adding docker example updates
This commit is contained in:
+6
-1
@@ -57,4 +57,9 @@ temp/
|
||||
*.tmp
|
||||
|
||||
# Docker
|
||||
.dockerignore
|
||||
.dockerignore
|
||||
|
||||
# Local development files (not for public repo)
|
||||
*.local
|
||||
CODE_STRUCTURE.local
|
||||
RESTART_SUMMARY.md
|
||||
+16
-5
@@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
|
||||
## [Unreleased] - v0.6.0
|
||||
|
||||
### Added
|
||||
- **🔐 Secure Configuration System**: Two-file configuration with automatic API key masking
|
||||
- **Main `.env`**: Paths and preferences (safe to share for debugging)
|
||||
- **Separate `.env.secrets`**: API keys and passwords (never committed to git)
|
||||
- **Automatic Loading**: Both files loaded at startup with python-dotenv
|
||||
- **Log Security**: API keys automatically masked in all log output
|
||||
- **Git Protection**: Updated .gitignore prevents accidental commits of sensitive data
|
||||
- **🎯 Configurable Release Date Priority System**: Revolutionary smart fallback for manual imports
|
||||
- **Configurable Priority Order**: `RELEASE_DATE_PRIORITY=digital,physical,theatrical` (customizable)
|
||||
- **Digital Releases**: VOD/streaming dates (Netflix, iTunes, etc.) - TMDB type 4
|
||||
@@ -30,15 +36,20 @@ All notable changes to this project will be documented in this file.
|
||||
- OMDb API for DVD/digital release dates
|
||||
- Jellyseerr integration for additional digital release data
|
||||
- **Deployment Documentation**:
|
||||
- `DEPLOYMENT.md` - Complete Docker deployment guide
|
||||
- `SETUP.md` - Secure configuration setup guide
|
||||
- `DEPLOYMENT.md` - Complete Docker deployment guide
|
||||
- `TESTING.md` - Testing strategy and troubleshooting
|
||||
- `.env.template` - Comprehensive configuration template
|
||||
- `docker-compose.yml` - Production-ready deployment
|
||||
- `.env.template` - Clean main configuration template
|
||||
- `.env.secrets.template` - Secure secrets configuration template
|
||||
- `docker-compose.yml` - Production-ready deployment with volume mounts
|
||||
|
||||
### Changed
|
||||
- **Configuration Management**: Removed hardcoded paths, fully environment variable driven
|
||||
- **Configuration Management**: Secure two-file system replaces single .env approach
|
||||
- **Separated Concerns**: Main config (.env) vs sensitive data (.env.secrets)
|
||||
- **Enhanced Security**: API key masking and git protection built-in
|
||||
- **Docker Integration**: Updated docker-compose.yml with proper volume mounts
|
||||
- **Movie Priority Logic**: Enhanced `import_then_digital` to intelligently handle file date fallbacks
|
||||
- **README.md**: Complete rewrite with all API endpoints, curl examples, and response formats
|
||||
- **README.md**: Complete rewrite with secure configuration examples and curl commands
|
||||
|
||||
### Fixed
|
||||
- **Manual Import Handling**: Movies manually imported to Radarr now use digital release dates instead of file modification dates
|
||||
|
||||
@@ -50,27 +50,87 @@ It integrates with **Sonarr** and **Radarr**, listens for import/rename/upgrade
|
||||
|
||||
---
|
||||
|
||||
## 🚀 Quick Start (Docker)
|
||||
## 🚀 Quick Start (Docker Compose)
|
||||
|
||||
```bash
|
||||
# 1. Copy configuration templates
|
||||
cp .env.template .env
|
||||
cp .env.secrets.template .env.secrets
|
||||
|
||||
# 2. Edit your configuration files
|
||||
# .env - paths and preferences (safe to share)
|
||||
# .env.secrets - API keys and passwords (never commit)
|
||||
|
||||
# 3. Start NFOGuard
|
||||
docker-compose up -d
|
||||
```
|
||||
|
||||
**Docker Compose (Recommended)**:
|
||||
```yaml
|
||||
version: '3.8'
|
||||
services:
|
||||
nfoguard:
|
||||
image: ghcr.io/your-org/nfoguard:latest
|
||||
container_name: nfoguard
|
||||
ports:
|
||||
- "8080:8080"
|
||||
volumes:
|
||||
- /mnt/unionfs/Media:/media:rw
|
||||
- ./data:/app/data
|
||||
- ./.env:/app/.env:ro # Main configuration
|
||||
- ./.env.secrets:/app/.env.secrets:ro # Secure API keys
|
||||
restart: unless-stopped
|
||||
```
|
||||
|
||||
**Docker Run (Alternative)**:
|
||||
```bash
|
||||
docker run -d \
|
||||
--name=NFOGuard \
|
||||
-p 8080:8080 \
|
||||
-v /mnt/unionfs/Media:/media:rw \
|
||||
-v /opt/NFOGuard/data:/app/data \
|
||||
-e TV_PATHS="/media/TV/tv,/media/TV/tv6" \
|
||||
-e MOVIE_PATHS="/media/Movies/movies,/media/Movies/movies6" \
|
||||
-v /opt/NFOGuard/.env:/app/.env:ro \
|
||||
-v /opt/NFOGuard/.env.secrets:/app/.env.secrets:ro \
|
||||
ghcr.io/your-org/NFOGuard:latest
|
||||
⚙️ Environment Variables
|
||||
Variable Default Description
|
||||
TV_PATHS /media/tv,/media/tv6 Comma-separated list of TV root paths
|
||||
MOVIE_PATHS /media/movies,/media/movies6 Comma-separated list of Movie root paths
|
||||
DB_PATH /app/data/media_dates.db Path to SQLite database
|
||||
MANAGE_NFO true Write/update NFO files
|
||||
FIX_DIR_MTIMES true Sync directory/file mtimes to import date
|
||||
LOCK_METADATA true Add <lockdata> in NFOs
|
||||
BATCH_DELAY 5.0 Delay before processing batched events
|
||||
DEBUG false Enable verbose logging
|
||||
```
|
||||
|
||||
## 🔧 Configuration Files
|
||||
|
||||
NFOGuard uses a **secure two-file configuration system**:
|
||||
|
||||
### **`.env` - Main Configuration** (safe to share)
|
||||
```bash
|
||||
# Media paths
|
||||
MOVIE_PATHS=/media/Movies/movies,/media/Movies/movies6
|
||||
TV_PATHS=/media/TV/tv,/media/TV/tv6
|
||||
|
||||
# Release date priority (digital, physical, theatrical)
|
||||
RELEASE_DATE_PRIORITY=digital,physical,theatrical
|
||||
PREFER_RELEASE_DATES_OVER_FILE_DATES=true
|
||||
ALLOW_FILE_DATE_FALLBACK=false
|
||||
|
||||
# Database connection
|
||||
RADARR_DB_HOST=radarr-postgres
|
||||
RADARR_DB_PORT=5432
|
||||
RADARR_DB_NAME=radarr
|
||||
RADARR_DB_USER=postgres
|
||||
```
|
||||
|
||||
### **`.env.secrets` - Sensitive Data** (never commit)
|
||||
```bash
|
||||
# Database password
|
||||
RADARR_DB_PASSWORD=your_actual_password
|
||||
|
||||
# API keys
|
||||
TMDB_API_KEY=your_tmdb_api_key
|
||||
RADARR_API_KEY=your_radarr_api_key
|
||||
SONARR_API_KEY=your_sonarr_api_key
|
||||
```
|
||||
|
||||
**Security Features**:
|
||||
- 🔐 **API key masking** in logs automatically
|
||||
- 🚫 **Git protection** - secrets never committed
|
||||
- 🛠️ **Easy debugging** - main .env safe to share
|
||||
|
||||
🔌 API Endpoints
|
||||
|
||||
|
||||
@@ -1,8 +1,10 @@
|
||||
version: '3.8'
|
||||
|
||||
services:
|
||||
NFOguard:
|
||||
nfoguard:
|
||||
# image: ghcr.io/sbcrumb/nfoguard:latest # Use this once package is public
|
||||
build: . # Temporary local build
|
||||
container_name: NFOguard
|
||||
container_name: nfoguard
|
||||
restart: unless-stopped
|
||||
user: "1000:1000"
|
||||
networks:
|
||||
@@ -10,11 +12,21 @@ services:
|
||||
ports:
|
||||
- "8085:8080"
|
||||
volumes:
|
||||
# Media directory
|
||||
- /mnt/unionfs/Media/:/media:rw
|
||||
|
||||
# NFOGuard data directory for database and logs
|
||||
- ./data:/app/data:rw
|
||||
- ./.env:/app/.env:ro
|
||||
env_file:
|
||||
- .env
|
||||
|
||||
# Configuration files (SECURE TWO-FILE SYSTEM)
|
||||
- ./.env:/app/.env:ro # Main config (safe to share)
|
||||
- ./.env.secrets:/app/.env.secrets:ro # API keys & passwords (never commit)
|
||||
|
||||
# Optional: Can use env_file for simple setups, but file mounting is more secure
|
||||
# env_file:
|
||||
# - .env
|
||||
# - .env.secrets
|
||||
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://localhost:8080/health"]
|
||||
interval: 30s
|
||||
|
||||
Reference in New Issue
Block a user