# HG changeset patch
# User Luke Hoersten <luke@hoersten.org>
# Date 1721583763 18000
# Node ID f88bb54f63bdd50efd5909372fa0a27ed5469ace
# Parent  f46b0f7e758ca154237484c258c7c899a220e07a
Added scrypted role.

diff -r f46b0f7e758c -r f88bb54f63bd scrypted/defaults/main.yaml
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/scrypted/defaults/main.yaml	Sun Jul 21 12:42:43 2024 -0500
@@ -0,0 +1,4 @@
+---
+
+scrypted_dir: "~/.scrypted"
+scrypted_auto_update_port: "10444"
diff -r f46b0f7e758c -r f88bb54f63bd scrypted/tasks/main.yaml
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/scrypted/tasks/main.yaml	Sun Jul 21 12:42:43 2024 -0500
@@ -0,0 +1,44 @@
+---
+
+- name: add scrypted user
+  become: yes
+  user: name="scrypted" shell="/bin/false" system="yes" create_home="no" groups="docker"
+
+- name: install docker apt packages
+  become: yes
+  apt: name="docker-ce"
+
+- name: make scrypted dir
+  become: yes
+  file:
+    path: "{{item}}"
+    state: "directory"
+    owner: "scrypted"
+    group: "scrypted"
+    mode: "0755"
+  loop:
+    - "{{scrypted_dir}}"
+    - "{{scrypted_dir}}/volume"
+
+- name: configure scrypted docker compose
+  become: yes
+  template:
+    src: "docker-compose.yml.j2"
+    dest: "{{scrypted_dir}}/docker-compose.yml"
+    owner: "scrypted"
+    group: "scrypted"
+    mode: "0600"
+
+- name: docker compose pull
+  become: yes
+  become_user: "scrypted"
+  command: "docker compose pull"
+  args:
+    chdir: "{{scrypted_dir}}"
+
+- name: docker compose
+  become: yes
+  become_user: "scrypted"
+  command: "docker compose up -d"
+  args:
+    chdir: "{{scrypted_dir}}"
diff -r f46b0f7e758c -r f88bb54f63bd scrypted/templates/docker-compose.yml.j2
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/scrypted/templates/docker-compose.yml.j2	Sun Jul 21 12:42:43 2024 -0500
@@ -0,0 +1,141 @@
+# The Scrypted docker-compose.yml file typically resides at:
+# ~/.scrypted/docker-compose.yml
+
+
+# Scrypted NVR Storage (Optional Network Volume: Part 1 of 3)
+# Example volumes SMB (CIFS) and NFS.
+# Uncomment only one.
+# volumes:
+#     nvr:
+#         driver_opts:
+#             type: cifs
+#             o: username=[username],password=[password],vers=3.0,file_mode=0777,dir_mode=0777
+#             device: //[ip-address]/[path-to-directory]
+#     nvr:
+#         driver_opts:
+#             type: "nfs"
+#             o: "addr=[ip-address],nolock,soft,rw"
+#             device: ":[path-to-directory]"
+
+services:
+    scrypted:
+        environment:
+            # Scrypted NVR Storage (Part 2 of 3)
+
+            # Uncomment the next line to configure the NVR plugin to store recordings
+            # use the /nvr directory within the container. This can also be configured
+            # within the plugin manually.
+            # The drive or network share will ALSO need to be configured in the volumes
+            # section below.
+            # - SCRYPTED_NVR_VOLUME=/nvr
+
+            - SCRYPTED_WEBHOOK_UPDATE_AUTHORIZATION=Bearer {{scrypted_auth_key}}
+            - SCRYPTED_WEBHOOK_UPDATE=http://localhost:{{scrypted_auto_update_port}}/v1/update
+
+            # Avahi can be used for network discovery by passing in the host daemon
+            # or running the daemon inside the container. Choose one or the other.
+            # Uncomment next line to run avahi-daemon inside the container.
+            # See volumes and security_opt section below to use the host daemon.
+            # - SCRYPTED_DOCKER_AVAHI=true
+
+            # NVIDIA (Part 1 of 4)
+            # - NVIDIA_VISIBLE_DEVICES=all
+            # - NVIDIA_DRIVER_CAPABILITIES=all
+
+        # NVIDIA (Part 2 of 4)
+        # runtime: nvidia
+
+        # NVIDIA (Part 3 of 4) - Use NVIDIA image, and remove subsequent default image.
+        # image: ghcr.io/koush/scrypted:nvidia
+        image: ghcr.io/koush/scrypted
+
+        volumes:
+            # NVIDIA (Part 4 of 4)
+            # - /etc/OpenCL/vendors/nvidia.icd:/etc/OpenCL/vendors/nvidia.icd
+
+            # Scrypted NVR Storage (Part 3 of 3)
+
+            # Modify to add the additional volume for Scrypted NVR.
+            # The following example would mount the /mnt/sda/video path on the host
+            # to the /nvr path inside the docker container.
+            # - /mnt/media/video:/nvr
+
+            # Or use a network mount from one of the CIFS/NFS examples at the top of this file.
+            # - type: volume
+            #   source: nvr
+            #   target: /nvr
+            #   volume:
+            #     nocopy: true
+
+            # Uncomment the following lines to use Avahi daemon from the host.
+            # Ensure Avahi is running on the host machine:
+            # It can be installed with: sudo apt-get install avahi-daemon
+            # This is not compatible with running avahi inside the container (see above).
+            # Also, uncomment the lines under security_opt
+            - /var/run/dbus:/var/run/dbus
+            - /var/run/avahi-daemon/socket:/var/run/avahi-daemon/socket
+
+            # Default volume for the Scrypted database. Typically should not be changed.
+            - {{scrypted_dir}}/volume:/server/volume
+        # Uncomment the following lines to use Avahi daemon from the host
+        # Without this, AppArmor will block the container's attempt to talk to Avahi via dbus
+        security_opt:
+            - apparmor:unconfined
+        devices: [
+            # uncomment the common systems devices to pass
+            # them through to docker.
+
+            # all usb devices, such as coral tpu
+            # "/dev/bus/usb:/dev/bus/usb",
+
+            # hardware accelerated video decoding, opencl, etc.
+            # "/dev/dri:/dev/dri",
+
+            # uncomment below as necessary.
+            # zwave usb serial device
+
+            # "/dev/ttyACM0:/dev/ttyACM0",
+
+            # coral PCI devices
+            # "/dev/apex_0:/dev/apex_0",
+            # "/dev/apex_1:/dev/apex_1",
+        ]
+
+        container_name: scrypted
+        restart: unless-stopped
+        network_mode: host
+
+        # logging is noisy and will unnecessarily wear on flash storage.
+        # scrypted has per device in memory logging that is preferred.
+        # enable the log file if enhanced debugging is necessary.
+        logging:
+            driver: "none"
+            # driver: "json-file"
+            # options:
+            #     max-size: "10m"
+            #     max-file: "10"
+        labels:
+            - "com.centurylinklabs.watchtower.scope=scrypted"
+
+    # watchtower manages updates for Scrypted.
+    watchtower:
+        environment:
+            - WATCHTOWER_HTTP_API_TOKEN={{scrypted_auth_key}}
+            - WATCHTOWER_HTTP_API_UPDATE=true
+            - WATCHTOWER_SCOPE=scrypted
+            # remove the following line to never allow docker to auto update.
+            # this is not recommended.
+            - WATCHTOWER_HTTP_API_PERIODIC_POLLS=true
+        image: containrrr/watchtower
+        container_name: scrypted-watchtower
+        restart: unless-stopped
+        volumes:
+            - /var/run/docker.sock:/var/run/docker.sock
+        labels:
+            - "com.centurylinklabs.watchtower.scope=scrypted"
+        ports:
+            # The auto update port 10444 can be configured
+            # Must match the port in the auto update url above.
+            - {{scrypted_auto_update_port}}:8080
+        # check for updates once an hour (interval is in seconds)
+        command: --interval 3600 --cleanup --scope scrypted