-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathignition.yaml
242 lines (223 loc) · 9.88 KB
/
ignition.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
---
# This is the main CoreOS Ignition file for "installing" Mediadepot.
# It contains configuration that should be customized for each installation (SSH keys, Disk drives, etc.)
# All other configuration is stored in the ignition.d directory and loaded as modules.
# These configuration files are heavily commented for ease of use
#
# Ignition configuration files are written in YAML, following the syntax shown here:
# https://github.com/coreos/container-linux-config-transpiler/blob/master/doc/configuration.md
# The Ignition YAML files are then "transpiled" to JSON using the CoreOS Configuration Transpiler:
# https://github.com/coreos/container-linux-config-transpiler
#
ignition:
config:
append:
# (Required) The base.json config prepares the filesystem and sets up disk mounting service.
- source: https://mediadepot.github.io/ignition/ignition.d/base.json
# (Required) The mergerfs.json config installs the mergerfs binary and sets up the automation friendly folder structure
- source: https://mediadepot.github.io/ignition/ignition.d/mergerfs.json
# (Required) The portainer.json config installs a Portainer service, which manages a Docker container.
# Portainer is used for managing docker containers via a Web UI.
- source: https://mediadepot.github.io/ignition/ignition.d/portainer.json
# (Required) The traefik.json config installs a Traefik service, which manages a Docker container.
# Traefik is used to automatically provide a easy-to-remember hostname for each docker container.
# eg. sickrage.depot.lan or home.depot.lan
- source: https://mediadepot.github.io/ignition/ignition.d/traefik.json
# (Optional) The adguard.json config installs a dns service
# A free and open source, powerful network-wide ads & trackers blocking DNS server.
- source: https://mediadepot.github.io/ignition/ignition.d/adguard.json
# (Optional) The samba.json config installs a Samba service, which manages a Docker container.
# Samba exposes the storage folder structure as network shares
- source: https://mediadepot.github.io/ignition/ignition.d/samba.json
# (Optional) The notifications.json config sets up a configuration file for enabling PushOver notifications (used by SmartMonTools & System Startup/Shutdown notifications)
- source: https://mediadepot.github.io/ignition/ignition.d/notifications.json
# (Optional) The fs-monitor.json installs a SmartMonTools service, which manages a Docker container.
# SmartMonTools tracks the S.M.A.R.T. health status of your disk drives and notifies you if your disk health changes.
- source: https://mediadepot.github.io/ignition/ignition.d/fs-monitor.json
# (Optional) The netdata.json installs a NetData service, which manages a Docker container.
# Netdata is a lightweight metric logging service that shows you the current utilization of your server (CPU, RAM, Storage, etc)
- source: https://mediadepot.github.io/ignition/ignition.d/netdata.json
timeouts: {}
networkd: {}
# (Required) The users defined in this section are required (core & depot).
# `core` is the default user for the CoreOS installation.
# It's the user you will use for making changes as root, via sudo.
#
# `depot` is a limited user account, which owns all of your media files. It's uid/gid must be 15000.
#
# You should change the ssh_authorized_keys for both users to a key under your control.
passwd:
users:
- name: core
ssh_authorized_keys:
- ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEA0QIsn450XjpKdoAicWqu6pgoc7h+lUokibTF75NcLVhrhnOn8aVpV+MemlE6kt6wjZDK7WyTEX1+/4dIFwH92+TJwBRKG8Yd0aTFHjWZg7K/dZAak041sF21D9K+7R0PtZK/B6szbdN9bZtwss2ebuzMu9Pxw3Rzq/PsPfl9nzs=
- name: depot
uid: 15000
primary_group: depot
no_user_group: true
system: false
ssh_authorized_keys:
- ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEA0QIsn450XjpKdoAicWqu6pgoc7h+lUokibTF75NcLVhrhnOn8aVpV+MemlE6kt6wjZDK7WyTEX1+/4dIFwH92+TJwBRKG8Yd0aTFHjWZg7K/dZAak041sF21D9K+7R0PtZK/B6szbdN9bZtwss2ebuzMu9Pxw3Rzq/PsPfl9nzs=
shell: "/bin/bash"
# (Required) The directories referenced in this storage block (/mnt/drive*) should be changed to match the number of storage drives on your server
# The UID and GID should be set to 15000
storage:
directories:
- filesystem: root
mode: 493 #755
path: "/mnt/drive1/"
user:
id: 15000
group:
id: 15000
- filesystem: root
mode: 493 #755
path: "/mnt/drive2/"
user:
id: 15000
group:
id: 15000
- filesystem: root
mode: 493 #755
path: "/mnt/drive3/"
user:
id: 15000
group:
id: 15000
- filesystem: root
mode: 493 #755
path: "/mnt/drive4/"
user:
id: 15000
group:
id: 15000
- filesystem: root
mode: 493 #755
path: "/mnt/drive5/"
user:
id: 15000
group:
id: 15000
- filesystem: root
mode: 493 #755
path: "/mnt/drive6/"
user:
id: 15000
group:
id: 15000
files:
# (Required) The media-storage mount service is required. It ensures that the disks are correctly mounted before mergerfs starts and mounts its JBOD drive.
# The `mnt-*` entries must match the storage directories created above.
- filesystem: root
path: "/etc/systemd/system/media-storage.mount.d/deps.conf"
mode: 420 #644
contents:
inline: |
[Unit]
Requires = mnt-drive1.mount
Requires = mnt-drive2.mount
Requires = mnt-drive3.mount
Requires = mnt-drive4.mount
Requires = mnt-drive5.mount
Requires = mnt-drive6.mount
After = mnt-drive1.mount
After = mnt-drive2.mount
After = mnt-drive3.mount
After = mnt-drive4.mount
After = mnt-drive5.mount
After = mnt-drive6.mount
- filesystem: root
path: "/etc/systemd/system/depot-filesystem.service.d/folders.conf"
mode: 420 #644
contents:
inline: |
[Service]
Environment="MEDIA_FOLDERS=documents ebooks movies music photos software tvshows"
- filesystem: root
path: "/etc/systemd/system/depot-env.service.d/domain.conf"
mode: 420 #644
contents:
inline: |
[Service]
Environment="DEPOT_DOMAIN_NAME=depot.lan"
# (Optional) This configuration file is used by smartmontools to specify which drives to actually watch for failures.
- filesystem: root
path: "/opt/mediadepot/fs-monitor/config/smartd.conf"
mode: 420 #644
contents:
inline: |
# Configuration file for smartd.
# -a | monitor all SMART properties
# -o | [ATA only] Enables SMART Automatic Offline Testing when smartd starts up and has no further effect. The valid arguments to this Directive are on and off.
# -m | Send a warning email to the email address ADD if the '-H', '-l', '-f', '-C', or '-O' Directives detect a failure or a new error, or if a SMART command to the disk fails.
# -M | modify the behavior of the smartd email warnings enabled with the '-m' email Directive. un the executable PATH instead of the default mail command, when smartd needs to send email. PATH must point to an executable binary file or script.
# -s | Run Self-Tests or Offline Immediate Tests, at scheduled times. A Self- or Offline Immediate Test will be run at the end of periodic device polling, if all 12 characters of the string T/MM/DD/d/HH match the extended regular expression
#
# S/../.././02 | schedule a short Self-Test between 2-3 am every morning
# L/../../6/03 | schedule a long Self-Test between 3-4 am every Saturday morning
# unfortunatley you cant use /dev/disk/by-uuid/988cc439-03f4-4c86-8383-10280783345d when mounting devices into a container, so we're stuck with /dev/sda, sdb, etc.
/dev/sda -a -o on -S on -s (S/../.././02|L/../../6/03) -m @ALL -M exec /etc/smartd_warning.sh
/dev/sdb -a -o on -S on -s (S/../.././02|L/../../6/03) -m @ALL -M exec /etc/smartd_warning.sh
/dev/sdc -a -o on -S on -s (S/../.././02|L/../../6/03) -m @ALL -M exec /etc/smartd_warning.sh
/dev/sdd -a -o on -S on -s (S/../.././02|L/../../6/03) -m @ALL -M exec /etc/smartd_warning.sh
/dev/sde -a -o on -S on -s (S/../.././02|L/../../6/03) -m @ALL -M exec /etc/smartd_warning.sh
/dev/sdf -a -o on -S on -s (S/../.././02|L/../../6/03) -m @ALL -M exec /etc/smartd_warning.sh
/dev/sdg -a -o on -S on -s (S/../.././02|L/../../6/03) -m @ALL -M exec /etc/smartd_warning.sh
# (Required) These systemd services tell CoreOS to mount the specified HD's to the previously created folders.
# HD's are referenced by UUID as they are static and do not change (even across motherboard upgrades/OS changes).
systemd:
units:
- name: mnt-drive1.mount
enable: true
contents: |-
[Mount]
What=/dev/disk/by-uuid/806cf4bc-d160-4d96-8ee9-3ab7cf2a2e1f
Where=/mnt/drive1
Type=ext4
[Install]
WantedBy=local-fs.target
- name: mnt-drive2.mount
enable: true
contents: |-
[Mount]
What=/dev/disk/by-uuid/3a475599-9521-4a14-8e29-5b18a215193f
Where=/mnt/drive2
Type=ext4
[Install]
WantedBy=local-fs.target
- name: mnt-drive3.mount
enable: true
contents: |-
[Mount]
What=/dev/disk/by-uuid/6dfb654e-9d71-4398-b326-49ce78f6a302
Where=/mnt/drive3
Type=ext4
[Install]
WantedBy=local-fs.target
- name: mnt-drive4.mount
enable: true
contents: |-
[Mount]
What=/dev/disk/by-uuid/fc684dcc-aa2f-44f3-a958-d302dc7dd46d
Where=/mnt/drive4
Type=ext4
[Install]
WantedBy=local-fs.target
- name: mnt-drive5.mount
enable: true
contents: |-
[Mount]
What=/dev/disk/by-uuid/8125ec6d-a7e4-4950-ac84-72d6a4d67128
Where=/mnt/drive5
Type=ext4
[Install]
WantedBy=local-fs.target
- name: mnt-drive6.mount
enable: true
contents: |-
[Mount]
What=/dev/disk/by-uuid/96809924-7aae-4725-91fa-d32273453d37
Where=/mnt/drive6
Type=ext4
[Install]
WantedBy=local-fs.target