), or "on" (start DHT immediately). 77 | # The default is "off". For DHT to work, a session directory must be defined. 78 | # 79 | dht = off 80 | 81 | # UDP port to use for DHT. 82 | # 83 | # dht_port = 6881 84 | 85 | # Enable peer exchange (for torrents not marked private) 86 | # 87 | peer_exchange = no 88 | 89 | scgi_port = {{ rtorrent_scgi_host }}:{{ rtorrent_scgi_port }} 90 | 91 | system.umask.set = {{ rtorrent_umask }} 92 | 93 | # logging 94 | log.open_file = "rtorrent", {{ rtorrent_log_file }} 95 | log.add_output = "info", "rtorrent" 96 | 97 | {% if rtorrent_install_rutorrent %} 98 | execute = {sh,-c,/usr/bin/php {{ rtorrent_rutorrent_install_path }}/php/initplugins.php &} 99 | {% endif %} 100 | -------------------------------------------------------------------------------- /playbooks/roles/rtorrent/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | rtorrent_user: rtorrent 3 | 4 | -------------------------------------------------------------------------------- /playbooks/roles/sabnzbd/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | sabnzbd_data_dir: /var/lib/sabnzbd 3 | sabnzbd_config_dir: /etc/sabnzbd 4 | sabnzbd_host: localhost 5 | sabnzbd_port: 8080 6 | sabnzbd_extra_cmdline_opts: '' 7 | sabnzbd_download_dir: Downloads/incomplete 8 | sabnzbd_complete_dir: Downloads/complete 9 | sabnzbd_script_dir: '' 10 | sabnzbd_https_port: 9090 11 | sabnzbd_https_key: server.key 12 | sabnzbd_https_cert: server.cert 13 | sabnzbd_api_key: '' 14 | sabnzbd_nzb_key: '' 15 | sabnzbd_web_color: '' 16 | sabnzbd_permissions: '' 17 | sabnzbd_ignore_samples: 0 18 | sabnzbd_unpack_check: 1 19 | sabnzbd_enable_https: 0 20 | sabnzbd_no_dupes: 0 21 | sabnzbd_top_only: 0 22 | sabnzbd_nice: '' 23 | sabnzbd_extra_config_opts: {} 24 | -------------------------------------------------------------------------------- /playbooks/roles/sabnzbd/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart sabnzbdplus 3 | service: name=sabnzbdplus state=restarted 4 | -------------------------------------------------------------------------------- /playbooks/roles/sabnzbd/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: install sabnzbd PPA 3 | apt_repository: repo='ppa:jcfp/ppa' update_cache=no 4 | - name: install sabnzbdplus 5 | apt: name=sabnzbdplus update_cache=yes state=latest 6 | - name: create {{ sabnzbd_user }} user 7 | user: name={{ sabnzbd_user }} home={{ sabnzbd_data_dir }} createhome=no system=yes shell=/bin/bash 8 | - name: create directories 9 | file: path={{ item.path }} owner={{ sabnzbd_user }} group={{ sabnzbd_user }} mode={{ item.mode|default("755") }} state=directory 10 | with_items: 11 | - path: "{{ sabnzbd_data_dir }}" 12 | - path: "{{ sabnzbd_config_dir }}" 13 | - path: "{{ sabnzbd_download_dir }}" 14 | mode: 775 15 | - path: "{{ sabnzbd_complete_dir }}" 16 | mode: 775 17 | - name: default config file 18 | template: src=sabnzbdplus.default.j2 dest=/etc/default/sabnzbdplus 19 | notify: restart sabnzbdplus 20 | - name: test config file existence 21 | file: path={{ sabnzbd_config_dir }}/sabnzbd.ini state=file owner=sabnzbd group=sabnzbd 22 | register: config_file_result 23 | ignore_errors: yes 24 | - name: create config file 25 | template: src=sabnzbd.ini.j2 dest={{ sabnzbd_config_dir }}/sabnzbd.ini owner=sabnzbd group=sabnzbd 26 | when: config_file_result|failed 27 | notify: restart sabnzbdplus 28 | -------------------------------------------------------------------------------- /playbooks/roles/sabnzbd/templates/sabnzbd.ini.j2: -------------------------------------------------------------------------------- 1 | [misc] 2 | port = {{ sabnzbd_port }} 3 | host = {{ sabnzbd_host }} 4 | download_dir = {{ sabnzbd_download_dir }} 5 | complete_dir = {{ sabnzbd_complete_dir }} 6 | script_dir = {{ sabnzbd_script_dir or '""' }} 7 | https_port = {{ sabnzbd_https_port }} 8 | https_key = {{ sabnzbd_https_key }} 9 | https_cert = {{ sabnzbd_https_cert }} 10 | enable_https = {{ sabnzbd_enable_https }} 11 | api_key = {{ sabnzbd_api_key or '""' }} 12 | nzb_key = {{ sabnzbd_nzb_key or '""' }} 13 | web_color = {{ sabnzbd_web_color or '""' }} 14 | permissions = {{ sabnzbd_permissions or '""' }} 15 | ignore_samples = {{ sabnzbd_ignore_samples }} 16 | unpack_check = {{ sabnzbd_unpack_check }} 17 | no_dupes = {{ sabnzbd_no_dupes }} 18 | top_only = {{ sabnzbd_top_only }} 19 | nice = {{ sabnzbd_nice or '""' }} 20 | {% for key, value in sabnzbd_extra_config_opts.iteritems() %} 21 | {{ key }} = {{ value or '""' }} 22 | {% endfor %} 23 | -------------------------------------------------------------------------------- /playbooks/roles/sabnzbd/templates/sabnzbdplus.default.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | 3 | # This file is sourced by /etc/init.d/sabnzbdplus 4 | # 5 | # When SABnzbd+ is started using the init script, the 6 | # --daemon option is always used, and the program is 7 | # started under the account of $USER, as set below. 8 | # 9 | # Each setting is marked either "required" or "optional"; 10 | # leaving any required setting unconfigured will cause 11 | # the service to not start. 12 | 13 | # [required] user or uid of account to run the program as: 14 | USER={{ sabnzbd_user }} 15 | 16 | # [optional] full path to the configuration file of your choice; 17 | # otherwise, the default location (in $USER's home 18 | # directory) is used: 19 | CONFIG={{ sabnzbd_config_dir }} 20 | 21 | # [optional] hostname/ip and port number to listen on: 22 | HOST={{ sabnzbd_host }} 23 | PORT={{ sabnzbd_port }} 24 | 25 | # [optional] extra command line options, if any: 26 | EXTRAOPTS={{ sabnzbd_extra_cmdline_opts }} 27 | -------------------------------------------------------------------------------- /playbooks/roles/sabnzbd/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | sabnzbd_user: sabnzbd 3 | -------------------------------------------------------------------------------- /playbooks/roles/sickbeard/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | sickbeard_repo: https://github.com/midgetspy/Sick-Beard.git 3 | sickbeard_version: development 4 | sickbeard_install_dir: /opt/sickbeard 5 | sickbeard_data_dir: /var/lib/sickbeard 6 | sickbeard_config_dir: /etc/sickbeard 7 | sickbeard_config_file: "{{ sickbeard_config_dir }}/config.ini" 8 | sickbeard_pid_dir: /var/run/sickbeard 9 | sickbeard_root_dir: "" 10 | sickbeard_tv_download_dir: "" 11 | sickbeard_autoprocesstv_script_dir: "{{ sickbeard_install_dir }}/autoProcessTV" 12 | 13 | sickbeard_host: localhost 14 | sickbeard_port: 8081 15 | sickbeard_web_root: "" 16 | sickbeard_enable_https: 0 17 | sickbeard_https_cert: server.crt 18 | sickbeard_https_key: server.key 19 | 20 | sickbeard_display_all_seasons: 1 21 | sickbeard_use_api: 1 22 | sickbeard_api_key: "" 23 | sickbeard_use_nzbs: 1 24 | sickbeard_use_torrents: 1 25 | sickbeard_nzb_method: blackhole 26 | sickbeard_usenet_retention: 500 27 | sickbeard_search_frequency: 40 28 | sickbeard_quality_default: 3 29 | sickbeard_status_default: 5 30 | sickbeard_naming_pattern: "%SN - %Sx%0E - %EN" 31 | sickbeard_naming_custom_abd: 0 32 | sickbeard_naming_abd_pattern: "%SN - %A-D - %EN" 33 | sickbeard_naming_multi_ep: 1 34 | sickbeard_launch_browser: 0 35 | sickbeard_keep_processed_dir: 0 36 | sickbeard_move_associated_files: 1 37 | sickbeard_filter_associated_files: "" 38 | sickbeard_process_automatically: 0 39 | sickbeard_rename_episodes: 1 40 | 41 | sickbeard_nzb_dir: "" 42 | sickbeard_torrent_dir: "" 43 | 44 | sickbeard_sab_username: "" 45 | sickbeard_sab_password: "" 46 | sickbeard_sab_apikey: "" 47 | sickbeard_sab_category: tv 48 | sickbeard_sab_host: "" 49 | 50 | sickbeard_use_plex: 0 51 | sickbeard_plex_notify_onsnatch: 0 52 | sickbeard_plex_notify_ondownload: 0 53 | sickbeard_plex_update_library: 0 54 | sickbeard_plex_server_host: "" 55 | 56 | sickbeard_general_config_options: 57 | web_port: "{{ sickbeard_port }}" 58 | web_host: "{{ sickbeard_host }}" 59 | web_root: "{{ sickbeard_web_root }}" 60 | enable_https: "{{ sickbeard_enable_https }}" 61 | https_cert: "{{ sickbeard_https_cert }}" 62 | https_key: "{{ sickbeard_https_key }}" 63 | display_all_seasons: "{{ sickbeard_display_all_seasons }}" 64 | use_api: "{{ sickbeard_use_api }}" 65 | api_key: "{{ sickbeard_api_key }}" 66 | use_nzbs: "{{ sickbeard_use_nzbs }}" 67 | use_torrents: "{{ sickbeard_use_torrents }}" 68 | nzb_method: "{{ sickbeard_nzb_method }}" 69 | usenet_retention: "{{ sickbeard_usenet_retention }}" 70 | search_frequency: "{{ sickbeard_search_frequency }}" 71 | quality_default: "{{ sickbeard_quality_default }}" 72 | status_default: "{{ sickbeard_status_default }}" 73 | naming_pattern: "{{ sickbeard_naming_pattern }}" 74 | naming_custom_abd: "{{ sickbeard_naming_custom_abd }}" 75 | naming_abd_pattern: "{{ sickbeard_naming_abd_pattern }}" 76 | naming_multi_ep: "{{ sickbeard_naming_multi_ep }}" 77 | launch_browser: "{{ sickbeard_launch_browser }}" 78 | root_dirs: "{{ '0|{}'.format(sickbeard_root_dir) if sickbeard_root_dir else '' }}" 79 | tv_download_dir: "{{ sickbeard_tv_download_dir }}" 80 | keep_processed_dir: "{{ sickbeard_keep_processed_dir }}" 81 | move_associated_files: "{{ sickbeard_move_associated_files }}" 82 | filter_associated_files: "{{ sickbeard_filter_associated_files }}" 83 | process_automatically: "{{ sickbeard_process_automatically }}" 84 | rename_episodes: "{{ sickbeard_rename_episodes }}" 85 | 86 | sickbeard_blackhole_config_options: 87 | nzb_dir: "{{ sickbeard_nzb_dir }}" 88 | torrent_dir: "{{ sickbeard_torrent_dir }}" 89 | 90 | sickbeard_sabnzbd_config_options: 91 | sab_username: "{{ sickbeard_sab_username }}" 92 | sab_password: "{{ sickbeard_sab_password }}" 93 | sab_apikey: "{{ sickbeard_sab_apikey }}" 94 | sab_category: "{{ sickbeard_sab_category }}" 95 | sab_host: "{{ sickbeard_sab_host }}" 96 | 97 | sickbeard_plex_config_options: 98 | use_plex: "{{ sickbeard_use_plex }}" 99 | plex_notify_onsnatch: "{{ sickbeard_plex_notify_onsnatch }}" 100 | plex_notify_ondownload: "{{ sickbeard_plex_notify_ondownload }}" 101 | plex_update_library: "{{ sickbeard_plex_update_library }}" 102 | plex_server_host: "{{ sickbeard_plex_server_host }}" 103 | -------------------------------------------------------------------------------- /playbooks/roles/sickbeard/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart sickbeard 3 | service: name=sickbeard state=restarted 4 | -------------------------------------------------------------------------------- /playbooks/roles/sickbeard/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: install dependencies 3 | apt: name={{ item }} state=present 4 | with_items: 5 | - python-cheetah 6 | - git-core 7 | - name: create {{ sickbeard_user }} user 8 | user: name={{ sickbeard_user }} home={{ sickbeard_data_dir }} createhome=no system=yes shell=/bin/bash 9 | - name: create directories 10 | file: path={{ item.path }} owner={{ sickbeard_user }} group={{ sickbeard_user }} mode={{ item.mode|default("755") }} state=directory 11 | with_items: 12 | - path: "{{ sickbeard_install_dir }}" 13 | - path: "{{ sickbeard_data_dir }}" 14 | - path: "{{ sickbeard_config_dir }}" 15 | - path: "{{ sickbeard_pid_dir }}" 16 | - path: "{{ sickbeard_root_dir }}" 17 | - name: clone sickbeard repo 18 | git: repo={{ sickbeard_repo }} dest={{ sickbeard_install_dir }} version={{ sickbeard_version }} force=yes 19 | notify: restart sickbeard 20 | - name: fix repo permissions 21 | file: path={{ sickbeard_install_dir }} owner={{ sickbeard_user }} group={{ sickbeard_user }} recurse=yes 22 | - name: symlink sickbeard init 23 | file: src={{ sickbeard_install_dir }}/init.ubuntu dest=/etc/init.d/sickbeard state=link mode=755 24 | - name: enable sickbeard service 25 | service: name=sickbeard enabled=yes 26 | - name: default config file 27 | template: src=sickbeard.default.j2 dest=/etc/default/sickbeard 28 | notify: restart sickbeard 29 | - name: configure autoprocesstv script 30 | template: src=autoProcessTV.cfg.j2 dest={{ sickbeard_autoprocesstv_script_dir }}/autoProcessTV.cfg 31 | - name: set autoprocesstv file permissions 32 | file: path={{ sickbeard_autoprocesstv_script_dir }} mode=775 state=directory recurse=yes 33 | - name: set autoprocesstv directory permissions 34 | file: path={{ sickbeard_autoprocesstv_script_dir }} mode=777 state=directory 35 | - name: set general config options 36 | ini_file: dest={{ sickbeard_config_file }} section=General option={{ item.key }} value="{{ item.value }}" owner={{ sickbeard_user }} group={{ sickbeard_user }} 37 | with_dict: sickbeard_general_config_options 38 | notify: restart sickbeard 39 | - name: set blackhole config options 40 | ini_file: dest={{ sickbeard_config_file }} section=Blackhole option={{ item.key }} value="{{ item.value }}" owner={{ sickbeard_user }} group={{ sickbeard_user }} 41 | with_dict: sickbeard_blackhole_config_options 42 | notify: restart sickbeard 43 | - name: set sabnzbd config options 44 | ini_file: dest={{ sickbeard_config_file }} section=SABnzbd option={{ item.key }} value="{{ item.value }}" owner={{ sickbeard_user }} group={{ sickbeard_user }} 45 | with_dict: sickbeard_sabnzbd_config_options 46 | notify: restart sickbeard 47 | - name: set plex config options 48 | ini_file: dest={{ sickbeard_config_file }} section=Plex option={{ item.key }} value="{{ item.value }}" owner={{ sickbeard_user }} group={{ sickbeard_user }} 49 | with_dict: sickbeard_plex_config_options 50 | notify: restart sickbeard 51 | -------------------------------------------------------------------------------- /playbooks/roles/sickbeard/templates/autoProcessTV.cfg.j2: -------------------------------------------------------------------------------- 1 | [SickBeard] 2 | host={{ sickbeard_host }} 3 | port={{ sickbeard_port }} 4 | username= 5 | password= 6 | web_root={{ sickbeard_web_root }} 7 | ssl={{ sickbeard_enable_https }} 8 | -------------------------------------------------------------------------------- /playbooks/roles/sickbeard/templates/sickbeard.default.j2: -------------------------------------------------------------------------------- 1 | SB_USER={{ sickbeard_user }} 2 | SB_HOME={{ sickbeard_install_dir }} 3 | SB_DATA={{ sickbeard_data_dir }} 4 | SB_OPTS="--config={{ sickbeard_config_file }}" 5 | SB_PIDFILE={{ sickbeard_pid_dir }}/sickbeard.pid 6 | -------------------------------------------------------------------------------- /playbooks/roles/sickbeard/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | sickbeard_user: sickbeard 3 | -------------------------------------------------------------------------------- /playbooks/roles/sonarr/defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | sonarr_apt_repo: deb http://apt.sonarr.tv/ master main 3 | sonarr_apt_key_id: D9B78493 4 | sonarr_user: sonarr 5 | sonarr_install_dir: /opt/NzbDrone 6 | sonarr_config_dir: "{{ sonarr_data_dir }}/.config/NzbDrone/" 7 | sonarr_data_dir: /var/lib/sonarr 8 | sonarr_host: localhost 9 | sonarr_port: 8989 10 | sonarr_url_base: "" 11 | sonarr_api_key: "" 12 | -------------------------------------------------------------------------------- /playbooks/roles/sonarr/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart sonarr 3 | service: name=sonarr state=restarted 4 | -------------------------------------------------------------------------------- /playbooks/roles/sonarr/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: install sonarr apt key 3 | apt_key: keyserver=keyserver.ubuntu.com id={{ sonarr_apt_key_id }} state=present 4 | - name: install sonarr repp 5 | apt_repository: repo="{{ sonarr_apt_repo }}" update_cache=no state=present 6 | - name: install sonarr 7 | apt: name=nzbdrone update_cache=yes state=latest 8 | - name: create sonarr user 9 | user: name={{ sonarr_user }} home={{ sonarr_data_dir }} createhome=no system=yes shell=/bin/bash 10 | - name: create directories 11 | file: path={{ item.path }} owner={{ sonarr_user }} group={{ sonarr_user }} mode={{ item.mode|default("755") }} state=directory 12 | with_items: 13 | - path: "{{ sonarr_data_dir }}" 14 | - path: "{{ sonarr_config_dir }}" 15 | - name: test config file existence 16 | file: path={{ sonarr_config_dir }}/config.xml state=file owner={{ sonarr_user }} group={{ sonarr_user }} 17 | register: config_file_result 18 | ignore_errors: yes 19 | - name: create config file 20 | template: src=sonarr.config.j2 dest={{ sonarr_config_dir }}/config.xml owner={{ sonarr_user }} group={{ sonarr_user }} 21 | when: config_file_result|failed 22 | notify: restart sonarr 23 | - name: install sonarr upstart 24 | template: src=sonarr.upstart.j2 dest=/etc/init/sonarr.conf 25 | notify: restart sonarr 26 | -------------------------------------------------------------------------------- /playbooks/roles/sonarr/templates/sonarr.config.j2: -------------------------------------------------------------------------------- 1 | 2 | {{ sonarr_port }} 3 | {{ sonarr_url_base }} 4 | {{ '*' if sonarr_host == 'localhost' else sonarr_host }} 5 | 9898 6 | False 7 | {% if sonarr_api_key %} 8 | {{ sonarr_api_key }} 9 | {% endif %} 10 | None 11 | Info 12 | False 13 | master 14 | 15 | 16 | BuiltIn 17 | 18 | -------------------------------------------------------------------------------- /playbooks/roles/sonarr/templates/sonarr.upstart.j2: -------------------------------------------------------------------------------- 1 | author "Simon Tallmyr - Nosscire" 2 | description "Upstart Script to run Sonarr as a service on Ubuntu/Debian based systems, as well as others" 3 | 4 | start on runlevel [2345] 5 | stop on runlevel [016] 6 | 7 | env DIR={{ sonarr_install_dir }} 8 | #This is the install directory. If you installed using a deb package or the Sonarr Repository you do not need to change this 9 | 10 | #Set username for the process. Should probably be what you use for logging in 11 | setuid {{ sonarr_user }} 12 | setgid nogroup 13 | 14 | chdir {{ sonarr_data_dir }} 15 | 16 | #respawn will break the built-in updating, if you wish to enable respawn you need to make sure updates are disabled within the UI 17 | #respawn 18 | 19 | exec mono --debug $DIR/NzbDrone.exe 20 | -------------------------------------------------------------------------------- /playbooks/site.yml.example: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | remote_user: root 4 | vars: 5 | rtorrent_port_range: 49164-49999 6 | nzb_retention: 3000 7 | mastermind_download_dir: /srv/downloads 8 | mastermind_media_dir: /srv/media 9 | mastermind_domain: change.me 10 | sabnzbd_ignore_samples: 1 11 | sabnzbd_unpack_check: 0 12 | sabnzbd_no_dupes: 1 13 | sabnzbd_top_only: 1 14 | sabnzbd_nice: -n10 15 | sickbeard_usenet_retention: "{{ nzb_retention }}" 16 | sickbeard_search_frequency: 15 17 | sickbeard_quality_default: 164 18 | sickbeard_status_default: 5 19 | sickbeard_naming_pattern: "Season %0S/%SN - %0Sx%0E - %EN - %QN" 20 | sickbeard_naming_custom_abd: 1 21 | sickbeard_naming_abd_pattern: "%SN - %A-D - %EN - %QN" 22 | couchpotato_searcher_preferred_method: torrent 23 | couchpotato_searcher_preferred_words: "DTS, Unrated, Extended" 24 | couchpotato_nzb_retention: "{{ nzb_retention }}" 25 | vars_files: 26 | - vars/secret.yml 27 | pre_tasks: 28 | - name: install xfsprogs 29 | apt: name=xfsprogs state=present 30 | - name: format /dev/vg0/srv 31 | filesystem: dev=/dev/vg0/srv fstype=xfs 32 | - name: mount /dev/vg0/srv 33 | mount: name=/srv src=/dev/vg0/srv fstype=xfs state=mounted 34 | roles: 35 | - { role: mastermind } 36 | -------------------------------------------------------------------------------- /playbooks/vars/secret.yml.example: -------------------------------------------------------------------------------- 1 | --- 2 | sabnzbd_api_key: 00000000000000000000000000000000 3 | sabnzbd_nzb_key: 00000000000000000000000000000000 4 | sickbeard_api_key: 00000000000000000000000000000000 5 | couchpotato_api_key: 00000000000000000000000000000000 6 | sonarr_api_key: 00000000000000000000000000000000 7 | newrelic_license_key: 00000000000000000000000000000000 8 | mastermind_user: admin 9 | mastermind_password: password 10 | mastermind_ssl_key: | 11 | -----BEGIN RSA PRIVATE KEY----- 12 | INSERT KEY HERE 13 | -----END RSA PRIVATE KEY----- 14 | 15 | mastermind_ssl_cert: | 16 | -----BEGIN CERTIFICATE----- 17 | INSERT CERTIFICATE HERE 18 | -----END CERTIFICATE----- 19 | --------------------------------------------------------------------------------