From 0af2cd16e2b7ff773c50c69cc92625bf5f31ea40 Mon Sep 17 00:00:00 2001
From: Cian Hatton <cianhatton@gmail.com>
Date: Sat, 17 Sep 2022 18:25:23 +0100
Subject: [PATCH] template vpn stack

---
 host_vars/qnap.yml                            |  5 ++++
 host_vars/snunmu.yml                          |  1 -
 playbooks/setup-homelab.yml                   | 22 +++++++-------
 .../templates/vpn-stack.j2                    | 30 +++++++++++++++----
 roles/setup_samba/files/smb.conf              | 14 +++++----
 5 files changed, 48 insertions(+), 24 deletions(-)

diff --git a/host_vars/qnap.yml b/host_vars/qnap.yml
index c7ca029..502401f 100644
--- a/host_vars/qnap.yml
+++ b/host_vars/qnap.yml
@@ -60,6 +60,11 @@ services:
   - name: plex
   - name: uptime-kuma
   - name: vpn-stack
+    template_vars:
+      qbittorrent: true
+      radarr: true
+      sonarr: true
+      jackett: true
   - name: mariadb
     template_vars:
       default_network: mariadb_net
diff --git a/host_vars/snunmu.yml b/host_vars/snunmu.yml
index 7d61dce..2ebccb4 100644
--- a/host_vars/snunmu.yml
+++ b/host_vars/snunmu.yml
@@ -6,7 +6,6 @@ services:
   - name: linkding
   - name: pihole
   - name: hasteypaste
-  - name: vpn-stack
   - name: dashboards
     template_vars:
       dashy: false
diff --git a/playbooks/setup-homelab.yml b/playbooks/setup-homelab.yml
index 2981af4..095ca00 100644
--- a/playbooks/setup-homelab.yml
+++ b/playbooks/setup-homelab.yml
@@ -53,17 +53,17 @@
     ansible.builtin.file:
       path: "/mnt/mergerfs"
       state: directory
-      mode: '0755'
-      owner: cianhatton
-      group: cianhatton
+      mode: '0777'
+      owner: root
+      group: root
 
   - name: Check mountpoint exists.
     ansible.builtin.file:
-      path: "/mnt/ssd0"
+      path: "/mnt/ssd0/downloads"
       state: directory
-      mode: '0755'
-      owner: cianhatton
-      group: cianhatton
+      mode: '0777'
+      owner: root
+      group: root
 
   - name: Mount shares.
     mount:
@@ -71,15 +71,15 @@
        fstype: "cifs"
        path: /mnt/mergerfs
        src: '//192.168.178.42/mergerfs'
-       opts: 'username=cianhatton,password={{ cianhatton_password }}'
+       opts: 'username=cianhatton,password={{ cianhatton_password }},dir_mode=0777,file_mode=0777,umask=0000'
 
   - name: Mount shares.
     mount:
        state: "mounted"
        fstype: "cifs"
-       path: /mnt/ssd0
-       src: '//192.168.178.42/ssd0'
-       opts: 'username=cianhatton,password={{ cianhatton_password }}'
+       path: /mnt/ssd0/downloads
+       src: '//192.168.178.42/downloads'
+       opts: 'username=cianhatton,password={{ cianhatton_password }},dir_mode=0777,file_mode=0777,umask=0000'
 
 - name: Install Docker on Docker hosts.
   hosts: docker
diff --git a/roles/setup_hosted_services/templates/vpn-stack.j2 b/roles/setup_hosted_services/templates/vpn-stack.j2
index 411abac..5eb5938 100644
--- a/roles/setup_hosted_services/templates/vpn-stack.j2
+++ b/roles/setup_hosted_services/templates/vpn-stack.j2
@@ -30,7 +30,7 @@ services:
     dns:
       - 1.1.1.1
       - 8.8.8.8
-
+{% if template_vars.qbittorrent %}
   qbittorrent:
     labels:
       ie.cianhatton.backup.enabled: "true"
@@ -50,7 +50,8 @@ services:
       - qbittorrent_config:/config
       - {{ directories.downloads_dir }}:/downloads
     restart: unless-stopped
-
+{% endif %}
+{% if template_vars.radarr %}
   radarr:
     labels:
       ie.cianhatton.backup.enabled: "true"
@@ -69,7 +70,8 @@ services:
       - {{ directories.movies_dir }}:/movies
       - {{ directories.downloads_dir }}:/downloads
     restart: unless-stopped
-
+{% endif %}
+{% if template_vars.sonarr %}
   sonarr:
     depends_on:
       - surfshark
@@ -88,7 +90,8 @@ services:
       - {{ directories.tv_dir }}:/tv
       - {{ directories.downloads_dir }}:/downloads
     restart: unless-stopped
-
+{% endif %}
+{% if template_vars.jackett %}
   jackett:
     labels:
       ie.cianhatton.backup.enabled: "true"
@@ -107,9 +110,24 @@ services:
       - jackett_config:/config
       - {{ directories.downloads_dir }}:/downloads
     restart: unless-stopped
-
+{% endif %}
 volumes:
+{% if template_vars.jackett %}
+  jackett_config:
+{% endif %}
+{% if template_vars.qbittorrent %}
   qbittorrent_config:
+# https://askubuntu.com/questions/1203832/how-to-mount-smb-share-on-ubuntu-18-04-with-read-write-from-the-terminal
+#  downloads:
+#    driver: local
+#    driver_opts:
+#      type: "cifs"
+#      device: "//192.168.178.42/downloads"
+#      o: "username=cianhatton,password={{ cianhatton_password }},dir_mode=0777,file_mode=0777"
+{% endif %}
+{% if template_vars.radarr %}
   radarr_config:
+{% endif %}
+{% if template_vars.sonarr %}
   sonarr_config:
-  jackett_config:
+{% endif %}
diff --git a/roles/setup_samba/files/smb.conf b/roles/setup_samba/files/smb.conf
index 9b8bfeb..76e788e 100644
--- a/roles/setup_samba/files/smb.conf
+++ b/roles/setup_samba/files/smb.conf
@@ -13,16 +13,18 @@ name resolve order = bcast host
 force user = smbuser
 force group = smbgroup
 # permissions for new files
-create mask = 0664
-force create mode = 0664
+create mask = 0777
+force create mode = 0777
 # permissions for new directories
-directory mask = 0775
-force directory mode = 0775
+directory mask = 0777
+force directory mode = 0777
+
 public = yes
 writable = yes
+read only = no
 
 [mergerfs]
 path = /mnt/mergerfs
 
-[ssd0]
-path = /mnt/ssd0
+[downloads]
+path = /mnt/ssd0/downloads