Adrian Cowan
e695485353
All checks were successful
CI / Terraform fmt + validate (pull_request) Successful in 27s
CI / Nomad job spec validate (pull_request) Successful in 22s
CI / Docker image pull validation (pull_request) Successful in 16s
CI / Terraform fmt + validate (push) Successful in 23s
CI / Nomad job spec validate (push) Successful in 22s
CI / Docker image pull validation (push) Has been skipped
- traefik: TCP → HTTP check on /ping (enable ping entrypoint) - gitea: check path → /api/healthz - jellyfin: TCP → HTTP check on /health - glance: TCP → HTTP check on / - sonarr/prowlarr: check path / → /ping (×2 checks each) - ntfy/transfer/deluge/openreader/authelia/pgadmin: add name and port to existing checks - postgres: remove invalid TCP check (Connect-enabled service) - unifi: TCP → script check via curl (macvlan host isolation workaround)
143 lines
3.2 KiB
HCL
143 lines
3.2 KiB
HCL
job "sonarr" {
|
|
group "sonarr" {
|
|
network {
|
|
mode = "bridge"
|
|
port "http" {
|
|
to = 8989
|
|
}
|
|
}
|
|
service {
|
|
connect {
|
|
sidecar_service {
|
|
proxy {
|
|
upstreams {
|
|
destination_name = "postgres"
|
|
local_bind_port = 5432
|
|
}
|
|
upstreams {
|
|
destination_name = "deluge-api"
|
|
local_bind_port = 8112
|
|
}
|
|
upstreams {
|
|
destination_name = "prowlarr-api"
|
|
local_bind_port = 9696
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
service {
|
|
name = "sonarr"
|
|
port = "http"
|
|
|
|
tags = [
|
|
"traefik.enable=true",
|
|
"traefik.http.routers.sonarr.middlewares=auth@file",
|
|
]
|
|
|
|
check {
|
|
name = "alive"
|
|
type = "http"
|
|
path = "/ping"
|
|
interval = "10s"
|
|
timeout = "2s"
|
|
}
|
|
}
|
|
|
|
service {
|
|
name = "sonarr-api"
|
|
port = "http"
|
|
address_mode = "alloc" # Use allocation IP for Connect as the sidecar can't access the host's published port (hairpin/loopback NAT issue)
|
|
|
|
connect {
|
|
sidecar_service {}
|
|
}
|
|
|
|
check {
|
|
name = "alive"
|
|
type = "http"
|
|
path = "/ping"
|
|
interval = "10s"
|
|
timeout = "2s"
|
|
}
|
|
}
|
|
|
|
task "sonarr" {
|
|
driver = "docker"
|
|
|
|
config {
|
|
image = "lscr.io/linuxserver/sonarr:latest"
|
|
ports = ["http"]
|
|
}
|
|
|
|
env {
|
|
PUID = 1000
|
|
PGID = 1000
|
|
TZ = "Australia/Melbourne"
|
|
|
|
# https://wiki.servarr.com/sonarr/environment-variables
|
|
|
|
# Disable internal auth to use Traefik + Authelia
|
|
SONARR__AUTH__REQUIRED = "Enabled"
|
|
SONARR__AUTH__METHOD = "External"
|
|
|
|
SONARR__POSTGRES__USER = "sonarr"
|
|
SONARR__POSTGRES__HOST = "localhost"
|
|
SONARR__POSTGRES__PORT = "5432"
|
|
SONARR__POSTGRES__MAINDB = "sonarr-main"
|
|
SONARR__POSTGRES__LOGDB = "sonarr-log"
|
|
}
|
|
|
|
volume_mount {
|
|
volume = "unraid_appdata_sonarr"
|
|
destination = "/config"
|
|
read_only = false
|
|
}
|
|
|
|
volume_mount {
|
|
volume = "unraid_media_sonarr"
|
|
destination = "/data"
|
|
read_only = false
|
|
}
|
|
|
|
resources {
|
|
cpu = 150
|
|
memory = 1024
|
|
}
|
|
|
|
template {
|
|
data = <<EOH
|
|
SONARR__POSTGRES__PASSWORD="{{ with nomadVar "nomad/jobs/sonarr" }}{{ .database_pw }}{{ end }}"
|
|
EOH
|
|
destination = "secrets/db.env"
|
|
env = true # Load the file as environment variables
|
|
}
|
|
}
|
|
|
|
volume "unraid_appdata_sonarr" {
|
|
type = "csi"
|
|
read_only = false
|
|
source = "unraid_appdata_sonarr"
|
|
access_mode = "single-node-writer"
|
|
attachment_mode = "file-system"
|
|
|
|
mount_options {
|
|
mount_flags = ["uid=1000", "gid=1000"]
|
|
}
|
|
}
|
|
|
|
volume "unraid_media_sonarr" {
|
|
type = "csi"
|
|
read_only = false
|
|
source = "unraid_media_sonarr"
|
|
access_mode = "single-node-writer"
|
|
attachment_mode = "file-system"
|
|
|
|
mount_options {
|
|
mount_flags = ["nobrl", "uid=1000", "gid=1000"]
|
|
}
|
|
}
|
|
}
|
|
}
|