iamthefij/homelab-nomad
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: iamthefij:main
Branches Tags
iamthefij:main
iamthefij:tdarr
iamthefij:jellyfin
iamthefij:add-servers
iamthefij:lego
iamthefij:test-cluster
iamthefij:diun-task-socket
iamthefij:stateful-job-meta
iamthefij:grafana-influxdb
iamthefij:tubesync
iamthefij:authelia
iamthefij:nomad-only
iamthefij:gitea
iamthefij:immich
iamthefij:consul-acls
iamthefij:step-ca
..
compare: iamthefij:jellyfin
Branches Tags
iamthefij:main
iamthefij:tdarr
iamthefij:jellyfin
iamthefij:add-servers
iamthefij:lego
iamthefij:test-cluster
iamthefij:diun-task-socket
iamthefij:stateful-job-meta
iamthefij:grafana-influxdb
iamthefij:tubesync
iamthefij:authelia
iamthefij:nomad-only
iamthefij:gitea
iamthefij:immich
iamthefij:consul-acls
iamthefij:step-ca

1 Commits
main ... jellyfin

Author SHA1 Message Date
Ian Fijolek
9f09d4d85f Add jellyfin service 2024-12-17 16:36:49 -08:00
3 changed files with 62 additions and 3 deletions
Show Stats Expand all files Collapse all files

6
ansible_playbooks/setup-cluster.yml
View File

@ -95,6 +95,9 @@
- name: media-read
path: /srv/volumes/media-write
read_only: true
- name: media-overflow-read
path: /srv/volumes/nas-overflow/Media
read_only: true
- name: media-write
path: /srv/volumes/media-write
owner: "root"
@ -131,6 +134,9 @@
- name: radarr-config
path: /srv/volumes/nas-container/radarr
read_only: false
- name: jellyfin-config
path: /srv/volumes/nas-container/jellyfin
read_only: false
- name: bazarr-config
path: /srv/volumes/nas-container/bazarr
read_only: false

6
core/authelia.tf
View File

@ -4,7 +4,7 @@ module "authelia" {
name = "authelia"
instance_count = 2
priority = 70
image = "authelia/authelia:4.38"
image = "authelia/authelia:4.37"
args = ["--config", "$${NOMAD_TASK_DIR}/authelia.yml"]
ingress = true
service_port = 9999
@ -172,7 +172,7 @@ resource "nomad_acl_auth_method" "nomad_authelia" {
oidc_discovery_url = "https://authelia.${var.base_hostname}"
oidc_client_id = module.nomad_oidc_client.client_id
oidc_client_secret = module.nomad_oidc_client.secret
bound_audiences = [module.nomad_oidc_client.client_id]
bound_audiences = ["nomad"]
oidc_scopes = [
"groups",
"openid",
@ -190,7 +190,7 @@ resource "nomad_acl_auth_method" "nomad_authelia" {
resource "nomad_acl_binding_rule" "nomad_authelia_admin" {
description = "engineering rule"
auth_method = nomad_acl_auth_method.nomad_authelia.name
selector = "\"nomad-admin\" in list.roles"
selector = "\"nomad-deploy\" in list.roles"
bind_type = "role"
bind_name = "admin" # acls.nomad_acl_role.admin.name
}

53
services/jellyfin.tf Normal file
View File

@ -0,0 +1,53 @@
module "jellyfin" {
source = "./service"
name = "jellyfin"
image = "lscr.io/linuxserver/jellyfin:10.10.3"
ingress = true
service_port = 8096
use_wesher = var.use_wesher
ports = [
{
name = "discovery"
static = 7359,
task_config = true,
},
{
name = "dnla",
static = 1900,
task_config = true,
},
]
env = {
PGID = 100
PUID = 1001
TZ = "America/Los_Angeles"
JELLYFIN_PublishedServerUrl = "https://jellyfin.thefij.rocks"
}
host_volumes = [
{
name = "jellyfin-config"
dest = "/config"
read_only = false
},
{
name = "media-read"
dest = "/media"
read_only = true
},
{
name = "media-overflow-read"
dest = "/media-overflow"
read_only = true
},
]
resources = {
cpu = 500
memory = 1200
}
}