Initial template repository

🎬 ARR Suite Template Bootstrap - Complete Media Automation Stack Features: - 16 production services (Prowlarr, Sonarr, Radarr, Plex, etc.) - One-command Ansible deployment - VPN-protected downloads via Gluetun - Tailscale secure access - Production-ready security (UFW, Fail2Ban) - Automated backups and monitoring - Comprehensive documentation Ready for customization and deployment to any VPS. Co-authored-by: openhands <openhands@all-hands.dev>
2025-11-28 04:26:12 +00:00
commit 24f2cd64e9
71 changed files with 9983 additions and 0 deletions
--- a/tasks/system_setup.yml
+++ b/tasks/system_setup.yml
@@ -0,0 +1,93 @@
+---
+# System setup tasks for Arrs Media Stack deployment
+
+- name: Set timezone
+  timezone:
+    name: "{{ timezone }}"
+  notify: reload systemd
+  tags: ['timezone']
+
+- name: Update system packages
+  apt:
+    upgrade: dist
+    update_cache: yes
+    cache_valid_time: 3600
+  tags: ['system_update']
+
+- name: Install additional system utilities
+  apt:
+    name:
+      - vim
+      - git
+      - rsync
+      - cron
+      - logrotate
+      - fail2ban
+      - ncdu
+      - iotop
+      - nethogs
+      - jq
+    state: present
+  tags: ['system_packages']
+
+- name: Configure automatic security updates
+  apt:
+    name: unattended-upgrades
+    state: present
+  tags: ['security_updates']
+
+- name: Configure unattended-upgrades
+  template:
+    src: 50unattended-upgrades.j2
+    dest: /etc/apt/apt.conf.d/50unattended-upgrades
+    backup: yes
+  tags: ['security_updates']
+
+- name: Enable automatic security updates
+  template:
+    src: 20auto-upgrades.j2
+    dest: /etc/apt/apt.conf.d/20auto-upgrades
+    backup: yes
+  tags: ['security_updates']
+
+- name: Configure system limits for Docker
+  pam_limits:
+    domain: "{{ docker_user }}"
+    limit_type: "{{ item.type }}"
+    limit_item: "{{ item.item }}"
+    value: "{{ item.value }}"
+  loop:
+    - { type: 'soft', item: 'nofile', value: '65536' }
+    - { type: 'hard', item: 'nofile', value: '65536' }
+    - { type: 'soft', item: 'nproc', value: '32768' }
+    - { type: 'hard', item: 'nproc', value: '32768' }
+  tags: ['system_limits']
+
+- name: Configure kernel parameters for Docker
+  sysctl:
+    name: "{{ item.name }}"
+    value: "{{ item.value }}"
+    state: present
+    reload: yes
+  loop:
+    - { name: 'vm.max_map_count', value: '262144' }
+    - { name: 'fs.file-max', value: '2097152' }
+    - { name: 'net.core.somaxconn', value: '65535' }
+  tags: ['kernel_params']
+
+- name: Create systemd override directory for Docker
+  file:
+    path: /etc/systemd/system/docker.service.d
+    state: directory
+    mode: '0755'
+  tags: ['docker_systemd']
+
+- name: Configure Docker systemd service
+  template:
+    src: docker-override.conf.j2
+    dest: /etc/systemd/system/docker.service.d/override.conf
+    backup: yes
+  notify: 
+    - reload systemd
+    - restart docker
+  tags: ['docker_systemd']