今天要來裝 Navidrome 來做無損音樂串流??
先來安裝監控的東西上來吧:D
回到 Bastion 上用一下 Ansible 自動部署
先來設定 SSH Public key 用指令就可以了
ssh-copy-id root@navidrome.ironman.test
接著沿用 Day17 和 Day21 和 Day22 的 Playbook 部署
---
- name: Install_prometheus_node_exporter_to_servers
hosts: navidrome
tasks:
- name: update apt package list
ansible.builtin.apt:
update_cache: yes
- name: Install prometheus node-exporter
ansible.builtin.apt:
name: prometheus-node-exporter
state: present
- name: Install curl
ansible.builtin.apt:
name: curl
state: present
- name: Make sure a service unit is running and startup when booting
ansible.builtin.systemd_service:
name: prometheus-node-exporter
state: started
enabled: true
- name: check localhost:9100 from localhost
hosts: navidrome
tasks:
- name: Check if 'Node Exporter' string exists in localhost:9100/metric
shell: curl -s http://localhost:9100/metric | grep "Node Exporter"
register: grep_result
ignore_errors: yes
- name: Show result
debug:
msg: "node-exporter successful"
when: grep_result.rc == 0
- name: Show result if string is not found
debug:
msg: "node-exporter failure"
when: grep_result.rc != 0
- name: Install_promtail_to_servers
hosts: navidrome
tasks:
- name: update apt package list before install prerequiresite
ansible.builtin.apt:
update_cache: yes
- name: Install prerequisite packages for Promtail
ansible.builtin.apt:
name:
- apt-transport-https
- software-properties-common
- wget
- name: Ensure directory for keyrings exists
ansible.builtin.file:
path: /etc/apt/keyrings/
state: directory
- name: Fetch and store Grafana GPG key
ansible.builtin.get_url:
url: https://apt.grafana.com/gpg.key
dest: /tmp/grafana.gpg.key
- name: Dearmor the Grafana GPG key
ansible.builtin.command:
cmd: gpg --dearmor -o /etc/apt/keyrings/grafana.gpg /tmp/grafana.gpg.key
creates: /etc/apt/keyrings/grafana.gpg exists
- name: Add Grafana APT repository
ansible.builtin.lineinfile:
path: /etc/apt/sources.list.d/grafana.list
line: "deb [signed-by=/etc/apt/keyrings/grafana.gpg] https://apt.grafana.com stable main"
create: yes
state: present
- name: update apt package list before install promtail
ansible.builtin.apt:
update_cache: yes
- name: Install promtail
ansible.builtin.apt:
name: promtail
state: present
- name: Configure promtail config.yaml
hosts: navidrome
tasks:
- name: Copy config.yml to target
copy:
src: config.yml
dest: /etc/promtail/config.yml
owner: root
group: root
mode: '0644'
- name: Add promtail user to systemd-journal group
user:
name: promtail
groups: systemd-journal
append: yes
- name: cat hostname
shell: cat /etc/hostname
register: TARGET_HOSTNAME
- name: Replace hostname
ansible.builtin.replace:
path: /etc/promtail/config.yml
regexp: 'HOSTNAME'
replace: "{{TARGET_HOSTNAME.stdout}}"
- name: Restart promtail
ansible.builtin.systemd_service:
name: promtail
state: restarted
enabled: true
接著來跑跑看
ansible-playbook navi.yaml
接著到 Prometheus 上面把 Node-exporter 加上去...
然後就
監控搞定就來開始安裝吧
先來安裝一些基本套件
apt-get install -y ffmpeg wget
接著手動建立 Navidrome 的 User & Group
groupadd -r navidrome
useradd -r -s /usr/sbin/nologin -g navidrome navidrome
接著來建立 Navidrome 使用的資料夾
install -d -o navidrome -g navidrome /opt/navidrome
install -d -o navidrome -g navidrome /var/lib/navidrome
接下來把 Navidrome 本身拉下來並丟到剛剛建立的資料夾 這邊使用 0.49.3 版
wget https://github.com/navidrome/navidrome/releases/download/v0.49.3/navidrome_0.49.3_Linux_x86_64.tar.gz -O Navidrome.tar.gz
tar -xvzf Navidrome.tar.gz -C /opt/navidrome/
chown -R navidrome:navidrome /opt/navidrome
mkdir -p /stream/music
chown -R navidrome:navidrome /stream/music
接著到另一個資料夾寫一下設定檔 指定 LOG 更新掃描和音樂資料夾的存放點
nano /var/lib/navidrome/navidrome.toml
# This is just an example! Please see available options to customize Navidrome for your needs at
# https://www.navidrome.org/docs/usage/configuration-options/#available-options
LogLevel = 'info'
ScanSchedule = '@every 24h'
MusicFolder = '/stream/music'
接著來寫 Systemd Unit 設定服務
nano /etc/systemd/system/navidrome.service
[Unit]
Description=Navidrome Music Server and Streamer compatible with Subsonic/Airsonic
After=remote-fs.target network.target
AssertPathExists=/var/lib/navidrome
[Install]
WantedBy=multi-user.target
[Service]
User=navidrome
Group=navidrome
Type=simple
ExecStart=/opt/navidrome/navidrome --configfile "/var/lib/navidrome/navidrome.toml"
WorkingDirectory=/var/lib/navidrome
TimeoutStopSec=20
KillMode=process
Restart=on-failure
# See https://www.freedesktop.org/software/systemd/man/systemd.exec.html
DevicePolicy=closed
NoNewPrivileges=yes
PrivateTmp=yes
PrivateUsers=yes
ProtectControlGroups=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictNamespaces=yes
RestrictRealtime=yes
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
ReadWritePaths=/var/lib/navidrome
# You can uncomment the following line if you're not using the jukebox This
# will prevent navidrome from accessing any real (physical) devices
#PrivateDevices=yes
# You can change the following line to `strict` instead of `full` if you don't
# want navidrome to be able to write anything on your filesystem outside of
# /var/lib/navidrome.
ProtectSystem=full
# You can uncomment the following line if you don't have any media in /home/*.
# This will prevent navidrome from ever reading/writing anything there.
#ProtectHome=true
# You can customize some Navidrome config options by setting environment variables here. Ex:
#Environment=ND_BASEURL="/navidrome"
寫好後就來啟動 Navidrome
systemctl daemon-reload
systemctl start navidrome
systemctl status navidrome
接著用瀏覽器進去看看 navidrome 預設使用 4533 Port
有了 這邊先來設定 Admin 的帳號密碼
設定完後就可以看到空空如也的音樂庫 :<
明天來把存放音樂的地方建立起來
iThome鐵人賽
看影片追技術