arian/navidrome-uploader
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

Compare commits

base: arian/navidrome-uploader:v0.1.0-2
Branches Tags
arian/navidrome-uploader:main arian/navidrome-uploader:pr-apt-purge-fix arian/navidrome-uploader:deb-packaging arian/navidrome-uploader:pr-systemd-service arian/navidrome-uploader:gunicorn-migration arian/navidrome-uploader:pr-ext-conf arian/navidrome-uploader:pr-healthcheck
arian/navidrome-uploader:v0.1.0-2 arian/navidrome-uploader:v0.1.0-1 arian/navidrome-uploader:v0.1.0
..
compare: arian/navidrome-uploader:02cf986f97c51720e27be1edce1a89b94f91b35f
Branches Tags
arian/navidrome-uploader:main arian/navidrome-uploader:pr-apt-purge-fix arian/navidrome-uploader:deb-packaging arian/navidrome-uploader:pr-systemd-service arian/navidrome-uploader:gunicorn-migration arian/navidrome-uploader:pr-ext-conf arian/navidrome-uploader:pr-healthcheck
arian/navidrome-uploader:v0.1.0-2 arian/navidrome-uploader:v0.1.0-1 arian/navidrome-uploader:v0.1.0

1 Commits
v0.1.0-2 .. 02cf986f97

Author SHA1 Message Date
arian 02cf986f97 mv conf vars external 2026-03-10 12:09:57 -04:00
18 changed files with 11 additions and 206 deletions
Expand all files Collapse all files
.env.example
+1 -1
View File
@@ -1,3 +1,3 @@
NAVIDROME_MUSIC_FOLDER="/opt/navidrome/music"
BIND_ADDRESS="0.0.0.0"
BIND_ADDRESS="192.168.2.24"
BIND_PORT="5001"
.gitignore
-2
View File
@@ -3,5 +3,3 @@ setup.sh
navidrome-upload.service
.idea/
.env
/README.md
__pycache__/
contrib/navidrome-uploader.service
-47
View File
@@ -1,47 +0,0 @@
[Unit]
Description=Navidrome Music Uploader Service
After=network.target,navidrome.service
[Service]
Type=simple
User=navidrome-uploader
Group=navidrome-uploader
WorkingDirectory=/opt/navidrome-uploader
Environment="PATH=/opt/navidrome-uploader/venv/bin"
EnvironmentFile=/etc/default/navidrome-uploader/.env
ExecStart=/opt/navidrome-uploader/venv/bin/gunicorn --no-control-socket -c gunicorn.conf.py main:app
Restart=on-failure
RestartSec=30
NoNewPrivileges=yes
CapabilityBoundingSet=
AmbientCapabilities=
ProtectSystem=strict
ProtectHome=yes
PrivateTmp=yes
ReadWritePaths=/opt/navidrome-uploader /opt/navidrome/music
InaccessiblePaths=/boot /mnt /media
PrivateDevices=yes
ProtectKernelTunables=yes
ProtectKernelModules=yes
ProtectKernelLogs=yes
ProtectControlGroups=yes
ProtectClock=yes
ProtectHostname=yes
RestrictNamespaces=yes
RestrictRealtime=yes
RestrictSUIDSGID=yes
LockPersonality=yes
SystemCallFilter=@system-service
SystemCallErrorNumber=EPERM
PrivateNetwork=no
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
UMask=0027
[Install]
WantedBy=multi-user.target
debian/changelog
Vendored
-18
View File
@@ -1,18 +0,0 @@
navidrome-uploader (0.1.0-2) unstable; urgency=high
* Run pip install stage as navidrome-uploader user instead of root
-- Arian Nasr <arian@2ari.ca> Tue, 14 Apr 2026 12:11:00 -0400
navidrome-uploader (0.1.0-1) unstable; urgency=medium
* Disable gunicorn control socket in systemd service unit
-- Arian Nasr <arian@2ari.ca> Thu, 09 Apr 2026 01:58:00 -0400
navidrome-uploader (0.1.0) unstable; urgency=medium
* Add Debian packaging with systemd service integration and venv setup.
-- Arian Nasr <arian@2ari.ca> Tue, 07 Apr 2026 12:00:00 +0000
debian/control
Vendored
-12
View File
@@ -1,12 +0,0 @@
Source: navidrome-uploader
Section: web
Priority: optional
Maintainer: Arian Nasr <arian@2ari.ca>
Build-Depends: debhelper-compat (= 13)
Standards-Version: 4.7.0
Rules-Requires-Root: no
Package: navidrome-uploader
Architecture: all
Depends: ${misc:Depends}, adduser, python3, python3-venv
Description: Navidrome Web Upload Utility
debian/navidrome-uploader.dirs
Vendored
-7
View File
@@ -1,7 +0,0 @@
opt/navidrome-uploader
opt/navidrome-uploader/templates
opt/navidrome-uploader/static
opt/navidrome-uploader/static/css
opt/navidrome-uploader/static/js
etc/default/navidrome-uploader
debian/navidrome-uploader.install
Vendored
-9
View File
@@ -1,9 +0,0 @@
main.py opt/navidrome-uploader/
gunicorn.conf.py opt/navidrome-uploader/
requirements.txt opt/navidrome-uploader/
.env.example opt/navidrome-uploader/
templates/* opt/navidrome-uploader/templates/
static/css/* opt/navidrome-uploader/static/css/
static/js/* opt/navidrome-uploader/static/js/
contrib/navidrome-uploader.service lib/systemd/system/
debian/navidrome-uploader.postinst
Vendored
-26
View File
@@ -1,26 +0,0 @@
#!/bin/sh
set -e
APP_DIR="/opt/navidrome-uploader"
VENV_DIR="${APP_DIR}/venv"
APP_USER="navidrome-uploader"
case "$1" in
configure)
chown -R "$APP_USER:$APP_USER" "$APP_DIR"
runuser -u "$APP_USER" -- python3 -m venv "$VENV_DIR"
runuser -u "$APP_USER" -- "$VENV_DIR/bin/pip" install --no-cache-dir --upgrade pip
runuser -u "$APP_USER" -- "$VENV_DIR/bin/pip" install --no-cache-dir -r "$APP_DIR/requirements.txt"
if command -v systemctl >/dev/null 2>&1; then
systemctl daemon-reload || true
systemctl enable navidrome-uploader.service || true
systemctl restart navidrome-uploader.service || true
fi
;;
esac
exit 0
debian/navidrome-uploader.postrm
Vendored
-14
View File
@@ -1,14 +0,0 @@
#!/bin/sh
set -e
if command -v systemctl > /dev/null 2>&1; then
systemctl daemon-reload || true
fi
if [ "$1" = "purge" ]; then
rm -rf /etc/default/navidrome-uploader
rm -rf /opt/navidrome-uploader/venv
fi
exit 0
debian/navidrome-uploader.preinst
Vendored
-10
View File
@@ -1,10 +0,0 @@
#!/bin/sh
set -e
if ! getent passwd navidrome-uploader > /dev/null 2>&1; then
printf "Creating navidrome-uploader user\n"
useradd --system --shell /usr/sbin/nologin --user-group navidrome-uploader
fi
exit 0
debian/navidrome-uploader.prerm
Vendored
-14
View File
@@ -1,14 +0,0 @@
#!/bin/sh
set -e
case "$1" in
remove|deconfigure)
if command -v systemctl > /dev/null 2>&1; then
systemctl stop navidrome-uploader.service || true
systemctl disable navidrome-uploader.service || true
fi
;;
esac
exit 0
debian/rules
Vendored
-10
View File
@@ -1,10 +0,0 @@
#!/usr/bin/make -f
%:
dh $@
override_dh_install:
dh_install
install -d debian/navidrome-uploader/etc/default/navidrome-uploader
install -m 0640 .env.example debian/navidrome-uploader/etc/default/navidrome-uploader/.env
debian/source/format
Vendored
-2
View File
@@ -1,2 +0,0 @@
3.0 (native)
gunicorn.conf.py
-16
View File
@@ -1,16 +0,0 @@
# gunicorn.conf.py
# Arian Nasr
# April 4, 2026
import os
BIND_ADDRESS = os.environ.get('BIND_ADDRESS', '0.0.0.0')
BIND_PORT = int(os.environ.get('BIND_PORT', 5001))
bind = f"{BIND_ADDRESS}:{BIND_PORT}"
workers = 2
accesslog = "-" # Log to stdout
errorlog = "-" # Log to stderr
# gunicorn -c gunicorn.conf.py main:app
main.py
+6 -4
View File
@@ -7,6 +7,8 @@ from flask import Flask, request, render_template
from werkzeug.utils import secure_filename
UPLOAD_FOLDER = os.environ.get('NAVIDROME_MUSIC_FOLDER', '/opt/navidrome/music')
BIND_ADDRESS = os.environ.get('BIND_ADDRESS', '0.0.0.0')
BIND_PORT = int(os.environ.get('BIND_PORT', 5001))
ALLOWED_EXTENSIONS = {'flac', 'mp3', 'wav'}
app = Flask(__name__)
@@ -16,10 +18,6 @@ def allowed_file(filename):
return '.' in filename and \
filename.rsplit('.', 1)[1].lower() in ALLOWED_EXTENSIONS
@app.route('/ping')
def ping():
return 'pong', 200
@app.route('/', methods=['GET', 'POST'])
def upload_file():
if request.method == 'POST':
@@ -33,3 +31,7 @@ def upload_file():
return render_template('success.html', success_message=f'{len(request.files)} file(s) uploaded successfully!'), 200
return render_template('index.html'), 200
if __name__ == '__main__':
app.run(host=BIND_ADDRESS, port=BIND_PORT, debug=False)
release/build-deb.sh
-9
View File
@@ -1,9 +0,0 @@
#!/bin/sh
set -eu
SCRIPT_DIR="$(CDPATH= cd -- "$(dirname -- "$0")" && pwd)"
PROJECT_ROOT="$(CDPATH= cd -- "${SCRIPT_DIR}/.." && pwd)"
cd "${PROJECT_ROOT}"
dpkg-buildpackage -us -uc -b
requirements.txt
+2 -3
View File
@@ -1,8 +1,7 @@
blinker==1.9.0
click==8.3.2
click==8.3.1
Flask==3.1.3
itsdangerous==2.2.0
Jinja2==3.1.6
MarkupSafe==3.0.3
Werkzeug==3.1.8
gunicorn==25.3.0
Werkzeug==3.1.6
templates/index.html
+1 -1
View File
@@ -11,7 +11,7 @@
<body>
<script>
Dropzone.options.myDropzone = {
parallelUploads: 4,
parallelUploads: 2,
uploadMultiple: true,
acceptedFiles: 'audio/*'
};