diff --git a/jackett-conf/jackett.rc b/jackett-conf/jackett.rc new file mode 100644 index 00000000..bb964794 --- /dev/null +++ b/jackett-conf/jackett.rc @@ -0,0 +1,50 @@ +#!/bin/sh + +# $FreeBSD$ +# +# PROVIDE: jackett +# REQUIRE: LOGIN +# KEYWORD: shutdown +# +# Add the following lines to /etc/rc.conf.local or /etc/rc.conf +# to enable this service: +# +# jackett_enable: Set to YES to enable jackett +# Default: NO +# jackett_user: The user account used to run the jackett daemon. +# This is optional, however do not specifically set this to an +# empty string as this will cause the daemon to run as root. +# Default: media +# jackett_group: The group account used to run the jackett daemon. +# This is optional, however do not specifically set this to an +# empty string as this will cause the daemon to run with group wheel. +# Default: media +# jackett_data_dir: Directory where jackett configuration +# data is stored. +# Default: /var/db/jackett + +. /etc/rc.subr +name=jackett +rcvar=${name}_enable +load_rc_config $name + +: ${jackett_enable:="NO"} +: ${jackett_user:="jackett"} +: ${jackett_group:="jackett"} +: ${jackett_data_dir:="/config"} + +command="/usr/sbin/daemon" +procname="/usr/local/bin/mono" +command_args="-p ${jackett_data_dir}/jackett.pid -f ${procname} /usr/local/share/Jackett/JackettConsole.exe -d ${jackett_data_dir}" + +start_precmd=jackett_precmd +jackett_precmd() { +export USER=${jackett_user} +if [ ! -d ${jackett_data_dir} ]; then +install -d -o ${jackett_user} -g ${jackett_group} ${jackett_data_dir} +fi + +export XDG_CONFIG_HOME=${jackett_data_dir} +} + +run_rc_command "$1" \ No newline at end of file diff --git a/jackett.sh b/jackett.sh new file mode 100644 index 00000000..511597d0 --- /dev/null +++ b/jackett.sh @@ -0,0 +1,16 @@ +echo '{"pkgs":["mono","curl","ca_root_nss","nano"]}' > /tmp/pkg.json +iocage create -n "jackett" -p /tmp/pkg.json -r 11.3-RELEASE interfaces="vnet0:bridge30" ip4_addr="vnet0|192.168.30.28/24" defaultrouter="192.168.30.1" vnet="on" allow_raw_sockets="1" boot="on" +rm /tmp/pkg.json +iocage exec jackett mkdir -p /config +iocage fstab -a jackett /mnt/tank/apps/jackett /config nullfs rw 0 0 +iocage exec jackett ln -s /usr/local/bin/mono /usr/bin/mono +iocage exec jackett "fetch https://github.com/Jackett/Jackett/releases/download/v0.11.502/Jackett.Binaries.Mono.tar.gz -o /usr/local/share" +iocage exec jackett "tar -xzvf /usr/local/share/Jackett.Binaries.Mono.tar.gz -C /usr/local/share" +iocage exec jackett rm /usr/local/share/Jackett.Binaries.Mono.tar.gz +iocage exec jackett "pw user add jackett -c jackett -u 818 -d /nonexistent -s /usr/bin/nologin" +iocage exec jackett chown -R jackett:jackett /usr/local/share/Jackett /config +iocage exec jackett mkdir /usr/local/etc/rc.d +cp ./jackett-conf/jackett.rc /mnt/tank/iocage/jails/jackett/root/usr/local/etc/rc.d/jackett +iocage exec jackett chmod u+x /usr/local/etc/rc.d/jackett +iocage exec jackett sysrc "jackett_enable=YES" +iocage exec jackett service jackett restart \ No newline at end of file diff --git a/organizr-conf/custom/organizr.conf b/organizr-conf/custom/organizr.conf new file mode 100644 index 00000000..d9461920 --- /dev/null +++ b/organizr-conf/custom/organizr.conf @@ -0,0 +1,129 @@ +send_timeout 5m; +proxy_read_timeout 240; +proxy_send_timeout 240; +proxy_connect_timeout 240; +client_header_timeout 240; +client_body_timeout 240; + +location / { + root /usr/local/www/Organizr; + index index.php index.html index.htm index.nginx-debian.html; + location ~ /auth-(.*) { + internal; + rewrite ^/auth-(.*) /api/?v1/auth&group=$1; + } + error_page 400 401 402 403 404 405 408 500 502 503 504 $scheme://$server_name/?error=$status; + location / {try_files $uri $uri/ =404;} + include custom/phpblock.conf; #PHP Block + } + +location /transmission { + auth_request /auth-0; + add_header X-Frame-Options "SAMEORIGIN"; + proxy_pass http://127.0.0.1:9091; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + +location /nzbget { + auth_request /auth-0; + add_header X-Frame-Options "SAMEORIGIN"; + proxy_pass http://127.0.0.1:6789; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + +location /nzbhydra/ { + auth_request /auth-0; + add_header X-Frame-Options "SAMEORIGIN"; + proxy_pass http://127.0.0.1:5075/nzbhydra/; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + +location /sonarr { + auth_request /auth-0; + add_header X-Frame-Options "SAMEORIGIN"; + proxy_pass http://192.168.30.30:8989; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + +location /radarr { + auth_request /auth-0; + add_header X-Frame-Options "SAMEORIGIN"; + proxy_pass http://192.168.30.31:7878; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + +location /jackett { + auth_request /auth-0; + add_header X-Frame-Options "SAMEORIGIN"; + proxy_pass http://192.168.30.28:9117; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Host $http_host; + proxy_redirect off; + } + +location /plex/ { + auth_request /auth-4; + add_header X-Frame-Options "SAMEORIGIN"; + proxy_pass http://192.168.30.26:32400/; + client_max_body_size 10m; + client_body_buffer_size 128k; + proxy_bind $server_addr; + proxy_buffers 32 4k; + #Timeout if the real server is dead + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; + # Advanced Proxy Config + send_timeout 5m; + proxy_read_timeout 240; + proxy_send_timeout 240; + proxy_connect_timeout 240; + proxy_hide_header X-Frame-Options; + # Basic Proxy Config + proxy_set_header Host $host:$server_port; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + proxy_redirect http:// $scheme://; + proxy_http_version 1.1; + proxy_set_header Connection ""; + proxy_no_cache $cookie_session; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } +if ($http_referer ~* /plex/) { + rewrite ^/web/(.*) /plex/web/$1? redirect; + } + +location /plexpy { + auth_request /auth-4; + add_header X-Frame-Options "SAMEORIGIN"; + proxy_pass http://127.0.0.1:8181; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Host $server_name; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + } + +location /ombi/ { + auth_request /auth-4; + add_header X-Frame-Options "SAMEORIGIN"; + proxy_pass http://127.0.0.1:5000/ombi/; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection keep-alive; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + } \ No newline at end of file diff --git a/organizr-conf/custom/phpblock.conf b/organizr-conf/custom/phpblock.conf new file mode 100644 index 00000000..f68839fe --- /dev/null +++ b/organizr-conf/custom/phpblock.conf @@ -0,0 +1,9 @@ +fastcgi_read_timeout 240; + +location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/var/run/php-fpm.sock; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include fastcgi_params; +} \ No newline at end of file diff --git a/organizr-conf/nginx.conf b/organizr-conf/nginx.conf index cb049500..dcee90dc 100644 --- a/organizr-conf/nginx.conf +++ b/organizr-conf/nginx.conf @@ -1,30 +1,26 @@ user www; worker_processes 1; + events { -worker_connections 1024; + worker_connections 1024; } + http { -include mime.types; -default_type application/octet-stream; -sendfile on; -keepalive_timeout 65; -server { -listen 80; -server_name localhost; -root /usr/local/www/Organizr; -location / { -index index.php index.html index.htm; -} -error_page 500 502 503 504 /50x.html; -location = /50x.html { -root /usr/local/www/nginx-dist; -} -location ~ \.php$ { -fastcgi_split_path_info ^(.+\.php)(/.+)$; -fastcgi_pass unix:/var/run/php-fpm.sock; -fastcgi_index index.php; -fastcgi_param SCRIPT_FILENAME $request_filename; -include fastcgi_params; -} -} + include mime.types; + default_type application/octet-stream; + sendfile on; + keepalive_timeout 65; + server { + listen 80; + server_name organizr.dmz.schouten-lebbing.nl; + include custom/organizr.conf; + } + server { + listen 443 ssl; + server_name organizr.schouten-lebbing.nl; + include custom/organizr.conf; + ssl_certificate /config/cert/Organizr-Cert.crt; # Manually Added + ssl_certificate_key /config/cert/Organizr-Cert.key; # Manually Added + } + } \ No newline at end of file diff --git a/organizr.sh b/organizr.sh index 0c599fe7..29af7493 100755 --- a/organizr.sh +++ b/organizr.sh @@ -1,5 +1,5 @@ echo '{"pkgs":["nginx","php72","php72-filter","php72-curl","php72-hash","php72-json","php72-openssl","php72-pdo","php72-pdo_sqlite","php72-session","php72-simplexml","php72-sqlite3","php72-zip","git","ca_root_nss"]}' > /tmp/pkg.json -iocage create -n "organizr" -p /tmp/pkg.json -r 11.3-RELEASE ip4_addr="vnet0|192.168.10.21/24" defaultrouter="192.168.10.1" vnet="on" allow_raw_sockets="1" boot="on" +iocage create -n "organizr" -p /tmp/pkg.json -r 11.3-RELEASE interfaces="vnet0:bridge30" ip4_addr="vnet0|192.168.30.25/24" defaultrouter="192.168.30.1" vnet="on" allow_raw_sockets="1" boot="on" rm /tmp/pkg.json iocage exec organizr mkdir -p /config iocage fstab -a organizr /mnt/tank/apps/organizr /config nullfs rw 0 0 diff --git a/plex.sh b/plex.sh index 291046e0..6cb88c54 100755 --- a/plex.sh +++ b/plex.sh @@ -1,7 +1,7 @@ #!/bin/sh echo '{"pkgs":["plexmediaserver-plexpass","ca_root_nss","nano"]}' > /tmp/pkg.json -iocage create -n "plex" -p /tmp/pkg.json -r 11.3-RELEASE ip4_addr="vnet0|192.168.10.23/24" defaultrouter="192.168.10.1" vnet="on" allow_raw_sockets="1" boot="on" +iocage create -n "plex" -p /tmp/pkg.json -r 11.3-RELEASE interfaces="vnet0:bridge30" ip4_addr="vnet0|192.168.30.26/24" defaultrouter="192.168.30.1" vnet="on" allow_raw_sockets="1" boot="on" rm /tmp/pkg.json iocage exec plex "mkdir -p /usr/local/etc/pkg/repos" cp ./plex-conf/FreeBSD.conf /mnt/tank/iocage/jails/plex/root/usr/local/etc/pkg/repos/FreeBSD.conf