diff options
Diffstat (limited to 'roles/jellyfin/templates/etc')
3 files changed, 109 insertions, 0 deletions
diff --git a/roles/jellyfin/templates/etc/jellyfin/network.xml.j2 b/roles/jellyfin/templates/etc/jellyfin/network.xml.j2 new file mode 100644 index 0000000..9b73f6b --- /dev/null +++ b/roles/jellyfin/templates/etc/jellyfin/network.xml.j2 @@ -0,0 +1,36 @@ +<?xml version="1.0" encoding="utf-8"?> +<NetworkConfiguration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> + <RequireHttps>false</RequireHttps> + <BaseUrl /> + <PublicHttpsPort>0</PublicHttpsPort> + <HttpServerPortNumber>{{ jellyfin_port }}</HttpServerPortNumber> + <HttpsPortNumber>0</HttpsPortNumber> + <EnableHttps>false</EnableHttps> + <PublicPort>{{ jellyfin_port }}</PublicPort> + <UPnPCreateHttpPortMap>false</UPnPCreateHttpPortMap> + <UDPPortRange /> + <EnableIPV6>false</EnableIPV6> + <EnableIPV4>true</EnableIPV4> + <EnableSSDPTracing>false</EnableSSDPTracing> + <SSDPTracingFilter /> + <UDPSendCount>2</UDPSendCount> + <UDPSendDelay>100</UDPSendDelay> + <IgnoreVirtualInterfaces>true</IgnoreVirtualInterfaces> + <VirtualInterfaceNames>vEthernet*</VirtualInterfaceNames> + <GatewayMonitorPeriod>60</GatewayMonitorPeriod> + <TrustAllIP6Interfaces>false</TrustAllIP6Interfaces> + <HDHomerunPortRange /> + <PublishedServerUriBySubnet /> + <AutoDiscoveryTracing>false</AutoDiscoveryTracing> + <AutoDiscovery>true</AutoDiscovery> + <RemoteIPFilter /> + <IsRemoteIPFilterBlacklist>false</IsRemoteIPFilterBlacklist> + <EnableUPnP>false</EnableUPnP> + <EnableRemoteAccess>true</EnableRemoteAccess> + <LocalNetworkSubnets /> + <LocalNetworkAddresses> + <string>127.0.0.1</string> + </LocalNetworkAddresses> + <KnownProxies /> + <EnablePublishedServerUriByRequest>false</EnablePublishedServerUriByRequest> +</NetworkConfiguration> diff --git a/roles/jellyfin/templates/etc/sysconfig/jellyfin.j2 b/roles/jellyfin/templates/etc/sysconfig/jellyfin.j2 new file mode 100644 index 0000000..75f56ff --- /dev/null +++ b/roles/jellyfin/templates/etc/sysconfig/jellyfin.j2 @@ -0,0 +1,22 @@ +# Program directories +JELLYFIN_DATA_DIR="/var/lib/jellyfin" +JELLYFIN_CONFIG_DIR="/etc/jellyfin" +JELLYFIN_LOG_DIR="/var/log/jellyfin" +JELLYFIN_CACHE_DIR="/var/cache/jellyfin" + +# web client path, installed by the jellyfin-web package +JELLYFIN_WEB_OPT="--webdir={{ jellyfin_install_dir }}/jellyfin-web" + +# [OPTIONAL] ffmpeg binary paths, overriding the UI-configured values +#JELLYFIN_FFMPEG_OPT="--ffmpeg=/usr/bin/ffmpeg" + +# [OPTIONAL] run Jellyfin as a headless service +JELLYFIN_SERVICE_OPT="--service" + +# [OPTIONAL] run Jellyfin without the web app +#JELLYFIN_NOWEBAPP_OPT="--noautorunwebapp" + +# [OPTIONAL] run Jellyfin with ASP.NET Server Garbage Collection (uses more RAM and less CPU than Workstation GC) +# 0 = Workstation +# 1 = Server +COMPlus_gcServer=1 diff --git a/roles/jellyfin/templates/etc/systemd/system/jellyfin.service.j2 b/roles/jellyfin/templates/etc/systemd/system/jellyfin.service.j2 new file mode 100644 index 0000000..2b809bb --- /dev/null +++ b/roles/jellyfin/templates/etc/systemd/system/jellyfin.service.j2 @@ -0,0 +1,51 @@ +[Unit] +Description = Jellyfin Media Server +After=autofs.service network-online.target nss-user-lookup.target + +[Service] +Type = simple +EnvironmentFile = /etc/sysconfig/jellyfin +User = {{ jellyfin_user }} +Group = {{ jellyfin_user }} +WorkingDirectory = /var/lib/jellyfin +ExecStart = {{ jellyfin_install_dir }}/jellyfin ${JELLYFIN_WEB_OPT} ${JELLYFIN_RESTART_OPT} ${JELLYFIN_FFMPEG_OPT} ${JELLYFIN_SERVICE_OPT} ${JELLYFIN_NOWEBAPP_OPT} ${JELLYFIN_ADDITIONAL_OPTS} +Restart = on-failure +TimeoutSec = 15 +SuccessExitStatus=0 143 + +NoNewPrivileges=true +SystemCallArchitectures=native +RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK +RestrictNamespaces=false +RestrictRealtime=true +RestrictSUIDSGID=true +ProtectClock=true +ProtectControlGroups=false +ProtectHostname=true +ProtectKernelLogs=false +ProtectKernelModules=false +ProtectKernelTunables=false +LockPersonality=true +PrivateTmp=false +PrivateDevices=false +PrivateUsers=true +RemoveIPC=true +SystemCallFilter=~@clock +SystemCallFilter=~@aio +SystemCallFilter=~@chown +SystemCallFilter=~@cpu-emulation +SystemCallFilter=~@debug +SystemCallFilter=~@keyring +SystemCallFilter=~@memlock +SystemCallFilter=~@module +SystemCallFilter=~@mount +SystemCallFilter=~@obsolete +SystemCallFilter=~@privileged +SystemCallFilter=~@raw-io +SystemCallFilter=~@reboot +SystemCallFilter=~@setuid +SystemCallFilter=~@swap +SystemCallErrorNumber=EPERM + +[Install] +WantedBy = multi-user.target |