Initial Commit
This commit is contained in:
commit
2d11850d3e
74
.gitea/ISSUE_TEMPLATE/adding.yml
Normal file
74
.gitea/ISSUE_TEMPLATE/adding.yml
Normal file
@ -0,0 +1,74 @@
|
|||||||
|
name: 'Add Application'
|
||||||
|
description: 'Track the process of adding a new application'
|
||||||
|
title: 'Add Application: [Application Name]'
|
||||||
|
labels:
|
||||||
|
- addition
|
||||||
|
assignees: ''
|
||||||
|
|
||||||
|
body:
|
||||||
|
- type: markdown
|
||||||
|
attributes:
|
||||||
|
value: |
|
||||||
|
## Application Details
|
||||||
|
|
||||||
|
- type: input
|
||||||
|
id: application-name
|
||||||
|
attributes:
|
||||||
|
label: Application Name
|
||||||
|
description: Name of the application to be added
|
||||||
|
placeholder: Name of the application
|
||||||
|
|
||||||
|
- type: textarea
|
||||||
|
id: application-description
|
||||||
|
attributes:
|
||||||
|
label: Application Description
|
||||||
|
description: Provide a brief description of the application and its purpose
|
||||||
|
placeholder: Description of the application
|
||||||
|
|
||||||
|
- type: checkboxes
|
||||||
|
id: application-reason
|
||||||
|
attributes:
|
||||||
|
label: Reason for Addition
|
||||||
|
description: Please select one or more reasons for adding the application
|
||||||
|
options:
|
||||||
|
- label: New functionality
|
||||||
|
- label: Performance improvement
|
||||||
|
- label: Security enhancement
|
||||||
|
- label: Replacing another application
|
||||||
|
description: Provide the name of the application being replaced, if applicable
|
||||||
|
- label: Other (please specify)
|
||||||
|
description: Provide additional details
|
||||||
|
|
||||||
|
- type: markdown
|
||||||
|
attributes:
|
||||||
|
value: |
|
||||||
|
## Steps to Add
|
||||||
|
|
||||||
|
- type: checkboxes
|
||||||
|
id: steps-to-add
|
||||||
|
attributes:
|
||||||
|
label: Steps to Add
|
||||||
|
description: Please check off each step as it is completed
|
||||||
|
options:
|
||||||
|
- label: Add Configuration Files
|
||||||
|
description: Create and add configuration files for the new application
|
||||||
|
- label: Update Wiki
|
||||||
|
description: Create or update the Wiki page for the new application and update any relevant architecture diagrams or flowcharts
|
||||||
|
- label: Update README(s)
|
||||||
|
description: Add the new application to the main table and any other relevant sections
|
||||||
|
- label: Add to CD Platform Logic
|
||||||
|
description: Add necessary logic to the CD platform for the new application
|
||||||
|
- label: Testing and Validation
|
||||||
|
description: Ensure the application is tested and validated in the environment
|
||||||
|
|
||||||
|
- type: markdown
|
||||||
|
attributes:
|
||||||
|
value: |
|
||||||
|
## Commit IDs for Completed Steps
|
||||||
|
|
||||||
|
- type: textarea
|
||||||
|
id: commit-ids
|
||||||
|
attributes:
|
||||||
|
label: Commit IDs
|
||||||
|
description: Enter the commit IDs for the completed steps above
|
||||||
|
placeholder: Enter commit IDs separated by commas
|
50
.gitea/ISSUE_TEMPLATE/feature-request.yml
Normal file
50
.gitea/ISSUE_TEMPLATE/feature-request.yml
Normal file
@ -0,0 +1,50 @@
|
|||||||
|
name: 'Feature Request'
|
||||||
|
description: 'Suggest a new feature for the project'
|
||||||
|
title: 'Feature Request: [Summary]'
|
||||||
|
labels:
|
||||||
|
- enhancement
|
||||||
|
assignees: ''
|
||||||
|
|
||||||
|
body:
|
||||||
|
- type: markdown
|
||||||
|
attributes:
|
||||||
|
value: |
|
||||||
|
## Feature Request
|
||||||
|
|
||||||
|
**Please fill out this template with the requested information.**
|
||||||
|
|
||||||
|
- type: input
|
||||||
|
id: summary
|
||||||
|
attributes:
|
||||||
|
label: Summary
|
||||||
|
description: A concise description of the feature you'd like to see added.
|
||||||
|
placeholder: Brief summary of the feature request
|
||||||
|
|
||||||
|
- type: textarea
|
||||||
|
id: motivation
|
||||||
|
attributes:
|
||||||
|
label: Motivation
|
||||||
|
description: Explain why this feature would be beneficial to the project. What problem does it solve or what value does it bring?
|
||||||
|
placeholder: Describe the motivation behind the feature request
|
||||||
|
|
||||||
|
- type: textarea
|
||||||
|
id: detailed-description
|
||||||
|
attributes:
|
||||||
|
label: Detailed Description
|
||||||
|
description: |
|
||||||
|
Provide a detailed explanation of the proposed feature. Include:
|
||||||
|
- How would this feature be used?
|
||||||
|
- What are the expected benefits of this feature?
|
||||||
|
- Are there any potential drawbacks or limitations to consider?
|
||||||
|
placeholder: Provide a detailed description of the feature
|
||||||
|
|
||||||
|
- type: textarea
|
||||||
|
id: additional-context
|
||||||
|
attributes:
|
||||||
|
label: Additional Context
|
||||||
|
description: |
|
||||||
|
Include any relevant information such as:
|
||||||
|
- Links to external resources (e.g., documentation, articles)
|
||||||
|
- Screenshots or mockups to illustrate the feature
|
||||||
|
- Use cases and examples of how the feature would be used
|
||||||
|
placeholder: Add any other context or screenshots about the feature request here
|
39
.gitea/workflows/deploy-containers.yml
Normal file
39
.gitea/workflows/deploy-containers.yml
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
name: Deploy
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches:
|
||||||
|
- master
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
deploy:
|
||||||
|
name: Prepare Build
|
||||||
|
runs-on: alpine-latest
|
||||||
|
container: alpine:latest
|
||||||
|
steps:
|
||||||
|
- name: Install dependencies
|
||||||
|
run: |
|
||||||
|
apk update
|
||||||
|
apk add --no-cache nodejs npm git bash openssh python3 py3-pip py3-passlib
|
||||||
|
python3 -m pip install --user ansible --break-system-packages
|
||||||
|
export PATH="/root/.local/bin:$PATH"
|
||||||
|
|
||||||
|
- name: Checkout code
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
with:
|
||||||
|
fetch-depth: 0
|
||||||
|
|
||||||
|
- name: Deploy containers
|
||||||
|
run: |
|
||||||
|
mkdir -p ~/.ssh
|
||||||
|
echo "${{ secrets.SSH_KNOWN_HOSTS }}" >> ~/.ssh/known_hosts
|
||||||
|
chmod 644 ~/.ssh/known_hosts
|
||||||
|
eval $(ssh-agent -s)
|
||||||
|
ssh-add <(echo "${{ secrets.SSH_PRIVATE_KEY }}")
|
||||||
|
echo "HOST *" > ~/.ssh/config
|
||||||
|
echo "StrictHostKeyChecking no" >> ~/.ssh/config
|
||||||
|
echo "${{ secrets.ANSIBLE_VAULT_PASSWORD }}" > ~/.vault_password.txt
|
||||||
|
echo "nameserver 10.10.10.1" > /etc/resolv.conf
|
||||||
|
./.gitea/workflows/deploy.sh "${{ github.event.before }}" "${{ github.sha }}"
|
||||||
|
|
||||||
|
|
14
.gitea/workflows/deploy.sh
Executable file
14
.gitea/workflows/deploy.sh
Executable file
@ -0,0 +1,14 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
changed_tasks=($(git diff --name-only $1 $2 | grep '\.yml$'))
|
||||||
|
if [ ! -z "$changed_tasks" ]; then
|
||||||
|
for task in "${changed_tasks[@]}"; do
|
||||||
|
tag=$(echo "$task" | awk -F/ '{print $2}')
|
||||||
|
if [[ "$tag" != "deploy-homelab.yml" && "$tag" != "main.yml" && "$tag" != "all.yml" && "$tag" != "all.example.yml" && "$tag" != "ISSUE_TEMPLATE" && "$tag" != "workflows" ]] ; then
|
||||||
|
tag=${tag%.*}_install
|
||||||
|
/root/.local/bin/ansible-playbook main.yml --tags "$tag" --vault-password-file ~/.vault_password.txt
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
else
|
||||||
|
echo "No changes detected in task files. Skipping Ansible playbook execution."
|
||||||
|
fi
|
175
README.md
Normal file
175
README.md
Normal file
@ -0,0 +1,175 @@
|
|||||||
|
![Header Image](https://miro.medium.com/v2/resize:fit:4000/1*16DgdobhWUUXKzF4fwjOdw.png)
|
||||||
|
|
||||||
|
<div align = "center">
|
||||||
|
|
||||||
|
# Homelab
|
||||||
|
|
||||||
|
Homelab deployed as Infrastructure as Code (IaC) using ansible and terraform. Using Gitea Actions and Renovate bot for CI/CD to keep containers updated.
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<!-- [![deploy-containers](https://gitea.comprofix.com/mmckinnon/homelab/actions/workflows/deploy-containers.yml/badge.svg)](https://gitea.comprofix.com/mmckinnon/homelab/actions) -->
|
||||||
|
|
||||||
|
<div align="center">
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
| Provider | OS | Tools
|
||||||
|
|---|---|---|
|
||||||
|
| [![BinaryLane](https://img.shields.io/badge/BinaryLane-8A2BE2)](https://binarylane.com.au) | [![Debian](https://img.shields.io/badge/Debian-%23c9d1d9?&logo=Debian&logoColor=red)](https://www.debian.org/releases/stable/) | [![Gitea](https://img.shields.io/badge/gitea-%23c9d1d9?logo=gitea&logoColor=green)](https://about.gitea.com/) [![Docker](https://img.shields.io/badge/-Docker-%23c9d1d9?logo=docker)](https://www.docker.com/)
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
|
This VPS contains containers and services that need to be always online as part of the HomeLab setup.
|
||||||
|
|
||||||
|
<!-- <div align="center">
|
||||||
|
|
||||||
|
## Apps in Repo:
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<th>Logo</th>
|
||||||
|
<th>Name</th>
|
||||||
|
<th>Description</th>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://www.vectorlogo.zone/logos/letsencrypt/letsencrypt-icon.svg"></td>
|
||||||
|
<td><a href="https://certbot.eff.org/">Certbot</a></td>
|
||||||
|
<td>Used to generate Let's Encrypt Certificates</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://code.visualstudio.com/assets/images/code-stable.png"></td>
|
||||||
|
<td><a href="https://github.com/coder/code-server">codeserver</a></td>
|
||||||
|
<td>Run VS Code on any machine anywhere and access it in the browser</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/amir20/dozzle/master/assets/favicon.svg"></td>
|
||||||
|
<td><a href="https://dozzle.dev">dozzle</a></td>
|
||||||
|
<td>Real-time logging and monitoring for Docker in the browser</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/go-gitea/gitea/main/assets/logo.svg"></td>
|
||||||
|
<td><a href="https://docs.gitea.com/category/installation">Gitea</a></td>
|
||||||
|
<td>Self-Hosted Git Service</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/go-gitea/gitea/main/assets/logo.svg"></td>
|
||||||
|
<td><a href="https://docs.gitea.com/usage/actions/act-runner">Act Runner (Gitea Runner)</a></td>
|
||||||
|
<td>Self-Hosted Runner Service</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/thomiceli/opengist/a9dd531f676d01b93bb6bd70751a69382ca563b0/public/opengist.svg"></td>
|
||||||
|
<td><a href="https://github.com/thomiceli/opengist">Opengist</a></td>
|
||||||
|
<td>Opengist is a self-hosted pastebin powered by Git</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/homepage.png"></td>
|
||||||
|
<td><a href="https://gethomepage.dev/latest/">Homepage</a></td>
|
||||||
|
<td>A modern, fully static, fast, secure fully proxied, highly customizable application dashboard with integrations for over 100 services and translations into multiple languages. Easily configured via YAML files or through docker label discovery</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/invoiceninja.svg"></td>
|
||||||
|
<td><a href="https://invoiceninja.com/">Invoice Ninja</a></td>
|
||||||
|
<td>Free Invoicing Software for Small Businesses</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/jellyfin.svg"></td>
|
||||||
|
<td><a href="https://jellyfin.org/">Jellyfin</a></td>
|
||||||
|
<td>Jellyfin is a Free Software Media System that puts you in control of managing and streaming your media.</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/jellyseerr.svg"></td>
|
||||||
|
<td><a href="https://github.com/Fallenbagel/jellyseerr">Jellyseerr</a></td>
|
||||||
|
<td>Jellyseerr is a free and open source software application for managing requests for your media library.</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/lidarr.svg"></td>
|
||||||
|
<td><a href="https://lidarr.audio/">Lidarr</a></td>
|
||||||
|
<td>Lidarr is a music collection manager for Usenet and BitTorrent users. </td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/mariadb.svg"></td>
|
||||||
|
<td><a href="https://mariadb.org/">MariaDB</a></td>
|
||||||
|
<td>MariaDB Server is one of the most popular open source relational databases. It’s made by the original developers of MySQL and guaranteed to stay open source.</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/mealie.svg"></td>
|
||||||
|
<td><a href="https://mealie.io">Mealie</a></td>
|
||||||
|
<td>Mealie is an intuitive and easy to use recipe management app.</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/osticket.svg"></td>
|
||||||
|
<td><a href="https://osticket.com/">osTicket</a></td>
|
||||||
|
<td>osTicket is a widely used and trusted open source support ticketing system.</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/planka.svg"></td>
|
||||||
|
<td><a href="https://planka.app/">Planka</a></td>
|
||||||
|
<td>Elegant open source project tracking</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/portainer.svg"></td>
|
||||||
|
<td><a href="https://portainer.io/">Portainer</a></td>
|
||||||
|
<td>Portainer is your container management software</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/postgres.svg"></td>
|
||||||
|
<td><a href="https://portainer.io/">PostgreSQL</a></td>
|
||||||
|
<td>PostgreSQL, also known as Postgres, is a free and open-source relational database management system emphasizing extensibility and SQL compliance</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/privatebin.svg"></td>
|
||||||
|
<td><a href="https://privatebin.info/">Privatebin</a></td>
|
||||||
|
<td>PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data.</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/prowlarr.svg"></td>
|
||||||
|
<td><a href="https://github.com/Prowlarr/Prowlarr">Prowlarr</a></td>
|
||||||
|
<td>Prowlarr supports management of both Torrent Trackers and Usenet Indexers.</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://icons.veryicon.com/png/o/miscellaneous/cookd-pc/kms-management.png"></td>
|
||||||
|
<td><a href="https://github.com/Py-KMS-Organization/py-kms">py-kms</a></td>
|
||||||
|
<td>KMS activates Microsoft products on a local network, eliminating the need for individual computers to connect to Microsoft.</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/qbittorrent.svg"></td>
|
||||||
|
<td><a href="https://qbittorrent.org">qBittorrent</a></td>
|
||||||
|
<td>qBittorrent is a cross-platform free and open-source BitTorrent client </td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/radarr.svg"></td>
|
||||||
|
<td><a href="https://radarr.video">Radarr</a></td>
|
||||||
|
<td>Radarr is a movie collection manager for Usenet and BitTorrent users.</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/readarr.svg"></td>
|
||||||
|
<td><a href="https://readarr.com">Readarr</a></td>
|
||||||
|
<td>Readarr is a ebook collection manager for Usenet and BitTorrent users. </td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/sabnzbd.svg"></td>
|
||||||
|
<td><a href="https://sabnzbd.com">Sabnzbd</a></td>
|
||||||
|
<td>Free and easy binary newsreader</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/sonarr.svg"></td>
|
||||||
|
<td><a href="https://sonarr.tv">Sonarr</a></td>
|
||||||
|
<td>Sonarr is a PVR for Usenet and BitTorrent users.</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/speedtest-tracker-logo.png"></td>
|
||||||
|
<td><a href="https://sonarr.tv">Speedtest-Tracker</a></td>
|
||||||
|
<td>Speedtest-tracker is a self-hosted internet performance tracking application that runs speedtest checks against Ookla's Speedtest service.</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/stirling-pdf.svg"></td>
|
||||||
|
<td><a href="https://github.com/Stirling-Tools/Stirling-PDF">Stirling-PDF</a></td>
|
||||||
|
<td>This is a robust, locally hosted web-based PDF manipulation tool using Docker. </td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/walkxcode/dashboard-icons/dd34fba44b97d3d5753dda032487890cb6fa5879/svg/vaultwarden.svg"></td>
|
||||||
|
<td><a href="https://github.com/dani-garcia/vaultwarden">Vaultwarden</a></td>
|
||||||
|
<td>Self-Hosted implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients</td>
|
||||||
|
</tr>
|
||||||
|
|
||||||
|
</div> -->
|
6
ansible.cfg
Normal file
6
ansible.cfg
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
[defaults]
|
||||||
|
inventory=hosts
|
||||||
|
deprecation_warnings=False
|
||||||
|
host_key_checking=False
|
||||||
|
interpreter_python=auto_silent
|
||||||
|
|
77
build-debian-promox-template.yml
Normal file
77
build-debian-promox-template.yml
Normal file
@ -0,0 +1,77 @@
|
|||||||
|
---
|
||||||
|
- hosts: proxmox
|
||||||
|
become: yes
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
# - name: Delete existing template
|
||||||
|
# community.general.proxmox_kvm:
|
||||||
|
# api_host: "{{ api_host }}"
|
||||||
|
# api_user: "{{ api_user }}"
|
||||||
|
# api_password: "{{ api_password }}"
|
||||||
|
# node: "{{ node_target }}"
|
||||||
|
# name: "debian-12-generic-amd64"
|
||||||
|
# state: absent
|
||||||
|
|
||||||
|
# - name: Download cloud-init image
|
||||||
|
# register: image
|
||||||
|
# ansible.builtin.get_url:
|
||||||
|
# url: "https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-generic-amd64.qcow2"
|
||||||
|
# dest: /tmp
|
||||||
|
# mode: '0644'
|
||||||
|
# force: true
|
||||||
|
|
||||||
|
# - name: Install Tools
|
||||||
|
# ansible.builtin.apt:
|
||||||
|
# name:
|
||||||
|
# - libguestfs-tools
|
||||||
|
# - python3
|
||||||
|
# - python3-pip
|
||||||
|
# - python3-proxmoxer
|
||||||
|
# update_cache: true
|
||||||
|
# install_recommends: false
|
||||||
|
# state: present
|
||||||
|
|
||||||
|
# - name: Install Tools to cloud-init image
|
||||||
|
# ansible.builtin.shell: |
|
||||||
|
# virt-customize -a {{ image.dest }} --install qemu-guest-agent
|
||||||
|
# virt-customize -a {{ image.dest }} --install vim
|
||||||
|
# virt-customize -a {{ image.dest }} --install git
|
||||||
|
|
||||||
|
- name: Create new VM template from cloud-init image
|
||||||
|
community.general.proxmox_kvm:
|
||||||
|
api_host: "{{ api_host }}"
|
||||||
|
api_user: "{{ api_user }}"
|
||||||
|
# api_password: "{{ api_password }}"
|
||||||
|
api_token_id: "{{ api_token_id }}"
|
||||||
|
api_token_secret: "{{ api_token_secret }}"
|
||||||
|
api_port: "8006"
|
||||||
|
node: "{{ node_target }}"
|
||||||
|
name: "debian-12-generic-amd64"
|
||||||
|
agent: "enabled=1"
|
||||||
|
bios: ovmf
|
||||||
|
boot: 'order=scsi0'
|
||||||
|
cores: 4
|
||||||
|
sockets: 1
|
||||||
|
machine: q35
|
||||||
|
memory: 4096
|
||||||
|
ostype: "l26"
|
||||||
|
vga: std
|
||||||
|
scsihw: 'virtio-scsi-single'
|
||||||
|
#scsi:
|
||||||
|
#scsi0: "{{ storage_target }}:0,iothread=1,discard=on,import-from={{ image.dest }},format=raw"
|
||||||
|
#scsi0: "{{ storage_target }}:0,import-from=/tmp/debian-12-generic-amd64.qcow2,format=raw"
|
||||||
|
net:
|
||||||
|
net0: 'virtio,bridge=vmbr0,firewall=1,tag=10'
|
||||||
|
ipconfig:
|
||||||
|
ipconfig0: 'ip=dhcp'
|
||||||
|
template: true
|
||||||
|
timeout: 600
|
||||||
|
vmid: 10000
|
||||||
|
|
||||||
|
# - name: Pause for 5 seconds while template imported
|
||||||
|
# ansible.builtin.pause:
|
||||||
|
# seconds: 10
|
||||||
|
|
||||||
|
- name: Import HDD to Template
|
||||||
|
command:
|
||||||
|
cmd: "qm set 10000 --scsi0 {{ storage_target }}:0,iothread=1,discard=on,import-from=/tmp/debian-12-generic-amd64.qcow2,format=raw"
|
100
group_vars/all.yml
Normal file
100
group_vars/all.yml
Normal file
@ -0,0 +1,100 @@
|
|||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
32656263363465383531613338653130323635653238383232646265326433616462363464656539
|
||||||
|
3162306463653134666135376366643861353862663765630a343165613030633661353463316463
|
||||||
|
30633162376563663166616366643836316363663065333366643338383939636531323538616536
|
||||||
|
3136383363636131360a326661366265653364323966386634656465376433633035343033653034
|
||||||
|
38613637613431616637323038363933383037396236386633303366313835333865316563373966
|
||||||
|
35623038613166356132633264366361313030313765333335343136326165326333656361363462
|
||||||
|
61383538356434643333653534346264396335653535343362386234316666626431643130346436
|
||||||
|
34363265613632666431343735376166383466633338353339646337613135613461363366346562
|
||||||
|
39333135633061376139333030666365366438366434326139313265643034363934306134643630
|
||||||
|
65356338373564346362633830383337373131366263323166386435313931633139646233623033
|
||||||
|
36666334613766356463333963653034316636376364303063666237383732396335636231303764
|
||||||
|
63343963633664393632613263333563643737393466326665633766663764363236333834313737
|
||||||
|
66353833636661643536633066366666306231643038623632306230656534336666303930303461
|
||||||
|
62323137353530396135376364316331353138616161303265376334303666633032646631323664
|
||||||
|
31323336386339326530646237666239333963343732376235306537323336303030613164623765
|
||||||
|
33383534326532383230616561376136646632643634393563346565336139656339383631333539
|
||||||
|
66613830313134313239366232323965343063633433653434373564663861323330323663363965
|
||||||
|
36363132626535663734653739333331616532666635333936306334656264646336366233356562
|
||||||
|
34383135343335653130636132633631623634333961376262316536633339313033326239356663
|
||||||
|
38666361636239356665626139643735333461633436373362373034383536326664336663623038
|
||||||
|
31383237643733613533633535383939313835313363633362343965633336626263623932663862
|
||||||
|
32376265666438333663373364613861656564326139363731313731343234373934656633613532
|
||||||
|
35396535306164323237376232633830613432633735663636396137356361303730376239373130
|
||||||
|
61313630313235373363333862363961313938303332366233656364616536316366326466316439
|
||||||
|
39376632663062666135623639343136643065363734366430386563613530343061326661653733
|
||||||
|
63323036633363386636333636633864333334306164306431663662383562396434306336303337
|
||||||
|
32383137363834633731393564353238636237313361643438306536386432666663383563653834
|
||||||
|
38613031353265316230363464353638373564636234303266396264306231383634623664626535
|
||||||
|
64363033373535666135316364303862343732393036396334326136323437646239363361373762
|
||||||
|
61633761343362653261316434636664353564363330303131333236336230643161623863376634
|
||||||
|
34613466396330313837643139333565366263363430343536386266323937336466623931383062
|
||||||
|
62626363383163663637353235343035323233393033623132336664396464343638303839376561
|
||||||
|
65376537666430666330323430393337666233636165356665323032343563333833383830616165
|
||||||
|
33636662633961346561373231646664643932386465343537626237663338613836356430393961
|
||||||
|
39363963633237306561353161643133396366633762336437633138393139653261373539303539
|
||||||
|
36316464643362336135363631666130653131326435306463366236323830663965363662646361
|
||||||
|
35643430666365613465666436386332346561326439643863333138363263306331653733343432
|
||||||
|
63363932303735396234323963363336353133376362306539333131323262336535333733393639
|
||||||
|
63613064636333303532623935393262373363636161653566373830636131633835366463363533
|
||||||
|
61333163326262343037313462303930363234316462623963323563303864383163643936643761
|
||||||
|
61623461326334396539633364643031366231316535643135313935633439643361656136616532
|
||||||
|
34653635303631623639656165666231363563383336666337323361636137643564373565323238
|
||||||
|
35353965633230663166353161643033383666373530623739396139366137316438396333666231
|
||||||
|
34613136363939633565393336336633636665363838323230346262386335386365376262326462
|
||||||
|
34393539393365346364393432313665356465653866666538323134636630613137333261383364
|
||||||
|
39313362333832623837313235353331346434303166633137303234303062646337373664373861
|
||||||
|
32343037613362346134636531356463303739396364646339333138363064376632356534323834
|
||||||
|
64313864323065303531366435393864303035303331313737316137376361656438353739333830
|
||||||
|
64333234353837383938393861643236373338323436323863393933643332366363653935646264
|
||||||
|
37376336616162346161623136393662306137616638383134363964313835333332366430353364
|
||||||
|
64363730626564393134383534313130313633623137336630386364326365336262373963396239
|
||||||
|
32393061663964643036323233633232326232656363613339376663633761316639323737383365
|
||||||
|
33356562643530313434383639393766633733383263366162316332306532366362653737356539
|
||||||
|
63656366356333396165383330626535626232336137646464323665316464626139373964623163
|
||||||
|
31626230393661333164303834396331623934356538326166313635656437316236313630313463
|
||||||
|
65303633616637383436383737366361313736383262663130343932323830383763643235353264
|
||||||
|
36643966303937336636653037633739303364626638636438396332373862306665623037306336
|
||||||
|
61626330313364333639353366363131343434663139643361323836353065656137333162333130
|
||||||
|
65326364396665613763373565323165383638386135366235646437383130333434346635393566
|
||||||
|
61303263343132663531663237666337326365653737653731626364383665663334643139346338
|
||||||
|
66613266633263613037646334346661393063373330616431346161376137656139366166616264
|
||||||
|
64343737643662663134363265653063636665656366656135633932653165343361633835336665
|
||||||
|
35336139653939656162323366386435623134623062313461613261343264323731613732313435
|
||||||
|
65313436396464366662366533313162343233323836323336393665646361343438383063623964
|
||||||
|
63303761316666643237323364336139323536643664363331643565336166316163663731393065
|
||||||
|
30643638356231303563343433616335306435316161333937363937633131373536346464356539
|
||||||
|
36663865633336666539363734613131303931363732643665363866643533643763343433616561
|
||||||
|
66656238653734383131376330616535636138663933393032613166396436623436393563643336
|
||||||
|
38656164313566356566613331396539656531666462336163373034613232666439346633616166
|
||||||
|
35316636323064346531656631363265366335336265316362623438336230626332333838626265
|
||||||
|
61313834393664353133623132303332353633636464343764643334323866303664346563353839
|
||||||
|
34366534383963383366633765366337363835326133366264323239323266313433636538303537
|
||||||
|
65306230666335386332613638333738363965623934366338653133623434373831656361386437
|
||||||
|
37323232346236616236346539613739313237326433363961666535343634643937343331653366
|
||||||
|
32313864633562346132343538633035303432383033363939306663613939376261653662666161
|
||||||
|
39383639646338656233376130633966343637353238346435383637376636363631343037336236
|
||||||
|
36393361646161613736363135343964383364316265343939393333323937376661356331376465
|
||||||
|
62616333306137643366386561343234663836653833666239383835393031303163393365356661
|
||||||
|
31356537313530333934653564353039623766326236663635396539616533303831613135653738
|
||||||
|
31373234346439373230613139636661656636393238363132383732376436646638643131376435
|
||||||
|
36376435336232353333353563616164643632363565633639623161386436643663656132373135
|
||||||
|
35646365336365333931653665343461663263333432306131633335333766396165363631663930
|
||||||
|
66633039383564613739653436666330363661666631353461613333313632333032373939626263
|
||||||
|
38326164303131386461613962326166666434393031633365306332383663303638666330363632
|
||||||
|
31343135613065623464646661623865643765613838376434393765663366343961646432306135
|
||||||
|
62356234323436653166613462373931616236333265616465346564653563323233383962306162
|
||||||
|
33393030663330336332316332343731666561346539633531653431303934316663363964616236
|
||||||
|
37336236346563346533643338366433343035653766383663306333633031343462383931343465
|
||||||
|
38663432383865616432326236376633353935323434333431313739353232343762626439366263
|
||||||
|
39333762343761613861396431643561653665303831613964363733396663356333373437383766
|
||||||
|
66343831373463623233646438393537313966613238366334356331356234356232663066316635
|
||||||
|
66636666333465643132383536643234343135396632393265663465393930346138383761363139
|
||||||
|
62623966613964373963623362343164623837626638623330383932396638363766383166653462
|
||||||
|
65346634646264313132623332633536383236376336313339356561663339656430623866306336
|
||||||
|
66393263656461316433663735353733646638633430663635643064386633666334326437613839
|
||||||
|
36316333326663663664363436613933636532393630346430313931633533623035346366343934
|
||||||
|
61303437666334323231343336366330656261646566653938653733633933653562373938633962
|
||||||
|
30386438343166316366646565333766393930303435663362303432646337323465316261623565
|
||||||
|
363632346536336638383065656231373538
|
9
hosts
Normal file
9
hosts
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
[cloud]
|
||||||
|
vps02.comprofix.com
|
||||||
|
|
||||||
|
# [docker]
|
||||||
|
# docker.comprofix.xyz
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
132
main.yml
Normal file
132
main.yml
Normal file
@ -0,0 +1,132 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- hosts: all
|
||||||
|
name: Configure all servers
|
||||||
|
tasks:
|
||||||
|
- name: Gather facts if run with tags
|
||||||
|
ansible.builtin.setup:
|
||||||
|
when: ansible_run_tags | length
|
||||||
|
tags: always
|
||||||
|
|
||||||
|
- hosts: all
|
||||||
|
become: yes
|
||||||
|
tasks:
|
||||||
|
- include_tasks: tasks/base.yml
|
||||||
|
tags: base_install
|
||||||
|
|
||||||
|
- hosts: cloud
|
||||||
|
become: yes
|
||||||
|
roles:
|
||||||
|
- role: docker
|
||||||
|
tags: docker_install
|
||||||
|
|
||||||
|
- name: traefik
|
||||||
|
vars:
|
||||||
|
traefik_host: traefik01.comprofix.com
|
||||||
|
tags: traefik_install
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
# - name: Deploy Homepage
|
||||||
|
# import_tasks: tasks/homepage.yml
|
||||||
|
# tags: homepage_install
|
||||||
|
|
||||||
|
- name: Deploy Vaultwarden
|
||||||
|
import_tasks: tasks/vaultwarden.yml
|
||||||
|
tags: vaultwarden_install
|
||||||
|
|
||||||
|
- name: Deploy gitea
|
||||||
|
import_tasks: tasks/gitea.yml
|
||||||
|
tags: gitea_install
|
||||||
|
tags: cloud_install
|
||||||
|
|
||||||
|
# - hosts: docker
|
||||||
|
# become: yes
|
||||||
|
# roles:
|
||||||
|
# - role: docker
|
||||||
|
# tags: docker_install
|
||||||
|
# - role: nfs
|
||||||
|
# mounts:
|
||||||
|
# - name: Docker share
|
||||||
|
# path: /mnt/nfs/docker
|
||||||
|
# src: truenas.comprofix.xyz:/mnt/datapool/docker
|
||||||
|
# - name: Data share
|
||||||
|
# path: /mnt/nfs/data
|
||||||
|
# src: truenas.comprofix.xyz:/mnt/datapool/data
|
||||||
|
# tags: nfs_install
|
||||||
|
# - role: traefik
|
||||||
|
# vars:
|
||||||
|
# traefik_host: traefik02.comprofix.xyz
|
||||||
|
# data_folder: "/mnt/nfs/docker"
|
||||||
|
# tags: traefik_install
|
||||||
|
# tasks:
|
||||||
|
# - name: Deploy iDrac Fan Controller
|
||||||
|
# import_tasks: tasks/idrac.yml
|
||||||
|
# tags: idrac_install
|
||||||
|
|
||||||
|
# - name: Deploy MariaDB
|
||||||
|
# import_tasks: tasks/mariadb.yml
|
||||||
|
# tags: mariadb_install
|
||||||
|
|
||||||
|
# - name: Deploy InvoiceNinja
|
||||||
|
# import_tasks: tasks/invoiceninja.yml
|
||||||
|
# tags: invoiceninja_install
|
||||||
|
|
||||||
|
# - name: Deploy osTicket
|
||||||
|
# import_tasks: tasks/osticket.yml
|
||||||
|
# tags: osticket_install
|
||||||
|
|
||||||
|
# - name: Deploy speedtest-tracker
|
||||||
|
# import_tasks: tasks/speedtest.yml
|
||||||
|
# tags: speedtest_install
|
||||||
|
|
||||||
|
# - name: Deploy dozzle
|
||||||
|
# import_tasks: tasks/dozzle.yml
|
||||||
|
# tags: dozzle_install
|
||||||
|
|
||||||
|
# - name: Deploy jellyseerr
|
||||||
|
# import_tasks: tasks/jellyseerr.yml
|
||||||
|
# tags: jellyseerr_install
|
||||||
|
|
||||||
|
# - name: Deploy lidarr
|
||||||
|
# import_tasks: tasks/lidarr.yml
|
||||||
|
# tags: lidarr_install
|
||||||
|
|
||||||
|
# - name: Deploy prowlarr
|
||||||
|
# import_tasks: tasks/prowlarr.yml
|
||||||
|
# tags: prowlarr_install
|
||||||
|
|
||||||
|
# - name: Deploy radarr
|
||||||
|
# import_tasks: tasks/radarr.yml
|
||||||
|
# tags: radarr_install
|
||||||
|
|
||||||
|
# - name: Deploy readarr
|
||||||
|
# import_tasks: tasks/readarr.yml
|
||||||
|
# tags: readarr_install
|
||||||
|
|
||||||
|
# - name: Deploy sonarr
|
||||||
|
# import_tasks: tasks/sonarr.yml
|
||||||
|
# tags: sonarr_install
|
||||||
|
|
||||||
|
# - name: Deploy sabnzbd
|
||||||
|
# import_tasks: tasks/sabnzbd.yml
|
||||||
|
# tags: sabnzbd_install
|
||||||
|
|
||||||
|
# - name: Deploy mealie
|
||||||
|
# import_tasks: tasks/mealie.yml
|
||||||
|
# tags: mealie_install
|
||||||
|
|
||||||
|
# - name: Deploy pyKMS
|
||||||
|
# import_tasks: tasks/pykms.yml
|
||||||
|
# tags: pykms_install
|
||||||
|
# tags: dockerserver_install
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
22
renovate.json
Normal file
22
renovate.json
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
{
|
||||||
|
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||||
|
"extends": [
|
||||||
|
"config:base",
|
||||||
|
"renovatebot/renovate-config",
|
||||||
|
":semanticCommitTypeAll(chore)"
|
||||||
|
],
|
||||||
|
// "automerge": true,
|
||||||
|
// "automergeType": "branch",
|
||||||
|
// "automergeStrategy": "rebase",
|
||||||
|
// "commitBodyTable": true,
|
||||||
|
// "ignoreTests": true,
|
||||||
|
// "major": {
|
||||||
|
// "automerge": false,
|
||||||
|
// "dependencyDashboardApproval": true,
|
||||||
|
// "commitMessagePrefix": "chore(deps-major): ",
|
||||||
|
// "labels": ["dependencies", "breaking"]
|
||||||
|
// },
|
||||||
|
// "ignorePaths": [
|
||||||
|
// "terraform/"
|
||||||
|
// ]
|
||||||
|
}
|
2
roles/docker/defaults/main.yml
Normal file
2
roles/docker/defaults/main.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
---
|
||||||
|
# defaults file for docker
|
52
roles/docker/meta/main.yml
Normal file
52
roles/docker/meta/main.yml
Normal file
@ -0,0 +1,52 @@
|
|||||||
|
galaxy_info:
|
||||||
|
author: Matthew McKinnon
|
||||||
|
description: Mounting NFS filesystem
|
||||||
|
company: support@comprofix.com
|
||||||
|
|
||||||
|
# If the issue tracker for your role is not on github, uncomment the
|
||||||
|
# next line and provide a value
|
||||||
|
# issue_tracker_url: http://example.com/issue/tracker
|
||||||
|
|
||||||
|
# Choose a valid license ID from https://spdx.org - some suggested licenses:
|
||||||
|
# - BSD-3-Clause (default)
|
||||||
|
# - MIT
|
||||||
|
# - GPL-2.0-or-later
|
||||||
|
# - GPL-3.0-only
|
||||||
|
# - Apache-2.0
|
||||||
|
# - CC-BY-4.0
|
||||||
|
license: license (GPL-2.0-or-later, MIT, etc)
|
||||||
|
|
||||||
|
min_ansible_version: 2.1
|
||||||
|
|
||||||
|
# If this a Container Enabled role, provide the minimum Ansible Container version.
|
||||||
|
# min_ansible_container_version:
|
||||||
|
|
||||||
|
#
|
||||||
|
# Provide a list of supported platforms, and for each platform a list of versions.
|
||||||
|
# If you don't wish to enumerate all versions for a particular platform, use 'all'.
|
||||||
|
# To view available platforms and versions (or releases), visit:
|
||||||
|
# https://galaxy.ansible.com/api/v1/platforms/
|
||||||
|
#
|
||||||
|
# platforms:
|
||||||
|
# - name: Fedora
|
||||||
|
# versions:
|
||||||
|
# - all
|
||||||
|
# - 25
|
||||||
|
# - name: SomePlatform
|
||||||
|
# versions:
|
||||||
|
# - all
|
||||||
|
# - 1.0
|
||||||
|
# - 7
|
||||||
|
# - 99.99
|
||||||
|
|
||||||
|
galaxy_tags: []
|
||||||
|
# List tags for your role here, one per line. A tag is a keyword that describes
|
||||||
|
# and categorizes the role. Users find roles by searching for tags. Be sure to
|
||||||
|
# remove the '[]' above, if you add tags to this list.
|
||||||
|
#
|
||||||
|
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
|
||||||
|
# Maximum 20 tags per role.
|
||||||
|
|
||||||
|
dependencies: []
|
||||||
|
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
|
||||||
|
# if you add dependencies to this list.
|
48
roles/docker/tasks/main.yml
Normal file
48
roles/docker/tasks/main.yml
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
---
|
||||||
|
- name: Add Docker apt key.
|
||||||
|
ansible.builtin.get_url:
|
||||||
|
url: "{{ docker_apt_gpg_key }}"
|
||||||
|
dest: /etc/apt/trusted.gpg.d/docker.asc
|
||||||
|
mode: '0644'
|
||||||
|
force: false
|
||||||
|
checksum: "{{ docker_apt_gpg_key_checksum | default(omit) }}"
|
||||||
|
ignore_errors: true
|
||||||
|
|
||||||
|
- name: Add Docker repository.
|
||||||
|
apt_repository:
|
||||||
|
repo: "{{ docker_apt_repository }}"
|
||||||
|
state: present
|
||||||
|
filename: "{{ docker_apt_filename }}"
|
||||||
|
update_cache: true
|
||||||
|
|
||||||
|
- name: Install Docker packages.
|
||||||
|
package:
|
||||||
|
name: "{{ docker_packages }}"
|
||||||
|
state: "present"
|
||||||
|
|
||||||
|
- name: Install Docker Module for Python
|
||||||
|
pip:
|
||||||
|
name:
|
||||||
|
- PyYAML==5.3.1
|
||||||
|
- docker
|
||||||
|
- docker-compose
|
||||||
|
- pymysql
|
||||||
|
- passlib
|
||||||
|
state: "present"
|
||||||
|
|
||||||
|
- name: Ensure docker users are added to the docker group.
|
||||||
|
user:
|
||||||
|
name: "{{ item }}"
|
||||||
|
groups: docker
|
||||||
|
append: true
|
||||||
|
with_items: "{{ docker_users }}"
|
||||||
|
|
||||||
|
- name: Reset ssh connection to apply user changes.
|
||||||
|
meta: reset_connection
|
||||||
|
|
||||||
|
- name: Setup cron job for backup
|
||||||
|
cron:
|
||||||
|
name: Docker Prune
|
||||||
|
minute: 0
|
||||||
|
hour: 5
|
||||||
|
job: "docker system prune -af && docker image prune -af && docker system prune -af --volumes"
|
51
roles/docker/vars/main.yml
Normal file
51
roles/docker/vars/main.yml
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
36326633353666613166393030633363373435666230663138303735323132663930663663383138
|
||||||
|
3131616265626633663430353835663866356436373533390a623564333539306162613532393661
|
||||||
|
61326437363033383862343034356639316162363364356135616132396136383962333062653566
|
||||||
|
3966323033663162640a323461656637633062373134656237323339346638663338353266386164
|
||||||
|
30653839343165663937653534313335316336356262303331643839643733663264643265633337
|
||||||
|
62633265656330353536663762643130636466353165336535393033663937396364373064363133
|
||||||
|
66323931663164313235316638393838326532643233636663333635656162343333643233646131
|
||||||
|
33336239393035613839646434643633313239393764613836343039383361613437626334643534
|
||||||
|
33373461336363636162646631323266353235326361393338366563653663343537633765653261
|
||||||
|
30393863323134376466346663376432623938376638393135356439326562656534376233646364
|
||||||
|
31353336396362323363323964383635303264646661626662333161303961383333636437393264
|
||||||
|
61623638303066343832303034633736343031333732633437356134393837663637653738303837
|
||||||
|
65643264663564643432363830373861323062393561386261323638353339663835663830653633
|
||||||
|
35373865383832656665333263323463303631343239346632336565393032333865353364386431
|
||||||
|
34633064356233626337646439623665613039666632366162346534656438393965623836366230
|
||||||
|
38323765633333663266656161376233343131646165343538653335653061363435316536313339
|
||||||
|
65366539313338623030663233633766373865653938616437323664633537306162353438373564
|
||||||
|
30383831353563663834373731356330393535613162313461303265353461643434613833376330
|
||||||
|
39653063363666353261373161636434366464306539306538623533373764666466383766646166
|
||||||
|
63313263626539316163656431393534393266666632366430323439373931636235663137393363
|
||||||
|
66323338643835356338646565653235333762343162636434653561626630333233343232633365
|
||||||
|
64353139376236363039343432636563316562383263336434376236613734396564393137366531
|
||||||
|
35613232646638313435326234366335356538393331363862353232353961373734646332646635
|
||||||
|
37323930623932326164323831393462653331373562336264613635396339653161303863623739
|
||||||
|
34303532376335623533373466366464666662653533363963326536633938333833376432616330
|
||||||
|
62326261366463323934663939316338306535323935623935323337333866353539336132326564
|
||||||
|
64623739623064333932386363353235356431656339663039643631353264376234316430356235
|
||||||
|
33326233356638646163633333613736343732626263333631336333343434353164333436653331
|
||||||
|
64376539336562393538613134633933373339363737363364623066383130653033633966316665
|
||||||
|
36323361656131623435346565323638313030343762313765646264396461616165393762366436
|
||||||
|
65363563313439376437626533386262323036346436663030303736363061396639633338386337
|
||||||
|
65623534393561643662653538633630363663326430383030393062323934326465313533303662
|
||||||
|
30323861613333353465396536653632373934363162393465373466636132383064663063383834
|
||||||
|
66653938346463663335333737386339666430643034386335353938633232323333633238643035
|
||||||
|
37643239383936393233353735333164663566663833383763306635646666666365336161316437
|
||||||
|
64343032376139373036366433376263376565656435336662656661336530323130356266353265
|
||||||
|
32316361623238386530303533343763646533653631613965386639386237303965636634353366
|
||||||
|
31363137376633376532383361376631663734653262616237373933363330323337386434623261
|
||||||
|
63656364653162323463626361633533353132666563393538383332306263316639396530323131
|
||||||
|
63646566623064393930343137623564323234383430363365313834336464333432623466646139
|
||||||
|
33343833353339633236613439623735316538373962663365623963663639663264396238363465
|
||||||
|
61313338343435313035643163316631303433383738393162633032613830663264386538343763
|
||||||
|
30363434653461396239306334333366333232373732353362666538323063313934346433666334
|
||||||
|
35363236333038333363653737656362653362376338653364636566346637376566306632326438
|
||||||
|
32663930613066343361616665396334393863643963316239313735363539333263656133356665
|
||||||
|
62663236366665373637373436656630336630393333393164343265306533666366333964333338
|
||||||
|
36376337376366333835326565323735613961323264663466356635653763343331373561666632
|
||||||
|
61343466643661636335373663386466333232393064623538666636653439363639386462373238
|
||||||
|
38613862656363373434353037613135363464313864386361323136613762306632653838616463
|
||||||
|
3438636539363664613934313333336535623165306438353130
|
8
roles/nfs/defaults/main.yml
Normal file
8
roles/nfs/defaults/main.yml
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
---
|
||||||
|
# defaults file for roles/nfs-mount
|
||||||
|
|
||||||
|
# List of NFS shares
|
||||||
|
nfs_share_mounts: []
|
||||||
|
|
||||||
|
# Default NFS4 mount options
|
||||||
|
nfs_mount_opts: "rw,sync,hard"
|
52
roles/nfs/meta/main.yml
Normal file
52
roles/nfs/meta/main.yml
Normal file
@ -0,0 +1,52 @@
|
|||||||
|
galaxy_info:
|
||||||
|
author: Matthew McKinnon
|
||||||
|
description: Mounting NFS filesystem
|
||||||
|
company: support@comprofix.com
|
||||||
|
|
||||||
|
# If the issue tracker for your role is not on github, uncomment the
|
||||||
|
# next line and provide a value
|
||||||
|
# issue_tracker_url: http://example.com/issue/tracker
|
||||||
|
|
||||||
|
# Choose a valid license ID from https://spdx.org - some suggested licenses:
|
||||||
|
# - BSD-3-Clause (default)
|
||||||
|
# - MIT
|
||||||
|
# - GPL-2.0-or-later
|
||||||
|
# - GPL-3.0-only
|
||||||
|
# - Apache-2.0
|
||||||
|
# - CC-BY-4.0
|
||||||
|
license: license (GPL-2.0-or-later, MIT, etc)
|
||||||
|
|
||||||
|
min_ansible_version: 2.1
|
||||||
|
|
||||||
|
# If this a Container Enabled role, provide the minimum Ansible Container version.
|
||||||
|
# min_ansible_container_version:
|
||||||
|
|
||||||
|
#
|
||||||
|
# Provide a list of supported platforms, and for each platform a list of versions.
|
||||||
|
# If you don't wish to enumerate all versions for a particular platform, use 'all'.
|
||||||
|
# To view available platforms and versions (or releases), visit:
|
||||||
|
# https://galaxy.ansible.com/api/v1/platforms/
|
||||||
|
#
|
||||||
|
# platforms:
|
||||||
|
# - name: Fedora
|
||||||
|
# versions:
|
||||||
|
# - all
|
||||||
|
# - 25
|
||||||
|
# - name: SomePlatform
|
||||||
|
# versions:
|
||||||
|
# - all
|
||||||
|
# - 1.0
|
||||||
|
# - 7
|
||||||
|
# - 99.99
|
||||||
|
|
||||||
|
galaxy_tags: []
|
||||||
|
# List tags for your role here, one per line. A tag is a keyword that describes
|
||||||
|
# and categorizes the role. Users find roles by searching for tags. Be sure to
|
||||||
|
# remove the '[]' above, if you add tags to this list.
|
||||||
|
#
|
||||||
|
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
|
||||||
|
# Maximum 20 tags per role.
|
||||||
|
|
||||||
|
dependencies: []
|
||||||
|
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
|
||||||
|
# if you add dependencies to this list.
|
20
roles/nfs/tasks/main.yml
Normal file
20
roles/nfs/tasks/main.yml
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- name: Install NFS mount utility
|
||||||
|
ansible.builtin.apt:
|
||||||
|
update_cache: true
|
||||||
|
pkg: nfs-common
|
||||||
|
state: present
|
||||||
|
when: ansible_os_family == "Debian"
|
||||||
|
|
||||||
|
- name: Mount an NFS volume
|
||||||
|
ansible.posix.mount:
|
||||||
|
src: "{{ item.src }}"
|
||||||
|
path: "{{ item.path }}"
|
||||||
|
opts: "{{ item.opts | default(nfs_mount_opts) }}"
|
||||||
|
state: "{{ item.state | default( 'mounted' ) }}"
|
||||||
|
fstype: nfs
|
||||||
|
with_items: "{{ mounts }}"
|
||||||
|
|
||||||
|
|
||||||
|
|
2
roles/portainer/defaults/main.yml
Normal file
2
roles/portainer/defaults/main.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
---
|
||||||
|
# defaults file for common
|
52
roles/portainer/meta/main.yml
Normal file
52
roles/portainer/meta/main.yml
Normal file
@ -0,0 +1,52 @@
|
|||||||
|
galaxy_info:
|
||||||
|
author: Matthew McKinnon
|
||||||
|
description: Portainer CE
|
||||||
|
company: support@comprofix.com
|
||||||
|
|
||||||
|
# If the issue tracker for your role is not on github, uncomment the
|
||||||
|
# next line and provide a value
|
||||||
|
# issue_tracker_url: http://example.com/issue/tracker
|
||||||
|
|
||||||
|
# Choose a valid license ID from https://spdx.org - some suggested licenses:
|
||||||
|
# - BSD-3-Clause (default)
|
||||||
|
# - MIT
|
||||||
|
# - GPL-2.0-or-later
|
||||||
|
# - GPL-3.0-only
|
||||||
|
# - Apache-2.0
|
||||||
|
# - CC-BY-4.0
|
||||||
|
license: license (GPL-2.0-or-later, MIT, etc)
|
||||||
|
|
||||||
|
min_ansible_version: 2.1
|
||||||
|
|
||||||
|
# If this a Container Enabled role, provide the minimum Ansible Container version.
|
||||||
|
# min_ansible_container_version:
|
||||||
|
|
||||||
|
#
|
||||||
|
# Provide a list of supported platforms, and for each platform a list of versions.
|
||||||
|
# If you don't wish to enumerate all versions for a particular platform, use 'all'.
|
||||||
|
# To view available platforms and versions (or releases), visit:
|
||||||
|
# https://galaxy.ansible.com/api/v1/platforms/
|
||||||
|
#
|
||||||
|
# platforms:
|
||||||
|
# - name: Fedora
|
||||||
|
# versions:
|
||||||
|
# - all
|
||||||
|
# - 25
|
||||||
|
# - name: SomePlatform
|
||||||
|
# versions:
|
||||||
|
# - all
|
||||||
|
# - 1.0
|
||||||
|
# - 7
|
||||||
|
# - 99.99
|
||||||
|
|
||||||
|
galaxy_tags: []
|
||||||
|
# List tags for your role here, one per line. A tag is a keyword that describes
|
||||||
|
# and categorizes the role. Users find roles by searching for tags. Be sure to
|
||||||
|
# remove the '[]' above, if you add tags to this list.
|
||||||
|
#
|
||||||
|
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
|
||||||
|
# Maximum 20 tags per role.
|
||||||
|
|
||||||
|
dependencies: []
|
||||||
|
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
|
||||||
|
# if you add dependencies to this list.
|
29
roles/portainer/tasks/main.yml
Normal file
29
roles/portainer/tasks/main.yml
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "{{ data_folder }}/portainer"
|
||||||
|
|
||||||
|
- name: Create Portainer Container
|
||||||
|
docker_container:
|
||||||
|
name: portainer
|
||||||
|
image: portainer/portainer-ce:2.21.0
|
||||||
|
command: --admin-password "{{PORTAINER_ADMIN_PASSWORD}}"
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
volumes:
|
||||||
|
- "{{ data_folder }}/portainer/data:/data"
|
||||||
|
- '/var/run/docker.sock:/var/run/docker.sock'
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.portainer-secure.rule: "Host(`{{portainer_host}}`)"
|
||||||
|
traefik.http.routers.portainer-secure.entrypoints: "https"
|
||||||
|
traefik.http.routers.portainer-secure.tls: "true"
|
||||||
|
traefik.http.routers.portainer-secure.service: "portainer"
|
||||||
|
traefik.http.services.portainer.loadbalancer.server.port: "9443"
|
||||||
|
traefik.http.services.portainer.loadbalancer.server.scheme: "https"
|
||||||
|
register: container_portainer
|
||||||
|
|
14
roles/portainer/vars/main.yml
Normal file
14
roles/portainer/vars/main.yml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
66663364383263343838636561393437373730633165306539633566356166313664656166633537
|
||||||
|
6333663336336463613565666465663430303665323766300a393063366230643139363061633636
|
||||||
|
65303631383230396461303836386335306261613664393762393266636437333634663464353137
|
||||||
|
6563366664663331380a346534323264633738663063356565643137323964663964656137633363
|
||||||
|
33333264383830666637376337633432353732353630333134353638653234333730636166356164
|
||||||
|
33363433343432623762393834336637626562613633393963323963623661643862636362313930
|
||||||
|
37346233373231663762346633323634666436323364653136656630636462333638316632626435
|
||||||
|
30336433353961333334386134383032356633643261656639623237386439653739363133633836
|
||||||
|
65333065336464386164363037363766353066396163386561323338326439376138316131306636
|
||||||
|
65376230383666393762393938313535386131313134613033393936633139363366373065623033
|
||||||
|
33353733613439383366393864623130396231323433393732653966653132313262346538646334
|
||||||
|
63303831333465613962653661656237326364396465366234383663333431366233363133623936
|
||||||
|
62663632356361323930326230326565366366663733633137633938643564373766
|
2
roles/traefik/defaults/main.yml
Normal file
2
roles/traefik/defaults/main.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
---
|
||||||
|
# defaults file for common
|
52
roles/traefik/meta/main.yml
Normal file
52
roles/traefik/meta/main.yml
Normal file
@ -0,0 +1,52 @@
|
|||||||
|
galaxy_info:
|
||||||
|
author: Matthew McKinnon
|
||||||
|
description: Traefik Proxy
|
||||||
|
company: support@comprofix.com
|
||||||
|
|
||||||
|
# If the issue tracker for your role is not on github, uncomment the
|
||||||
|
# next line and provide a value
|
||||||
|
# issue_tracker_url: http://example.com/issue/tracker
|
||||||
|
|
||||||
|
# Choose a valid license ID from https://spdx.org - some suggested licenses:
|
||||||
|
# - BSD-3-Clause (default)
|
||||||
|
# - MIT
|
||||||
|
# - GPL-2.0-or-later
|
||||||
|
# - GPL-3.0-only
|
||||||
|
# - Apache-2.0
|
||||||
|
# - CC-BY-4.0
|
||||||
|
license: license (GPL-2.0-or-later, MIT, etc)
|
||||||
|
|
||||||
|
min_ansible_version: 2.1
|
||||||
|
|
||||||
|
# If this a Container Enabled role, provide the minimum Ansible Container version.
|
||||||
|
# min_ansible_container_version:
|
||||||
|
|
||||||
|
#
|
||||||
|
# Provide a list of supported platforms, and for each platform a list of versions.
|
||||||
|
# If you don't wish to enumerate all versions for a particular platform, use 'all'.
|
||||||
|
# To view available platforms and versions (or releases), visit:
|
||||||
|
# https://galaxy.ansible.com/api/v1/platforms/
|
||||||
|
#
|
||||||
|
# platforms:
|
||||||
|
# - name: Fedora
|
||||||
|
# versions:
|
||||||
|
# - all
|
||||||
|
# - 25
|
||||||
|
# - name: SomePlatform
|
||||||
|
# versions:
|
||||||
|
# - all
|
||||||
|
# - 1.0
|
||||||
|
# - 7
|
||||||
|
# - 99.99
|
||||||
|
|
||||||
|
galaxy_tags: []
|
||||||
|
# List tags for your role here, one per line. A tag is a keyword that describes
|
||||||
|
# and categorizes the role. Users find roles by searching for tags. Be sure to
|
||||||
|
# remove the '[]' above, if you add tags to this list.
|
||||||
|
#
|
||||||
|
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
|
||||||
|
# Maximum 20 tags per role.
|
||||||
|
|
||||||
|
dependencies: []
|
||||||
|
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
|
||||||
|
# if you add dependencies to this list.
|
86
roles/traefik/tasks/main.yml
Normal file
86
roles/traefik/tasks/main.yml
Normal file
@ -0,0 +1,86 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "{{ data_folder }}/traefik"
|
||||||
|
- "{{ data_folder }}/traefik/data"
|
||||||
|
|
||||||
|
- name: Create a network
|
||||||
|
docker_network:
|
||||||
|
name: proxy
|
||||||
|
register: network
|
||||||
|
|
||||||
|
- name: Copy Traefik config
|
||||||
|
template:
|
||||||
|
src: templates/traefik.yml.j2
|
||||||
|
dest: "{{ data_folder }}/traefik/data/traefik.yml"
|
||||||
|
mode: '0600'
|
||||||
|
|
||||||
|
- name: Check if {{ data_folder }}/traefik/data/acme.json exists
|
||||||
|
ansible.builtin.stat:
|
||||||
|
path: "{{ data_folder }}/traefik/data/acme.json"
|
||||||
|
register: file_status
|
||||||
|
|
||||||
|
- name: Creates {{ data_folder }}/traefik/data/acme.json if it doesn't exists
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "{{ data_folder }}/traefik/data/acme.json"
|
||||||
|
state: touch
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0600'
|
||||||
|
when: not file_status.stat.exists
|
||||||
|
|
||||||
|
- name: Check if {{ data_folder }}/traefik/data/traefik.json.log exists
|
||||||
|
ansible.builtin.stat:
|
||||||
|
path: "{{ data_folder }}/traefik/data/traefik.json.log"
|
||||||
|
register: file_status
|
||||||
|
|
||||||
|
- name: Creates {{ data_folder }}/traefik/data/traefik.json.log if it doesn't exists
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "{{ data_folder }}/traefik/data/traefik.json.log"
|
||||||
|
state: touch
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0600'
|
||||||
|
when: not file_status.stat.exists
|
||||||
|
|
||||||
|
- name: Create traefik Container
|
||||||
|
docker_container:
|
||||||
|
name: traefik
|
||||||
|
image: traefik:v3.1
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
networks:
|
||||||
|
- name: "proxy"
|
||||||
|
ports:
|
||||||
|
- 80:80
|
||||||
|
- 443:443
|
||||||
|
env:
|
||||||
|
CF_API_EMAIL: "{{ CF_API_EMAIL }}"
|
||||||
|
CF_DNS_API_TOKEN: "{{CF_DNS_API_TOKEN}}"
|
||||||
|
volumes:
|
||||||
|
- /etc/localtime:/etc/localtime:ro
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||||
|
- "{{ data_folder }}/traefik/data/traefik.yml:/traefik.yml:ro"
|
||||||
|
- "{{ data_folder }}/traefik/data/acme.json:/acme.json"
|
||||||
|
- "{{ data_folder }}/traefik/data/traefik.json.log:/traefik.json.log"
|
||||||
|
# - ./data/config.yml:/config.yml:ro
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.traefik.entrypoints: "http"
|
||||||
|
traefik.http.routers.traefik.rule: "Host(`{{traefik_host}}`)"
|
||||||
|
traefik.http.middlewares.traefik-auth.basicauth.users: "{{ traefik_api_user }}:{{ traefik_api_password | password_hash('blowfish','1234567890123456789012') }}"
|
||||||
|
traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme: "https"
|
||||||
|
traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto: "https"
|
||||||
|
traefik.http.routers.traefik.middlewares: "traefik-https-redirect"
|
||||||
|
traefik.http.routers.traefik-secure.entrypoints: "https"
|
||||||
|
traefik.http.routers.traefik-secure.rule: "Host(`{{traefik_host}}`)"
|
||||||
|
traefik.http.routers.traefik-secure.middlewares: "traefik-auth"
|
||||||
|
traefik.http.routers.traefik-secure.tls: "true"
|
||||||
|
traefik.http.routers.traefik-secure.tls.certresolver: "cloudflare"
|
||||||
|
traefik.http.routers.traefik-secure.tls.domains[0].main: "comprofix.com"
|
||||||
|
traefik.http.routers.traefik-secure.tls.domains[0].sans: "*.comprofix.com"
|
||||||
|
traefik.http.routers.traefik-secure.tls.domains[1].main: "comprofix.xyz"
|
||||||
|
traefik.http.routers.traefik-secure.tls.domains[1].sans: "*.comprofix.xyz"
|
||||||
|
traefik.http.routers.traefik-secure.service: "api@internal"
|
42
roles/traefik/templates/traefik.yml.j2
Normal file
42
roles/traefik/templates/traefik.yml.j2
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
api:
|
||||||
|
dashboard: true
|
||||||
|
debug: true
|
||||||
|
|
||||||
|
entryPoints:
|
||||||
|
http:
|
||||||
|
address: ":80"
|
||||||
|
http:
|
||||||
|
redirections:
|
||||||
|
entryPoint:
|
||||||
|
to: https
|
||||||
|
scheme: https
|
||||||
|
https:
|
||||||
|
address: ":443"
|
||||||
|
|
||||||
|
serversTransport:
|
||||||
|
insecureSkipVerify: true
|
||||||
|
|
||||||
|
log:
|
||||||
|
level: DEBUG
|
||||||
|
filePath: /traefik.json.log
|
||||||
|
format: json
|
||||||
|
|
||||||
|
providers:
|
||||||
|
docker:
|
||||||
|
endpoint: "unix:///var/run/docker.sock"
|
||||||
|
exposedByDefault: false
|
||||||
|
file:
|
||||||
|
filename: /config.yml
|
||||||
|
|
||||||
|
certificatesResolvers:
|
||||||
|
cloudflare:
|
||||||
|
acme:
|
||||||
|
email: {{ CF_API_EMAIL }}
|
||||||
|
storage: acme.json
|
||||||
|
dnsChallenge:
|
||||||
|
provider: cloudflare
|
||||||
|
#disablePropagationCheck: true # uncomment this if you have issues pulling certificates through cloudflare, By setting this flag to true disables the need to wait for the propagation of the TXT record to all authoritative name servers.
|
||||||
|
resolvers:
|
||||||
|
- "1.1.1.1:53"
|
||||||
|
- "1.0.0.1:53"
|
||||||
|
|
14
roles/traefik/vars/main.yml
Normal file
14
roles/traefik/vars/main.yml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
65353236643865303034613264613133353338613962646164333936353761336231643332303164
|
||||||
|
3834613038663965376661373336646433353437373132300a353663633034643265653937396238
|
||||||
|
66326632323432646239663762626230326338666138653330323566633864623734396639323062
|
||||||
|
3735326666306239370a383439646335343965316464386265613437646163636335393139316232
|
||||||
|
61396631356263333933626334313438633132663764326539393663636631303538636131303830
|
||||||
|
31633037376231326436306463376134633031666431303133383237316530646261383733313132
|
||||||
|
62343261303266613764633861393939343937343038383231353137333337383936623338313561
|
||||||
|
64633330356639643863336437653137393364653833653934633762333461393035393963313432
|
||||||
|
39633563636164363461326231306237343265626533366562626136643561636464663866303434
|
||||||
|
64363663396334623738316238316135616162393566613631396163666134663765343230656135
|
||||||
|
35646364666531303361623833643136663832363737623161386562393234393533306636363265
|
||||||
|
37343438386439303931633434303939393062363138353732373163663761366337326437316537
|
||||||
|
6137
|
30
scripts/backupvpsdocker
Normal file
30
scripts/backupvpsdocker
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# Backup vps02 docker data
|
||||||
|
|
||||||
|
|
||||||
|
#Stop all containers
|
||||||
|
docker stop $(docker ps -a -q)
|
||||||
|
|
||||||
|
date=$(date +%F)
|
||||||
|
|
||||||
|
cd /data
|
||||||
|
for dir in */; do
|
||||||
|
dir=${dir%*/}
|
||||||
|
backupfile="$dir-$date.tar.gz"
|
||||||
|
#echo "backup $dir"
|
||||||
|
tar -zcf /tmp/$backupfile $dir
|
||||||
|
|
||||||
|
if [ $dir == "vaultwarden" ]; then
|
||||||
|
#echo "rclone vaultwarden"
|
||||||
|
rclone copy /tmp/$backupfile BitwardenBackup:BitwardenBackup
|
||||||
|
else
|
||||||
|
#echo "scp $backupfile"
|
||||||
|
#scp /tmp/$backupfile mmckinnon@truenas.comprofix.xyz:/mnt/datapool/data/backup/docker/
|
||||||
|
fi
|
||||||
|
rm /tmp/$backupfile
|
||||||
|
done
|
||||||
|
|
||||||
|
#Start all containers
|
||||||
|
docker start $(docker ps -a -q)
|
176
scripts/rclone.conf
Normal file
176
scripts/rclone.conf
Normal file
@ -0,0 +1,176 @@
|
|||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
31393237373262646664663739633130643562326538336561353265633064383466363532366332
|
||||||
|
3966346334336430633238376438353961393936393037340a666263623538653061646366653831
|
||||||
|
65363535646434393035626435353630626133643634373961393063343361646561643233633733
|
||||||
|
3263323166336638380a626231353030393766376534333438643930313432383266323763633130
|
||||||
|
33633333616561316465666133626261363361333433343733653266633337663863383137376533
|
||||||
|
62363038363631626463303563643638623231306363386261646639316332613134383334383737
|
||||||
|
63356561303735656638306566323432626531393332643634626531336230666338363433363435
|
||||||
|
32313539326265643637656435613965626232333631343264343038393564663831343063646533
|
||||||
|
61333835306632666136313637306165316434376234316632626632653133326633363734663033
|
||||||
|
35396235646335653065313664383861323033306636636336376264326534353635396530313462
|
||||||
|
30386237636438663363653032623030666438336438346434656637336662633930316536613832
|
||||||
|
64323966656337666239616636333533366636383833356561643734613664303236333939663262
|
||||||
|
63643736626163363362343161613532343564323661366261313331303466343639343437386439
|
||||||
|
32616133316236363339333338336566366236333337623232366139353461353335383466316639
|
||||||
|
64626661613530626639323233383065353033316238346635393633336431656666336436356638
|
||||||
|
32336637356336666630323036326562353737316231386636666136616465353764313236643761
|
||||||
|
65373836313037363065346339333031626230306366353632653936326463366665363664643161
|
||||||
|
31623962383363663964326439396362643932633130313332633363666537363564333830613730
|
||||||
|
31633766613639356161386132313863633830363963393663663564343732633366386235393464
|
||||||
|
66643831643735353066626566356363643131376265346665623666366663343939636638383631
|
||||||
|
66616562323164646235616137646632373631343834353832333632366636646332393537643439
|
||||||
|
64326138343462343064303234646362633862383336306237643636623734363165616362313035
|
||||||
|
37346437353566646133316631363735346561326565623965373833376438646439376630363634
|
||||||
|
35333133643135333761646261646566626562623962636161616163316433613261386466613937
|
||||||
|
35613531356265636339366139663865643863383035303365373034633239386261306539343539
|
||||||
|
31633039363134363731616136343031363264323734623462383233613437656265666165616330
|
||||||
|
39383661653561366365383462363538386439646436313761666163646334623737326563653034
|
||||||
|
61636538643263366264343265353436346433643837623838666638343130663466656365663839
|
||||||
|
33376332626537623865316136363938396161643466356131643736646138383462373961616531
|
||||||
|
38376665386133373939396261336531333738646135326165363864663463356638633337363232
|
||||||
|
62303736316263613431646263306436393932353062393531383965353137393163663664396461
|
||||||
|
33636631623234383835343436313764663538306164386465356265396130343364343665376665
|
||||||
|
38316533333338613439356465366663616231396234663633623264373366313432396134653663
|
||||||
|
35353038626337346434326465343230653861323432653438623337653333393266613566326231
|
||||||
|
35653465333062383863376365353832633731323066646366386262396431656330663666333038
|
||||||
|
37663035613136393063373765373034376631613363643035666533323230303065333065656565
|
||||||
|
38613633353862376436393838326664303330306538313363623862316131393064316530383432
|
||||||
|
36653664613834336165653364643436643333316333306438643638643634363430633466373564
|
||||||
|
30633032356430383239623466393339616639623661333339313337613734363237643539303862
|
||||||
|
38323963383361623333336437333066366332643030623162653162303065313761666564366131
|
||||||
|
32393431383731393233333138363138396139633831306137613534326535656265353736636364
|
||||||
|
33643834353633343962386361303564393032303432626138626535623132333732623937366230
|
||||||
|
30666530636130643737363039376463643161373437303235616564363132393836306430396366
|
||||||
|
30363064316666626532323832343132313264653338653130643439656662633566363237303837
|
||||||
|
64663661646462303761636130666561333636393962333232666134386439303166396637666265
|
||||||
|
65313330373862363534373666393536333666643032306466626263646530353534316134363662
|
||||||
|
63383965393731313138643035633064366130326562663763383963303339383233336331626361
|
||||||
|
31366431336663356463306639613366396534626235326437383666643165333832333338386533
|
||||||
|
35643763643938346437353365393333336263623533623936366337333730653632373037636434
|
||||||
|
38323730336539303664386339356463616531376230383762666361663030653639343135326165
|
||||||
|
33323234353766303839323736646463313733636133656561373038656431356338626632643534
|
||||||
|
66616333646233656365346261633034383536393635613161373338343431383931353930343166
|
||||||
|
61316332663065366365306632353963393766333036663137303462613262396561613664633434
|
||||||
|
32376265306636323439333335316261626262636161646437316463333833343565663335383436
|
||||||
|
34366531383361383532343630613965386465316463396535396132356635346635643465613065
|
||||||
|
32333838303263323839633061373135303136343336323565326334343331333163393766643133
|
||||||
|
32393439636632356330643662376365333238316230633430653133323965393330643065363866
|
||||||
|
30643839373936316639373331363739356531333065303937646131663162343430346133633931
|
||||||
|
36386464376238643461373133646638373439313431643831313064653666613537393264306665
|
||||||
|
32653662303465303639323639636238633231306665396239376530326437383764386563633562
|
||||||
|
66616238616336633265656463653036363932323964623135643936663961386164303365363661
|
||||||
|
62303866643463613365333363613463623336306336306566383639363030343761316330353833
|
||||||
|
32303066643464616639313666386330663433633831366338326665613538336539373439656532
|
||||||
|
32356463363662666266663263333562363861626462666461343834383335333731336137303464
|
||||||
|
38376633643439666538636439326266646239343664666266356665653565656339353261623462
|
||||||
|
30336261653432376537356162613361636139366265343439353330653836336337646433316361
|
||||||
|
63363638653435373635633834353161326230626138666439643531333031663335663638653361
|
||||||
|
61633335396166336465623263343863373961643735623631383762613763656261383966323838
|
||||||
|
30623264366138343839363636663733613836313166646137656165323662356139363564663837
|
||||||
|
39656333346435633536383130383730313732653363666266303230363939653331653936356565
|
||||||
|
31366663653332303630346438646431633161636230326330363862336466383161353732636431
|
||||||
|
30666339383766626433633435643564323939366435363435636232343935373063316637316434
|
||||||
|
39383461376466373165613639343362393732316532336535633465616434326464306162303066
|
||||||
|
34666637356563393930326665616330643262633639663635626635313330336334633361393566
|
||||||
|
37646263323731353764366563393866373435343361653539376533363332393736326261326338
|
||||||
|
64303439356633343164633137373433363237663034383365653630393364383038313062316665
|
||||||
|
38653038316339303035396234626438383863656332316535633231393232633332323331626661
|
||||||
|
66666435653433623031393332613834613566643338646430393361636131333466356466663465
|
||||||
|
61376461363238366566373635623464366139356430336162636232343061643634643230343332
|
||||||
|
62363461393266666563326237326133616431393461353538366233386266303432663531373662
|
||||||
|
63303866333865656663623565653664643934623566396565326264663237393566643135316130
|
||||||
|
65386666343262373832663637346531663066363565396437373330373665376635653661616637
|
||||||
|
39383233623262393361313264316230626565326466306563613930616465623531373636343439
|
||||||
|
30643030616637313639306234643035326639643533613564303731373731646464323737356166
|
||||||
|
39393839653431343431373034653536633531643934353432653636393937346230303162646537
|
||||||
|
61623463343833613636316165633430613134663537333665303632613637326563373266383063
|
||||||
|
33366439303538613134633130343439373666363566333663346536623464653334323533343939
|
||||||
|
35316437653537396135326330653834613863356562323765346432343234636263376238356633
|
||||||
|
36393334303635626535636134333863363333656632373430343264373832636138663338643565
|
||||||
|
31323434346337653934666537303563306562666532376630643637626532613730643837303634
|
||||||
|
39393565613034336339386366636661313330396232303832316666353965336563373466613563
|
||||||
|
61633565653137386633343631653232373162346633366362373632623534616562343637653062
|
||||||
|
35396265323930323938656663633030623766366239306435633438663136333865643263303261
|
||||||
|
37313564383935653565633066313862633364323462373638613331386438383830656635316661
|
||||||
|
35386236356331376565616633356631626661366339393163343739373735633062323930326430
|
||||||
|
39643137383761623132323931303461366232323132323064386538373133613531393665353832
|
||||||
|
66303338626639353539323063666235353532333437373433376337363035623639316431616264
|
||||||
|
64343665306139666661623635396130373464646663393438366163613634336465396535373935
|
||||||
|
33376530633266386664316532623863366131623766643364663061333964373331363366383631
|
||||||
|
33313361646134363964366330356437386662323536306164663661346630376238333966346135
|
||||||
|
33653134643564623263626432356562653833363935613863343834306436323137356239376437
|
||||||
|
35626134646661633736666330663861396536326137376337346136366433323338373332623566
|
||||||
|
65373966326232656337653139333762643961313162356461623536366230363034613066336133
|
||||||
|
31613565383064306431333664396237373537646236636634373932326632346266373065356339
|
||||||
|
31353466626530623431653366636663353263336332663164636366643134346239653239626434
|
||||||
|
34373535316133366265333337663334646630383035653637663864663264306131343039663739
|
||||||
|
32343037383537356331306539313130303961656164373533663839646530356562303964313135
|
||||||
|
36626164333963313566633033393266363161353065343530303064646465616661313238663839
|
||||||
|
39346134343735323561396631333838626434376663393661373436363962373564633634346339
|
||||||
|
64356230623936356632313665633163343233366339626631396162343866636361373437336164
|
||||||
|
36353666623930666565363932386232643062333836636638633035353061383932613332386636
|
||||||
|
61396135623430323438633537346132363063326337653032353737356261616338363634663134
|
||||||
|
32306638643835333331613432353766313530643034396632353762316436623336363662386137
|
||||||
|
34353061666238613065323739656332313330323165373231383638306436383166393961633337
|
||||||
|
36643235376532306137653237386563653337356331326435346431316564353462623038383838
|
||||||
|
63636361383634313530666463653962303938356238393134326332623164663239316433313161
|
||||||
|
62383866383466343936373137306331666261303636316136346264303563653966356136383065
|
||||||
|
61636337353336326662643634323732646233613136643034336232333064306162346333666166
|
||||||
|
36633766313733653435386432353937393137306665633766306236633162326534303061323963
|
||||||
|
64386566626136336261363864663662373635346239366230616437633031633830633336313634
|
||||||
|
61613636663738623338656165646561353638626265623739373630393336616366613636396330
|
||||||
|
30643666326135343037303830613732643561313237393766353863666164656432666261626466
|
||||||
|
36663934653432386662383134636631643466323132356266383065316265303164353330623633
|
||||||
|
66623536383563323431613038613037306130343738393965616635613930636638306138393839
|
||||||
|
65653030656264323837383238303231346434646363363134633730663562313366623038393133
|
||||||
|
31303736376263656462643961666537303163666637613465626534623730323764353536306339
|
||||||
|
63316132613634316133386636373836636237383830616236326663323365323834376365383066
|
||||||
|
39356661366334393233303164666666656463373166393739636332616137393439656432663433
|
||||||
|
36356136653231363763336364303339613038653438386233383364623630656236333661643362
|
||||||
|
66333464306462353262373636323935653931663334643662303066383737323464376332326566
|
||||||
|
37336336623765356536326239316561343666316562376635623734633832626632323563346235
|
||||||
|
61393961343766663964326436663037613134643130666239303832313161326136326265643434
|
||||||
|
38326631623836663464663734656538653636333061383633386261386236633832303830663233
|
||||||
|
33623862663230666265316339633464626534363465643336646462326431393863656536613234
|
||||||
|
39626135623637343865303965303035356635336439353463323937623465303934393631363238
|
||||||
|
39333534306539303831393039623433336331636135356537353233333062666664623238326233
|
||||||
|
64386534666562306561376432343032313966343532646533386137623664333336346131626361
|
||||||
|
37363834643635343831646630346263653438623262333666316131636666366261303665636634
|
||||||
|
30343634346137323830333637613434343639623338383432303063316639636462626366643535
|
||||||
|
61643739386663643132313137633139373536313132356465373738613462363264663739356632
|
||||||
|
34663131353034626361633863613933336465633131386530336663666361393335633437666333
|
||||||
|
30303130623961376637326664393561363462303564633463333734336635653335336538303431
|
||||||
|
37373331353039613436616130316633393261346331396337343565323565356238303431653237
|
||||||
|
64366165383831376632366364616536326236626166633465616534613036633463663439303039
|
||||||
|
66313138346338353765633964346137333639613862613638626136306233343536643737343662
|
||||||
|
64323165333262623434643261646531396436333965383064313131303136663865316631316565
|
||||||
|
66626466616661383564653435356261646337366435353335383234623034653633623364373062
|
||||||
|
64313966323339663563373566363132656334636631623630623437326265393365656639386136
|
||||||
|
35383539623565346263393966323232633030366439646639613763313932313038616362643562
|
||||||
|
33663331336637383238313766336562613330363264666633376263383337333865363665326331
|
||||||
|
35363866636431313235373535396230393831383738353232346265316432653666383236303161
|
||||||
|
30643038616538343534323061353736653537346534643963313630636365333835356430643434
|
||||||
|
33633031623137326530663835356462316161656364326633383761323337353934306536643333
|
||||||
|
66346361363962366336613138633561636665653337373230613032383264306532373937383637
|
||||||
|
66306331306639613065353332336234616136616461663631346532363835353065666463333864
|
||||||
|
63366231323165623863633361386162373432303338366162356338306361326361393530646465
|
||||||
|
34356364323365376462346661313530306434343837373064323431663130343838396363333538
|
||||||
|
62373462396264363565616466633663373465626635613464626265386464396530303262306236
|
||||||
|
64373736656361376266383432376432333632663736376134393466636539383264373462643961
|
||||||
|
34343433633865656164636434363139316466376361306433663838613036653366613730396537
|
||||||
|
30323631366664623834633761643662626438303132633063646536666162383162643737323538
|
||||||
|
38623432366264626439383830646438336133656432613733656466333065616338303466386538
|
||||||
|
37333135346633383736373932383263356638393966356537326632323631393462356366653938
|
||||||
|
65363666353032626336666137653963653137643230313838653037393739356363326535373762
|
||||||
|
35316461633763663263626133383162396164393436363665313633663531393164663061313236
|
||||||
|
32306535383731326139343566356665376238356532313063303962393639366164373530396535
|
||||||
|
33316336363562316266353534393466653739373266313533323133313464626236336137636264
|
||||||
|
34393730373662316137633564663864626137303438333262366466396539356137383835346361
|
||||||
|
30616533626338333532383434633463653062326437353831376166383365393330646432636266
|
||||||
|
62656238663761316532313366346661376237666436346335656439396564363464323063353664
|
||||||
|
39303261346631356536643961666638353334303932303938383830616263633738653837643861
|
||||||
|
65336437326638353365323232666332333162663935306665636463623538346166653764626139
|
||||||
|
63653736363736623139366164623437623734343766666239316338663136623232383832623632
|
||||||
|
66306536363836663939386261383266303664616363346662643835356239666338386665613066
|
||||||
|
323839643933313039656433313432396532
|
119
tasks/base.yml
Normal file
119
tasks/base.yml
Normal file
@ -0,0 +1,119 @@
|
|||||||
|
---
|
||||||
|
- name: Update cache
|
||||||
|
apt:
|
||||||
|
force_apt_get: yes
|
||||||
|
update_cache: yes
|
||||||
|
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
|
||||||
|
|
||||||
|
- name: Update all packages to their latest version
|
||||||
|
apt:
|
||||||
|
name: "*"
|
||||||
|
force_apt_get: yes
|
||||||
|
state: latest
|
||||||
|
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
|
||||||
|
|
||||||
|
- name: Upgrade all packages on servers
|
||||||
|
apt:
|
||||||
|
upgrade: dist
|
||||||
|
force_apt_get: yes
|
||||||
|
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
|
||||||
|
|
||||||
|
- name: Install required packages
|
||||||
|
package:
|
||||||
|
name: "{{ install_packages }}"
|
||||||
|
state: present
|
||||||
|
become: yes
|
||||||
|
tags:
|
||||||
|
- install_packages
|
||||||
|
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
|
||||||
|
|
||||||
|
- name: Remove /usr/lib/python3.11/EXTERNALLY-MANAGED
|
||||||
|
file:
|
||||||
|
path: /usr/lib/python3.11/EXTERNALLY-MANAGED
|
||||||
|
state: absent
|
||||||
|
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
|
||||||
|
|
||||||
|
# - name: Download Oh My Zsh installation script
|
||||||
|
# get_url:
|
||||||
|
# url: https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh
|
||||||
|
# dest: /tmp/install_ohmyzsh.sh
|
||||||
|
|
||||||
|
# - name: Run Oh My Zsh installation script
|
||||||
|
# become: no
|
||||||
|
# command: sh /tmp/install_ohmyzsh.sh --unattended
|
||||||
|
# register: ohmyzsh_result
|
||||||
|
# failed_when: "'FAILED' in ohmyzsh_result.stderr"
|
||||||
|
|
||||||
|
# - name: Download zsh Dracula Theme
|
||||||
|
# become: no
|
||||||
|
# unarchive:
|
||||||
|
# src: https://github.com/dracula/zsh/archive/refs/heads/master.zip
|
||||||
|
# dest: "/tmp"
|
||||||
|
# remote_src: yes
|
||||||
|
|
||||||
|
# - name: Download moe theme for zsh
|
||||||
|
# become: no
|
||||||
|
# get_url:
|
||||||
|
# url: https://git.comprofix.com/mmckinnon/dotfiles/raw/branch/master/oh-my-zsh/moe.zsh-theme
|
||||||
|
# dest: "/home/{{ ansible_user }}/.oh-my-zsh/themes"
|
||||||
|
# force: true
|
||||||
|
|
||||||
|
# - name: Move zsh theme to correct folder
|
||||||
|
# become: no
|
||||||
|
# copy:
|
||||||
|
# src: /tmp/zsh-master/
|
||||||
|
# dest: /home/{{ ansible_user }}/.oh-my-zsh/themes
|
||||||
|
# remote_src: yes
|
||||||
|
|
||||||
|
# - name: Create vim config paths
|
||||||
|
# become: no
|
||||||
|
# file:
|
||||||
|
# path: "/home/{{ ansible_user }}/.vim/pack/themes/start/dracula"
|
||||||
|
# state: directory
|
||||||
|
|
||||||
|
# - name: Download vim Dracula Theme
|
||||||
|
# become: no
|
||||||
|
# unarchive:
|
||||||
|
# src: https://github.com/dracula/vim/archive/refs/heads/master.zip
|
||||||
|
# dest: "/tmp"
|
||||||
|
# remote_src: yes
|
||||||
|
|
||||||
|
# - name: Move vim theme to correct folder
|
||||||
|
# become: no
|
||||||
|
# copy:
|
||||||
|
# src: /tmp/vim-master/
|
||||||
|
# dest: /home/{{ ansible_user }}/.vim/pack/themes/start/dracula
|
||||||
|
# remote_src: yes
|
||||||
|
|
||||||
|
# - name: Get zsh config
|
||||||
|
# become: no
|
||||||
|
# get_url:
|
||||||
|
# url: https://git.comprofix.com/mmckinnon/dotfiles/raw/branch/master/zsh/zshrc
|
||||||
|
# dest: "/home/{{ ansible_user }}/.zshrc"
|
||||||
|
# force: true
|
||||||
|
|
||||||
|
# - name: Get vim config
|
||||||
|
# become: no
|
||||||
|
# get_url:
|
||||||
|
# url: https://git.comprofix.com/mmckinnon/dotfiles/raw/branch/master/vim/vimrc
|
||||||
|
# dest: "/home/{{ ansible_user }}/.vimrc"
|
||||||
|
# force: true
|
||||||
|
|
||||||
|
# - name: Set shell zsh
|
||||||
|
# user:
|
||||||
|
# name: "{{ ansible_user }}"
|
||||||
|
# shell: /bin/zsh
|
||||||
|
|
||||||
|
# - name: Set moe theme for zsh
|
||||||
|
# become: no
|
||||||
|
# ansible.builtin.lineinfile:
|
||||||
|
# path: "/home/{{ansible_user}}/.zshrc"
|
||||||
|
# regexp: '^ZSH_THEME="dracula"'
|
||||||
|
# line: 'ZSH_THEME="moe"'
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
29
tasks/dozzle.yml
Normal file
29
tasks/dozzle.yml
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "/mnt/nfs/docker/dozzle"
|
||||||
|
- "/mnt/nfs/docker/dozzle/config"
|
||||||
|
|
||||||
|
- name: Create the dozzle container
|
||||||
|
docker_container:
|
||||||
|
name: dozzle
|
||||||
|
image: amir20/dozzle:v8.4.1
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
volumes:
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
|
env:
|
||||||
|
DOZZLE_LEVEL: "trace"
|
||||||
|
DOZZLE_REMOTE_HOST: "tcp://omada.comprofix.xyz:2375,tcp://vps02.comprofix.com:2375"
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.dozzle.rule: "Host(`dozzle.comprofix.xyz`)"
|
||||||
|
traefik.http.routers.dozzle.entrypoints: "https"
|
||||||
|
traefik.http.routers.dozzle.tls: "true"
|
||||||
|
traefik.http.services.dozzle.loadbalancer.server.port: "8080"
|
||||||
|
traefik.http.services.dozzle.loadbalancer.server.scheme: "http"
|
137
tasks/gitea.yml
Normal file
137
tasks/gitea.yml
Normal file
@ -0,0 +1,137 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "{{ data_folder }}/gitea"
|
||||||
|
- "{{ data_folder }}/gitea/data"
|
||||||
|
- "{{ data_folder }}/gitea/db"
|
||||||
|
|
||||||
|
- name: Create MySQL DB for Gitea
|
||||||
|
docker_container:
|
||||||
|
name: gitea_db
|
||||||
|
image: mysql:9
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
env:
|
||||||
|
MYSQL_ROOT_PASSWORD: "{{ gitea_db_root_password }}"
|
||||||
|
MYSQL_USER: "{{ gitea_db_user }}"
|
||||||
|
MYSQL_PASSWORD: "{{ gitea_db_password }}"
|
||||||
|
MYSQL_DATABASE: gitea
|
||||||
|
volumes:
|
||||||
|
- "{{ data_folder }}/gitea/db:/var/lib/mysql"
|
||||||
|
|
||||||
|
- name: Create the Gitea container
|
||||||
|
docker_container:
|
||||||
|
name: gitea
|
||||||
|
image: gitea/gitea:1.22
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
# dns_servers:
|
||||||
|
# - 10.10.10.1
|
||||||
|
# - 127.0.0.11
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
ports:
|
||||||
|
- "2222:22"
|
||||||
|
env:
|
||||||
|
PUID: "1001"
|
||||||
|
PGID: "1001"
|
||||||
|
TZ: "Australia/Brisbane"
|
||||||
|
volumes:
|
||||||
|
- "{{ data_folder }}/gitea/data:/data"
|
||||||
|
- "/etc/timezone:/etc/timezone:ro"
|
||||||
|
- "/etc/localtime:/etc/localtime:ro"
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.gitea.rule: "Host(`git.comprofix.com`)"
|
||||||
|
traefik.http.routers.gitea.entrypoints: "https"
|
||||||
|
traefik.http.routers.gitea.tls: "true"
|
||||||
|
traefik.http.routers.gitea.service: "gitea"
|
||||||
|
traefik.http.services.gitea.loadbalancer.server.port: "3000"
|
||||||
|
register: container_gitea
|
||||||
|
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "{{ data_folder }}/gitea-runner"
|
||||||
|
- "{{ data_folder }}/gitea-runner/config"
|
||||||
|
|
||||||
|
- name: Check that config.yaml exists
|
||||||
|
stat:
|
||||||
|
path: "{{ data_folder }}/gitea-runner/config/config.yaml"
|
||||||
|
register: configyaml
|
||||||
|
|
||||||
|
- name: Create config.yaml file
|
||||||
|
file:
|
||||||
|
path: "{{ data_folder }}/gitea-runner/config/config.yaml"
|
||||||
|
state: touch
|
||||||
|
mode: '0600'
|
||||||
|
access_time: preserve
|
||||||
|
modification_time: preserve
|
||||||
|
when: configyaml.stat.exists == False
|
||||||
|
|
||||||
|
- name: Create the gitea-runner container
|
||||||
|
docker_container:
|
||||||
|
name: gitea-runner
|
||||||
|
image: gitea/act_runner:0.2.10
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
# dns_servers:
|
||||||
|
# - 10.10.10.1
|
||||||
|
# - 127.0.0.11
|
||||||
|
volumes:
|
||||||
|
- "/etc/resolv.conf:/etc/resolv.conf:ro"
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
|
- "{{ data_folder }}/gitea-runner/config/config.yaml:/config.yaml"
|
||||||
|
- "/etc/hosts:/etc/hosts:ro"
|
||||||
|
env:
|
||||||
|
CONFIG_FILE: "/config.yaml"
|
||||||
|
GITEA_INSTANCE_URL: "https://git.comprofix.com"
|
||||||
|
GITEA_RUNNER_REGISTRATION_TOKEN: "A01dvleL55F0o5OMJpa4UsE0gJ38ANKrAw5vKei3" #"{{ GITEA_RUNNER_TOKEN }}"
|
||||||
|
GITEA_RUNNER_NAME: "gitea-runner"
|
||||||
|
GITEA_RUNNER_LABELS: "alpine-latest:docker://alpine:latest,ubuntu-latest:docker://node:16-bullseye,ubuntu-22.04:docker://node:16-bullseye,ubuntu-20.04:docker://node:16-bullseye,ubuntu-18.04:docker://node:16-buster"
|
||||||
|
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "{{ data_folder }}/opengist"
|
||||||
|
|
||||||
|
- name: Create the opengist container
|
||||||
|
docker_container:
|
||||||
|
name: opengist
|
||||||
|
image: ghcr.io/thomiceli/opengist:1.7
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
# dns_servers:
|
||||||
|
# - 10.10.10.1
|
||||||
|
# - 127.0.0.11
|
||||||
|
volumes:
|
||||||
|
- "{{ data_folder }}/opengist:/opengist"
|
||||||
|
env:
|
||||||
|
OG_GITEA_CLIENT_KEY: "{{ OG_GITEA_KEY }}"
|
||||||
|
OG_GITEA_SECRET: "{{ OG_GITEA_SECRET }}"
|
||||||
|
# URL of the Gitea instance. Default: https://gitea.com/
|
||||||
|
OG_GITEA_URL: "https://git.comprofix.com"
|
||||||
|
PUID: "1000"
|
||||||
|
PGID: "1000"
|
||||||
|
TZ: "Australia/Brisbane"
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.opengist.rule: "Host(`gist.comprofix.com`)"
|
||||||
|
traefik.http.routers.opengist.entrypoints: "https"
|
||||||
|
traefik.http.routers.opengist.tls: "true"
|
||||||
|
traefik.http.routers.opengist.service: "opengist"
|
||||||
|
traefik.http.services.opengist.loadbalancer.server.port: "6157"
|
||||||
|
register: container
|
||||||
|
|
||||||
|
|
||||||
|
|
40
tasks/homepage.yml
Normal file
40
tasks/homepage.yml
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "{{ data_folder }}/homepage"
|
||||||
|
- "{{ data_folder }}/homepage/config"
|
||||||
|
|
||||||
|
- name: Get dashboard-icons
|
||||||
|
git:
|
||||||
|
repo: https://github.com/walkxcode/dashboard-icons.git
|
||||||
|
dest: /data/dashboard-icons
|
||||||
|
update: yes
|
||||||
|
|
||||||
|
- name: Create the homepage container
|
||||||
|
docker_container:
|
||||||
|
name: homepage
|
||||||
|
image: ghcr.io/gethomepage/homepage:v0.9.6
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
dns_servers:
|
||||||
|
- 10.10.10.1
|
||||||
|
env:
|
||||||
|
LOG_LEVEL: debug
|
||||||
|
volumes:
|
||||||
|
- "{{ data_folder }}/homepage/config:/app/config"
|
||||||
|
- "{{ data_folder }}/dashboard-icons:/app/public/icons"
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.homepage.rule: "Host(`homepage.comprofix.xyz`)"
|
||||||
|
traefik.http.routers.homepage.entrypoints: "https"
|
||||||
|
traefik.http.routers.homepage.tls: "true"
|
||||||
|
traefik.http.routers.homepage.service: "homepage"
|
||||||
|
traefik.http.services.homepage.loadbalancer.server.port: "3000"
|
||||||
|
register: container_homepage
|
||||||
|
|
15
tasks/idrac.yml
Normal file
15
tasks/idrac.yml
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
---
|
||||||
|
- name: Create the Dell_R730xd Fan Contoller container
|
||||||
|
docker_container:
|
||||||
|
name: Dell_R730xd
|
||||||
|
image: tigerblue77/dell_idrac_fan_controller:latest@sha256:5184af88c6c03204611d40d4b1c6bc36202762592d16a97236bb4254951d23b0
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
env:
|
||||||
|
IDRAC_HOST: "10.10.10.138"
|
||||||
|
IDRAC_USERNAME: "root"
|
||||||
|
IDRAC_PASSWORD: "calvin"
|
||||||
|
FAN_SPEED: "35"
|
||||||
|
CPU_TEMPERATURE_THRESHOLD: "80"
|
||||||
|
CHECK_INTERVAL: "60"
|
||||||
|
DISABLE_THIRD_PARTY_PCIE_CARD_DELL_DEFAULT_COOLING_RESPONSE: "true"
|
95
tasks/invoiceninja.yml
Normal file
95
tasks/invoiceninja.yml
Normal file
@ -0,0 +1,95 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "/mnt/nfs/docker/invoiceninja/"
|
||||||
|
- "/mnt/nfs/docker/invoiceninja/config"
|
||||||
|
- "/mnt/nfs/docker/invoiceninja/db"
|
||||||
|
|
||||||
|
- name: "create stack.env"
|
||||||
|
copy:
|
||||||
|
dest: "/mnt/nfs/docker/invoiceninja/stack.env"
|
||||||
|
content: |
|
||||||
|
APP_NAME="Invoice Ninja"
|
||||||
|
APP_ENV=production
|
||||||
|
APP_KEY="{{ IN_APP_KEY }}"
|
||||||
|
APP_DEBUG=false
|
||||||
|
APP_URL="{{ IN_APP_URL }}"
|
||||||
|
REQUIRE_HTTPS=true
|
||||||
|
TRUSTED_PROXIES='*'
|
||||||
|
SESSION_ENCRYPT=false
|
||||||
|
SESSION_SECURE=false
|
||||||
|
DB_CONNECTION="mysql"
|
||||||
|
MULTI_DB_ENABLED=false
|
||||||
|
DB_HOST="{{MYSQL_HOST}}"
|
||||||
|
DB_DATABASE="{{IN_DB_DATABASE}}"
|
||||||
|
DB_USERNAME="{{IN_DB_USERNAME}}"
|
||||||
|
DB_PASSWORD="{{IN_DB_PASSWORD}}"
|
||||||
|
DB_PORT="3306"
|
||||||
|
DEMO_MODE=false
|
||||||
|
BROADCAST_DRIVER=log
|
||||||
|
LOG_CHANNEL=stack
|
||||||
|
CACHE_DRIVER=file
|
||||||
|
#QUEUE_CONNECTION=sync
|
||||||
|
QUEUE_CONNECTION=database
|
||||||
|
SESSION_DRIVER=file
|
||||||
|
SESSION_LIFETIME=120
|
||||||
|
REDIS_HOST=127.0.0.1
|
||||||
|
REDIS_PASSWORD=null
|
||||||
|
REDIS_PORT=6379
|
||||||
|
MAIL_MAILER="smtp"
|
||||||
|
MAIL_HOST="{{MAIL_HOST}}"
|
||||||
|
MAIL_PORT="{{MAIL_PORT}}"
|
||||||
|
MAIL_ENCRYPTION="tls"
|
||||||
|
MAIL_FROM_ADDRESS="{{MAIL_FROM}}"
|
||||||
|
MAIL_FROM_NAME="{{MAIL_FROM_NAME}}"
|
||||||
|
POSTMARK_API_TOKEN=
|
||||||
|
GOOGLE_MAPS_API_KEY=
|
||||||
|
ERROR_EMAIL=
|
||||||
|
NINJA_ENVIRONMENT="selfhost"
|
||||||
|
#options - snappdf / phantom / hosted_ninja
|
||||||
|
PDF_GENERATOR=hosted_ninja
|
||||||
|
PHANTOMJS_KEY='a-demo-key-with-low-quota-per-ip-address'
|
||||||
|
PHANTOMJS_SECRET=secret
|
||||||
|
UPDATE_SECRET=secret
|
||||||
|
SENTRY_LARAVEL_DSN=https://32f01ea994744fa08a0f688769cef78a@sentry.invoicing.co/
|
||||||
|
|
||||||
|
- name: Create the invoiceninja-app container
|
||||||
|
docker_container:
|
||||||
|
name: invoiceninja-app
|
||||||
|
image: invoiceninja/invoiceninja:5
|
||||||
|
env_file: /mnt/nfs/docker/invoiceninja/stack.env
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
volumes:
|
||||||
|
- /mnt/nfs/docker/invoiceninja/config/hosts:/etc/hosts
|
||||||
|
- /mnt/nfs/docker/invoiceninja/docker/app/public:/var/www/app/public
|
||||||
|
- /mnt/nfs/docker/invoiceninja/docker/app/storage:/var/www/app/storage
|
||||||
|
|
||||||
|
- name: Create the invoiceninja-nginx container
|
||||||
|
docker_container:
|
||||||
|
name: invoiceninja-nginx
|
||||||
|
image: nginx:1.27.1
|
||||||
|
env_file: /mnt/nfs/docker/invoiceninja/stack.env
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
volumes:
|
||||||
|
- /mnt/nfs/docker/invoiceninja/config/nginx/in-vhost.conf:/etc/nginx/conf.d/in-vhost.conf
|
||||||
|
- /mnt/nfs/docker/invoiceninja/docker/app/public:/var/www/app/public
|
||||||
|
- /mnt/nfs/docker/invoiceninja/docker/app/storage:/var/www/app/storage
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.invoiceninja.rule: "Host(`invoice.comprofix.com`)"
|
||||||
|
traefik.http.routers.invoiceninja.entrypoints: "https"
|
||||||
|
traefik.http.routers.invoiceninja.tls: "true"
|
||||||
|
traefik.http.services.invoiceninja.loadbalancer.server.port: "80"
|
||||||
|
traefik.http.services.invoiceninja.loadbalancer.server.scheme: "http"
|
||||||
|
|
||||||
|
|
||||||
|
|
29
tasks/jellyseerr.yml
Normal file
29
tasks/jellyseerr.yml
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "/mnt/nfs/docker/jellyseerr"
|
||||||
|
- "/mnt/nfs/docker/jellyseerr/config"
|
||||||
|
|
||||||
|
- name: Create the jellyseerr container
|
||||||
|
docker_container:
|
||||||
|
name: jellyseerr
|
||||||
|
image: fallenbagel/jellyseerr:1.9.2
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
env:
|
||||||
|
PUID: "1000"
|
||||||
|
PGID: "1000"
|
||||||
|
TZ: "Australia/Brisbane"
|
||||||
|
volumes:
|
||||||
|
- /mnt/nfs/docker/jellyseerr/config:/app/config
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.jellyseerr.rule: "Host(`jellyseerr.comprofix.xyz`)"
|
||||||
|
traefik.http.routers.jellyseerr.entrypoints: "https"
|
||||||
|
traefik.http.routers.jellyseerr.tls: "true"
|
||||||
|
traefik.http.services.jellyseerr.loadbalancer.server.port: "5055"
|
36
tasks/lidarr.yml
Normal file
36
tasks/lidarr.yml
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
---
|
||||||
|
- name: Set Facts
|
||||||
|
set_fact:
|
||||||
|
container_name: 'lidarr'
|
||||||
|
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "/mnt/nfs/docker/lidarr"
|
||||||
|
- "/mnt/nfs/docker/lidarr/config"
|
||||||
|
|
||||||
|
- name: Create the lidarr container
|
||||||
|
docker_container:
|
||||||
|
name: lidarr
|
||||||
|
image: ghcr.io/linuxserver/lidarr:latest@sha256:a77af413426b8509fad2d02f5b89104a5766ee6ebb13497d73993e74f6cfa0a8
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
env:
|
||||||
|
PUID: "1000"
|
||||||
|
PGID: "1000"
|
||||||
|
TZ: "Australia/Brisbane"
|
||||||
|
AUTO_UPDATE: "true" #optional
|
||||||
|
DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:lidarr"
|
||||||
|
volumes:
|
||||||
|
- /mnt/nfs/docker/lidarr/config:/config
|
||||||
|
- /mnt/nfs/data:/data
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.lidarr.rule: "Host(`lidarr.comprofix.xyz`)"
|
||||||
|
traefik.http.routers.lidarr.entrypoints: "https"
|
||||||
|
traefik.http.routers.lidarr.tls: "true"
|
||||||
|
traefik.http.services.lidarr.loadbalancer.server.port: "8686"
|
29
tasks/mariadb.yml
Normal file
29
tasks/mariadb.yml
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
---
|
||||||
|
- name: Set Facts
|
||||||
|
set_fact:
|
||||||
|
container_name: 'mariadb'
|
||||||
|
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "/mnt/nfs/docker/mariadb"
|
||||||
|
- "/mnt/nfs/docker/mariadb/config"
|
||||||
|
|
||||||
|
- name: Create the mariadb container
|
||||||
|
docker_container:
|
||||||
|
name: "mariadb"
|
||||||
|
image: ghcr.io/linuxserver/mariadb:10.11.8
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
ports:
|
||||||
|
- 3306:3306
|
||||||
|
env:
|
||||||
|
PUID: "0"
|
||||||
|
PGID: "0"
|
||||||
|
MYSQL_ROOT_PASSWORD: "{{MYSQL_ROOT_PASSWORD}}"
|
||||||
|
TZ: "Australia/Brisbane"
|
||||||
|
volumes:
|
||||||
|
- "/mnt/nfs/docker/mariadb/config:/config"
|
||||||
|
|
36
tasks/mealie.yml
Normal file
36
tasks/mealie.yml
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "/mnt/nfs/docker/mealie"
|
||||||
|
- "/mnt/nfs/docker/mealie/config"
|
||||||
|
|
||||||
|
- name: Create the mealie container
|
||||||
|
docker_container:
|
||||||
|
name: mealie
|
||||||
|
image: ghcr.io/mealie-recipes/mealie:v1.12.0
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
env:
|
||||||
|
PUID: "1000"
|
||||||
|
PGID: "1000"
|
||||||
|
TZ: "Australia/Brisbane"
|
||||||
|
RECIPE_PUBLIC: "true"
|
||||||
|
RECIPE_SHOW_NUTRITION: "false"
|
||||||
|
RECIPE_SHOW_ASSETS: "true"
|
||||||
|
RECIPE_LANDSCAPE_VIEW: "true"
|
||||||
|
RECIPE_DISABLE_COMMENTS: "true"
|
||||||
|
RECIPE_DISABLE_AMOUNT: "true"
|
||||||
|
BASE_URL: "mealie.comprofix.xyz"
|
||||||
|
SMTP_HOST: "{{MAIL_HOST}}"
|
||||||
|
volumes:
|
||||||
|
- /mnt/nfs/docker/mealie/data/:/app/data
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.mealie.rule: "Host(`mealie.comprofix.xyz`)"
|
||||||
|
traefik.http.routers.mealie.entrypoints: "https"
|
||||||
|
traefik.http.routers.mealie.tls: "true"
|
||||||
|
traefik.http.services.mealie.loadbalancer.server.port: "9000"
|
61
tasks/osticket.yml
Normal file
61
tasks/osticket.yml
Normal file
@ -0,0 +1,61 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "/mnt/nfs/docker/osticket"
|
||||||
|
- "/mnt/nfs/docker/osticket/config"
|
||||||
|
|
||||||
|
- name: Create the osticket container
|
||||||
|
docker_container:
|
||||||
|
name: osticket
|
||||||
|
image: devinsolutions/osticket:1.17.5
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
env:
|
||||||
|
SMTP_HOST: "{{MAIL_HOST}}"
|
||||||
|
MYSQL_HOST: "{{MYSQL_HOST}}"
|
||||||
|
MYSQL_DATABASE: "{{OST_DATABASE}}"
|
||||||
|
MYSQL_USER: "{{OST_DB_USER}}"
|
||||||
|
MYSQL_PASSWORD: "{{OST_DB_PASSWORD}}"
|
||||||
|
INSTALL_SECRET: "{{OST_SIRI}}"
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.osticket.rule: "Host(`helpdesk.comprofix.com`)"
|
||||||
|
traefik.http.routers.osticket.entrypoints: "https"
|
||||||
|
traefik.http.routers.osticket.tls: "true"
|
||||||
|
traefik.http.services.osticket.loadbalancer.server.port: "80"
|
||||||
|
traefik.http.services.osticket.loadbalancer.server.scheme: "http"
|
||||||
|
|
||||||
|
- name: Add tzdata to osTicket container
|
||||||
|
community.docker.docker_container_exec:
|
||||||
|
container: osticket
|
||||||
|
command: apk add tzdata
|
||||||
|
|
||||||
|
- name: Set container Timezone
|
||||||
|
community.docker.docker_container_exec:
|
||||||
|
container: osticket
|
||||||
|
command: "ln -s /usr/share/zoneinfo/Australia/Brisbane /etc/localtime"
|
||||||
|
|
||||||
|
- name: Set PHP Timezone
|
||||||
|
community.docker.docker_container_exec:
|
||||||
|
container: osticket
|
||||||
|
command: "sed -i 's|UTC|Australia/Brisbane|g' /usr/local/etc/php/conf.d/php-osticket.ini"
|
||||||
|
|
||||||
|
- name: Patch mysqli.php for timezone
|
||||||
|
community.docker.docker_container_exec:
|
||||||
|
container: osticket
|
||||||
|
command: "sed -i 's|system_time_zone|time_zone|g' /var/www/html/include/mysqli.php"
|
||||||
|
|
||||||
|
- name: Clear ost_sessions table
|
||||||
|
mysql_query:
|
||||||
|
login_host: "{{MYSQL_HOST}}"
|
||||||
|
login_user: "{{OST_DB_USER}}"
|
||||||
|
login_password: "{{OST_DB_PASSWORD}}"
|
||||||
|
login_db: "{{OST_DATABASE}}"
|
||||||
|
query:
|
||||||
|
- USE comprofix_ost;
|
||||||
|
- TRUNCATE TABLE ost_session;
|
22
tasks/postgres.yml
Normal file
22
tasks/postgres.yml
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "/mnt/nfs/docker/postgres"
|
||||||
|
- "/mnt/nfs/docker/postgres/config"
|
||||||
|
|
||||||
|
- name: Create the postgres container
|
||||||
|
docker_container:
|
||||||
|
name: postgres
|
||||||
|
image: postgres:16-alpine
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
ports:
|
||||||
|
- 5432:5432
|
||||||
|
env:
|
||||||
|
POSTGRES_PASSWORD: "{{POSTGRES_PASSWORD}}"
|
||||||
|
volumes:
|
||||||
|
- /mnt/nfs/docker/postgres/db-data:/var/lib/postgresql/data
|
||||||
|
|
31
tasks/prowlarr.yml
Normal file
31
tasks/prowlarr.yml
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "/mnt/nfs/docker/prowlarr"
|
||||||
|
- "/mnt/nfs/docker/prowlarr/config"
|
||||||
|
|
||||||
|
- name: Create the prowlarr container
|
||||||
|
docker_container:
|
||||||
|
name: prowlarr
|
||||||
|
image: linuxserver/prowlarr:1.23.1
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
env:
|
||||||
|
PUID: "1000"
|
||||||
|
PGID: "1000"
|
||||||
|
TZ: "Australia/Brisbane"
|
||||||
|
AUTO_UPDATE: "true" #optional
|
||||||
|
DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:prowlarr"
|
||||||
|
volumes:
|
||||||
|
- /mnt/nfs/docker/prowlarr/config:/config
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.prowlarr.rule: "Host(`prowlarr.comprofix.xyz`)"
|
||||||
|
traefik.http.routers.prowlarr.entrypoints: "https"
|
||||||
|
traefik.http.routers.prowlarr.tls: "true"
|
||||||
|
traefik.http.services.prowlarr.loadbalancer.server.port: "9696"
|
28
tasks/pykms.yml
Normal file
28
tasks/pykms.yml
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "/mnt/nfs/docker/pykms"
|
||||||
|
- "/mnt/nfs/docker/pykms/config"
|
||||||
|
|
||||||
|
- name: Create the pykms container
|
||||||
|
docker_container:
|
||||||
|
name: pykms
|
||||||
|
image: ghcr.io/py-kms-organization/py-kms:latest
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
networks:
|
||||||
|
- name: proxy_network
|
||||||
|
ports:
|
||||||
|
- "1688:1688"
|
||||||
|
env:
|
||||||
|
IP: "0.0.0.0"
|
||||||
|
SQLITE: "true"
|
||||||
|
HWID: "RANDOM"
|
||||||
|
LOGLEVEL: "INFO"
|
||||||
|
volumes:
|
||||||
|
- /mnt/nfs/docker/pykms/db:/home/py-kms/db
|
||||||
|
- /etc/localtime:/etc/localtime:ro
|
||||||
|
|
31
tasks/radarr.yml
Normal file
31
tasks/radarr.yml
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "/mnt/nfs/docker/radarr"
|
||||||
|
- "/mnt/nfs/docker/radarr/config"
|
||||||
|
|
||||||
|
- name: Create the radarr container
|
||||||
|
docker_container:
|
||||||
|
name: radarr
|
||||||
|
image: linuxserver/radarr:5.9.1
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
env:
|
||||||
|
PUID: "1000"
|
||||||
|
PGID: "1000"
|
||||||
|
TZ: "Australia/Brisbane"
|
||||||
|
DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:radarr"
|
||||||
|
volumes:
|
||||||
|
- /mnt/nfs/docker/radarr/config:/config
|
||||||
|
- /mnt/nfs/data:/data
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.radarr.rule: "Host(`radarr.comprofix.xyz`)"
|
||||||
|
traefik.http.routers.radarr.entrypoints: "https"
|
||||||
|
traefik.http.routers.radarr.tls: "true"
|
||||||
|
traefik.http.services.radarr.loadbalancer.server.port: "7878"
|
31
tasks/readarr.yml
Normal file
31
tasks/readarr.yml
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "/mnt/nfs/docker/readarr"
|
||||||
|
- "/mnt/nfs/docker/readarr/config"
|
||||||
|
|
||||||
|
- name: Create the readarr container
|
||||||
|
docker_container:
|
||||||
|
name: readarr
|
||||||
|
image: ghcr.io/linuxserver/readarr:develop@sha256:dbca70a2dedff17b12698f55c02a49e3ec37e8ce884c5352b54264f9a3979aae
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
env:
|
||||||
|
PUID: "1000"
|
||||||
|
PGID: "1000"
|
||||||
|
TZ: "Australia/Brisbane"
|
||||||
|
DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:readarr"
|
||||||
|
volumes:
|
||||||
|
- /mnt/nfs/docker/readarr/config/:/config
|
||||||
|
- /mnt/nfs/data/:/data
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.readarr.rule: "Host(`readarr.comprofix.xyz`)"
|
||||||
|
traefik.http.routers.readarr.entrypoints: "https"
|
||||||
|
traefik.http.routers.readarr.tls: "true"
|
||||||
|
traefik.http.services.readarr.loadbalancer.server.port: "8787"
|
32
tasks/sabnzbd.yml
Normal file
32
tasks/sabnzbd.yml
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "/mnt/nfs/docker/sabnzbd"
|
||||||
|
- "/mnt/nfs/docker/sabnzbd/config"
|
||||||
|
|
||||||
|
- name: Create the sabnzbd container
|
||||||
|
docker_container:
|
||||||
|
name: sabnzbd
|
||||||
|
image: linuxserver/sabnzbd:4.3.3
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
env:
|
||||||
|
PUID: "1000"
|
||||||
|
PGID: "1000"
|
||||||
|
TZ: "Australia/Brisbane"
|
||||||
|
HOSTNAME: "sabnzbd.comprofix.xyz"
|
||||||
|
DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:sabnzbd"
|
||||||
|
volumes:
|
||||||
|
- /mnt/nfs/docker/sabnzbd/config:/config
|
||||||
|
- /mnt/nfs/data:/data
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.sabnzbd.rule: "Host(`sabnzbd.comprofix.xyz`)"
|
||||||
|
traefik.http.routers.sabnzbd.entrypoints: "https"
|
||||||
|
traefik.http.routers.sabnzbd.tls: "true"
|
||||||
|
traefik.http.services.sabnzbd.loadbalancer.server.port: "8080"
|
31
tasks/sonarr.yml
Normal file
31
tasks/sonarr.yml
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "/mnt/nfs/docker/sonarr"
|
||||||
|
- "/mnt/nfs/docker/sonarr/config"
|
||||||
|
|
||||||
|
- name: Create the sonarr container
|
||||||
|
docker_container:
|
||||||
|
name: sonarr
|
||||||
|
image: linuxserver/sonarr:4.0.9
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
env:
|
||||||
|
PUID: "1000"
|
||||||
|
PGID: "1000"
|
||||||
|
TZ: "Australia/Brisbane"
|
||||||
|
DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:sonarr"
|
||||||
|
volumes:
|
||||||
|
- /mnt/nfs/docker/sonarr/config/:/config
|
||||||
|
- /mnt/nfs/data:/data
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.sonarr.rule: "Host(`sonarr.comprofix.xyz`)"
|
||||||
|
traefik.http.routers.sonarr.entrypoints: "https"
|
||||||
|
traefik.http.routers.sonarr.tls: "true"
|
||||||
|
traefik.http.services.sonarr.loadbalancer.server.port: "8989"
|
41
tasks/speedtest.yml
Normal file
41
tasks/speedtest.yml
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "/mnt/nfs/docker/speedtest"
|
||||||
|
- "/mnt/nfs/docker/speedtest/config"
|
||||||
|
|
||||||
|
- name: Create the speedtest container
|
||||||
|
docker_container:
|
||||||
|
name: speedtest
|
||||||
|
image: lscr.io/linuxserver/speedtest-tracker:0.21.2
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
env:
|
||||||
|
APP_KEY: "base64:ViJcK7rSIwGC+TAW7pRWnczB43zPPVHH2Hx80t7eVm0="
|
||||||
|
PUID: "1000"
|
||||||
|
PGID: "1000"
|
||||||
|
DB_CONNECTION: "mysql"
|
||||||
|
DB_HOST: "{{ MYSQL_HOST }}"
|
||||||
|
DB_PORT: "3306"
|
||||||
|
DB_DATABASE: "{{ST_DATABASE}}"
|
||||||
|
DB_USERNAME: "{{ST_DB_USERNAME}}"
|
||||||
|
DB_PASSWORD: "{{ST_DB_PASSWORD}}"
|
||||||
|
TZ: "Australia/Brisbane"
|
||||||
|
SPEEDTEST_SCHEDULE: "0 * * * *"
|
||||||
|
DISPLAY_TIMEZONE: "Australia/Brisbane"
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
- /mnt/nfs/docker/speedtest/config:/config
|
||||||
|
- /mnt/nfs/docker/speedtest/web:/etc/ssl/web
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.speedtest.rule: "Host(`speedtest.comprofix.xyz`)"
|
||||||
|
traefik.http.routers.speedtest.entrypoints: "https"
|
||||||
|
traefik.http.routers.speedtest.tls: "true"
|
||||||
|
traefik.http.services.speedtest.loadbalancer.server.port: "80"
|
||||||
|
traefik.http.services.speedtest.loadbalancer.server.scheme: "http"
|
64
tasks/vaultwarden.yml
Normal file
64
tasks/vaultwarden.yml
Normal file
@ -0,0 +1,64 @@
|
|||||||
|
---
|
||||||
|
- name: Create directories
|
||||||
|
file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "{{ data_folder }}/vaultwarden"
|
||||||
|
- "{{ data_folder }}/vaultwarden/config"
|
||||||
|
|
||||||
|
- name: Create the vaultwarden container
|
||||||
|
docker_container:
|
||||||
|
name: vaultwarden
|
||||||
|
image: vaultwarden/server:1.32.0
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
recreate: true
|
||||||
|
networks:
|
||||||
|
- name: proxy
|
||||||
|
env:
|
||||||
|
PUID: "1000"
|
||||||
|
PGID: "1000"
|
||||||
|
TZ: "Australia/Brisbane"
|
||||||
|
volumes:
|
||||||
|
- "{{ data_folder }}/vaultwarden/data:/data"
|
||||||
|
labels:
|
||||||
|
traefik.enable: "true"
|
||||||
|
traefik.http.routers.vaultwarden.rule: "Host(`vault.comprofix.com`)"
|
||||||
|
traefik.http.routers.vaultwarden.entrypoints: "https"
|
||||||
|
traefik.http.routers.vaultwarden.tls: "true"
|
||||||
|
traefik.http.routers.vaultwarden.service: "vaultwarden"
|
||||||
|
traefik.http.services.vaultwarden.loadbalancer.server.port: "80"
|
||||||
|
register: container
|
||||||
|
|
||||||
|
- name: Create rclone config folder
|
||||||
|
file:
|
||||||
|
path: "/root/.config/rclone"
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Copy rclone config
|
||||||
|
copy:
|
||||||
|
src: scripts/rclone.conf
|
||||||
|
dest: /root/.config/rclone/rclone.conf
|
||||||
|
decrypt: yes
|
||||||
|
mode: "0600"
|
||||||
|
|
||||||
|
- name: copy backup script
|
||||||
|
copy:
|
||||||
|
src: scripts/backupvpsdocker
|
||||||
|
dest: /usr/local/sbin/backupvpsdocker
|
||||||
|
mode: 0755
|
||||||
|
|
||||||
|
- name: Setup cron job for backup
|
||||||
|
cron:
|
||||||
|
name: backup backupvpsdocker
|
||||||
|
minute: 0
|
||||||
|
hour: 4
|
||||||
|
job: "/usr/local/sbin/backupvpsdocker >/dev/null 2>&1"
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
41
vault.sh
Executable file
41
vault.sh
Executable file
@ -0,0 +1,41 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# If number of arguments is 0
|
||||||
|
if [ $# -eq 0 ]
|
||||||
|
then
|
||||||
|
echo "This script will encrypt of decrypt all files containing secrets."
|
||||||
|
echo "There are all files in vars as well as all secrets.yaml files under each service."
|
||||||
|
echo "Specify 'decrypt' or 'encrypt' as argument"
|
||||||
|
echo "If you put the vault password in a password file named .vault_password, the script will not ask for a password."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
files=`find . \( -type d -name 'group_vars' -o -name 'vars' \) -exec find {} -type f \;`
|
||||||
|
|
||||||
|
# password_type=--ask-vault-password
|
||||||
|
# if [ -f "~/.vault_password.txt" ]
|
||||||
|
# then
|
||||||
|
# if [ `stat -c %a ~/.vault_password.txt` != "600" ]
|
||||||
|
# then
|
||||||
|
# echo "~/.vault_password.txt file has bad permissions; fixing this to 600"
|
||||||
|
# chmod 600 ~/.vault_password.txt
|
||||||
|
# fi
|
||||||
|
# password_type="--vault-password-file=~/.vault_password.txt"
|
||||||
|
# fi
|
||||||
|
|
||||||
|
if [ $1 == "encrypt" ]
|
||||||
|
then
|
||||||
|
ansible-vault encrypt --vault-password-file=~/.vault_password.txt $files
|
||||||
|
for value in $files; do
|
||||||
|
echo $value;
|
||||||
|
done
|
||||||
|
|
||||||
|
elif [ $1 == "decrypt" ]
|
||||||
|
then
|
||||||
|
ansible-vault decrypt --vault-password-file=~/.vault_password.txt $files
|
||||||
|
for value in $files; do
|
||||||
|
echo $value;
|
||||||
|
done
|
||||||
|
else
|
||||||
|
echo "Wrong argument supplied. Run without arguments to see allowed ones."
|
||||||
|
fi
|
Loading…
Reference in New Issue
Block a user