diff --git a/docs/00-overview.md b/docs/00-overview.md new file mode 100644 index 0000000..8d2961e --- /dev/null +++ b/docs/00-overview.md @@ -0,0 +1,63 @@ +# 00 — ARRFLIX Technical Overview + +ARRFLIX is the operator's premium home-streaming project: AI-upscaled masters, +hand-curated metadata, and a Netflix-faithful viewing surface for a small +trusted set of users. + +Under the hood, the stack is **Jellyfin 10.10.3 in Docker on nullstone**, sat +behind **Traefik** with **Let's Encrypt DNS-01 via Gandi** for TLS, name-served +internally by **Pi-hole**, and access-bounded to the LAN (`192.168.0.0/24`) +plus tagged tailnet nodes via a Traefik allowlist middleware. The Jellyfin web +UI is rebranded as ARRFLIX through a `web-overrides/` bind-mount, an SPA +runtime shim, and the **NeutralFin / Cineplex** CSS theme stack — none of the +default Jellyfin chrome, names, or logos are reachable by an unprivileged user. + +--- + +## Architecture + +| Layer | Component | +|------------------|------------------------------------------------------------------------------------------------| +| Frontend | Jellyfin web bundle, themed and rebranded as ARRFLIX (web-overrides + NeutralFin/Cineplex CSS) | +| Application | `jellyfin/jellyfin:10.10.3` container on nullstone, sibling `jellyfin-dev` for theme work | +| Reverse proxy | Traefik with **file-provider** routing (docker-label routing flakes for this container) | +| DNS | Pi-hole internal A record: `arrflix.s8n.ru` and legacy `tv.s8n.ru` → `192.168.0.100` | +| TLS | Let's Encrypt via DNS-01, Gandi LiveDNS provider | +| Storage (media) | RO bind-mount from host `/home/user/media/{movies,tv,…}` → container `/media` | +| Storage (state) | Config + cache + metadata under host `/home/docker/jellyfin/` | +| ACL | Traefik `no-guest@file` middleware: LAN `192.168.0.0/24` + tailnet admin/infra tags only | +| WAN exposure | A record published; router port-forward gated — see `09-wan-exposure.md` | + +A second container `jellyfin-dev` runs on `dev.arrflix.s8n.ru` as a behavioural +mirror of prod for theme and branding experiments — same media (read-only), +separate config and users, LAN-only. + +--- + +## Read these in order + +1. [`01-artwork-and-images.md`](01-artwork-and-images.md) — how artwork flows through Jellyfin and the curl recipes used to repair a botched first scan. +2. [`02-metadata-and-titles.md`](02-metadata-and-titles.md) — episode/title scraping, `RemoteSearch/Apply`, and the lock-the-series workflow. +3. [`03-subtitles.md`](03-subtitles.md) — subtitle resolution order, sidecar conventions, and the OpenSubtitles plugin setup. +4. [`04-theming-and-users.md`](04-theming-and-users.md) — active theme (Cineplex v1.0.6), server-side branding, multi-user UX, SyncPlay, revert path. +5. [`05-file-structure-rules.md`](05-file-structure-rules.md) — authoritative on-disk layout for Movies / TV / Anime / Music libraries. +6. [`06-per-library-themes.md`](06-per-library-themes.md) — research note on shimming per-library CSS scoping (Movies = Netflix, Anime = Crunchyroll, Music = Spotify). +7. [`07-pre-import-cleanup.md`](07-pre-import-cleanup.md) — normative ruleset for stripping junk from scene/group dumps before import. +8. [`08-filename-normalization.md`](08-filename-normalization.md) — canonical, group-tag-free renaming ruleset between "torrent dump" and the live tree. +9. [`09-wan-exposure.md`](09-wan-exposure.md) — the LAN-only → public-internet plan, server-side changes already applied, router TODOs, and rollback. +10. [`10-spa-runtime-shim.md`](10-spa-runtime-shim.md) — why static `` patching loses to Jellyfin's SPA, and the runtime shim that wins it back. +11. [`11-neutralfin-audit.md`](11-neutralfin-audit.md) — read-only audit of the NeutralFin render gap vs the demo screenshots (no fixes applied). +12. [`12-dev-instance.md`](12-dev-instance.md) — `jellyfin-dev` sibling container: image pinning, mounts, and isolation guarantees. +13. [`13-optimization-audit.md`](13-optimization-audit.md) — read-only performance / capacity / reliability / ops-hygiene audit across REST, host, and container. +14. [`14-theme-audit.md`](14-theme-audit.md) — Cineplex theme audit and the detail-page left-band backdrop diagnosis (forward plan, not a fix). +15. [`15-force-english.md`](15-force-english.md) — root cause of the German Play button and the per-user `UICulture` pin that fixes it. +16. [`16-jellyfin-branding-leaks.md`](16-jellyfin-branding-leaks.md) — exhaustive inventory of every place "Jellyfin" or the teal triangle still leaks to a non-admin. +17. [`17-dev-mirror-and-settings-fix.md`](17-dev-mirror-and-settings-fix.md) — making dev a faithful prod mirror and fixing the non-admin Settings drawer leak (dev only). + +--- + +## See also + +- [`../README.md`](../README.md) — ARRFLIX brand-facing project page. +- [`../ADMIN-GUIDE.md`](../ADMIN-GUIDE.md) — operator runbook (day-to-day administration). +- [`../ROADMAP.md`](../ROADMAP.md) — what's next and what's known-broken.