Sanitized mirror from private repository - 2026-04-18 11:19:59 UTC
This commit is contained in:
Gitea Mirror Bot
163
hosts/synology/atlantis/arr-suite/plex.yaml
Normal file
163
hosts/synology/atlantis/arr-suite/plex.yaml
Normal file
@@ -0,0 +1,163 @@
|
||||
# =============================================================================
|
||||
# PLEX MEDIA SERVER - DISASTER RECOVERY CONFIGURATION
|
||||
# =============================================================================
|
||||
#
|
||||
# SERVICE OVERVIEW:
|
||||
# - Primary media streaming server for homelab
|
||||
# - Serves 4K movies, TV shows, music, and photos
|
||||
# - Hardware transcoding enabled via Intel Quick Sync
|
||||
# - Critical service for media consumption
|
||||
#
|
||||
# DISASTER RECOVERY NOTES:
|
||||
# - Configuration stored in /volume1/docker2/plex (CRITICAL BACKUP)
|
||||
# - Media files in /volume1/data/media (128TB+ library)
|
||||
# - Database contains watch history, metadata, user preferences
|
||||
# - Hardware transcoding requires Intel GPU access (/dev/dri)
|
||||
#
|
||||
# BACKUP PRIORITY: HIGH
|
||||
# - Config backup: Daily automated backup required
|
||||
# - Media backup: Secondary NAS sync (Calypso)
|
||||
# - Database backup: Included in config volume
|
||||
#
|
||||
# RECOVERY TIME OBJECTIVE (RTO): 30 minutes
|
||||
# RECOVERY POINT OBJECTIVE (RPO): 24 hours
|
||||
#
|
||||
# DEPENDENCIES:
|
||||
# - Volume1 must be accessible (current issue: SSD cache failure)
|
||||
# - Intel GPU drivers for hardware transcoding
|
||||
# - Network connectivity for remote access
|
||||
# - Plex Pass subscription for premium features
|
||||
#
|
||||
# PORTS USED:
|
||||
# - 32400/tcp: Main Plex web interface and API
|
||||
# - 3005/tcp: Plex Home Theater via Plex Companion
|
||||
# - 8324/tcp: Plex for Roku via Plex Companion
|
||||
# - 32469/tcp: Plex DLNA Server
|
||||
# - 1900/udp: Plex DLNA Server
|
||||
# - 32410/udp, 32412/udp, 32413/udp, 32414/udp: GDM Network discovery
|
||||
#
|
||||
# =============================================================================
|
||||
|
||||
services:
|
||||
plex:
|
||||
# CONTAINER IMAGE:
|
||||
# - linuxserver/plex: Community-maintained, regularly updated
|
||||
# - Alternative: plexinc/pms-docker (official but less frequent updates)
|
||||
# - Version pinning recommended for production: linuxserver/plex:1.32.8
|
||||
image: linuxserver/plex:latest
|
||||
|
||||
# CONTAINER NAME:
|
||||
# - Fixed name for easy identification and management
|
||||
# - Used in monitoring, logs, and backup scripts
|
||||
container_name: plex
|
||||
|
||||
# NETWORK CONFIGURATION:
|
||||
# - host mode: Required for Plex auto-discovery and DLNA
|
||||
# - Allows Plex to bind to all network interfaces
|
||||
# - Enables UPnP/DLNA functionality for smart TVs
|
||||
# - SECURITY NOTE: Exposes all container ports to host
|
||||
network_mode: host
|
||||
|
||||
environment:
|
||||
# USER/GROUP PERMISSIONS:
|
||||
# - PUID=1029: User ID for file ownership (Synology 'admin' user)
|
||||
# - PGID=65536: Group ID for file access (Synology 'administrators' group)
|
||||
# - CRITICAL: Must match NAS user/group for file access
|
||||
# - Find correct values: id admin (on Synology)
|
||||
- PUID=1029 #CHANGE_TO_YOUR_UID
|
||||
- PGID=65536 #CHANGE_TO_YOUR_GID
|
||||
|
||||
# TIMEZONE CONFIGURATION:
|
||||
# - TZ: Timezone for logs, scheduling, and metadata
|
||||
# - Must match system timezone for accurate timestamps
|
||||
# - Format: Area/City (e.g., America/Los_Angeles, Europe/London)
|
||||
- TZ=America/Los_Angeles #CHANGE_TO_YOUR_TZ
|
||||
|
||||
# FILE PERMISSIONS:
|
||||
# - UMASK=022: Default file permissions (755 for dirs, 644 for files)
|
||||
# - Ensures proper read/write access for media files
|
||||
# - 022 = owner: rwx, group: r-x, other: r-x
|
||||
- UMASK=022
|
||||
|
||||
# PLEX VERSION MANAGEMENT:
|
||||
# - VERSION=docker: Use version bundled with Docker image
|
||||
# - Alternative: VERSION=latest (auto-update, not recommended for production)
|
||||
# - Alternative: VERSION=1.32.8.7639-fb6452ebf (pin specific version)
|
||||
- VERSION=docker
|
||||
|
||||
# PLEX CLAIM TOKEN:
|
||||
# - Used for initial server setup and linking to Plex account
|
||||
# - Get token from: https://plex.tv/claim (valid for 4 minutes)
|
||||
# - Leave empty after initial setup
|
||||
# - SECURITY: Remove token after claiming server
|
||||
- PLEX_CLAIM=
|
||||
|
||||
volumes:
|
||||
# CONFIGURATION VOLUME:
|
||||
# - /volume1/docker2/plex:/config
|
||||
# - Contains: Database, metadata, thumbnails, logs, preferences
|
||||
# - SIZE: ~50-100GB depending on library size
|
||||
# - BACKUP CRITICAL: Contains all user data and settings
|
||||
# - RECOVERY: Restore this volume to recover complete Plex setup
|
||||
- /volume1/docker2/plex:/config
|
||||
|
||||
# MEDIA VOLUME:
|
||||
# - /volume1/data/media:/data/media
|
||||
# - Contains: Movies, TV shows, music, photos (128TB+ library)
|
||||
# - READ-ONLY recommended for security (add :ro suffix if desired)
|
||||
# - STRUCTURE: Organized by type (movies/, tv/, music/, photos/)
|
||||
# - BACKUP: Synced to Calypso NAS for redundancy
|
||||
- /volume1/data/media:/data/media
|
||||
|
||||
devices:
|
||||
# HARDWARE TRANSCODING:
|
||||
# - /dev/dri:/dev/dri: Intel Quick Sync Video access
|
||||
# - Enables hardware-accelerated transcoding (H.264, H.265, AV1)
|
||||
# - CRITICAL: Reduces CPU usage by 80-90% during transcoding
|
||||
# - REQUIREMENT: Intel GPU with Quick Sync support
|
||||
# - TROUBLESHOOTING: Check 'ls -la /dev/dri' for render devices
|
||||
- /dev/dri:/dev/dri
|
||||
|
||||
security_opt:
|
||||
# SECURITY HARDENING:
|
||||
# - no-new-privileges: Prevents privilege escalation attacks
|
||||
# - Container cannot gain additional privileges during runtime
|
||||
# - Recommended security practice for all containers
|
||||
- no-new-privileges:true
|
||||
|
||||
# RESTART POLICY:
|
||||
# - always: Container restarts automatically on failure or system reboot
|
||||
# - CRITICAL: Ensures Plex is always available for media streaming
|
||||
# - Alternative: unless-stopped (won't restart if manually stopped)
|
||||
restart: unless-stopped
|
||||
|
||||
# =============================================================================
|
||||
# DISASTER RECOVERY PROCEDURES:
|
||||
# =============================================================================
|
||||
#
|
||||
# BACKUP VERIFICATION:
|
||||
# docker exec plex ls -la /config/Library/Application\ Support/Plex\ Media\ Server/
|
||||
#
|
||||
# MANUAL BACKUP:
|
||||
# tar -czf /volume2/backups/plex-config-$(date +%Y%m%d).tar.gz /volume1/docker2/plex/
|
||||
#
|
||||
# RESTORE PROCEDURE:
|
||||
# 1. Stop container: docker-compose down
|
||||
# 2. Restore config: tar -xzf plex-backup.tar.gz -C /volume1/docker2/
|
||||
# 3. Fix permissions: chown -R 1029:65536 /volume1/docker2/plex/
|
||||
# 4. Start container: docker-compose up -d
|
||||
# 5. Verify: Check http://atlantis.vish.local:32400/web
|
||||
#
|
||||
# TROUBLESHOOTING:
|
||||
# - No hardware transcoding: Check /dev/dri permissions and Intel GPU drivers
|
||||
# - Database corruption: Restore from backup or rebuild library
|
||||
# - Permission errors: Verify PUID/PGID match NAS user/group
|
||||
# - Network issues: Check host networking and firewall rules
|
||||
#
|
||||
# MONITORING:
|
||||
# - Health check: curl -f http://localhost:32400/identity
|
||||
# - Logs: docker logs plex
|
||||
# - Transcoding: Plex Dashboard > Settings > Transcoder
|
||||
# - Performance: Grafana dashboard for CPU/GPU usage
|
||||
#
|
||||
# =============================================================================
|
||||
Reference in New Issue
Block a user