plex-torrent-healthcheck, Report¶
URL: https://mkdocs.justinsforge.com/memory/handoffs/plex-torrent-healthcheck-2026-05-19/
Date: 2026-05-19 20:45 CDT Run by: Claude Code (Opus 4.7) Verdict: π’ Mostly healthy. Two yellows (audio-compat script location, gluetun control-API auth). No reds.
Subsystem status¶
| Subsystem | Status | Notes |
|---|---|---|
| Plex service | π’ | plexmediaserver active 4d, PID 895, 172MB RSS, 204 movies in library DB |
| Plex GPU (Intel xe) | π’ | /dev/dri/by-path/... symlink present, /dev/dri/renderD128 live, vainfo reports iHD driver 24.1.0 (Gen Graphics), VAProfileH264 entrypoints OK |
| Plex transcode log | π’ | 0 segment muxer floods in current log; no active transcoders right now |
| Plex storage | π’ | /mnt/storage 13T / 24T = 55%, xfs, healthy |
| media-server stack | π’ | Compose project media at /opt/stacks/media (quirk confirmed); 22 containers Up, gluetun + calibre-web report (healthy) |
| VPN isolation | π’ | host public IP 136.62.213.210 (Spectrum), gluetun + qbittorrent both 159.26.100.51 β qBit traffic correctly bound to gluetun netns |
| arr stack HTTP | π’ | sonarr/radarr/prowlarr 302βlogin, bazarr 200, qbit 200 (all probed inside gluetun netns) |
| media-server storage | π’ | /mnt/storage 13T / 24T = 55% (same NFS volume as plex); root 14G / 50G |
| Audio default-compat script | π‘ | Script NOT in /usr/local/bin/ on plex host; canonical path per reference_plex_audio_compat.md not found. 13 stragglers from boot briefing not verifiable from here. |
| Gluetun control API | π‘ | :8000/v1/openvpn/{portforwarded,status} returns HTTP 401 β auth-required since recent gluetun rev. Observability gap, not a failure. |
Evidence¶
VPN leak test:
host IPv4: 136.62.213.210
gluetun IPv4: 159.26.100.51
qbit IPv4: 159.26.100.51 β matches gluetun β isolated
GPU:
/dev/dri/by-path β present (kernel 6.17 fix holding)
/dev/dri/renderD128 crw-rw---- root render
vainfo: VA-API 1.20, iHD driver 24.1.0
Containers Up (22): physics/graduation/banana* landings, qbittorrent, cleanuparr, bazarr, recyclarr, gluetun (healthy), flaresolverr, calibre-web (healthy), overseerr, sonarr, prowlarr, radarr, shelfarr, audiobookshelf, justinandkrystal-{landing,cloudflared,hub-api}, portainer.
Punch list¶
- Locate audio default-compat script on plex (
forge_plex_default_audio_compat.sh). Reference memory says/usr/local/bin/but not there. Likely lives under/home/justinwieb/or never deployed to plex host. Tie up with theplex-audio-stragglers-2026-05-15handoff (13 MKVs pending). - Gluetun control-API auth. New gluetun requires
HTTP_CONTROL_SERVER_AUTH_CONFIG_FILEPATHor env-defined API key. Add auth header to any forge tooling that queries port-forward state, or setAUTH_CONFIGto allow loopback unauth. Without this, can't confirm PIA port-forward is live (qBit incoming connections may be sub-optimal). - qBit local API forbidden from media-server host (only WebUI auth from container). Fine for now, but if any forge script needs qBit stats add
WEBUI_AUTHSUBNETWHITELISTfor the docker bridge.
Untested / out of scope¶
- Did not authenticate to qBit WebUI, so stalled/ratio per-torrent state not verified β only that the daemon responds.
- Did not pull arr-stack API keys to hit
/api/v3/system/statusβ only confirmed HTTP listeners up. - Recent-grabs landing on disk: not verified (would need arr API keys).
Signed: [Claude Code]