Add tor and bitcoin-daemon steps

ansible/main.yml

@@ -1,41 +1,3 @@
 - hosts: pve-docker
   roles:
-    - pve-docker
-    - docker-compose
-    - traefik
-    - tautulli
-    - searxng
-    - prowlarr
-    - sonarr
-    - radarr
-    - firefly3
-    - overseerr
-    - ntfy
-    - gluetun
-    - autobrr
-    - name: slskd
-      tags: test
-    - name: soularr
-      tags: test
-    - beets
     - qbittorrent
-    - nextcloud
-    - redlib
-    - readarr
-    - calibre
-    - calibre-web
-    - deemix
-    - barassistant
-    - mealie
-    - recyclarr
-    - firefly3
-    - sabnzbd
-    - unifi-controller
-    - lidarr
-    - navidrome
-    - recyclarr
-    - lubelogger
-    - searxng
-    - synapse
-    - rimgo
-    - gitea

ansible/roles/btc/tasks/bitcoin.yml

@@ -0,0 +1,11 @@
+- name: Install bitcoin daemon
+  ansible.builtin.package:
+    name: bitcoin-daemon
+    state: present
+  become: true
+
+- name: Enable bitcoind
+  ansible.builtin.service:
+    name: bitcoind
+    state: started
+    enabled: yes

ansible/roles/btc/tasks/tor.yml

@@ -0,0 +1,6 @@
+- name: Install tor
+  ansible.builtin.package:
+    name: tor
+    state: present
+
+

ansible/roles/btc/tasks/ufw.yml

@@ -0,0 +1,32 @@
+- name: Install Uncomplicated Firewall
+  ansible.builtin.package:
+    name: ufw
+    state: present
+
+# UFW logging can full up the kernel (dmesg) and message logs
+- name: Disable logging
+  community.general.ufw:
+    logging: 'off'
+
+- name: Allow OpenSSH inbound
+  community.general.ufw:
+    rule: allow
+    name: OpenSSH # Uses standard profile located in /etc/ufw/applications.d
+
+- name: Apply rate limiting to ssh inbound
+  community.general.ufw:
+    rule: limit
+    port: ssh
+    proto: tcp
+  
+- name: Enable ufw system service
+  ansible.builtin.service:
+    name: ufw
+    state: started
+    enabled: yes
+
+# This is necessary in addition to enabling the system service
+- name: Enable ufw rules
+  community.general.ufw:
+    state: enabled
+    policy: deny

ansible/roles/jellyseerr/tasks/main.yml

@@ -1,10 +1,3 @@
-- name: Create service user
-  user:
-    name: "{{ role_name }}"
-    system: true
-  register: service_user
-  become: true
-
 - name: Create install directory
   file:
     path: "{{ install_directory }}/{{ role_name }}"

ansible/roles/jellyseerr/templates/docker-compose.yml

@@ -1,4 +1,3 @@
-
 networks:
   traefik:
     external: true
@@ -6,16 +5,21 @@ networks:
 services:
   {{ role_name }}:
     container_name: "{{ role_name }}"
-    image: lscr.io/linuxserver/overseerr:latest
+    image: fallenbagel/jellyseerr:latest
     restart: unless-stopped
     networks:
       - traefik
     environment:
-      - "PUID={{ service_user.uid }}"
+      - LOG_LEVEL=debug
-      - "PGID={{ service_user.uid }}"
       - "TZ={{ timezone }}"
     volumes:
-      - "{{ data_dir }}/{{ role_name }}:/config"
+      - "{{ data_dir }}/{{ role_name }}:/app/config"
+    healthcheck:
+      test: wget --no-verbose --tries=1 --spider http://localhost:5055/api/v1/status || exit 1
+      start_period: 20s
+      timeout: 3s
+      interval: 15s
+      retries: 3
     labels:
       traefik.enable: true
       traefik.http.routers.{{ role_name }}.rule: "Host(`requests.{{ personal_domain }}`)"

ansible/roles/qbittorrent/templates/cross-seed/config.js

@@ -14,6 +14,7 @@ module.exports = {
 	    "http://prowlarr.local.{{ personal_domain }}/17/api?apikey={{ prowlarr_api_key }}", // FileList
 	    "http://prowlarr.local.{{ personal_domain }}/19/api?apikey={{ prowlarr_api_key }}", // Cathode-Ray.Tube
 	    "http://prowlarr.local.{{ personal_domain }}/25/api?apikey={{ prowlarr_api_key }}", // seedpool
+	    "http://prowlarr.local.{{ personal_domain }}/27/api?apikey={{ prowlarr_api_key }}", // Upload.cx
     ],
 
     outputDir: null,

ansible/roles/qbittorrent/templates/qbitmanage/config.yml

@@ -77,8 +77,10 @@ tracker:
     tag: CRT
   t-ru.org:
     tag: rutracker
-  seedpool:
+  seedpool|seedpool.org:
     tag: seedpool
+  upload.cx:
+    tag: ULCX
   archlinux:
     tag: archlinux
   other: