Add youtransfer

vitosans · Nov 16, 2021 · 8e87bbe · 8e87bbe
1 parent ad469a6
commit 8e87bbe
Show file tree

Hide file tree

Showing 11 changed files with 190 additions and 8 deletions.
diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml
@@ -119,9 +119,11 @@ enable_photoprism: true
 
 enable_duckdns: false
 
-enable_cloudflare: true
+enable_cloudflare-ddns: true
 
-enable_piped: true
+enable_youtransfer: true
+
+enable_piped: false
 
 enable_ddclient: true
 

diff --git a/roles/containers/nextcloud/tasks/main.yml b/roles/containers/nextcloud/tasks/main.yml
@@ -12,6 +12,8 @@
       "flame.url": "{{ dashboard_url }}"
       "flame.icon": "custom"
     env:
+      "PUID": "{{ guid }}"
+      "PGID": "{{ guid }}"
       "TZ": "{{ timezone }}"
       "MYSQL_ROOT_PASSWORD": "{{ mysql_root_password }}"
       "MYSQL_DATABASE": "{{ mysql_db }}"

diff --git a/roles/containers/piped/defaults/main.yml b/roles/containers/piped/defaults/main.yml
@@ -0,0 +1,11 @@
+dashboard_url: "https://{{ subdomains['piped'] }}.{{ host }}"
+
+container_name: piped
+
+frontend_url: "{{ subdomains['piped'] }}.{{ host }}"
+
+proxy_url: "{{ subdomains['piped-proxy'] }}.{{ host }}"
+
+api_url: "{{ subdomains['piped-api'] }}.{{ host }}"
+
+homer_category: services
diff --git a/roles/containers/piped/tasks/main.yml b/roles/containers/piped/tasks/main.yml
@@ -0,0 +1,78 @@
+---
+- name: Clone the piped-docker repository
+  git:
+    clone: yes
+    repo: https://github.com/TeamPiped/Piped-Docker
+    dest: "{{ docker_dir }}/{{ container_name }}"
+  ignore_errors: yes
+
+- name: Populate the frontend variable in the configure-instance.sh file
+  lineinfile:
+    search_string: "read frontend"
+    path: "{{ docker_dir }}/{{ container_name }}/configure-instance.sh"
+    line: "frontend={{ frontend_url }}"
+    state: present
+
+- name: Populate the backend variable in the configure-instance.sh file
+  lineinfile:
+    search_string: "read backend"
+    path: "{{ docker_dir }}/{{ container_name }}/configure-instance.sh"
+    line: "backend={{ api_url }}"
+    state: present
+
+- name: Populate the proxy variable in the configure-instance.sh file
+  lineinfile:
+    search_string: "read proxy"
+    path: "{{ docker_dir }}/{{ container_name }}/configure-instance.sh"
+    line: "proxy={{ proxy_url }}"
+    state: present
+
+- name: Populate the reverseproxy variable in the configure-instance.sh file
+  lineinfile:
+    search_string: "read reverseproxy"
+    path: "{{ docker_dir }}/{{ container_name }}/configure-instance.sh"
+    line: "reverseproxy=nginx"
+    state: present
+
+- name: Fix the 'sed' command in the configure-instance.sh file
+  lineinfile:
+    regexp: "sed.*"
+    state: absent
+    path: "{{ docker_dir }}/{{ container_name }}/configure-instance.sh"
+
+- name: Fix the 'sed' command in the configure-instance.sh file
+  lineinfile:
+    line: "{{ item }}"
+    state: present
+    insertafter: "cp -r template/ config/"
+    path: "{{ docker_dir }}/{{ container_name }}/configure-instance.sh"
+  with_items:
+    - sed -i "s|FRONTEND_HOSTNAME|$frontend|g" config/*
+    - sed -i "s|BACKEND_HOSTNAME|$backend|g" config/*
+    - sed -i "s|PROXY_HOSTNAME|$proxy|g" config/*
+
+- name: Change the default PostgreSQL password
+  replace:
+    path: "{{ item }}"
+    regexp: "changeme"
+    replace: "{{ piped_postgresql_password }}"
+  with_items:
+    - "{{ docker_dir }}/{{ container_name }}/template/config.properties"
+    - "{{ docker_dir }}/{{ container_name }}/template/docker-compose.nginx.yml"
+    - "{{ docker_dir }}/{{ container_name }}/template/docker-compose.caddy.yml"
+
+- name: Run the configure-instance.sh script
+  shell:
+    cmd: "cd {{docker_dir }}/{{ container_name }} && bash configure-instance.sh"
+
+- name: Add "version" parameter to the docker-compose file
+  lineinfile:
+    line: "version: '3'"
+    state: present
+    insertbefore: BOF
+    path: "{{ docker_dir }}/{{ container_name }}/docker-compose.yml"
+
+
+- name: Run the docker-compose file
+  shell:
+    cmd: "cd {{docker_dir }}/{{ container_name }} && docker-compose up -d"
diff --git a/roles/containers/swag/tasks/main.yml b/roles/containers/swag/tasks/main.yml
@@ -18,6 +18,21 @@
   with_items: "{{ containers.files }}"
   no_log: true
 
+- name: Install python3-passlib
+  package:
+    name: python3-passlib
+    state: latest
+  when: swag_htpasswd_user is defined and swag_htpasswd_password is defined
+
+- name: Populate the .htpasswd file
+  htpasswd:
+    path: "{{ docker_dir }}/{{ container_name }}/config/nginx/.htpasswd"
+    name: "{{ swag_htpasswd_user }}"
+    password: "{{ swag_htpasswd_password }}"
+    owner: root
+    mode: 0640
+  when: swag_htpasswd_user is defined and swag_htpasswd_password is defined
+
 - name: Populate the dictionary of all containers
   set_fact:
     swag_urls: "{{ swag_urls | default({}) | combine({ item.path.split('/')[-1] : lookup('vars', item.path.split('/')[-1])['dashboard_url'] | default('') | regex_replace('https?://|/*', '') }) }}"
@@ -28,14 +43,19 @@
   docker_network:
     name: swag_network
 
-- name: Copy the SWAG config files
+- name: Install the SWAG config files
   template:
     src: "{{ item }}"
     dest: "{{ docker_dir }}/{{ container_name }}/config/nginx/proxy-confs/{{ item | basename | regex_replace('.j2$', '') }}"
   with_fileglob:
     - templates/*.j2
   register: swag_config
 
+- name: Install the DNS config file
+  template:
+    src: "dns-conf/cloudflare.ini.j2"
+    dest: "{{ docker_dir }}/{{ container_name }}/config/dns-conf/cloudflare.ini"
+
 - name: Make sure the SWAG container is created and running
   docker_container:
     name: "{{ container_name }}"
@@ -51,12 +71,10 @@
       "TZ": "{{ timezone }}"
       "URL": "{{ host }}"
       "SUBDOMAINS": "{{ ','.join(subdomains.values()) }}"
-      "SUBDOMAINS_ONLY": "false"
-      "VALIDATION": "http"
-      "CERTPROVIDER": "letsencrypt"
+      "VALIDATION": "dns"
+      "DNSPLUGIN": "cloudflare"
       "EMAIL": "{{ email }}"
     ports:
-      - "80:80"
       - "443:443"
     volumes:
       - "{{ docker_dir }}/{{ container_name }}/config:/config"

diff --git a/roles/containers/swag/templates/dns-conf/cloudflare.ini.j2 b/roles/containers/swag/templates/dns-conf/cloudflare.ini.j2
@@ -0,0 +1 @@
+dns_cloudflare_api_token = {{ cloudflare_token }}
diff --git a/roles/containers/swag/templates/nextcloud.subdomain.conf.j2 b/roles/containers/swag/templates/nextcloud.subdomain.conf.j2
@@ -7,7 +7,6 @@ server {
 
     include /config/nginx/ssl.conf;
 
-    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
     client_max_body_size 0;
 
     location / {

diff --git a/roles/containers/swag/templates/youtransfer.subdomain.conf.j2 b/roles/containers/swag/templates/youtransfer.subdomain.conf.j2
@@ -0,0 +1,27 @@
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name {{ swag_urls['youtransfer'] }};
+
+    {% include "common/params.j2" %}
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 128M;
+
+
+    location / {
+        {% include "common/cors.j2" %}
+        auth_basic "Restricted";
+        auth_basic_user_file /config/nginx/.htpasswd;
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app youtransfer;
+        set $upstream_port 5000;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+
+
+}
diff --git a/roles/containers/youtransfer/defaults/main.yml b/roles/containers/youtransfer/defaults/main.yml
@@ -0,0 +1,8 @@
+---
+container_name: youtransfer
+
+dashboard_name: YouTransfer
+
+dashboard_url: "https://{{ subdomains['youtransfer'] }}.{{ host }}"
+
+homer_category: services
diff --git a/roles/containers/youtransfer/tasks/main.yml b/roles/containers/youtransfer/tasks/main.yml
@@ -0,0 +1,29 @@
+---
+- name: Make sure the {{ container_name }} container is created and running
+  docker_container:
+    name: "{{ container_name }}"
+    image: "remie/youtransfer:stable"
+    pull: yes
+    state: 'started'
+    env:
+      "PUID": "{{ guid }}"
+      "PGID": "{{ guid }}"
+      "TZ": "{{ timezone }}"
+    volumes:
+      - "{{ docker_dir }}/{{ container_name }}:/config"
+      - "{{ mergerfs_root }}/Uploads:/uploads"
+    restart_policy: unless-stopped
+
+- name: Schedule a cleanup for /opt/youtransfer
+  cron:
+    name: Cleanup /opt/youtransfer
+    hour: "0"
+    job: "docker exec {{ container_name }} rm -rf /opt/youtransfer/upload_*"
+
+- name: Add {{ container_name }} to the SWAG network (reverse-proxy)
+  docker_network:
+    name: swag_network
+    connected:
+      - "{{ container_name }}"
+    appends: yes
+  when: enable_swag
diff --git a/run.yml b/run.yml
@@ -140,6 +140,13 @@
         - containers
       when: enable_authelia | default(False)
 
+    - role: containers/youtransfer
+      tags:
+        - youtransfer
+        - containers
+      when: enable_youtransfer | default(False)
+
+
     - role: containers/swag
       tags: 
         - swag
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		dns_cloudflare_api_token = {{ cloudflare_token }}