From 2a95009adc572e5776bd3daccef1c6a4e63ad7d9 Mon Sep 17 00:00:00 2001 From: Hermes Date: Sun, 17 May 2026 21:11:59 +0000 Subject: [PATCH] audiomuse: bridge network (not gluetun), fix port conflict with TA --- infrastructure.org | 81 +++++++++++++++++++++++++++++++++------------- 1 file changed, 59 insertions(+), 22 deletions(-) diff --git a/infrastructure.org b/infrastructure.org index f79963a..7e67d49 100644 --- a/infrastructure.org +++ b/infrastructure.org @@ -1312,28 +1312,65 @@ playlists for Jellyfin. Runs as Flask app + RQ worker, connects to existing PostgreSQL and Valkey. Routes through Gluetun VPN. #+BEGIN_SRC yaml :tangle /docker/compose/services/audiomuse.yaml - 1322| - 1323|* .env Configuration - 1324| - 1325|The =.env= file at =/docker/compose/.env= holds all variable values. - 1326|The =:?err= suffix on every variable ensures missing values fail fast. - 1327| - 1328|Key variables: - 1329|- =DOCKER_SUBNET= and =DOCKER_GATEWAY= define the Docker bridge network - 1330|- =CLOUDFLARE_DNS_ZONE= (=gharbeia.net=) is used in all Traefik routes - 1331|- =PUID= and =PGID= control file ownership (1000:1000) - 1332|- =FOLDER_FOR_MEDIA= and =FOLDER_FOR_MORE= — Media library root paths - 1333|- =TUNNEL_TOKEN= is the Cloudflare tunnel auth token (managed externally) - 1334|- =TA_USERNAME= and =TA_PASSWORD= — Tube Archivist admin credentials - 1335| - 1336|* LOGBOOK - 1337| - 1338|** [2026-05-16 Sat 22:45] Tube Archivist installed - 1339|- 3-container stack: tubearchivist, ES 8.17, Redis - 1340|- Traefik secureweb/tunnel/internal routers - 1341|- Static TA_HOST=tubearchivist.gharbeia.net, ELASTIC_PASSWORD=tubearchivist - 1342|- REDIS_CON connection string (newer TA uses this instead of REDIS_HOST+REDIS_PORT) - 1343|- ES 8.17 with path_repo and xpack.security.enabled=false +services: + audiomuse-ai: + image: ghcr.io/neptunehub/audiomuse-ai:latest + container_name: audiomuse-ai + restart: unless-stopped + networks: + - networking + ports: + - ${WEBUI_PORT_AUDIOMUSE:-8005}:8000 + environment: + SERVICE_TYPE: "flask" + TZ: ${TIMEZONE:?err} + POSTGRES_USER: ${POSTGRESQL_USERNAME:?err} + POSTGRES_PASSWORD: ${POSTGRESQL_PASSWORD:?err} + POSTGRES_DB: audiomusedb + POSTGRES_HOST: postgresql + POSTGRES_PORT: "5432" + REDIS_URL: redis://valkey:6379/0 + TEMP_DIR: /app/temp_audio + FRONTEND_PORT: "8000" + volumes: + - ${FOLDER_FOR_MEDIA:?err}:/library + - ${FOLDER_FOR_MORE:?err}:/more + - temp-audio-flask:/app/temp_audio + labels: + - traefik.enable=true + - traefik.http.routers.audiomuse.service=audiomuse + - traefik.http.routers.audiomuse.rule=Host(`audiomuse.${CLOUDFLARE_DNS_ZONE:?err}`) + - traefik.http.routers.audiomuse.entrypoints=tunnel + - traefik.http.routers.audiomuse.middlewares=authentik-forwardauth@file,security-headers@file,traefik-bouncer@file + - traefik.http.services.audiomuse.loadbalancer.server.scheme=http + - traefik.http.services.audiomuse.loadbalancer.server.port=${WEBUI_PORT_AUDIOMUSE:-8005} + + audiomuse-worker: + image: ghcr.io/neptunehub/audiomuse-ai:latest + container_name: audiomuse-worker + restart: unless-stopped + networks: + - networking + environment: + SERVICE_TYPE: "worker" + TZ: ${TIMEZONE:?err} + POSTGRES_USER: ${POSTGRESQL_USERNAME:?err} + POSTGRES_PASSWORD: ${POSTGRESQL_PASSWORD:?err} + POSTGRES_DB: audiomusedb + POSTGRES_HOST: postgresql + POSTGRES_PORT: "5432" + REDIS_URL: redis://valkey:6379/0 + TEMP_DIR: /app/temp_audio + volumes: + - ${FOLDER_FOR_MEDIA:?err}:/library + - ${FOLDER_FOR_MORE:?err}:/more + - temp-audio-worker:/app/temp_audio + +volumes: + temp-audio-flask: + temp-audio-worker: +#+END_SRC + ** [2026-05-17 Sun 17:00] Tube Archivist: gluetun routing, CSRF fix, download path - TA moved to network_mode: service:gluetun (port 8000 mapped on gluetun)