adding docker example updates

This commit is contained in:
2025-09-09 10:44:35 -04:00
parent 4685c970af
commit 49a2c1788a
4 changed files with 112 additions and 24 deletions
+6 -1
View File
@@ -57,4 +57,9 @@ temp/
*.tmp *.tmp
# Docker # Docker
.dockerignore .dockerignore
# Local development files (not for public repo)
*.local
CODE_STRUCTURE.local
RESTART_SUMMARY.md
+16 -5
View File
@@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
## [Unreleased] - v0.6.0 ## [Unreleased] - v0.6.0
### Added ### Added
- **🔐 Secure Configuration System**: Two-file configuration with automatic API key masking
- **Main `.env`**: Paths and preferences (safe to share for debugging)
- **Separate `.env.secrets`**: API keys and passwords (never committed to git)
- **Automatic Loading**: Both files loaded at startup with python-dotenv
- **Log Security**: API keys automatically masked in all log output
- **Git Protection**: Updated .gitignore prevents accidental commits of sensitive data
- **🎯 Configurable Release Date Priority System**: Revolutionary smart fallback for manual imports - **🎯 Configurable Release Date Priority System**: Revolutionary smart fallback for manual imports
- **Configurable Priority Order**: `RELEASE_DATE_PRIORITY=digital,physical,theatrical` (customizable) - **Configurable Priority Order**: `RELEASE_DATE_PRIORITY=digital,physical,theatrical` (customizable)
- **Digital Releases**: VOD/streaming dates (Netflix, iTunes, etc.) - TMDB type 4 - **Digital Releases**: VOD/streaming dates (Netflix, iTunes, etc.) - TMDB type 4
@@ -30,15 +36,20 @@ All notable changes to this project will be documented in this file.
- OMDb API for DVD/digital release dates - OMDb API for DVD/digital release dates
- Jellyseerr integration for additional digital release data - Jellyseerr integration for additional digital release data
- **Deployment Documentation**: - **Deployment Documentation**:
- `DEPLOYMENT.md` - Complete Docker deployment guide - `SETUP.md` - Secure configuration setup guide
- `DEPLOYMENT.md` - Complete Docker deployment guide
- `TESTING.md` - Testing strategy and troubleshooting - `TESTING.md` - Testing strategy and troubleshooting
- `.env.template` - Comprehensive configuration template - `.env.template` - Clean main configuration template
- `docker-compose.yml` - Production-ready deployment - `.env.secrets.template` - Secure secrets configuration template
- `docker-compose.yml` - Production-ready deployment with volume mounts
### Changed ### Changed
- **Configuration Management**: Removed hardcoded paths, fully environment variable driven - **Configuration Management**: Secure two-file system replaces single .env approach
- **Separated Concerns**: Main config (.env) vs sensitive data (.env.secrets)
- **Enhanced Security**: API key masking and git protection built-in
- **Docker Integration**: Updated docker-compose.yml with proper volume mounts
- **Movie Priority Logic**: Enhanced `import_then_digital` to intelligently handle file date fallbacks - **Movie Priority Logic**: Enhanced `import_then_digital` to intelligently handle file date fallbacks
- **README.md**: Complete rewrite with all API endpoints, curl examples, and response formats - **README.md**: Complete rewrite with secure configuration examples and curl commands
### Fixed ### Fixed
- **Manual Import Handling**: Movies manually imported to Radarr now use digital release dates instead of file modification dates - **Manual Import Handling**: Movies manually imported to Radarr now use digital release dates instead of file modification dates
+73 -13
View File
@@ -50,27 +50,87 @@ It integrates with **Sonarr** and **Radarr**, listens for import/rename/upgrade
--- ---
## 🚀 Quick Start (Docker) ## 🚀 Quick Start (Docker Compose)
```bash
# 1. Copy configuration templates
cp .env.template .env
cp .env.secrets.template .env.secrets
# 2. Edit your configuration files
# .env - paths and preferences (safe to share)
# .env.secrets - API keys and passwords (never commit)
# 3. Start NFOGuard
docker-compose up -d
```
**Docker Compose (Recommended)**:
```yaml
version: '3.8'
services:
nfoguard:
image: ghcr.io/your-org/nfoguard:latest
container_name: nfoguard
ports:
- "8080:8080"
volumes:
- /mnt/unionfs/Media:/media:rw
- ./data:/app/data
- ./.env:/app/.env:ro # Main configuration
- ./.env.secrets:/app/.env.secrets:ro # Secure API keys
restart: unless-stopped
```
**Docker Run (Alternative)**:
```bash ```bash
docker run -d \ docker run -d \
--name=NFOGuard \ --name=NFOGuard \
-p 8080:8080 \ -p 8080:8080 \
-v /mnt/unionfs/Media:/media:rw \ -v /mnt/unionfs/Media:/media:rw \
-v /opt/NFOGuard/data:/app/data \ -v /opt/NFOGuard/data:/app/data \
-e TV_PATHS="/media/TV/tv,/media/TV/tv6" \ -v /opt/NFOGuard/.env:/app/.env:ro \
-e MOVIE_PATHS="/media/Movies/movies,/media/Movies/movies6" \ -v /opt/NFOGuard/.env.secrets:/app/.env.secrets:ro \
ghcr.io/your-org/NFOGuard:latest ghcr.io/your-org/NFOGuard:latest
⚙️ Environment Variables ```
Variable Default Description
TV_PATHS /media/tv,/media/tv6 Comma-separated list of TV root paths ## 🔧 Configuration Files
MOVIE_PATHS /media/movies,/media/movies6 Comma-separated list of Movie root paths
DB_PATH /app/data/media_dates.db Path to SQLite database NFOGuard uses a **secure two-file configuration system**:
MANAGE_NFO true Write/update NFO files
FIX_DIR_MTIMES true Sync directory/file mtimes to import date ### **`.env` - Main Configuration** (safe to share)
LOCK_METADATA true Add <lockdata> in NFOs ```bash
BATCH_DELAY 5.0 Delay before processing batched events # Media paths
DEBUG false Enable verbose logging MOVIE_PATHS=/media/Movies/movies,/media/Movies/movies6
TV_PATHS=/media/TV/tv,/media/TV/tv6
# Release date priority (digital, physical, theatrical)
RELEASE_DATE_PRIORITY=digital,physical,theatrical
PREFER_RELEASE_DATES_OVER_FILE_DATES=true
ALLOW_FILE_DATE_FALLBACK=false
# Database connection
RADARR_DB_HOST=radarr-postgres
RADARR_DB_PORT=5432
RADARR_DB_NAME=radarr
RADARR_DB_USER=postgres
```
### **`.env.secrets` - Sensitive Data** (never commit)
```bash
# Database password
RADARR_DB_PASSWORD=your_actual_password
# API keys
TMDB_API_KEY=your_tmdb_api_key
RADARR_API_KEY=your_radarr_api_key
SONARR_API_KEY=your_sonarr_api_key
```
**Security Features**:
- 🔐 **API key masking** in logs automatically
- 🚫 **Git protection** - secrets never committed
- 🛠️ **Easy debugging** - main .env safe to share
🔌 API Endpoints 🔌 API Endpoints
+17 -5
View File
@@ -1,8 +1,10 @@
version: '3.8'
services: services:
NFOguard: nfoguard:
# image: ghcr.io/sbcrumb/nfoguard:latest # Use this once package is public # image: ghcr.io/sbcrumb/nfoguard:latest # Use this once package is public
build: . # Temporary local build build: . # Temporary local build
container_name: NFOguard container_name: nfoguard
restart: unless-stopped restart: unless-stopped
user: "1000:1000" user: "1000:1000"
networks: networks:
@@ -10,11 +12,21 @@ services:
ports: ports:
- "8085:8080" - "8085:8080"
volumes: volumes:
# Media directory
- /mnt/unionfs/Media/:/media:rw - /mnt/unionfs/Media/:/media:rw
# NFOGuard data directory for database and logs
- ./data:/app/data:rw - ./data:/app/data:rw
- ./.env:/app/.env:ro
env_file: # Configuration files (SECURE TWO-FILE SYSTEM)
- .env - ./.env:/app/.env:ro # Main config (safe to share)
- ./.env.secrets:/app/.env.secrets:ro # API keys & passwords (never commit)
# Optional: Can use env_file for simple setups, but file mounting is more secure
# env_file:
# - .env
# - .env.secrets
healthcheck: healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8080/health"] test: ["CMD", "curl", "-f", "http://localhost:8080/health"]
interval: 30s interval: 30s