diff --git a/.github/paths-filter.yml b/.github/paths-filter.yml index 442b2b950..d06b21510 100644 --- a/.github/paths-filter.yml +++ b/.github/paths-filter.yml @@ -61,6 +61,7 @@ radarr: radarr/config.* # Image : yes readarr: readarr/config.* # Image : yes requestrr: requestrr/config.* # Image : yes resiliosync: resiliosync/config.* # Image : yes +sabnzb: sabnzb/config.* # Image : yes scrutiny: scrutiny/config.* # Image : yes scrutiny_fa: scrutiny_fa/config.* # Image : yes seafile: seafile/config.* # Image : yes diff --git a/sabnzb/CHANGELOG.md b/sabnzb/CHANGELOG.md new file mode 100644 index 000000000..d896562e1 --- /dev/null +++ b/sabnzb/CHANGELOG.md @@ -0,0 +1 @@ +- Initial release (latest builds) diff --git a/sabnzb/Dockerfile b/sabnzb/Dockerfile new file mode 100644 index 000000000..923767cd9 --- /dev/null +++ b/sabnzb/Dockerfile @@ -0,0 +1,127 @@ +#============================# +# ALEXBELGIUM'S DOCKERFILE # +#============================# +# _.------. +# _.-` ('>.-`"""-. +# '.--'` _'` _ .--.) +# -' '-.-';` ` +# ' - _.' ``'--. +# '---` .-'""` +# /` +#=== Home Assistant Addon ===# + +################# +# 1 Build Image # +################# + +ARG BUILD_FROM +ARG BUILD_VERSION +FROM ${BUILD_FROM} + +################## +# 2 Modify Image # +################## + +# Set S6 wait time +ENV S6_CMD_WAIT_FOR_SERVICES=1 \ + S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 \ + S6_SERVICES_GRACETIME=0 + +# Global LSIO modifications +ARG CONFIGLOCATION="/config/addons_config/sabnzb" +# hadolint ignore=SC2015, SC2013, SC2086 +RUN \ + # Avoid custom-init.d duplications + for file in $(grep -sril 'Potential tampering with custom' /etc/cont-init.d /etc/services.d /etc/s6-overlay/s6-rc.d); do rm -f $file; done \ + \ + # Create new config folder if needed + && for file in $(grep -srl "PUID" /etc/cont-init.d /etc/s6-overlay/s6-rc.d); do sed -i "1a mkdir -p $CONFIGLOCATION" $file; done \ + \ + # Allow UID and GID setting + && for file in $(grep -srl "PUID" /etc/cont-init.d /etc/s6-overlay/s6-rc.d); do sed -i 's/bash/bashio/g' $file && sed -i '1a PUID="$(if bashio::config.has_value "PUID"; then bashio::config "PUID"; else echo "0"; fi)"' $file && sed -i '1a PGID="$(if bashio::config.has_value "PGID"; then bashio::config "PGID"; else echo "0"; fi)"' $file; done \ + \ + # Correct config location + && for file in $(grep -Esril "/config[ '\"/]|/config\$" /etc /defaults); do sed -Ei "s=(/config)+(/| |$|\"|\')=$CONFIGLOCATION\2=g" $file; done \ + \ + # Avoid chmod /config + && for file in /etc/services.d/*/* /etc/cont-init.d/* /etc/s6-overlay/s6-rc.d/*/*;do if [ -f $files ] && [[ ! -z $(awk '/chown.*abc:abc.*\\/,/.*\/config( |$)/{print FILENAME}' $file) ]] ; then sed -i "s|/config$|/data|g" $file; fi ;done \ + \ + # Docker mods addition + && if [ -f /docker-mods ]; then sed -i 's|bash|bashio|g' /docker-mods && sed -i "1a if bashio::config.has_value \"DOCKER_MODS\"; then DOCKER_MODS=\$(bashio::config \"DOCKER_MODS\"); fi" /docker-mods; fi \ + \ + # Replace lsiown if not found + && if [ ! -f /usr/bin/lsiown ]; then for file in $(grep -sril "lsiown" /etc); do sed -i "s|lsiown|chown|g" $file; done; fi + +################## +# 3 Install apps # +################## + +# Copy local files +COPY rootfs/ / + +# Corrects permissions for s6 v3 +RUN if [ -d /etc/cont-init.d ]; then chmod -R 755 /etc/cont-init.d; fi && \ + if [ -d /etc/services.d ]; then chmod -R 755 /etc/services.d; fi && \ + if [ -f /entrypoint.sh ]; then chmod 755 /entrypoint.sh; fi + +# Modules +ARG MODULES="00-banner.sh 01-custom_script.sh 92-local_mounts.sh 92-smb_mounts.sh" + +# Automatic modules download +RUN if ! command -v bash >/dev/null 2>/dev/null; then (apt-get update && apt-get install -yqq --no-install-recommends bash || apk add --no-cache bash) >/dev/null; fi \ + && if ! command -v curl >/dev/null 2>/dev/null; then (apt-get update && apt-get install -yqq --no-install-recommends curl || apk add --no-cache curl) >/dev/null; fi \ + && apt-get update && apt-get install -yqq --no-install-recommends ca-certificates || apk add --no-cache ca-certificates >/dev/null || true \ + && mkdir -p /etc/cont-init.d \ + && for scripts in $MODULES; do echo "$scripts" && curl -f -L -s -S "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/$scripts" -o /etc/cont-init.d/"$scripts" && [ "$(sed -n '/\/bin/p;q' /etc/cont-init.d/"$scripts")" != "" ] || (echo "script failed to install $scripts" && exit 1); done \ + && chmod -R 755 /etc/cont-init.d + +# Manual apps +ENV PACKAGES="nginx" + +# Automatic apps & bashio +# hadolint ignore=SC2015 +RUN if ! command -v bash >/dev/null 2>/dev/null; then (apt-get update && apt-get install -yqq --no-install-recommends bash || apk add --no-cache bash) >/dev/null; fi \ + && if ! command -v curl >/dev/null 2>/dev/null; then (apt-get update && apt-get install -yqq --no-install-recommends curl || apk add --no-cache curl) >/dev/null; fi \ + && curl -f -L -s -S "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/automatic_packages.sh" --output /automatic_packages.sh \ + && chmod 777 /automatic_packages.sh \ + && eval /./automatic_packages.sh "${PACKAGES:-}" \ + && rm /automatic_packages.sh + +################ +# 4 Entrypoint # +################ + +#RUN chmod 777 /entrypoint.sh +#WORKDIR / +#ENTRYPOINT [ "/usr/bin/env" ] +#CMD [ "/entrypoint.sh" ] + +############ +# 5 Labels # +############ + +ARG BUILD_ARCH +ARG BUILD_DATE +ARG BUILD_DESCRIPTION +ARG BUILD_NAME +ARG BUILD_REF +ARG BUILD_REPOSITORY +ARG BUILD_VERSION +LABEL \ + io.hass.name="${BUILD_NAME}" \ + io.hass.description="${BUILD_DESCRIPTION}" \ + io.hass.arch="${BUILD_ARCH}" \ + io.hass.type="addon" \ + io.hass.version=${BUILD_VERSION} \ + maintainer="alexbelgium (https://github.com/alexbelgium)" \ + org.opencontainers.image.title="${BUILD_NAME}" \ + org.opencontainers.image.description="${BUILD_DESCRIPTION}" \ + org.opencontainers.image.vendor="Home Assistant Add-ons" \ + org.opencontainers.image.authors="alexbelgium (https://github.com/alexbelgium)" \ + org.opencontainers.image.licenses="MIT" \ + org.opencontainers.image.url="https://github.com/alexbelgium" \ + org.opencontainers.image.source="https://github.com/${BUILD_REPOSITORY}" \ + org.opencontainers.image.documentation="https://github.com/${BUILD_REPOSITORY}/blob/main/README.md" \ + org.opencontainers.image.created=${BUILD_DATE} \ + org.opencontainers.image.revision=${BUILD_REF} \ + org.opencontainers.image.version=${BUILD_VERSION} diff --git a/sabnzb/README.md b/sabnzb/README.md new file mode 100644 index 000000000..fc9504c70 --- /dev/null +++ b/sabnzb/README.md @@ -0,0 +1,61 @@ +# Home assistant add-on: sabnzb + +[![Donate][donation-badge]](https://www.buymeacoffee.com/alexbelgium) + +![Version](https://img.shields.io/badge/dynamic/json?label=Version&query=%24.version&url=https%3A%2F%2Fraw.githubusercontent.com%2Falexbelgium%2Fhassio-addons%2Fmaster%2Fsabnzb%2Fconfig.json) +![Ingress](https://img.shields.io/badge/dynamic/json?label=Ingress&query=%24.ingress&url=https%3A%2F%2Fraw.githubusercontent.com%2Falexbelgium%2Fhassio-addons%2Fmaster%2Fsabnzb%2Fconfig.json) +![Arch](https://img.shields.io/badge/dynamic/json?color=success&label=Arch&query=%24.arch&url=https%3A%2F%2Fraw.githubusercontent.com%2Falexbelgium%2Fhassio-addons%2Fmaster%2Fsabnzb%2Fconfig.json) + +[![Codacy Badge](https://app.codacy.com/project/badge/Grade/9c6cf10bdbba45ecb202d7f579b5be0e)](https://www.codacy.com/gh/alexbelgium/hassio-addons/dashboard?utm_source=github.com&utm_medium=referral&utm_content=alexbelgium/hassio-addons&utm_campaign=Badge_Grade) +[![GitHub Super-Linter](https://github.com/alexbelgium/hassio-addons/workflows/Lint%20Code%20Base/badge.svg)](https://github.com/marketplace/actions/super-linter) +[![Builder](https://github.com/alexbelgium/hassio-addons/workflows/Builder/badge.svg)](https://github.com/alexbelgium/hassio-addons/actions/workflows/builder.yaml) + +[donation-badge]: https://img.shields.io/badge/Buy%20me%20a%20coffee-%23d32f2f?logo=buy-me-a-coffee&style=flat&logoColor=white + +_Thanks to everyone having starred my repo! To star it click on the image below, then it will be on top right. Thanks!_ + +[![Stargazers repo roster for @alexbelgium/hassio-addons](https://git-lister.onrender.com/api/stars/alexbelgium/hassio-addons?limit=30)](https://github.com/alexbelgium/hassio-addons/stargazers) + +## About + +[sabnzb](http://sabnzb.net/) is a usenet downloader, written in C++ and designed with performance in mind to achieve maximum download speed by using very little system resources. +This addon is based on the docker image https://github.com/linuxserver/docker-sabnzb + +## Configuration + +Webui can be found at . +The default username/password : login:sabnzb, password:tegbzn6789 +Configurations can be done through the app webUI, except for the following options + +```yaml +PGID: user +GPID: user +TZ: timezone +localdisks: sda1 #put the hardware name of your drive to mount separated by commas, or its label. ex. sda1, sdb1, MYNAS... +networkdisks: "//SERVER/SHARE" # optional, list of smb servers to mount, separated by commas +cifsusername: "username" # optional, smb username, same for all smb shares +cifspassword: "password" # optional, smb password +``` + +## Installation + +The installation of this add-on is pretty straightforward and not different in comparison to installing any other add-on. + +1. Add my add-ons repository to your home assistant instance (in supervisor addons store at top right, or click button below if you have configured my HA) + [![Open your Home Assistant instance and show the add add-on repository dialog with a specific repository URL pre-filled.](https://my.home-assistant.io/badges/supervisor_add_addon_repository.svg)](https://my.home-assistant.io/redirect/supervisor_add_addon_repository/?repository_url=https%3A%2F%2Fgithub.com%2Falexbelgium%2Fhassio-addons) +1. Install this add-on. +1. Click the `Save` button to store your configuration. +1. Set the add-on options to your preferences +1. Start the add-on. +1. Check the logs of the add-on to see if everything went well. +1. Open the webUI and adapt the software options + +## Support + +Create an issue on github + +## Illustration + +![illustration](https://sabnzb.com/img/slider/artistdetails.png) + +[repository]: https://github.com/alexbelgium/hassio-addons diff --git a/sabnzb/apparmor.txt b/sabnzb/apparmor.txt new file mode 100644 index 000000000..b5e7b0b4b --- /dev/null +++ b/sabnzb/apparmor.txt @@ -0,0 +1,66 @@ +#include + +profile sabnzb_addon flags=(attach_disconnected,mediate_deleted) { + #include + + capability, + file, + signal, + mount, + umount, + remount, + network udp, + network tcp, + network dgram, + network stream, + network inet, + network inet6, + network netlink raw, + network unix dgram, + + capability setgid, + capability setuid, + capability sys_admin, + capability dac_read_search, + # capability dac_override, + # capability sys_rawio, + +# S6-Overlay + /init ix, + /run/{s6,s6-rc*,service}/** ix, + /package/** ix, + /command/** ix, + /run/{,**} rwk, + /dev/tty rw, + /bin/** ix, + /usr/bin/** ix, + /usr/lib/bashio/** ix, + /etc/s6/** rix, + /run/s6/** rix, + /etc/services.d/** rwix, + /etc/cont-init.d/** rwix, + /etc/cont-finish.d/** rwix, + /init rix, + /var/run/** mrwkl, + /var/run/ mrwkl, + /dev/i2c-1 mrwkl, + # Files required + /dev/fuse mrwkl, + /dev/sda1 mrwkl, + /dev/sdb1 mrwkl, + /dev/nvme0 mrwkl, + /dev/nvme1 mrwkl, + /dev/mmcblk0p1 mrwkl, + /dev/* mrwkl, + /tmp/** mrkwl, + + # Data access + /data/** rw, + + # suppress ptrace denials when using 'docker ps' or using 'ps' inside a container + ptrace (trace,read) peer=docker-default, + + # docker daemon confinement requires explict allow rule for signal + signal (receive) set=(kill,term) peer=/usr/bin/docker, + +} diff --git a/sabnzb/build.json b/sabnzb/build.json new file mode 100644 index 000000000..b823855f0 --- /dev/null +++ b/sabnzb/build.json @@ -0,0 +1,10 @@ +{ + "build_from": { + "aarch64": "lscr.io/linuxserver/sabnzb:arm64v8-latest", + "amd64": "lscr.io/linuxserver/sabnzb:amd64-latest", + "armv7": "lscr.io/linuxserver/sabnzb:arm32v7-latest" + }, + "codenotary": { + "signer": "alexandrep.github@gmail.com" + } +} \ No newline at end of file diff --git a/sabnzb/config.json b/sabnzb/config.json new file mode 100644 index 000000000..b9fa06ff0 --- /dev/null +++ b/sabnzb/config.json @@ -0,0 +1,84 @@ +{ + "arch": [ + "aarch64", + "amd64", + "armv7" + ], + "codenotary": "alexandrep.github@gmail.com", + "description": "Makes Usenet as simple and streamlined as possible by automating everything we can", + "devices": [ + "/dev/sda", + "/dev/sdb", + "/dev/sdc", + "/dev/sdd", + "/dev/sde", + "/dev/sdf", + "/dev/sdg", + "/dev/nvme", + "/dev/nvme0n1p1", + "/dev/nvme0n1p2", + "/dev/mmcblk", + "/dev/fuse", + "/dev/sda1", + "/dev/sdb1", + "/dev/sdc1", + "/dev/sdd1", + "/dev/sde1", + "/dev/sdf1", + "/dev/sdg1", + "/dev/sda2", + "/dev/sdb2", + "/dev/sdc2", + "/dev/sdd2", + "/dev/sde2", + "/dev/sdf2", + "/dev/sdg2", + "/dev/sda3", + "/dev/sdb3", + "/dev/sda4", + "/dev/sdb4", + "/dev/nvme0", + "/dev/nvme1", + "/dev/nvme2" + ], + "environment": { + "PGID": "0", + "PUID": "0" + }, + "ingress": true, + "init": false, + "map": [ + "config:rw", + "share:rw", + "media:rw", + "config:rw" + ], + "name": "sabnzb", + "options": { + "PGID": 0, + "PUID": 0 + }, + "panel_icon": "mdi:arrow-down-bold-circle-outline", + "ports": { + "8080/tcp": 8080 + }, + "ports_description": { + "8080/tcp": "web interface" + }, + "privileged": [ + "SYS_ADMIN", + "DAC_READ_SEARCH" + ], + "schema": { + "PGID": "int", + "PUID": "int", + "TZ": "str?", + "cifspassword": "str?", + "cifsusername": "str?", + "localdisks": "str?", + "networkdisks": "str?" + }, + "slug": "sabnzb", + "url": "https://github.com/alexbelgium/hassio-addons", + "version": "test" +} \ No newline at end of file diff --git a/sabnzb/icon.png b/sabnzb/icon.png new file mode 100644 index 000000000..399cb332e Binary files /dev/null and b/sabnzb/icon.png differ diff --git a/sabnzb/logo.png b/sabnzb/logo.png new file mode 100644 index 000000000..399cb332e Binary files /dev/null and b/sabnzb/logo.png differ diff --git a/sabnzb/rootfs/etc/cont-init.d/20-folders.sh b/sabnzb/rootfs/etc/cont-init.d/20-folders.sh new file mode 100644 index 000000000..c896b7705 --- /dev/null +++ b/sabnzb/rootfs/etc/cont-init.d/20-folders.sh @@ -0,0 +1,19 @@ +#!/usr/bin/with-contenv bashio +# shellcheck shell=bash + +slug=sabnzb + +if [ ! -d /config/addons_config/$slug ]; then + + if [ -d /config/$slug ]; then + echo "Moving to new location /config/addons_config/$slug" + mkdir -p /config/addons_config/$slug + chmod 777 /config/addons_config/$slug + mv /config/$slug/* /config/addons_config/$slug/ + rm -r /config/$slug + fi + + echo "Creating /config/addons_config/$slug" + mkdir -p /config/addons_config/$slug + chmod 777 /config/addons_config/$slug +fi diff --git a/sabnzb/rootfs/etc/cont-init.d/32-nginx_ingress.sh b/sabnzb/rootfs/etc/cont-init.d/32-nginx_ingress.sh new file mode 100644 index 000000000..89bd9125b --- /dev/null +++ b/sabnzb/rootfs/etc/cont-init.d/32-nginx_ingress.sh @@ -0,0 +1,17 @@ +#!/usr/bin/with-contenv bashio +# shellcheck shell=bash + +################# +# NGINX SETTING # +################# + +ingress_port=$(bashio::addon.ingress_port) +ingress_interface=$(bashio::addon.ip_address) +sed -i "s/%%port%%/${ingress_port}/g" /etc/nginx/servers/ingress.conf +sed -i "s/%%interface%%/${ingress_interface}/g" /etc/nginx/servers/ingress.conf + +# Allows serving js +sed -i 's/// %end% -->/g' /app/sabnzb/webui/index.html +sed -i 's//g' /app/sabnzb/webui/index.html +sed -i 's/ %end% -->//g' /app/sabnzb/webui/index.html diff --git a/sabnzb/rootfs/etc/nginx/includes/mime.types b/sabnzb/rootfs/etc/nginx/includes/mime.types new file mode 100644 index 000000000..7c7cdef2d --- /dev/null +++ b/sabnzb/rootfs/etc/nginx/includes/mime.types @@ -0,0 +1,96 @@ +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + font/woff woff; + font/woff2 woff2; + + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation + pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document + docx; + application/vnd.wap.wmlc wmlc; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/sabnzb/rootfs/etc/nginx/includes/proxy_params.conf b/sabnzb/rootfs/etc/nginx/includes/proxy_params.conf new file mode 100644 index 000000000..1990d4959 --- /dev/null +++ b/sabnzb/rootfs/etc/nginx/includes/proxy_params.conf @@ -0,0 +1,15 @@ +proxy_http_version 1.1; +proxy_ignore_client_abort off; +proxy_read_timeout 86400s; +proxy_redirect off; +proxy_send_timeout 86400s; +proxy_max_temp_file_size 0; + +proxy_set_header Accept-Encoding ""; +proxy_set_header Connection $connection_upgrade; +proxy_set_header Host $http_host; +proxy_set_header Upgrade $http_upgrade; +proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +proxy_set_header X-Forwarded-Proto $scheme; +proxy_set_header X-NginX-Proxy true; +proxy_set_header X-Real-IP $remote_addr; diff --git a/sabnzb/rootfs/etc/nginx/includes/resolver.conf b/sabnzb/rootfs/etc/nginx/includes/resolver.conf new file mode 100644 index 000000000..6485af141 --- /dev/null +++ b/sabnzb/rootfs/etc/nginx/includes/resolver.conf @@ -0,0 +1 @@ +resolver 127.0.0.11; diff --git a/sabnzb/rootfs/etc/nginx/includes/server_params.conf b/sabnzb/rootfs/etc/nginx/includes/server_params.conf new file mode 100644 index 000000000..a0ff6baa0 --- /dev/null +++ b/sabnzb/rootfs/etc/nginx/includes/server_params.conf @@ -0,0 +1,5 @@ +server_name $hostname; + +add_header X-Content-Type-Options nosniff; +add_header X-XSS-Protection "1; mode=block"; +add_header X-Robots-Tag none; diff --git a/sabnzb/rootfs/etc/nginx/includes/ssl_params.conf b/sabnzb/rootfs/etc/nginx/includes/ssl_params.conf new file mode 100644 index 000000000..6f1500599 --- /dev/null +++ b/sabnzb/rootfs/etc/nginx/includes/ssl_params.conf @@ -0,0 +1,9 @@ +ssl_protocols TLSv1.2; +ssl_prefer_server_ciphers on; +ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA; +ssl_ecdh_curve secp384r1; +ssl_session_timeout 10m; +ssl_session_cache shared:SSL:10m; +ssl_session_tickets off; +ssl_stapling on; +ssl_stapling_verify on; diff --git a/sabnzb/rootfs/etc/nginx/includes/upstream.conf b/sabnzb/rootfs/etc/nginx/includes/upstream.conf new file mode 100644 index 000000000..b292326bd --- /dev/null +++ b/sabnzb/rootfs/etc/nginx/includes/upstream.conf @@ -0,0 +1,3 @@ +upstream backend { + server 127.0.0.1:8080; +} diff --git a/sabnzb/rootfs/etc/nginx/nginx.conf b/sabnzb/rootfs/etc/nginx/nginx.conf new file mode 100644 index 000000000..7e5bc6f7c --- /dev/null +++ b/sabnzb/rootfs/etc/nginx/nginx.conf @@ -0,0 +1,56 @@ +# Run nginx in foreground. +daemon off; + +# This is run inside Docker. +user root; + +# Pid storage location. +pid /var/run/nginx.pid; + +# Set number of worker processes. +worker_processes 1; + +# Enables the use of JIT for regular expressions to speed-up their processing. +pcre_jit on; + +# Write error log to Hass.io add-on log. +error_log /proc/1/fd/1 error; + +# Load allowed environment vars +env HASSIO_TOKEN; + +# Load dynamic modules. +include /etc/nginx/modules/*.conf; + +# Max num of simultaneous connections by a worker process. +events { + worker_connections 512; +} + +http { + include /etc/nginx/includes/mime.types; + + log_format hassio '[$time_local] $status ' + '$http_x_forwarded_for($remote_addr) ' + '$request ($http_user_agent)'; + + access_log /proc/1/fd/1 hassio; + client_max_body_size 4G; + default_type application/octet-stream; + gzip on; + keepalive_timeout 65; + sendfile on; + server_tokens off; + tcp_nodelay on; + tcp_nopush on; + + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + + include /etc/nginx/includes/resolver.conf; + include /etc/nginx/includes/upstream.conf; + + include /etc/nginx/servers/*.conf; +} diff --git a/sabnzb/rootfs/etc/nginx/servers/ingress.conf b/sabnzb/rootfs/etc/nginx/servers/ingress.conf new file mode 100644 index 000000000..f5a4a3bec --- /dev/null +++ b/sabnzb/rootfs/etc/nginx/servers/ingress.conf @@ -0,0 +1,34 @@ +server { + listen %%interface%%:%%port%% default_server; + + include /etc/nginx/includes/server_params.conf; + include /etc/nginx/includes/proxy_params.conf; + + client_max_body_size 0; + root /app/sabnzb/webui; + index index.html index.htm index.php; + +location / { + # Pass data + proxy_pass http://backend/; + proxy_cache_bypass $http_upgrade; + + # Proxy headers + add_header Access-Control-Allow-Origin *; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Port $server_port; + + # Proxy timeouts + proxy_connect_timeout 60s; + proxy_send_timeout 60s; + proxy_read_timeout 60s; + +} + +} diff --git a/sabnzb/rootfs/etc/services.d/nginx/finish b/sabnzb/rootfs/etc/services.d/nginx/finish new file mode 100644 index 000000000..444240135 --- /dev/null +++ b/sabnzb/rootfs/etc/services.d/nginx/finish @@ -0,0 +1,8 @@ +#!/usr/bin/execlineb -S0 +# ============================================================================== +# Take down the S6 supervision tree when Nginx fails +# ============================================================================== +if { s6-test ${1} -ne 0 } +if { s6-test ${1} -ne 256 } + +s6-svscanctl -t /var/run/s6/services diff --git a/sabnzb/rootfs/etc/services.d/nginx/run b/sabnzb/rootfs/etc/services.d/nginx/run new file mode 100644 index 000000000..07447d8b8 --- /dev/null +++ b/sabnzb/rootfs/etc/services.d/nginx/run @@ -0,0 +1,10 @@ +#!/usr/bin/with-contenv bashio +# shellcheck shell=bash +# ============================================================================== + +# Wait for transmission to become available +bashio::net.wait_for 8080 localhost 900 + +bashio::log.info "Starting NGinx..." + +exec nginx diff --git a/sabnzb/translations/en.yaml b/sabnzb/translations/en.yaml new file mode 100644 index 000000000..e5b8cd982 --- /dev/null +++ b/sabnzb/translations/en.yaml @@ -0,0 +1,659 @@ +--- +configuration: + additional_apps: + name: additional_apps + description: Additional apps to install at boot + allow_ipv6: + name: allow_ipv6 + description: Enables ipv6 in the addon + ALLOW_SIGNUP: + name: ALLOW_SIGNUP + description: See upstream app documentation + ALLOWED_HOSTS: + name: ALLOWED_HOSTS + description: See upstream app documentation + APP_BASE_URL: + name: APP_BASE_URL + description: See upstream app documentation + APP_KEY: + name: APP_KEY + description: See upstream app documentation + APP_NAME: + name: APP_NAME + description: See upstream app documentation + append_myip: + name: append_myip + description: See upstream app documentation + auto_restart: + name: auto_restart + description: See upstream app documentation + BACKUP_PATH: + name: BACKUP_PATH + description: See upstream app documentation + base_folder: + name: base_folder + description: See upstream app documentation + BASE_URL: + name: BASE_URL + description: See upstream app documentation + base_url_portless: + name: base_url_portless + description: See upstream app documentation + certfile: + name: certfile + description: "fullchain.pem #ssl certificate, must be located in /ssl" + checkip_command: + name: checkip_command + description: See upstream app documentation + checkip_path: + name: checkip_path + description: See upstream app documentation + checkip_server: + name: checkip_server + description: See upstream app documentation + checkip_ssl: + name: checkip_ssl + description: See upstream app documentation + cifsdomain: + name: cifsdomain + description: Allow setting the domain for the smb share + cifspassword: + name: cifspassword + description: Your password to access your SMB share, same for all smb shares + cifsusername: + name: cifsusername + description: Your username to access your SMB share, same for all smb shares + claim: + name: claim + description: See upstream app documentation + CLI_ARGS: + name: CLI_ARGS + description: See upstream app documentation + COLLECTOR_API_ENDPOINT: + name: COLLECTOR_API_ENDPOINT + description: See upstream app documentation + COLLECTOR_HOST_ID: + name: COLLECTOR_HOST_ID + description: See upstream app documentation + CONFIG_LOCATION: + name: CONFIG_LOCATION + description: See upstream app documentation + CUSTOM_OPTIONS: + name: CUSTOM_OPTIONS + description: See upstream app documentation + custom_provider: + name: custom_provider + description: See upstream app documentation + customUI: + name: customUI + description: selection from list # alternative webUI can be set here + data_directory: + name: data_directory + description: See upstream app documentation + data_location: + name: data_location + description: Where do you want your data stored + database: + name: database + description: Type of database to use + DB_CLIENT: + name: DB_CLIENT + description: See upstream app documentation + DB_CONNECTION: + name: DB_CONNECTION + description: See upstream app documentation + DB_DATABASE: + name: DB_DATABASE + description: See upstream app documentation + DB_DATABASE_NAME: + name: DB_DATABASE_NAME + description: If using external postgresql + DB_HOST: + name: DB_HOST + description: See upstream app documentation + DB_HOSTNAME: + name: DB_HOSTNAME + description: If using external database + DB_PASSWORD: + name: DB_PASSWORD + description: If using external database + DB_PORT: + name: DB_PORT + description: If using external database + DB_TYPE: + name: DB_TYPE + description: See upstream app documentation + DB_USERNAME: + name: DB_USERNAME + description: If using external database + ddns_path: + name: ddns_path + description: See upstream app documentation + ddns_server: + name: ddns_server + description: See upstream app documentation + DEBUG: + name: DEBUG + description: See upstream app documentation + DISABLE_MACHINE_LEARNING: + name: DISABLE_MACHINE_LEARNING + description: See upstream app documentation + DNS_server: + name: DNS_server + description: See upstream app documentation + DOCKER_MODS: + name: DOCKER_MODS + description: See upstream app documentation + DOMAIN: + name: DOMAIN + description: See upstream app documentation + download_dir: + name: download_dir + description: See upstream app documentation + downloads_location: + name: downloads_location + description: See upstream app documentation + DROPBOX_TOKEN: + name: DROPBOX_TOKEN + description: See upstream app documentation + edge_repositories: + name: edge_repositories + description: See upstream app documentation + elasticsearch_server: + name: elasticsearch_server + description: See upstream app documentation + expose_collector: + name: expose_collector + description: See upstream app documentation + EXTENSIONS: + name: EXTENSIONS + description: See upstream app documentation + extraction_path: + name: extraction_path + description: See upstream app documentation + fake_address: + name: fake_address + description: See upstream app documentation + FG_LOG_LEVEL: + name: FG_LOG_LEVEL + description: See upstream app documentation + FG_PLUGINS: + name: FG_PLUGINS + description: See upstream app documentation + FIREFLY_III_ACCESS_TOKEN: + name: FIREFLY_III_ACCESS_TOKEN + description: See upstream app documentation + FIREFLY_III_CLIENT_ID: + name: FIREFLY_III_CLIENT_ID + description: See upstream app documentation + FIREFLY_III_URL: + name: FIREFLY_III_URL + description: See upstream app documentation + forced_update: + name: forced_update + description: See upstream app documentation + Full_Text_Search: + name: Full_Text_Search + description: See upstream app documentation + gitapi: + name: gitapi + description: See upstream app documentation + gitmail: + name: gitmail + description: See upstream app documentation + gitpass: + name: gitpass + description: See upstream app documentation + gituser: + name: gituser + description: See upstream app documentation + graphic_drivers: + name: graphic_drivers + description: See upstream app documentation + hostname: + name: hostname + description: See upstream app documentation + HTTPS_ONLY: + name: HTTPS_ONLY + description: See upstream app documentation + iface: + name: iface + description: See upstream app documentation + Images_location: + name: Images_location + description: See upstream app documentation + imaphost: + name: imaphost + description: See upstream app documentation + imappassword: + name: imappassword + description: See upstream app documentation + imapusername: + name: imapusername + description: See upstream app documentation + import_dir: + name: import_dir + description: See upstream app documentation + IMPORT_PATH: + name: IMPORT_PATH + description: See upstream app documentation + incomplete_dir: + name: incomplete_dir + description: See upstream app documentation + ingress_disabled: + name: ingress_disabled + description: See upstream app documentation + ingress_user: + name: ingress_user + description: See upstream app documentation + INTERFACE_NAME: + name: INTERFACE_NAME + description: See upstream app documentation + iterations: + name: iterations + description: See upstream app documentation + JWT_SECRET: + name: JWT_SECRET + description: Used to sign the authentication keys for user login + KEYBOARD: + name: KEYBOARD + description: See upstream app documentation + keyfile: + name: keyfile + description: privkey.pem #sslkeyfile, must be located in /ssl + LOCAL_NETWORK: + name: LOCAL_NETWORK + description: See upstream app documentation + localdisks: + name: localdisks + description: Physical name of the partition (ex. sda1) or the share (ex. SharedFiles) to mount separated by commas (ex. sda1,sdb1,MYNAS) + log_level: + name: log_level + description: See upstream app documentation + MAILER_AUTH_PASSWORD: + name: MAILER_AUTH_PASSWORD + description: See upstream app documentation + MAILER_AUTH_USER: + name: MAILER_AUTH_USER + description: See upstream app documentation + MAILER_ENABLED: + name: MAILER_ENABLED + description: See upstream app documentation + OPENVPN_PROVIDER: + name: OPENVPN_PROVIDER + description: See upstream app documentation + OPENVPN_USERNAME: + name: OPENVPN_USERNAME + description: See upstream app documentation + ORIGINALS_PATH: + name: ORIGINALS_PATH + description: See upstream app documentation + PAPERLESS_OCR_MODE: + name: PAPERLESS_OCR_MODE + description: See upstream app documentation + PAPERLESS_URL: + name: PAPERLESS_URL + description: See upstream app documentation + pass: + name: pass + description: See upstream app documentation + password: + name: password + description: See upstream app documentation + period: + name: period + description: See upstream app documentation + PGID: + name: PGID + description: The user group ID, as described in https://docs.linuxserver.io/general/understanding-puid-and-pgid + PMM_CONFIG: + name: PMM_CONFIG + description: See upstream app documentation + PMM_NO_MISSING: + name: PMM_NO_MISSING + description: See upstream app documentation + PMM_RUN: + name: PMM_RUN + description: See upstream app documentation + PMM_TEST: + name: PMM_TEST + description: See upstream app documentation + PMM_TIME: + name: PMM_TIME + description: See upstream app documentation + POSTGRES_DATABASE: + name: POSTGRES_DATABASE + description: See upstream app documentation + POSTGRES_DB: + name: POSTGRES_DB + description: See upstream app documentation + POSTGRES_HOST: + name: POSTGRES_HOST + description: See upstream app documentation + POSTGRES_PASSWORD: + name: POSTGRES_PASSWORD + description: See upstream app documentation + POSTGRES_PORT: + name: POSTGRES_PORT + description: See upstream app documentation + POSTGRES_USER: + name: POSTGRES_USER + description: See upstream app documentation + provider: + name: provider + description: See upstream app documentation + providers: + name: providers + description: See upstream app documentation + proxied: + name: proxied + description: See upstream app documentation + PUID: + name: PUID + description: The user group ID, as described in https://docs.linuxserver.io/general/understanding-puid-and-pgid + remote_mysql_database: + name: remote_mysql_database + description: See upstream app documentation + remote_mysql_host: + name: remote_mysql_host + description: See upstream app documentation + remote_mysql_password: + name: remote_mysql_password + description: See upstream app documentation + remote_mysql_port: + name: remote_mysql_port + description: See upstream app documentation + remote_mysql_username: + name: remote_mysql_username + description: See upstream app documentation + repository: + name: repository + description: See upstream app documentation + request_size_limit: + name: request_size_limit + description: See upstream app documentation + ROOT_URL: + name: ROOT_URL + description: See upstream app documentation + ROUTER_IP: + name: ROUTER_IP + description: See upstream app documentation + rpi_video_drivers: + name: rpi_video_drivers + description: See upstream app documentation + run_duration: + name: run_duration + description: 12h #for how long should the addon run. Must be formatted as number + time unit (ex : 5s, or 2m, or 12h, or 5d...) + SavePath: + name: SavePath + description: See upstream app documentation + SEAFILE_ADMIN_EMAIL: + name: SEAFILE_ADMIN_EMAIL + description: See upstream app documentation + SEAFILE_ADMIN_PASSWORD: + name: SEAFILE_ADMIN_PASSWORD + description: See upstream app documentation + SECRET_KEY: + name: SECRET_KEY + description: See upstream app documentation + secret_token: + name: secret_token + description: See upstream app documentation + secure_ssl: + name: secure_ssl + description: See upstream app documentation + silent: + name: silent + description: "true #suppresses debug messages" + SMARTCTL_COMMAND_DEVICE_TYPE: + name: SMARTCTL_COMMAND_DEVICE_TYPE + description: See upstream app documentation + SMARTCTL_MEGARAID_DISK_NUM: + name: SMARTCTL_MEGARAID_DISK_NUM + description: See upstream app documentation + smbv1: + name: smbv1 + description: See upstream app documentation + SPECTRE_APP_ID: + name: SPECTRE_APP_ID + description: See upstream app documentation + SPECTRE_SECRET: + name: SPECTRE_SECRET + description: See upstream app documentation + ssl: + name: ssl + description: true/false. enables ssl. Need certfile and keyfile filled' + storage_dir: + name: storage_dir + description: See upstream app documentation + STORAGE_PATH: + name: STORAGE_PATH + description: See upstream app documentation + theme: + name: theme + description: See upstream app documentation + TRANSMISSION_DOWNLOAD_DIR: + name: TRANSMISSION_DOWNLOAD_DIR + description: See upstream app documentation + TRANSMISSION_HOME: + name: TRANSMISSION_HOME + description: See upstream app documentation + TRANSMISSION_INCOMPLETE_DIR: + name: TRANSMISSION_INCOMPLETE_DIR + description: See upstream app documentation + TRANSMISSION_V3_UPDATE: + name: TRANSMISSION_V3_UPDATE + description: See upstream app documentation + TRANSMISSION_WATCH_DIR: + name: TRANSMISSION_WATCH_DIR + description: See upstream app documentation + TRANSMISSION_WEB_UI: + name: TRANSMISSION_WEB_UI + description: See upstream app documentation + trusted_domains: + name: trusted_domains + description: See upstream app documentation + trusted_headers: + name: trusted_headers + description: See upstream app documentation + ttl: + name: ttl + description: See upstream app documentation + TZ: + name: TZ + description: The timezone, as described in https://en.wikipedia.org/wiki/List_of_tz_database_time_zones + ui_path: + name: ui_path + description: See upstream app documentation + Updates: + name: Updates + description: See upstream app documentation + UPLOAD_NSFW: + name: UPLOAD_NSFW + description: See upstream app documentation + URL: + name: URL + description: See upstream app documentation + use_own_certs: + name: use_own_certs + description: See upstream app documentation + user: + name: user + description: See upstream app documentation + user_agent: + name: user_agent + description: See upstream app documentation + username: + name: username + description: See upstream app documentation + verbose: + name: verbose + description: See upstream app documentation + verify_address: + name: verify_address + description: See upstream app documentation + watch_dir: + name: watch_dir + description: See upstream app documentation + watch_path: + name: watch_path + description: See upstream app documentation + WebuiPass: + name: WebuiPass + description: See upstream app documentation + whitelist: + name: whitelist + description: '"localhost,192.168.0.0/16" # list ip subnets that do no need a password' + WHOOGLE_ALT_IG: + name: WHOOGLE_ALT_IG + description: See upstream app documentation + WHOOGLE_ALT_MD: + name: WHOOGLE_ALT_MD + description: See upstream app documentation + WHOOGLE_ALT_RD: + name: WHOOGLE_ALT_RD + description: See upstream app documentation + WHOOGLE_ALT_TL: + name: WHOOGLE_ALT_TL + description: See upstream app documentation + WHOOGLE_ALT_TW: + name: WHOOGLE_ALT_TW + description: See upstream app documentation + WHOOGLE_ALT_YT: + name: WHOOGLE_ALT_YT + description: See upstream app documentation + WHOOGLE_AUTOCOMPLETE: + name: WHOOGLE_AUTOCOMPLETE + description: See upstream app documentation + WHOOGLE_CONFIG_ALTS: + name: WHOOGLE_CONFIG_ALTS + description: See upstream app documentation + WHOOGLE_CONFIG_BLOCK: + name: WHOOGLE_CONFIG_BLOCK + description: See upstream app documentation + WHOOGLE_CONFIG_COUNTRY: + name: WHOOGLE_CONFIG_COUNTRY + description: See upstream app documentation + WHOOGLE_CONFIG_DISABLE: + name: WHOOGLE_CONFIG_DISABLE + description: See upstream app documentation + WHOOGLE_CONFIG_GET_ONLY: + name: WHOOGLE_CONFIG_GET_ONLY + description: See upstream app documentation + WHOOGLE_CONFIG_LANGUAGE: + name: WHOOGLE_CONFIG_LANGUAGE + description: See upstream app documentation + WHOOGLE_CONFIG_NEAR: + name: WHOOGLE_CONFIG_NEAR + description: See upstream app documentation + WHOOGLE_CONFIG_NEW_TAB: + name: WHOOGLE_CONFIG_NEW_TAB + description: See upstream app documentation + WHOOGLE_CONFIG_SAFE: + name: WHOOGLE_CONFIG_SAFE + description: See upstream app documentation + WHOOGLE_CONFIG_SEARCH_LANGUAGE: + name: WHOOGLE_CONFIG_SEARCH_LANGUAGE + description: See upstream app documentation + WHOOGLE_CONFIG_THEME: + name: WHOOGLE_CONFIG_THEME + description: See upstream app documentation + WHOOGLE_CONFIG_URL: + name: WHOOGLE_CONFIG_URL + description: See upstream app documentation + WHOOGLE_CONFIG_VIEW_IMAGE: + name: WHOOGLE_CONFIG_VIEW_IMAGE + description: See upstream app documentation + WHOOGLE_CSP: + name: WHOOGLE_CSP + description: See upstream app documentation + WHOOGLE_MINIMAL: + name: WHOOGLE_MINIMAL + description: See upstream app documentation + WHOOGLE_PASS: + name: WHOOGLE_PASS + description: See upstream app documentation + WHOOGLE_PROXY_LOC: + name: WHOOGLE_PROXY_LOC + description: See upstream app documentation + WHOOGLE_PROXY_PASS: + name: WHOOGLE_PROXY_PASS + description: See upstream app documentation + WHOOGLE_PROXY_TYPE: + name: WHOOGLE_PROXY_TYPE + description: See upstream app documentation + WHOOGLE_PROXY_USER: + name: WHOOGLE_PROXY_USER + description: See upstream app documentation + WHOOGLE_RESULTS_PER_PAGE: + name: WHOOGLE_RESULTS_PER_PAGE + description: See upstream app documentation + WHOOGLE_USER: + name: WHOOGLE_USER + description: See upstream app documentation + wildcard: + name: wildcard + description: See upstream app documentation" + MAILER_HOST: + name: MAILER_HOST + description: See upstream app documentation + MAILER_NOREPLY_EMAIL: + name: MAILER_NOREPLY_EMAIL + description: See upstream app documentation + MAILER_NOREPLY_NAME: + name: MAILER_NOREPLY_NAME + description: See upstream app documentation + MAILER_PORT: + name: MAILER_PORT + description: See upstream app documentation + MAILER_SECURITY: + name: MAILER_SECURITY + description: See upstream app documentation + maxmem: + name: maxmem + description: See upstream app documentation + Mode: + name: Mode + description: See upstream app documentation + mqtt_autodiscover: + name: mqtt_autodiscover + description: See upstream app documentation + networkdisks: + name: networkdisks + description: list of smb servers to mount, separated by commas (//xxx.xx.xx.xx/share) + NoAuth: + name: NoAuth + description: See upstream app documentation + NORDIGEN_ID: + name: NORDIGEN_ID + description: See upstream app documentation + NORDIGEN_KEY: + name: NORDIGEN_KEY + description: See upstream app documentation + OAUTHLIB_RELAX_TOKEN_SCOPE: + name: OAUTHLIB_RELAX_TOKEN_SCOPE + description: See upstream app documentation + OCR: + name: OCR + description: See upstream app documentation + ocrlang: + name: ocrlang + description: See upstream app documentation + openvpn_alt_mode: + name: openvpn_alt_mode + description: bind at container level and not app level + openvpn_config: + name: openvpn_config + description: for example ""config.ovpn"" # name of the file located in /config/openvpn + OPENVPN_CUSTOM_PROVIDER: + name: OPENVPN_CUSTOM_PROVIDER + description: See upstream app documentation + OPENVPN_CUSTOM_PROVIDER_OVPN_LOCATION: + name: OPENVPN_CUSTOM_PROVIDER_OVPN_LOCATION + description: See upstream app documentation + openvpn_enabled: + name: openvpn_enabled + description: See upstream app documentation + OPENVPN_PASSWORD: + name: OPENVPN_PASSWORD + description: See upstream app documentation diff --git a/sabnzb/updater.json b/sabnzb/updater.json new file mode 100644 index 000000000..464bd0265 --- /dev/null +++ b/sabnzb/updater.json @@ -0,0 +1,9 @@ +{ + "github_fulltag": "true", + "last_update": "21-01-2023", + "repository": "alexbelgium/hassio-addons", + "slug": "sabnzb", + "source": "github", + "upstream_repo": "linuxserver/docker-sabnzb", + "upstream_version": "v21.1-ls138" +} \ No newline at end of file