aboutsummaryrefslogtreecommitdiffstats
path: root/roles/jellyfin/templates/etc
diff options
context:
space:
mode:
Diffstat (limited to 'roles/jellyfin/templates/etc')
-rw-r--r--roles/jellyfin/templates/etc/jellyfin/network.xml.j236
-rw-r--r--roles/jellyfin/templates/etc/sysconfig/jellyfin.j222
-rw-r--r--roles/jellyfin/templates/etc/systemd/system/jellyfin.service.j251
3 files changed, 109 insertions, 0 deletions
diff --git a/roles/jellyfin/templates/etc/jellyfin/network.xml.j2 b/roles/jellyfin/templates/etc/jellyfin/network.xml.j2
new file mode 100644
index 0000000..9b73f6b
--- /dev/null
+++ b/roles/jellyfin/templates/etc/jellyfin/network.xml.j2
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="utf-8"?>
+<NetworkConfiguration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+ <RequireHttps>false</RequireHttps>
+ <BaseUrl />
+ <PublicHttpsPort>0</PublicHttpsPort>
+ <HttpServerPortNumber>{{ jellyfin_port }}</HttpServerPortNumber>
+ <HttpsPortNumber>0</HttpsPortNumber>
+ <EnableHttps>false</EnableHttps>
+ <PublicPort>{{ jellyfin_port }}</PublicPort>
+ <UPnPCreateHttpPortMap>false</UPnPCreateHttpPortMap>
+ <UDPPortRange />
+ <EnableIPV6>false</EnableIPV6>
+ <EnableIPV4>true</EnableIPV4>
+ <EnableSSDPTracing>false</EnableSSDPTracing>
+ <SSDPTracingFilter />
+ <UDPSendCount>2</UDPSendCount>
+ <UDPSendDelay>100</UDPSendDelay>
+ <IgnoreVirtualInterfaces>true</IgnoreVirtualInterfaces>
+ <VirtualInterfaceNames>vEthernet*</VirtualInterfaceNames>
+ <GatewayMonitorPeriod>60</GatewayMonitorPeriod>
+ <TrustAllIP6Interfaces>false</TrustAllIP6Interfaces>
+ <HDHomerunPortRange />
+ <PublishedServerUriBySubnet />
+ <AutoDiscoveryTracing>false</AutoDiscoveryTracing>
+ <AutoDiscovery>true</AutoDiscovery>
+ <RemoteIPFilter />
+ <IsRemoteIPFilterBlacklist>false</IsRemoteIPFilterBlacklist>
+ <EnableUPnP>false</EnableUPnP>
+ <EnableRemoteAccess>true</EnableRemoteAccess>
+ <LocalNetworkSubnets />
+ <LocalNetworkAddresses>
+ <string>127.0.0.1</string>
+ </LocalNetworkAddresses>
+ <KnownProxies />
+ <EnablePublishedServerUriByRequest>false</EnablePublishedServerUriByRequest>
+</NetworkConfiguration>
diff --git a/roles/jellyfin/templates/etc/sysconfig/jellyfin.j2 b/roles/jellyfin/templates/etc/sysconfig/jellyfin.j2
new file mode 100644
index 0000000..75f56ff
--- /dev/null
+++ b/roles/jellyfin/templates/etc/sysconfig/jellyfin.j2
@@ -0,0 +1,22 @@
+# Program directories
+JELLYFIN_DATA_DIR="/var/lib/jellyfin"
+JELLYFIN_CONFIG_DIR="/etc/jellyfin"
+JELLYFIN_LOG_DIR="/var/log/jellyfin"
+JELLYFIN_CACHE_DIR="/var/cache/jellyfin"
+
+# web client path, installed by the jellyfin-web package
+JELLYFIN_WEB_OPT="--webdir={{ jellyfin_install_dir }}/jellyfin-web"
+
+# [OPTIONAL] ffmpeg binary paths, overriding the UI-configured values
+#JELLYFIN_FFMPEG_OPT="--ffmpeg=/usr/bin/ffmpeg"
+
+# [OPTIONAL] run Jellyfin as a headless service
+JELLYFIN_SERVICE_OPT="--service"
+
+# [OPTIONAL] run Jellyfin without the web app
+#JELLYFIN_NOWEBAPP_OPT="--noautorunwebapp"
+
+# [OPTIONAL] run Jellyfin with ASP.NET Server Garbage Collection (uses more RAM and less CPU than Workstation GC)
+# 0 = Workstation
+# 1 = Server
+COMPlus_gcServer=1
diff --git a/roles/jellyfin/templates/etc/systemd/system/jellyfin.service.j2 b/roles/jellyfin/templates/etc/systemd/system/jellyfin.service.j2
new file mode 100644
index 0000000..2b809bb
--- /dev/null
+++ b/roles/jellyfin/templates/etc/systemd/system/jellyfin.service.j2
@@ -0,0 +1,51 @@
+[Unit]
+Description = Jellyfin Media Server
+After=autofs.service network-online.target nss-user-lookup.target
+
+[Service]
+Type = simple
+EnvironmentFile = /etc/sysconfig/jellyfin
+User = {{ jellyfin_user }}
+Group = {{ jellyfin_user }}
+WorkingDirectory = /var/lib/jellyfin
+ExecStart = {{ jellyfin_install_dir }}/jellyfin ${JELLYFIN_WEB_OPT} ${JELLYFIN_RESTART_OPT} ${JELLYFIN_FFMPEG_OPT} ${JELLYFIN_SERVICE_OPT} ${JELLYFIN_NOWEBAPP_OPT} ${JELLYFIN_ADDITIONAL_OPTS}
+Restart = on-failure
+TimeoutSec = 15
+SuccessExitStatus=0 143
+
+NoNewPrivileges=true
+SystemCallArchitectures=native
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
+RestrictNamespaces=false
+RestrictRealtime=true
+RestrictSUIDSGID=true
+ProtectClock=true
+ProtectControlGroups=false
+ProtectHostname=true
+ProtectKernelLogs=false
+ProtectKernelModules=false
+ProtectKernelTunables=false
+LockPersonality=true
+PrivateTmp=false
+PrivateDevices=false
+PrivateUsers=true
+RemoveIPC=true
+SystemCallFilter=~@clock
+SystemCallFilter=~@aio
+SystemCallFilter=~@chown
+SystemCallFilter=~@cpu-emulation
+SystemCallFilter=~@debug
+SystemCallFilter=~@keyring
+SystemCallFilter=~@memlock
+SystemCallFilter=~@module
+SystemCallFilter=~@mount
+SystemCallFilter=~@obsolete
+SystemCallFilter=~@privileged
+SystemCallFilter=~@raw-io
+SystemCallFilter=~@reboot
+SystemCallFilter=~@setuid
+SystemCallFilter=~@swap
+SystemCallErrorNumber=EPERM
+
+[Install]
+WantedBy = multi-user.target
generated by cgit (git 2.34.1) at 2024-09-19 17:36:52 -0400