efelon/shell_sequencer
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity
Files
b46c4b6302bb309e860b7fd6bf9195f0e53fd3a3
shell_sequencer/seqs/downloader.sh
Martin Winkler b46c4b6302 Add steps to install danted proxy and disable apt daily activity 
Various other enhancements
2021-03-28 23:43:02 +02:00

342 lines
9.8 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
toolName=mytool
DLDUSER=dluser
# Get script working directory
# (when called from a different directory)
WDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" >>/dev/null 2>&1 && pwd)"
APTOPT=
CONFIG=0
SCRIPT_NAME=$(basename -- $0)
SCRIPT_NAME=${SCRIPT_NAME%%.*}
CONFIG_FILE_NAME="${SCRIPT_NAME}.cfg"
CONFIG_FILE_TEMPLATE="$WDIR/${CONFIG_FILE_NAME}.example"
step_config() {
checkVpn
#echo "Called once before executing steps."
## e.g. to source a config file manually:
#. "$CONFIG_FILE"
## or to use sequencer api with global config file:
#initSeqConfig "$CONFIG_FILE_NAME" "$CONFIG_FILE_TEMPLATE"
## or to use sequencer api with profile config file support:
#initSeqConfig -p "$SCRIPT_NAME" "$CONFIG_FILE_TEMPLATE"
#if [ $? -eq 0 ] ; then
# CONFIG=1
#else
# # End if no configuration file exists
# [ $DRY -eq 0 ] && return -1
#fi
[ $QUIET -ne 0 ] && APTOPT="-y"
return 0
}
step_1_info() { echo "Install mono"; }
step_1_alias() { ALIAS="install"; }
step_1() {
exe apt install apt-transport-https dirmngr gnupg ca-certificates
exe apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF
exep "echo \"deb https://download.mono-project.com/repo/debian stable-buster main\" | sudo tee /etc/apt/sources.list.d/mono-official-stable.list"
exe apt update
# This will apparently be managed by the installation of sonarr later
# (https://sonarr.tv/#downloads-v3-linux Chapter 1)
#exe apt install mono-complete
}
step_2_info() { echo "Install mediainfo"; }
step_2() {
exe wget https://mediaarea.net/repo/deb/repo-mediaarea_1.0-16_all.deb -O /tmp/repo-mediaarea_all.deb
exe dpkg -i /tmp/repo-mediaarea_all.deb
exe apt update
exe apt install mediainfo
}
step_3_info() { echo "Add system user"; }
step_3() {
exe adduser --system $DLDUSER --group --home /opt/downloaders
}
step_4_info() { echo "Install sonarr"
echoinfo "Default port: 8989"
}
step_4() {
exe apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 2009837CBFFD68F45BC180471F4F90DE2A9B4BF8
exep "echo \"deb https://apt.sonarr.tv/debian buster main\" | tee /etc/apt/sources.list.d/sonarr.list"
exe apt update
exe apt install sonarr
# Start of sonar must be managed by VPN service
exe service sonarr stop
exe systemctl disable sonarr
}
step_5_info() {
echo "Install radarr for arm64"
echoinfo "Default port: 7878"
}
step_5() {
# nightly https://radarr.servarr.com/v1/update/nightly/updatefile?os=linux&runtime=netcore&arch=arm64
# develop https://radarr.servarr.com/v1/update/develop/updatefile?os=linux&runtime=netcore&arch=arm64
exe curl -sL "https://radarr.servarr.com/v1/update/master/updatefile?os=linux&runtime=netcore&arch=arm64" \
-o /tmp/Radarr.tgz
exe tar xvzf /tmp/Radarr.tgz -C /opt/downloaders/
exe mv /opt/downloaders/Radarr /opt/downloaders/radarr
exe chown -R ${DLDUSER}:${DLDUSER} /opt/downloaders/radarr
}
step_6_info() { echo "Create radarr service"; }
step_6() {
exe mkdir -p "$radarrConf"
exe chown -R $DLDUSER: "$radarrConf"
addConf -s "$radarrService" "$radarrServiceLoc"
exe systemctl daemon-reload
}
radarrConf="/opt/downloaders.conf/radarr"
radarrServiceLoc="/etc/systemd/system/radarr.service"
radarrService="[Unit]
Description=Radarr Daemon
After=syslog.target network.target
Wants=transmission.service jackett.service nzbget.service
StartLimitIntervalSec=0
[Service]
User=$DLDUSER
Group=$DLDUSER
Type=simple
ExecStart=/opt/downloaders/radarr/Radarr -nobrowser -data=$radarrConf
TimeoutStopSec=20
KillMode=process
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
Alias=radarr.service"
step_7_info() {
echo "Install jackett for arm64"
echoinfo "Default port: 9117"
}
step_7() {
local jTar="/tmp/Jackett.tgz"
local jUrl="https://github.com/Jackett/Jackett/releases/latest/download/Jackett.Binaries.LinuxARM64.tar.gz"
[ ! -e "$jTar" ] && exe curl -sL "$jUrl" -o "$jTar"
exe tar xvzf "$jTar" -C /opt/downloaders
exe mv /opt/downloaders/Jackett /opt/downloaders/jackett
exe chown -R ${DLDUSER}:${DLDUSER} /opt/downloaders/jackett
}
step_8_info() { echo "Create jackett service"; }
step_8() {
addConf -s "$jackettService" "$jackettServiceLoc"
exe systemctl daemon-reload
}
jackettServiceLoc="/etc/systemd/system/jackett.service"
jackettService="[Unit]
Description=Jackett Daemon
After=syslog.target network.target
StartLimitIntervalSec=0
[Service]
User=$DLDUSER
Group=$DLDUSER
Type=simple
SyslogIdentifier=jackett
Restart=on-failure
RestartSec=5
WorkingDirectory=/opt/downloaders/jackett
ExecStart=/bin/sh /opt/downloaders/jackett/jackett_launcher.sh
TimeoutStopSec=30
[Install]
WantedBy=multi-user.target
Alias=jackett.service"
step_9_info() {
echo "Install NZBGet for arm64"
echoinfo "Default port: 6789"
}
step_9() {
exe wget -q https://nzbget.net/download/nzbget-latest-bin-linux.run -O /tmp/nzbget-latest-bin-linux.run
# you can skip --arch aarch64 to auto-detect the architecture
exe sh /tmp/nzbget-latest-bin-linux.run --destdir /opt/downloaders/nzbget --arch aarch64
exe chown -R ${DLDUSER}:${DLDUSER} /opt/downloaders/nzbget
}
step_10_info() { echo "Create NZBGet service"; }
step_10() {
local nzbConfOri="/opt/downloaders/nzbget/nzbget.conf"
local nzbConf="/opt/downloaders.conf/nzbget/nzbget.conf"
exe mkdir -p "$(dirname "$nzbConf")"
exe chown -R $DLDUSER: "$(dirname "$nzbConf")"/..
addConf -s "$nzbService" "$nzbServiceLoc"
exe systemctl daemon-reload
exe cp -n "$nzbConfOri" "$nzbConf"
}
nzbServiceLoc="/etc/systemd/system/nzbget.service"
nzbService="[Unit]
Description=NZBGet Daemon
After=syslog.target network.target
StartLimitIntervalSec=0
[Service]
# Change the user and group variables here.
User=$DLDUSER
Group=$DLDUSER
Type=forking
# Pass any command line arguments etc.
ExecStart=/opt/downloaders/nzbget/nzbget -D -c /opt/downloaders.conf/nzbget/nzbget.conf
ExecStop=/opt/downloaders/nzbget/nzbget -Q -c /opt/downloaders.conf/nzbget/nzbget.conf
ExecReload=/opt/downloaders/nzbget/nzbget -O -c /opt/downloaders.conf/nzbget/nzbget.conf
TimeoutStopSec=20
KillMode=process
Restart=on-failure
RestartSec=5
# Sandboxing ... (see https://www.freedesktop.org/software/systemd/man/systemd.exec.html for more info)
ReadWritePaths=/opt/downloaders/nzbget /opt/downloaders.conf/nzbget /mnt
ProtectSystem=strict
PrivateDevices=true
ProtectHome=true
[Install]
WantedBy=multi-user.target sonarr.service radarr.service
Alias=nzbget.service
#RequiredBy=sonarr.service radarr.service"
step_11_info() { echo "Create ufw rules for default ports"; }
step_11_alias() { ALIAS="ufw"; }
step_11() {
exe ufw allow in on eth0 to any port 6789 proto tcp comment "NZBGet"
exe ufw allow in on eth0 to any port 9117 proto tcp comment "Jackett. Rules for Sonarr und Radarr in /etc/ufw/rules.before"
outColor red
echo
echo "[W] Add the following lines before \"# drop INVALID packets\""
echo " [/etc/ufw/before.rules]"
echo
outColor green
echo "# Allow all packages to sonarr and radarr"
echo "# ufw thinks that nzb360 sends messages after socket is closed"
echo "-A ufw-before-input -i eth0 -p tcp --dport 7878 -j ACCEPT"
echo "-A ufw-before-input -i eth0 -p tcp --dport 8989 -j ACCEPT"
echo "-A ufw-before-output -o eth0 -p tcp --sport 7878 -j ACCEPT"
echo "-A ufw-before-output -o eth0 -p tcp --sport 8989 -j ACCEPT"
echo
}
step_12_info() {
echo "Build and install unrar-nonfree"
echoinfo "Please provide a deb-src sources entry first"
echoinfo "[/etc/apt/sources.list]"
}
step_12() {
local buildPath="/tmp/unrarbuild"
cat /etc/apt/sources.list | grep -E "^deb-src" >>/dev/null 2>&1
endReturn -o $? "No deb-src entry found in /etc/apt/sources.list"
exe mkdir -p "$buildPath"
exe cd "$buildPath"
exe apt build-dep unrar-nonfree $APTOPT
exe apt source -b unrar-nonfree $APTOPT
endReturn -o $? "unrar-nonfree build failed ($buildPath left untouched)"
exe dpkg -i unrar*.deb
endReturn -o $? "unrar-nonfree install failed ($buildPath left untouched)"
exe rm -rf "$buildPath"
}
step_13_info() { echo "Install danted socks proxy"; }
step_13_alias() { ALIAS="danted"; }
step_13() {
systemctl status danted.service >>/dev/null 2>&1
if [ $? -eq 0 ]; then
echoseq " [I] Danted already installed"
return 0
fi
exe apt update
exe apt install dante-server $APTOPT
exe systemctl stop danted.service
exe systemctl disable danted.service
}
step_14_info() { echo "Danted installation notes"; }
step_14() {
cat <<DANTED_EOF
[I] Debian fix systemd startup
systemctl edit --full danted.service
# Change /lib64 to -/lib64
ReadOnlyDirectories=/bin /etc /lib -/lib64 /sbin /usr /var
[I] Basic danted settings
* Restrict to local network
* Separate logfile
[/etc/danted.conf]
logoutput: stderr /var/log/dante.log
internal: eth0 port = 1080
external: tun0
socksmethod: none
clientmethod: none
client pass {
from: 192.168.0.0/24 port 1-65535 to: 0.0.0.0/0
log: error
}
client block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: error
}
socks block {
from: 0.0.0.0/0 to: 127.0.0.0/4
log: error
}
socks pass {
from: 192.168.23.0/24 to: 0.0.0.0/0
protocol: tcp udp
log: error
}
socks block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}
DANTED_EOF
}
step_15_info() { echo "Disable apt-daily activities"; }
step_15_alias() { ALIAS="aptdaily"; }
step_15() {
exe /usr/bin/systemctl stop apt-daily-upgrade.timer
exe /usr/bin/systemctl stop apt-daily.timer
exe /usr/bin/systemctl disable apt-daily-upgrade.timer
exe /usr/bin/systemctl disable apt-daily.timer
exe /usr/bin/systemctl mask apt-daily.service
exe /usr/bin/systemctl daemon-reload
}
checkVpn() {
ip -br a | grep tun >>/dev/null 2>&1
[ $? -eq 0 ] && echoseq " [W] A VPN connection is possibly active. Consider deactivating it befor any apt operation."
}
VERSION_SEQREV=12
. /usr/local/bin/sequencer.sh
Reference in New Issue View Git Blame Copy Permalink