shell_sequencer/seqs/downloader.sh

#!/bin/bash

toolName=mytool
DLDUSER=dluser

# Get script working directory
# (when called from a different directory)
WDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" >>/dev/null 2>&1 && pwd)"
APTOPT=
CONFIG=0
SCRIPT_NAME=$(basename -- $0)
SCRIPT_NAME=${SCRIPT_NAME%%.*}
CONFIG_FILE_NAME="${SCRIPT_NAME}.cfg"
CONFIG_FILE_TEMPLATE="$WDIR/${CONFIG_FILE_NAME}.example"

step_config() {
  checkVpn
  #echo "Called once before executing steps."
  ## e.g. to source a config file manually:
  #. "$CONFIG_FILE"
  ## or to use sequencer api with global config file:
  #initSeqConfig "$CONFIG_FILE_NAME" "$CONFIG_FILE_TEMPLATE"
  ## or to use sequencer api with profile config file support:
  #initSeqConfig -p "$SCRIPT_NAME" "$CONFIG_FILE_TEMPLATE"
  #if [ $? -eq 0 ] ; then
  #  CONFIG=1
  #else
  #  # End if no configuration file exists
  #  [ $DRY -eq 0 ] && return -1
  #fi
  [ $QUIET -ne 0 ] && APTOPT="-y"
  return 0
}

step_1_info() { echo "Install mono"; }
step_1_alias() { ALIAS="install"; }
step_1() {
  exe apt install apt-transport-https dirmngr gnupg ca-certificates
  exe apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF

  exep "echo \"deb https://download.mono-project.com/repo/debian stable-buster main\" | sudo tee /etc/apt/sources.list.d/mono-official-stable.list"

  exe apt update
  # This will apparently be managed by the installation of sonarr later
  # (https://sonarr.tv/#downloads-v3-linux Chapter 1)
  #exe apt install mono-complete
}

step_2_info() { echo "Install mediainfo"; }
step_2() {
  exe wget https://mediaarea.net/repo/deb/repo-mediaarea_1.0-16_all.deb -O /tmp/repo-mediaarea_all.deb

  exe dpkg -i /tmp/repo-mediaarea_all.deb

  exe apt update
  exe apt install mediainfo
}

step_3_info() { echo "Add system user"; }
step_3() {
   exe adduser --system $DLDUSER --group --home /opt/downloaders
}

step_4_info() { echo "Install sonarr"
  echoinfo "Default port: 8989"
}
step_4() {
  exe apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 2009837CBFFD68F45BC180471F4F90DE2A9B4BF8
  exep "echo \"deb https://apt.sonarr.tv/debian buster main\" | tee /etc/apt/sources.list.d/sonarr.list"
  exe apt update
  exe apt install sonarr
  # Start of sonar must be managed by VPN service
  exe service sonarr stop
  exe systemctl disable sonarr
}

step_5_info() { 
  echo "Install radarr for arm64"
  echoinfo "Default port: 7878"
}
step_5() {
  # nightly     https://radarr.servarr.com/v1/update/nightly/updatefile?os=linux&runtime=netcore&arch=arm64
  # develop     https://radarr.servarr.com/v1/update/develop/updatefile?os=linux&runtime=netcore&arch=arm64
  exe curl -sL "https://radarr.servarr.com/v1/update/master/updatefile?os=linux&runtime=netcore&arch=arm64" \
    -o /tmp/Radarr.tgz

  exe tar xvzf /tmp/Radarr.tgz -C /opt/downloaders/
  exe mv /opt/downloaders/Radarr /opt/downloaders/radarr
  exe chown -R ${DLDUSER}:${DLDUSER} /opt/downloaders/radarr
}

step_6_info() { echo "Create radarr service"; }
step_6() {
  exe mkdir -p "$radarrConf"
  exe chown -R $DLDUSER: "$radarrConf"

  addConf -s "$radarrService" "$radarrServiceLoc"
  exe systemctl daemon-reload
}
radarrConf="/opt/downloaders.conf/radarr"
radarrServiceLoc="/etc/systemd/system/radarr.service"
radarrService="[Unit]
Description=Radarr Daemon
After=syslog.target network.target
Wants=transmission.service jackett.service nzbget.service
StartLimitIntervalSec=0

[Service]
User=$DLDUSER
Group=$DLDUSER

Type=simple

ExecStart=/opt/downloaders/radarr/Radarr -nobrowser -data=$radarrConf
TimeoutStopSec=20
KillMode=process
Restart=on-failure
RestartSec=5

[Install]
WantedBy=multi-user.target
Alias=radarr.service"

step_7_info() {
  echo "Install jackett for arm64"
  echoinfo "Default port: 9117"
}
step_7() {
  local jTar="/tmp/Jackett.tgz"
  local jUrl="https://github.com/Jackett/Jackett/releases/latest/download/Jackett.Binaries.LinuxARM64.tar.gz"
 
  [ ! -e "$jTar" ] && exe curl -sL "$jUrl" -o "$jTar"

  exe tar xvzf "$jTar" -C /opt/downloaders
  exe mv /opt/downloaders/Jackett /opt/downloaders/jackett
  exe chown -R ${DLDUSER}:${DLDUSER} /opt/downloaders/jackett
}

step_8_info() { echo "Create jackett service"; }
step_8() {
  addConf -s "$jackettService" "$jackettServiceLoc"
  exe systemctl daemon-reload
}
jackettServiceLoc="/etc/systemd/system/jackett.service"
jackettService="[Unit]
Description=Jackett Daemon
After=syslog.target network.target
StartLimitIntervalSec=0

[Service]
User=$DLDUSER
Group=$DLDUSER

Type=simple
SyslogIdentifier=jackett
Restart=on-failure
RestartSec=5
WorkingDirectory=/opt/downloaders/jackett
ExecStart=/bin/sh /opt/downloaders/jackett/jackett_launcher.sh
TimeoutStopSec=30

[Install]
WantedBy=multi-user.target
Alias=jackett.service"

step_9_info() {
  echo "Install NZBGet for arm64"
  echoinfo "Default port: 6789"
}
step_9() {
  exe wget -q https://nzbget.net/download/nzbget-latest-bin-linux.run -O /tmp/nzbget-latest-bin-linux.run

  # you can skip --arch aarch64 to auto-detect the architecture
  exe sh /tmp/nzbget-latest-bin-linux.run --destdir /opt/downloaders/nzbget --arch aarch64

  exe chown -R ${DLDUSER}:${DLDUSER} /opt/downloaders/nzbget
}

step_10_info() { echo "Create NZBGet service"; }
step_10() {
  local nzbConfOri="/opt/downloaders/nzbget/nzbget.conf"
  local nzbConf="/opt/downloaders.conf/nzbget/nzbget.conf"
  exe mkdir -p "$(dirname "$nzbConf")"
  exe chown -R $DLDUSER: "$(dirname "$nzbConf")"/..

  addConf -s "$nzbService" "$nzbServiceLoc"
  exe systemctl daemon-reload

  exe cp -n "$nzbConfOri" "$nzbConf"
}
nzbServiceLoc="/etc/systemd/system/nzbget.service"
nzbService="[Unit]
Description=NZBGet Daemon
After=syslog.target network.target
StartLimitIntervalSec=0

[Service]
# Change the user and group variables here.
User=$DLDUSER
Group=$DLDUSER

Type=forking

# Pass any command line arguments etc.
ExecStart=/opt/downloaders/nzbget/nzbget -D -c /opt/downloaders.conf/nzbget/nzbget.conf
ExecStop=/opt/downloaders/nzbget/nzbget -Q -c /opt/downloaders.conf/nzbget/nzbget.conf
ExecReload=/opt/downloaders/nzbget/nzbget -O -c /opt/downloaders.conf/nzbget/nzbget.conf
TimeoutStopSec=20
KillMode=process
Restart=on-failure
RestartSec=5

# Sandboxing ... (see https://www.freedesktop.org/software/systemd/man/systemd.exec.html for more info)
ReadWritePaths=/opt/downloaders/nzbget /opt/downloaders.conf/nzbget /mnt
ProtectSystem=strict
PrivateDevices=true
ProtectHome=true

[Install]
WantedBy=multi-user.target sonarr.service radarr.service
Alias=nzbget.service
#RequiredBy=sonarr.service radarr.service"

step_11_info() { 
  echo "Install lidarr for arm64"
  echoinfo "Default port: 8686"
}
step_11() {
  local lidarrUrl="https://lidarr.servarr.com/v1/update/develop/updatefile?os=linux&runtime=netcore&arch=arm64"
  exe curl -sL "$lidarrUrl" \
    -o /tmp/Lidarr.tgz

  exe tar xvzf /tmp/Lidarr.tgz -C /opt/downloaders/
  exe mv /opt/downloaders/Lidarr /opt/downloaders/lidarr
  exe chown -R ${DLDUSER}:${DLDUSER} /opt/downloaders/lidarr
}

step_12_info() { echo "Create lidarr service"; }
step_12() {
  exe mkdir -p "$lidarrConf"
  exe chown -R $DLDUSER: "$lidarrConf"

  addConf -s "$lidarrService" "$lidarrServiceLoc"
  exe systemctl daemon-reload
}
lidarrConf="/opt/downloaders.conf/lidarr"
lidarrServiceLoc="/etc/systemd/system/lidarr.service"
lidarrService="[Unit]
Description=Lidarr Daemon
After=syslog.target network.target
Wants=transmission.service jackett.service nzbget.service
StartLimitIntervalSec=0

[Service]
User=$DLDUSER
Group=$DLDUSER

Type=simple

ExecStart=/opt/downloaders/lidarr/Lidarr -nobrowser -data=$lidarrConf
TimeoutStopSec=20
KillMode=process
Restart=on-failure
RestartSec=5

[Install]
WantedBy=multi-user.target
Alias=lidarr.service"

step_13_info() { echo "Create ufw rules for default ports"; }
step_13_alias() { ALIAS="ufw"; }
step_13() {
  exe ufw allow in on eth0 to any port 6789 proto tcp comment "NZBGet"
  exe ufw allow in on eth0 to any port 9117 proto tcp comment "Jackett. Rules for Sonarr und Radarr in /etc/ufw/rules.before"

  outColor red
  echo
  echo "[W] Add the following lines before \"# drop INVALID packets\""
  echo "    [/etc/ufw/before.rules]"
  echo
  outColor green
  echo "# Allow all packages to sonarr and radarr"
  echo "# ufw thinks that nzb360 sends messages after socket is closed"
  echo "-A ufw-before-input -i eth0 -p tcp --dport 7878 -j ACCEPT"
  echo "-A ufw-before-input -i eth0 -p tcp --dport 8989 -j ACCEPT"
  echo "-A ufw-before-output -o eth0 -p tcp --sport 7878 -j ACCEPT"
  echo "-A ufw-before-output -o eth0 -p tcp --sport 8989 -j ACCEPT"
  echo
}

step_14_info() {
  echo "Build and install unrar-nonfree"
  echoinfo "Please provide a deb-src sources entry first"
  echoinfo "[/etc/apt/sources.list]"
}
step_14() {
  local buildPath="/tmp/unrarbuild"

  cat /etc/apt/sources.list | grep -E "^deb-src" >>/dev/null 2>&1
  endReturn -o $? "No deb-src entry found in /etc/apt/sources.list"
  
  exe mkdir -p "$buildPath"
  exe cd "$buildPath"
  exe apt build-dep unrar-nonfree $APTOPT
  exe apt source -b unrar-nonfree $APTOPT
  endReturn -o $? "unrar-nonfree build failed ($buildPath left untouched)"
  exe dpkg -i unrar*.deb
  endReturn -o $? "unrar-nonfree install failed ($buildPath left untouched)"

  exe rm -rf "$buildPath"
}

step_15_info() { echo "Install danted socks proxy"; }
step_15_alias() { ALIAS="danted"; }
step_15() {
  systemctl status danted.service >>/dev/null 2>&1
  if [ $? -eq 0 ]; then
    echoseq " [I] Danted already installed"
    return 0
  fi
  exe apt update
  exe apt install dante-server $APTOPT
  exe systemctl stop danted.service
  exe systemctl disable danted.service
}

step_16_info() { echo "Danted installation notes"; }
step_16() {
  cat <<DANTED_EOF
[I] Debian fix systemd startup
    systemctl edit --full danted.service

    # Change /lib64 to -/lib64
ReadOnlyDirectories=/bin /etc /lib -/lib64 /sbin /usr /var

[I] Basic danted settings
    * Restrict to local network
    * Separate logfile
    [/etc/danted.conf]
logoutput: stderr /var/log/dante.log
internal: eth0 port = 1080
external: tun0
socksmethod: none
clientmethod: none
client pass {
        from: 192.168.0.0/24 port 1-65535 to: 0.0.0.0/0
        log: error
}
client block {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: error
}
socks block {
        from: 0.0.0.0/0 to: 127.0.0.0/4
        log: error
}
socks pass {
        from: 192.168.23.0/24 to: 0.0.0.0/0
        protocol: tcp udp
        log: error
}
socks block {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: connect error
}

DANTED_EOF
}

step_17_info() { echo "Disable apt-daily activities"; }
step_17_alias() { ALIAS="aptdaily"; }
step_17() {
  exe /usr/bin/systemctl stop apt-daily-upgrade.timer
  exe /usr/bin/systemctl stop apt-daily.timer
  exe /usr/bin/systemctl disable apt-daily-upgrade.timer
  exe /usr/bin/systemctl disable apt-daily.timer
  exe /usr/bin/systemctl mask apt-daily.service
  exe /usr/bin/systemctl daemon-reload
}

checkVpn() {
  ip -br a | grep tun >>/dev/null 2>&1
  [ $? -eq 0 ] && echoseq " [W] A VPN connection is possibly active. Consider deactivating it befor any apt operation."
}

VERSION_SEQREV=12
. /usr/local/bin/sequencer.sh