Remove IPT and Add DocsPedia and MAM to cross-seed

README.md

@@ -23,13 +23,12 @@ Having Plex and Jellyfin separate from the rest of my docker infrastructure allo
 **Storage:**
 * `/`: 1 TB NVME SSD
 * `/vm_storage`: 2x 240 GB SSD in ZFS mirror for config and data files
-* `/mnt/storage`: mergerfs + SnapRAID pool totaling 150 TiB usable storage with single disk parity (YOLO). Drives run btrfs allowing me to utilize [snapraid-btrfs](https://wiki.selfhosted.show/tools/snapraid-btrfs/) for instant snapshotting
+* `/mnt/storage`: mergerfs + SnapRAID pool totaling ~90 TiB usable storage. Currently single parity disk but hoping to add a second one soon. Drives run btrfs allowing me to utilize [snapraid-btrfs](https://wiki.selfhosted.show/tools/snapraid-btrfs/) for instant snapshotting
 
 ## Roadmap
 
 * Flesh out backup strategy with btrfs snapshots and restic (separately)
-* Potentially migrate media pool to ZFS. I've been lucky so far with no drive failures but realistically if I did have one fail, it would take ages to rebuild with single disk parity and I'd be wishing I had a more robust setup.
-* Move everything to Arch LXCs on Proxmox
+* Move everything to Arch VMs on Proxmox
 * Possibly set up second Proxmox node for backups
 * Immich for photo management
 * Look into [Wazuh](https://github.com/wazuh/wazuh) for threat prevention/detection

ansible/roles/beets/files/config.yaml

@@ -1,7 +1,7 @@
 directory: /music
 per_disc_numbering: yes
 
-plugins: fetchart embedart web inline lyrics musicbrainz scrub lastgenre replaygain
+plugins: fetchart web inline lyrics
 
 paths:
     default: $albumartist/$album%aunique{}/%if{$multidisc,$disc}$track - $title
@@ -12,7 +12,7 @@ item_fields:
         
 import:
     write: yes
-    move: yes
+    hardlink: yes
     resume: ask
     incremental: yes
     quiet_fallback: skip
@@ -28,32 +28,13 @@ embedart:
 fetchart:
     auto: yes
     high_resolution: yes
-    source:
-      - filesystem
-      - itunes
-      - coverart
-      - amazon
-
-match:
-    strong_rec_thresh: 0.10
-    ignored_media: ['12" Vinyl']
 
 lyrics:
-    sources: [lrclib, genius, tekstowo]
+    sources: [lrclib, genius]
     
 scrub:
     auto: yes
 
-replaygain:
-    auto: yes
-    backend: ffmpeg
-
-# Consider directory empty even if files matching the below patterns are present
-clutter:
-  - "*.jpg"
-  - "*.png"
-  - "*.nfo"
-
 replace:
     '^\.': _
     '[\x00-\x1f]': _

ansible/roles/btc/tasks/bitcoin.yml

@@ -0,0 +1,11 @@
+- name: Install bitcoin daemon
+  ansible.builtin.package:
+    name: bitcoin-daemon
+    state: present
+  become: true
+
+- name: Enable bitcoind
+  ansible.builtin.service:
+    name: bitcoind
+    state: started
+    enabled: yes

ansible/roles/btc/tasks/tor.yml

@@ -0,0 +1,6 @@
+- name: Install tor
+  ansible.builtin.package:
+    name: tor
+    state: present
+
+

ansible/roles/btc/tasks/ufw.yml

@@ -0,0 +1,32 @@
+- name: Install Uncomplicated Firewall
+  ansible.builtin.package:
+    name: ufw
+    state: present
+
+# UFW logging can full up the kernel (dmesg) and message logs
+- name: Disable logging
+  community.general.ufw:
+    logging: 'off'
+
+- name: Allow OpenSSH inbound
+  community.general.ufw:
+    rule: allow
+    name: OpenSSH # Uses standard profile located in /etc/ufw/applications.d
+
+- name: Apply rate limiting to ssh inbound
+  community.general.ufw:
+    rule: limit
+    port: ssh
+    proto: tcp
+  
+- name: Enable ufw system service
+  ansible.builtin.service:
+    name: ufw
+    state: started
+    enabled: yes
+
+# This is necessary in addition to enabling the system service
+- name: Enable ufw rules
+  community.general.ufw:
+    state: enabled
+    policy: deny

ansible/roles/qbittorrent/templates/cross-seed/config.js

@@ -4,6 +4,7 @@ module.exports = {
     delay: 30,
 
     torznab: [
+	    "http://prowlarr.local.{{ personal_domain }}/3/api?apikey={{ prowlarr_api_key }}", // ImmortalSeed
 	    "http://prowlarr.local.{{ personal_domain }}/6/api?apikey={{ prowlarr_api_key }}", // Aither
 	    "http://prowlarr.local.{{ personal_domain }}/7/api?apikey={{ prowlarr_api_key }}", // Reelflix
 	    "http://prowlarr.local.{{ personal_domain }}/9/api?apikey={{ prowlarr_api_key }}", // LST
@@ -16,8 +17,6 @@ module.exports = {
 	    "http://prowlarr.local.{{ personal_domain }}/25/api?apikey={{ prowlarr_api_key }}", // seedpool
 	    "http://prowlarr.local.{{ personal_domain }}/27/api?apikey={{ prowlarr_api_key }}", // Upload.cx
 	    "http://prowlarr.local.{{ personal_domain }}/30/api?apikey={{ prowlarr_api_key }}", // DocsPedia
-	    "http://prowlarr.local.{{ personal_domain }}/31/api?apikey={{ prowlarr_api_key }}", // OnlyEncodes+
-	    "http://prowlarr.local.{{ personal_domain }}/32/api?apikey={{ prowlarr_api_key }}", // Anthelion
     ],
 
     outputDir: null,

ansible/roles/qbittorrent/templates/docker-compose.yml

@@ -5,7 +5,7 @@ networks:
 services:
   qbittorrent:
     container_name: qbittorrent
-    image: lscr.io/linuxserver/qbittorrent:5.1.4
+    image: lscr.io/linuxserver/qbittorrent:5.1.2
     restart: unless-stopped
     network_mode: "container:gluetun"
     environment:
@@ -13,7 +13,7 @@ services:
       - "PGID={{ media_gid }}"
       - "TZ={{ timezone }}"
       - "UMASK=002"
-      #- DOCKER_MODS=arafatamim/linuxserver-io-mod-vuetorrent
+      - DOCKER_MODS=arafatamim/linuxserver-io-mod-vuetorrent
     volumes:
       - "{{ data_dir }}/{{ role_name }}:/config"
       - "{{ media_storage_mnt }}/data/torrents:/data/torrents"
@@ -52,3 +52,26 @@ services:
       - "{{ media_storage_mnt }}/data/torrents:/data/torrents" # Necessary for partial matching
     command: daemon
     restart: unless-stopped
+
+  unpackerr:
+    container_name: unpackerr
+    image: ghcr.io/hotio/unpackerr
+    networks:
+      - starr
+    environment:
+      - "PUID={{ service_user.uid }}"
+      - "PGID={{ media_gid }}"
+      - UMASK=002
+      - TZ={{ timezone }}
+      - UN_INTERVAL=5m
+      - UN_FILE_MODE=0664
+      - UN_DIR_MODE=0775
+      - UN_SONARR_0_URL=http://sonarr:8989
+      - "UN_SONARR_0_API_KEY={{ sonarr_api_key }}"
+      - UN_SONARR_0_PATHS_0=/data/torrents/tv
+      - UN_RADARR_0_URL=http://radarr:7878
+      - "UN_RADARR_0_API_KEY={{ radarr_api_key }}"
+      - UN_RADARR_0_PATHS_0=/data/torrents/movies
+    volumes:
+      - "{{ data_dir }}/unpackerr:/config"
+      - "{{ media_storage_mnt }}/data/torrents:/data/torrents"

ansible/roles/qbittorrent/templates/qbitmanage/config.yml

@@ -5,7 +5,7 @@ commands:
   recheck: True
   tag_update: True
   rem_unregistered: True
-  rem_orphaned: True
+  remove_orphaned: True
   tag_nohardlinks: True
 
 qbt:
@@ -79,14 +79,10 @@ tracker:
     tag: rutracker
   seedpool|seedpool.org:
     tag: seedpool
-  upload.cx:
+  upload:
     tag: ULCX
   archlinux:
     tag: archlinux
-  animebytes:
-    tag: AB
-  anthelion:
-    tag: ANT
   other:
     tag: other
 
@@ -103,7 +99,7 @@ share_limits:
     priority: 1
     include_all_tags:
       - noHL
-    max_seeding_time: 40320 # 4 weeks
+    max_seeding_time: 28800 # 20 days
     cleanup: true
     add_group_to_tag: false
   isos:
@@ -113,14 +109,28 @@ share_limits:
     max_seeding_time: 129600 # 90 days
     cleanup: true
     add_group_to_tag: false
-  big: # Set speed limit on bandwidth hogs
+  tl_cross-seed:
     priority: 9
-    include_any_tags:
+    include_all_tags:
+      - cross-seed
       - TorrentLeech
-      - FileList
-      - AlphaRatio
     limit_upload_speed: 100 # 100 KiBps
     add_group_to_tag: false
+  public_trackers:
+    priority: 10
+    include_any_tags:
+      - Nyaa
+      - AnimeTosho
+      - rutracker
+    categories:
+      - movies
+      - tv
+    max_ratio: 2
+    max_seeding_time: 21600 # 15 days
+    limit_upload_speed: 5000 # 5 MiBps
+    cleanup: true
+    add_group_to_tag: false
+
 
 recyclebin:
   enabled: true

ansible/roles/recyclarr/files/includes/radarr-anime-custom_formats.yml

@@ -48,9 +48,3 @@ custom_formats:
     assign_scores_to:
       - name: Anime
         score: 10 # Prefer dual audio within the same tier but not over higher quality releases 
-
-  - trash_ids:
-      - 923b6abef9b17f937fab56cfcf89e1f1 # DV (w/o HDR fallback)
-    assign_scores_to:
-      - name: Anime
-        score: -10000

ansible/roles/recyclarr/files/includes/sonarr-anime-custom_formats.yml

@@ -108,3 +108,9 @@ custom_formats:
     assign_scores_to:
       - name: Anime
         score: 10 # Prefer dual audio within the same tier but don't prefer over higher quality releases 
+
+  - trash_ids:
+      - 3bc5f395426614e155e585a2f056cdf1 # Season Pack
+    assign_scores_to:
+      - name: Anime
+        score: 10 # Prefer season packs over single episode releases

ansible/roles/recyclarr/files/includes/sonarr-old-custom_formats.yml

@@ -85,6 +85,8 @@ custom_formats:
       - fbcb31d8dabd2a319072b84fc0b7249c # Extras
       - 15a05bc7c1a36e2b57fd628f8977e2fc # AV1
       - 32b367365729d530ca1c124a0b180c64 # Bad Dual Groups
+      - ae575f95ab639ba5d15f663bf019e3e8 # Not Original Language
+      - 82d40da2bc6923f41e14394075dd4b03 # No-RlsGroup
       - e1a997ddb54e3ecbfe06341ad323c458 # Obfuscated
       - 06d66ab109d4d2eddb2794d21526d140 # Retags
       - b735f09d3c025cbb7d75a5d38325b73b # Upscaled

ansible/roles/recyclarr/files/includes/sonarr-old_season_pack-custom_formats.yml

@@ -85,6 +85,8 @@ custom_formats:
       - fbcb31d8dabd2a319072b84fc0b7249c # Extras
       - 15a05bc7c1a36e2b57fd628f8977e2fc # AV1
       - 32b367365729d530ca1c124a0b180c64 # Bad Dual Groups
+      - ae575f95ab639ba5d15f663bf019e3e8 # Not Original Language
+      - 82d40da2bc6923f41e14394075dd4b03 # No-RlsGroup
       - e1a997ddb54e3ecbfe06341ad323c458 # Obfuscated
       - 06d66ab109d4d2eddb2794d21526d140 # Retags
       - b735f09d3c025cbb7d75a5d38325b73b # Upscaled

ansible/roles/recyclarr/files/includes/sonarr-remux-custom_formats.yml

@@ -85,6 +85,7 @@ custom_formats:
       - fbcb31d8dabd2a319072b84fc0b7249c # Extras
       - 15a05bc7c1a36e2b57fd628f8977e2fc # AV1
       - 32b367365729d530ca1c124a0b180c64 # Bad Dual Groups
+      - ae575f95ab639ba5d15f663bf019e3e8 # Not Original Language
       - 82d40da2bc6923f41e14394075dd4b03 # No-RlsGroup
       - e1a997ddb54e3ecbfe06341ad323c458 # Obfuscated
       - 06d66ab109d4d2eddb2794d21526d140 # Retags

ansible/roles/recyclarr/files/includes/sonarr-remux_season_pack-custom_formats.yml

@@ -85,6 +85,7 @@ custom_formats:
       - fbcb31d8dabd2a319072b84fc0b7249c # Extras
       - 15a05bc7c1a36e2b57fd628f8977e2fc # AV1
       - 32b367365729d530ca1c124a0b180c64 # Bad Dual Groups
+      - ae575f95ab639ba5d15f663bf019e3e8 # Not Original Language
       - 82d40da2bc6923f41e14394075dd4b03 # No-RlsGroup
       - e1a997ddb54e3ecbfe06341ad323c458 # Obfuscated
       - 06d66ab109d4d2eddb2794d21526d140 # Retags

ansible/roles/recyclarr/files/includes/sonarr-web-custom_formats.yml

@@ -85,6 +85,7 @@ custom_formats:
       - fbcb31d8dabd2a319072b84fc0b7249c # Extras
       - 15a05bc7c1a36e2b57fd628f8977e2fc # AV1
       - 32b367365729d530ca1c124a0b180c64 # Bad Dual Groups
+      - ae575f95ab639ba5d15f663bf019e3e8 # Not Original Language
       - 82d40da2bc6923f41e14394075dd4b03 # No-RlsGroup
       - e1a997ddb54e3ecbfe06341ad323c458 # Obfuscated
       - 06d66ab109d4d2eddb2794d21526d140 # Retags

ansible/roles/recyclarr/files/includes/sonarr-web_season_pack-custom_formats.yml

@@ -85,6 +85,7 @@ custom_formats:
       - fbcb31d8dabd2a319072b84fc0b7249c # Extras
       - 15a05bc7c1a36e2b57fd628f8977e2fc # AV1
       - 32b367365729d530ca1c124a0b180c64 # Bad Dual Groups
+      - ae575f95ab639ba5d15f663bf019e3e8 # Not Original Language
       - 82d40da2bc6923f41e14394075dd4b03 # No-RlsGroup
       - e1a997ddb54e3ecbfe06341ad323c458 # Obfuscated
       - 06d66ab109d4d2eddb2794d21526d140 # Retags