Plex & tweaks

- moved back roon to in container user - plex is now working Signed-off-by: dubo-dubon-duponey <dubodubonduponey+github@pm.me>
dubo-dubon-duponey · Dec 19, 2019 · 7b6d551 · 7b6d551
1 parent 3335aad
commit 7b6d551
Show file tree

Hide file tree

Showing 6 changed files with 276 additions and 2 deletions.
diff --git a/services/modules/plex/main.tf b/services/modules/plex/main.tf
@@ -0,0 +1,72 @@
+resource "docker_container" "container" {
+  provider      = docker
+  image         = docker_image.image.latest
+
+  name          = local.container_name
+  hostname      = local.container_hostname
+  network_mode  = local.container_network
+  dns           = local.container_dns
+  user          = local.container_user
+
+  restart       = "always"
+  read_only     = true
+
+  capabilities {
+    drop  = ["ALL"]
+  }
+
+  labels        = {
+    "co.elastic.logs/enabled": local.log,
+  }
+
+  env = [
+    "DBDB_LOGIN=${local.login}",
+    "DBDB_PASSWORD=${var.password}",
+    "DBDB_ADVERTISE_IP=${var.public_ip}",
+    "DBDB_MAIL=${var.email}",
+    "DBDB_SERVER_NAME=${var.station}"
+  ]
+
+  ports {
+    internal    = 32400
+    external    = 32400
+  }
+
+  /*
+  volumes {
+    volume_name = docker_volume.roon-data.name
+    container_path = "/data"
+  }
+  */
+
+  # For transcode and other tmp stuff
+  volumes {
+    volume_name = docker_volume.tmp.name
+    container_path = "/transcode"
+  }
+
+  # For config and db, which needs to be updated...
+  mounts {
+    target    = "/data"
+    source    = local.mount_data
+    read_only = false
+    type      = "bind"
+  }
+
+  # Media stuff
+  mounts {
+    target  = "/media"
+    source  = local.mount_music
+    read_only = true
+    type    = "bind"
+  }
+
+  mounts {
+    target      = "/incoming"
+    source      = "/home/big/Incoming"
+    read_only   = true
+    type        = "bind"
+  }
+
+}
+
diff --git a/services/modules/plex/resources.tf b/services/modules/plex/resources.tf
@@ -0,0 +1,26 @@
+data "docker_registry_image" "image" {
+  name = local.image_reference
+}
+
+resource "docker_image" "image" {
+  provider      = docker
+  name          = data.docker_registry_image.image.name
+  pull_triggers = [data.docker_registry_image.image.sha256_digest]
+}
+
+/*
+resource "docker_volume" "roon-data" {
+  provider      = docker
+  name          = "data-roon"
+}
+*/
+
+resource "docker_volume" "config" {
+  provider      = docker
+  name          = "config-${local.container_name}"
+}
+
+resource "docker_volume" "tmp" {
+  provider      = docker
+  name          = "tmp-${local.container_name}"
+}
diff --git a/services/modules/plex/variables.tf b/services/modules/plex/variables.tf
@@ -0,0 +1,118 @@
+variable "image" {
+  description = "Image reference"
+  type        = string
+  default     = "dubodubonduponey/plex:v1"
+}
+
+variable "nickname" {
+  description = "Nickname for the service"
+  type        = string
+  default     = "nick"
+}
+
+variable "hostname" {
+  description = "Base hostname for the node"
+  type        = string
+  default     = "mynode.local"
+}
+
+variable "privileged" {
+  description = "Whether we grant privileges to this container"
+  type        = bool
+  default     = false
+}
+
+variable "user" {
+  description = "User to run the container with, if not privileged"
+  type        = string
+  default     = ""
+}
+
+variable "log" {
+  description = "Whether to flag for filebeat log collection or not"
+  type        = bool
+  default     = false
+}
+
+variable "network" {
+  description = "Network name"
+  type        = string
+  default     = "hack-net"
+}
+
+variable "dns" {
+  description = "DNS server ip to use for this container"
+  type        = list(string)
+  default     = [
+    "1.1.1.1",
+  ]
+}
+
+# Service specific configuration
+variable "data_path" {
+  description = "Host path for persistent config"
+  type        = string
+  default     = "/home/container/data/plex"
+}
+
+variable "movie_path" {
+  description = "Host path for mounted movie collection folder"
+  type        = string
+  default     = "/home/data/movie"
+}
+
+variable "login" {
+  description = "Plex login"
+  type        = string
+  default     = "dmp"
+}
+
+variable "password" {
+  description = "Plex password"
+  type        = string
+  default     = "nhehehehe"
+}
+
+variable "public_ip" {
+  description = "Plex publicly visible ip (defaults to myip.opendns.com)"
+  type        = string
+  default     = ""
+}
+
+variable "email" {
+  description = "Your email"
+  type        = string
+  default     = "you@me.com"
+}
+
+variable "station" {
+  description = "Plex Station Name"
+  type        = string
+  default     = "Plexouille"
+}
+
+# Local indirection
+locals {
+  # Image config
+  image_reference         = var.image
+
+  # Container config
+  container_name          = var.nickname
+  container_hostname      = "${var.nickname}.${var.hostname}"
+  container_network       = var.network
+  container_user          = var.privileged ? "root" : var.user
+  container_dns           = var.dns
+
+  # Logger
+  log                     = var.log
+
+  # Service config
+  mount_data              = var.data_path
+  mount_music             = var.movie_path
+
+  login                   = var.login
+  password                = var.password
+  public_ip               = var.public_ip
+  email                   = var.email
+  station                 = var.station
+}
diff --git a/services/service-audio.tf b/services/service-audio.tf
@@ -71,8 +71,7 @@ module "audio-roon" {
   network       = module.network-nuc.vlan
   dns           = [module.dns-nuc.ip]
   log           = true
-  user          = "1000:1000"
 
-  data_path     = "/home/container/data/roon"
+  data_path     = "${var.volumes_root}/data/roon"
   music_path    = "/home/data/audio"
 }
diff --git a/services/service-video.tf b/services/service-video.tf
@@ -0,0 +1,22 @@
+module "video-plex" {
+  source        = "./modules/plex"
+  providers     = {
+    docker  = docker.nucomedon
+  }
+
+  nickname      = "plex"
+  hostname      = local.nuc_hostname # XXX or bridge?
+  log           = true
+  # network       = module.network-nuc.vlan
+  network       = module.network-nuc.bridge
+  dns           = [module.dns-nuc.ip]
+
+  data_path     = "${var.volumes_root}/data/plex"
+  movie_path    = "/home/big/The Very End/"
+
+  login         = var.plex_login
+  password      = var.plex_password
+  public_ip     = var.public_ip
+  email         = var.email
+  station       = var.plex_server_name
+}
diff --git a/services/variables.tf b/services/variables.tf
@@ -1,3 +1,4 @@
+# Audio module
 variable "dac_audio_name" {
   description = "Name advertised by the Dacodac audio server"
   default     = "Totale Croquette"
@@ -13,6 +14,7 @@ variable "nig_audio_name" {
   default     = "Nightingale"
 }
 
+# DNS
 variable "dns_upstream_name" {
   description = "Upstream DNS server name"
   type        = string
@@ -28,11 +30,13 @@ variable "dns_upstream_ips" {
   ]
 }
 
+# AFP server
 variable "afp_server_name" {
   description = "Name advertised by the AFP server"
   default     = "Distributed Potatoid"
 }
 
+# Router
 variable "restricted_user" {
   description = "User"
   default     = "dmp"
@@ -42,3 +46,36 @@ variable "restricted_pwd" {
   description = "Password"
   default     = "nhehehehe"
 }
+
+# Plex
+# XXX probably useful for other than plex (eg: letsencrypt)
+variable "email" {
+  description = "Your email"
+  default     = "you@me.com"
+}
+
+variable "volumes_root" {
+  description = "Root folder for all volume mounts (except media files)"
+  default     = "/home/container"
+}
+
+variable "public_ip" {
+  description = "Your public ip (defaults to myip.opendns.com if empty)"
+  default     = ""
+}
+
+variable "plex_server_name" {
+  description = "Name advertised by the plex server"
+  default     = "Sinema"
+}
+
+variable "plex_login" {
+  description = "Plex account login"
+  default     = "unknown"
+}
+
+variable "plex_password" {
+  description = "Plex account password"
+  default     = ""
+}
+