Initial Commit

This commit is contained in:
2024-09-09 22:37:51 +10:00
commit ca1eea8f56
49 changed files with 2271 additions and 0 deletions

119
tasks/base.yml Normal file
View File

@ -0,0 +1,119 @@
---
- name: Update cache
apt:
force_apt_get: yes
update_cache: yes
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
- name: Update all packages to their latest version
apt:
name: "*"
force_apt_get: yes
state: latest
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
- name: Upgrade all packages on servers
apt:
upgrade: dist
force_apt_get: yes
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
- name: Install required packages
package:
name: "{{ install_packages }}"
state: present
become: yes
tags:
- install_packages
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
- name: Remove /usr/lib/python3.11/EXTERNALLY-MANAGED
file:
path: /usr/lib/python3.11/EXTERNALLY-MANAGED
state: absent
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
# - name: Download Oh My Zsh installation script
# get_url:
# url: https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh
# dest: /tmp/install_ohmyzsh.sh
# - name: Run Oh My Zsh installation script
# become: no
# command: sh /tmp/install_ohmyzsh.sh --unattended
# register: ohmyzsh_result
# failed_when: "'FAILED' in ohmyzsh_result.stderr"
# - name: Download zsh Dracula Theme
# become: no
# unarchive:
# src: https://github.com/dracula/zsh/archive/refs/heads/master.zip
# dest: "/tmp"
# remote_src: yes
# - name: Download moe theme for zsh
# become: no
# get_url:
# url: https://git.comprofix.com/mmckinnon/dotfiles/raw/branch/master/oh-my-zsh/moe.zsh-theme
# dest: "/home/{{ ansible_user }}/.oh-my-zsh/themes"
# force: true
# - name: Move zsh theme to correct folder
# become: no
# copy:
# src: /tmp/zsh-master/
# dest: /home/{{ ansible_user }}/.oh-my-zsh/themes
# remote_src: yes
# - name: Create vim config paths
# become: no
# file:
# path: "/home/{{ ansible_user }}/.vim/pack/themes/start/dracula"
# state: directory
# - name: Download vim Dracula Theme
# become: no
# unarchive:
# src: https://github.com/dracula/vim/archive/refs/heads/master.zip
# dest: "/tmp"
# remote_src: yes
# - name: Move vim theme to correct folder
# become: no
# copy:
# src: /tmp/vim-master/
# dest: /home/{{ ansible_user }}/.vim/pack/themes/start/dracula
# remote_src: yes
# - name: Get zsh config
# become: no
# get_url:
# url: https://git.comprofix.com/mmckinnon/dotfiles/raw/branch/master/zsh/zshrc
# dest: "/home/{{ ansible_user }}/.zshrc"
# force: true
# - name: Get vim config
# become: no
# get_url:
# url: https://git.comprofix.com/mmckinnon/dotfiles/raw/branch/master/vim/vimrc
# dest: "/home/{{ ansible_user }}/.vimrc"
# force: true
# - name: Set shell zsh
# user:
# name: "{{ ansible_user }}"
# shell: /bin/zsh
# - name: Set moe theme for zsh
# become: no
# ansible.builtin.lineinfile:
# path: "/home/{{ansible_user}}/.zshrc"
# regexp: '^ZSH_THEME="dracula"'
# line: 'ZSH_THEME="moe"'

29
tasks/dozzle.yml Normal file
View File

@ -0,0 +1,29 @@
---
- name: Create directories
file:
path: "{{ item }}"
state: directory
with_items:
- "/mnt/nfs/docker/dozzle"
- "/mnt/nfs/docker/dozzle/config"
- name: Create the dozzle container
docker_container:
name: dozzle
image: amir20/dozzle:v8.4.1
restart_policy: unless-stopped
recreate: true
networks:
- name: proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock
env:
DOZZLE_LEVEL: "trace"
DOZZLE_REMOTE_HOST: "tcp://omada.comprofix.xyz:2375,tcp://vps02.comprofix.com:2375"
labels:
traefik.enable: "true"
traefik.http.routers.dozzle.rule: "Host(`dozzle.comprofix.xyz`)"
traefik.http.routers.dozzle.entrypoints: "https"
traefik.http.routers.dozzle.tls: "true"
traefik.http.services.dozzle.loadbalancer.server.port: "8080"
traefik.http.services.dozzle.loadbalancer.server.scheme: "http"

40
tasks/homepage.yml Normal file
View File

@ -0,0 +1,40 @@
---
- name: Create directories
file:
path: "{{ item }}"
state: directory
with_items:
- "{{ data_folder }}/homepage"
- "{{ data_folder }}/homepage/config"
- name: Get dashboard-icons
git:
repo: https://github.com/walkxcode/dashboard-icons.git
dest: /data/dashboard-icons
update: yes
- name: Create the homepage container
docker_container:
name: homepage
image: ghcr.io/gethomepage/homepage:v0.9.6
restart_policy: unless-stopped
recreate: true
networks:
- name: proxy
dns_servers:
- 10.10.10.1
env:
LOG_LEVEL: debug
volumes:
- "{{ data_folder }}/homepage/config:/app/config"
- "{{ data_folder }}/dashboard-icons:/app/public/icons"
- /var/run/docker.sock:/var/run/docker.sock
labels:
traefik.enable: "true"
traefik.http.routers.homepage.rule: "Host(`homepage.comprofix.xyz`)"
traefik.http.routers.homepage.entrypoints: "https"
traefik.http.routers.homepage.tls: "true"
traefik.http.routers.homepage.service: "homepage"
traefik.http.services.homepage.loadbalancer.server.port: "3000"
register: container_homepage

15
tasks/idrac.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Create the Dell_R730xd Fan Contoller container
docker_container:
name: Dell_R730xd
image: tigerblue77/dell_idrac_fan_controller:latest@sha256:5184af88c6c03204611d40d4b1c6bc36202762592d16a97236bb4254951d23b0
restart_policy: unless-stopped
recreate: true
env:
IDRAC_HOST: "10.10.10.138"
IDRAC_USERNAME: "root"
IDRAC_PASSWORD: "calvin"
FAN_SPEED: "35"
CPU_TEMPERATURE_THRESHOLD: "80"
CHECK_INTERVAL: "60"
DISABLE_THIRD_PARTY_PCIE_CARD_DELL_DEFAULT_COOLING_RESPONSE: "true"

95
tasks/invoiceninja.yml Normal file
View File

@ -0,0 +1,95 @@
---
- name: Create directories
file:
path: "{{ item }}"
state: directory
with_items:
- "/mnt/nfs/docker/invoiceninja/"
- "/mnt/nfs/docker/invoiceninja/config"
- "/mnt/nfs/docker/invoiceninja/db"
- name: "create stack.env"
copy:
dest: "/mnt/nfs/docker/invoiceninja/stack.env"
content: |
APP_NAME="Invoice Ninja"
APP_ENV=production
APP_KEY="{{ IN_APP_KEY }}"
APP_DEBUG=false
APP_URL="{{ IN_APP_URL }}"
REQUIRE_HTTPS=true
TRUSTED_PROXIES='*'
SESSION_ENCRYPT=false
SESSION_SECURE=false
DB_CONNECTION="mysql"
MULTI_DB_ENABLED=false
DB_HOST="{{MYSQL_HOST}}"
DB_DATABASE="{{IN_DB_DATABASE}}"
DB_USERNAME="{{IN_DB_USERNAME}}"
DB_PASSWORD="{{IN_DB_PASSWORD}}"
DB_PORT="3306"
DEMO_MODE=false
BROADCAST_DRIVER=log
LOG_CHANNEL=stack
CACHE_DRIVER=file
#QUEUE_CONNECTION=sync
QUEUE_CONNECTION=database
SESSION_DRIVER=file
SESSION_LIFETIME=120
REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379
MAIL_MAILER="smtp"
MAIL_HOST="{{MAIL_HOST}}"
MAIL_PORT="{{MAIL_PORT}}"
MAIL_ENCRYPTION="tls"
MAIL_FROM_ADDRESS="{{MAIL_FROM}}"
MAIL_FROM_NAME="{{MAIL_FROM_NAME}}"
POSTMARK_API_TOKEN=
GOOGLE_MAPS_API_KEY=
ERROR_EMAIL=
NINJA_ENVIRONMENT="selfhost"
#options - snappdf / phantom / hosted_ninja
PDF_GENERATOR=hosted_ninja
PHANTOMJS_KEY='a-demo-key-with-low-quota-per-ip-address'
PHANTOMJS_SECRET=secret
UPDATE_SECRET=secret
SENTRY_LARAVEL_DSN=https://32f01ea994744fa08a0f688769cef78a@sentry.invoicing.co/
- name: Create the invoiceninja-app container
docker_container:
name: invoiceninja-app
image: invoiceninja/invoiceninja:5
env_file: /mnt/nfs/docker/invoiceninja/stack.env
restart_policy: unless-stopped
recreate: true
networks:
- name: proxy
volumes:
- /mnt/nfs/docker/invoiceninja/config/hosts:/etc/hosts
- /mnt/nfs/docker/invoiceninja/docker/app/public:/var/www/app/public
- /mnt/nfs/docker/invoiceninja/docker/app/storage:/var/www/app/storage
- name: Create the invoiceninja-nginx container
docker_container:
name: invoiceninja-nginx
image: nginx:1.27.1
env_file: /mnt/nfs/docker/invoiceninja/stack.env
restart_policy: unless-stopped
recreate: true
networks:
- name: proxy
volumes:
- /mnt/nfs/docker/invoiceninja/config/nginx/in-vhost.conf:/etc/nginx/conf.d/in-vhost.conf
- /mnt/nfs/docker/invoiceninja/docker/app/public:/var/www/app/public
- /mnt/nfs/docker/invoiceninja/docker/app/storage:/var/www/app/storage
labels:
traefik.enable: "true"
traefik.http.routers.invoiceninja.rule: "Host(`invoice.comprofix.com`)"
traefik.http.routers.invoiceninja.entrypoints: "https"
traefik.http.routers.invoiceninja.tls: "true"
traefik.http.services.invoiceninja.loadbalancer.server.port: "80"
traefik.http.services.invoiceninja.loadbalancer.server.scheme: "http"

29
tasks/jellyseerr.yml Normal file
View File

@ -0,0 +1,29 @@
---
- name: Create directories
file:
path: "{{ item }}"
state: directory
with_items:
- "/mnt/nfs/docker/jellyseerr"
- "/mnt/nfs/docker/jellyseerr/config"
- name: Create the jellyseerr container
docker_container:
name: jellyseerr
image: fallenbagel/jellyseerr:1.9.2
restart_policy: unless-stopped
recreate: true
networks:
- name: proxy
env:
PUID: "1000"
PGID: "1000"
TZ: "Australia/Brisbane"
volumes:
- /mnt/nfs/docker/jellyseerr/config:/app/config
labels:
traefik.enable: "true"
traefik.http.routers.jellyseerr.rule: "Host(`jellyseerr.comprofix.xyz`)"
traefik.http.routers.jellyseerr.entrypoints: "https"
traefik.http.routers.jellyseerr.tls: "true"
traefik.http.services.jellyseerr.loadbalancer.server.port: "5055"

36
tasks/lidarr.yml Normal file
View File

@ -0,0 +1,36 @@
---
- name: Set Facts
set_fact:
container_name: 'lidarr'
- name: Create directories
file:
path: "{{ item }}"
state: directory
with_items:
- "/mnt/nfs/docker/lidarr"
- "/mnt/nfs/docker/lidarr/config"
- name: Create the lidarr container
docker_container:
name: lidarr
image: ghcr.io/linuxserver/lidarr:latest@sha256:a77af413426b8509fad2d02f5b89104a5766ee6ebb13497d73993e74f6cfa0a8
restart_policy: unless-stopped
recreate: true
networks:
- name: proxy
env:
PUID: "1000"
PGID: "1000"
TZ: "Australia/Brisbane"
AUTO_UPDATE: "true" #optional
DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:lidarr"
volumes:
- /mnt/nfs/docker/lidarr/config:/config
- /mnt/nfs/data:/data
labels:
traefik.enable: "true"
traefik.http.routers.lidarr.rule: "Host(`lidarr.comprofix.xyz`)"
traefik.http.routers.lidarr.entrypoints: "https"
traefik.http.routers.lidarr.tls: "true"
traefik.http.services.lidarr.loadbalancer.server.port: "8686"

29
tasks/mariadb.yml Normal file
View File

@ -0,0 +1,29 @@
---
- name: Set Facts
set_fact:
container_name: 'mariadb'
- name: Create directories
file:
path: "{{ item }}"
state: directory
with_items:
- "/mnt/nfs/docker/mariadb"
- "/mnt/nfs/docker/mariadb/config"
- name: Create the mariadb container
docker_container:
name: "mariadb"
image: ghcr.io/linuxserver/mariadb:10.11.8
restart_policy: unless-stopped
recreate: true
ports:
- 3306:3306
env:
PUID: "0"
PGID: "0"
MYSQL_ROOT_PASSWORD: "{{MYSQL_ROOT_PASSWORD}}"
TZ: "Australia/Brisbane"
volumes:
- "/mnt/nfs/docker/mariadb/config:/config"

36
tasks/mealie.yml Normal file
View File

@ -0,0 +1,36 @@
---
- name: Create directories
file:
path: "{{ item }}"
state: directory
with_items:
- "/mnt/nfs/docker/mealie"
- "/mnt/nfs/docker/mealie/config"
- name: Create the mealie container
docker_container:
name: mealie
image: ghcr.io/mealie-recipes/mealie:v1.12.0
restart_policy: unless-stopped
networks:
- name: proxy
env:
PUID: "1000"
PGID: "1000"
TZ: "Australia/Brisbane"
RECIPE_PUBLIC: "true"
RECIPE_SHOW_NUTRITION: "false"
RECIPE_SHOW_ASSETS: "true"
RECIPE_LANDSCAPE_VIEW: "true"
RECIPE_DISABLE_COMMENTS: "true"
RECIPE_DISABLE_AMOUNT: "true"
BASE_URL: "mealie.comprofix.xyz"
SMTP_HOST: "{{MAIL_HOST}}"
volumes:
- /mnt/nfs/docker/mealie/data/:/app/data
labels:
traefik.enable: "true"
traefik.http.routers.mealie.rule: "Host(`mealie.comprofix.xyz`)"
traefik.http.routers.mealie.entrypoints: "https"
traefik.http.routers.mealie.tls: "true"
traefik.http.services.mealie.loadbalancer.server.port: "9000"

61
tasks/osticket.yml Normal file
View File

@ -0,0 +1,61 @@
---
- name: Create directories
file:
path: "{{ item }}"
state: directory
with_items:
- "/mnt/nfs/docker/osticket"
- "/mnt/nfs/docker/osticket/config"
- name: Create the osticket container
docker_container:
name: osticket
image: devinsolutions/osticket:1.17.5
restart_policy: unless-stopped
recreate: true
networks:
- name: proxy
env:
SMTP_HOST: "{{MAIL_HOST}}"
MYSQL_HOST: "{{MYSQL_HOST}}"
MYSQL_DATABASE: "{{OST_DATABASE}}"
MYSQL_USER: "{{OST_DB_USER}}"
MYSQL_PASSWORD: "{{OST_DB_PASSWORD}}"
INSTALL_SECRET: "{{OST_SIRI}}"
labels:
traefik.enable: "true"
traefik.http.routers.osticket.rule: "Host(`helpdesk.comprofix.com`)"
traefik.http.routers.osticket.entrypoints: "https"
traefik.http.routers.osticket.tls: "true"
traefik.http.services.osticket.loadbalancer.server.port: "80"
traefik.http.services.osticket.loadbalancer.server.scheme: "http"
- name: Add tzdata to osTicket container
community.docker.docker_container_exec:
container: osticket
command: apk add tzdata
- name: Set container Timezone
community.docker.docker_container_exec:
container: osticket
command: "ln -s /usr/share/zoneinfo/Australia/Brisbane /etc/localtime"
- name: Set PHP Timezone
community.docker.docker_container_exec:
container: osticket
command: "sed -i 's|UTC|Australia/Brisbane|g' /usr/local/etc/php/conf.d/php-osticket.ini"
- name: Patch mysqli.php for timezone
community.docker.docker_container_exec:
container: osticket
command: "sed -i 's|system_time_zone|time_zone|g' /var/www/html/include/mysqli.php"
- name: Clear ost_sessions table
mysql_query:
login_host: "{{MYSQL_HOST}}"
login_user: "{{OST_DB_USER}}"
login_password: "{{OST_DB_PASSWORD}}"
login_db: "{{OST_DATABASE}}"
query:
- USE comprofix_ost;
- TRUNCATE TABLE ost_session;

22
tasks/postgres.yml Normal file
View File

@ -0,0 +1,22 @@
---
- name: Create directories
file:
path: "{{ item }}"
state: directory
with_items:
- "/mnt/nfs/docker/postgres"
- "/mnt/nfs/docker/postgres/config"
- name: Create the postgres container
docker_container:
name: postgres
image: postgres:16-alpine
restart_policy: unless-stopped
recreate: true
ports:
- 5432:5432
env:
POSTGRES_PASSWORD: "{{POSTGRES_PASSWORD}}"
volumes:
- /mnt/nfs/docker/postgres/db-data:/var/lib/postgresql/data

31
tasks/prowlarr.yml Normal file
View File

@ -0,0 +1,31 @@
---
- name: Create directories
file:
path: "{{ item }}"
state: directory
with_items:
- "/mnt/nfs/docker/prowlarr"
- "/mnt/nfs/docker/prowlarr/config"
- name: Create the prowlarr container
docker_container:
name: prowlarr
image: linuxserver/prowlarr:1.23.1
restart_policy: unless-stopped
recreate: true
networks:
- name: proxy
env:
PUID: "1000"
PGID: "1000"
TZ: "Australia/Brisbane"
AUTO_UPDATE: "true" #optional
DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:prowlarr"
volumes:
- /mnt/nfs/docker/prowlarr/config:/config
labels:
traefik.enable: "true"
traefik.http.routers.prowlarr.rule: "Host(`prowlarr.comprofix.xyz`)"
traefik.http.routers.prowlarr.entrypoints: "https"
traefik.http.routers.prowlarr.tls: "true"
traefik.http.services.prowlarr.loadbalancer.server.port: "9696"

28
tasks/pykms.yml Normal file
View File

@ -0,0 +1,28 @@
---
- name: Create directories
file:
path: "{{ item }}"
state: directory
with_items:
- "/mnt/nfs/docker/pykms"
- "/mnt/nfs/docker/pykms/config"
- name: Create the pykms container
docker_container:
name: pykms
image: ghcr.io/py-kms-organization/py-kms:latest
restart_policy: unless-stopped
recreate: true
networks:
- name: proxy_network
ports:
- "1688:1688"
env:
IP: "0.0.0.0"
SQLITE: "true"
HWID: "RANDOM"
LOGLEVEL: "INFO"
volumes:
- /mnt/nfs/docker/pykms/db:/home/py-kms/db
- /etc/localtime:/etc/localtime:ro

31
tasks/radarr.yml Normal file
View File

@ -0,0 +1,31 @@
---
- name: Create directories
file:
path: "{{ item }}"
state: directory
with_items:
- "/mnt/nfs/docker/radarr"
- "/mnt/nfs/docker/radarr/config"
- name: Create the radarr container
docker_container:
name: radarr
image: linuxserver/radarr:5.9.1
restart_policy: unless-stopped
recreate: true
networks:
- name: proxy
env:
PUID: "1000"
PGID: "1000"
TZ: "Australia/Brisbane"
DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:radarr"
volumes:
- /mnt/nfs/docker/radarr/config:/config
- /mnt/nfs/data:/data
labels:
traefik.enable: "true"
traefik.http.routers.radarr.rule: "Host(`radarr.comprofix.xyz`)"
traefik.http.routers.radarr.entrypoints: "https"
traefik.http.routers.radarr.tls: "true"
traefik.http.services.radarr.loadbalancer.server.port: "7878"

31
tasks/readarr.yml Normal file
View File

@ -0,0 +1,31 @@
---
- name: Create directories
file:
path: "{{ item }}"
state: directory
with_items:
- "/mnt/nfs/docker/readarr"
- "/mnt/nfs/docker/readarr/config"
- name: Create the readarr container
docker_container:
name: readarr
image: ghcr.io/linuxserver/readarr:develop@sha256:dbca70a2dedff17b12698f55c02a49e3ec37e8ce884c5352b54264f9a3979aae
restart_policy: unless-stopped
recreate: true
networks:
- name: proxy
env:
PUID: "1000"
PGID: "1000"
TZ: "Australia/Brisbane"
DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:readarr"
volumes:
- /mnt/nfs/docker/readarr/config/:/config
- /mnt/nfs/data/:/data
labels:
traefik.enable: "true"
traefik.http.routers.readarr.rule: "Host(`readarr.comprofix.xyz`)"
traefik.http.routers.readarr.entrypoints: "https"
traefik.http.routers.readarr.tls: "true"
traefik.http.services.readarr.loadbalancer.server.port: "8787"

32
tasks/sabnzbd.yml Normal file
View File

@ -0,0 +1,32 @@
---
- name: Create directories
file:
path: "{{ item }}"
state: directory
with_items:
- "/mnt/nfs/docker/sabnzbd"
- "/mnt/nfs/docker/sabnzbd/config"
- name: Create the sabnzbd container
docker_container:
name: sabnzbd
image: linuxserver/sabnzbd:4.3.3
restart_policy: unless-stopped
recreate: true
networks:
- name: proxy
env:
PUID: "1000"
PGID: "1000"
TZ: "Australia/Brisbane"
HOSTNAME: "sabnzbd.comprofix.xyz"
DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:sabnzbd"
volumes:
- /mnt/nfs/docker/sabnzbd/config:/config
- /mnt/nfs/data:/data
labels:
traefik.enable: "true"
traefik.http.routers.sabnzbd.rule: "Host(`sabnzbd.comprofix.xyz`)"
traefik.http.routers.sabnzbd.entrypoints: "https"
traefik.http.routers.sabnzbd.tls: "true"
traefik.http.services.sabnzbd.loadbalancer.server.port: "8080"

31
tasks/sonarr.yml Normal file
View File

@ -0,0 +1,31 @@
---
- name: Create directories
file:
path: "{{ item }}"
state: directory
with_items:
- "/mnt/nfs/docker/sonarr"
- "/mnt/nfs/docker/sonarr/config"
- name: Create the sonarr container
docker_container:
name: sonarr
image: linuxserver/sonarr:4.0.9
restart_policy: unless-stopped
recreate: true
networks:
- name: proxy
env:
PUID: "1000"
PGID: "1000"
TZ: "Australia/Brisbane"
DOCKER_MODS: "ghcr.io/themepark-dev/theme.park:sonarr"
volumes:
- /mnt/nfs/docker/sonarr/config/:/config
- /mnt/nfs/data:/data
labels:
traefik.enable: "true"
traefik.http.routers.sonarr.rule: "Host(`sonarr.comprofix.xyz`)"
traefik.http.routers.sonarr.entrypoints: "https"
traefik.http.routers.sonarr.tls: "true"
traefik.http.services.sonarr.loadbalancer.server.port: "8989"

41
tasks/speedtest.yml Normal file
View File

@ -0,0 +1,41 @@
---
- name: Create directories
file:
path: "{{ item }}"
state: directory
with_items:
- "/mnt/nfs/docker/speedtest"
- "/mnt/nfs/docker/speedtest/config"
- name: Create the speedtest container
docker_container:
name: speedtest
image: lscr.io/linuxserver/speedtest-tracker:0.21.2
restart_policy: unless-stopped
recreate: true
networks:
- name: proxy
env:
APP_KEY: "base64:ViJcK7rSIwGC+TAW7pRWnczB43zPPVHH2Hx80t7eVm0="
PUID: "1000"
PGID: "1000"
DB_CONNECTION: "mysql"
DB_HOST: "{{ MYSQL_HOST }}"
DB_PORT: "3306"
DB_DATABASE: "{{ST_DATABASE}}"
DB_USERNAME: "{{ST_DB_USERNAME}}"
DB_PASSWORD: "{{ST_DB_PASSWORD}}"
TZ: "Australia/Brisbane"
SPEEDTEST_SCHEDULE: "0 * * * *"
DISPLAY_TIMEZONE: "Australia/Brisbane"
volumes:
- /mnt/nfs/docker/speedtest/config:/config
- /mnt/nfs/docker/speedtest/web:/etc/ssl/web
labels:
traefik.enable: "true"
traefik.http.routers.speedtest.rule: "Host(`speedtest.comprofix.xyz`)"
traefik.http.routers.speedtest.entrypoints: "https"
traefik.http.routers.speedtest.tls: "true"
traefik.http.services.speedtest.loadbalancer.server.port: "80"
traefik.http.services.speedtest.loadbalancer.server.scheme: "http"

64
tasks/vaultwarden.yml Normal file
View File

@ -0,0 +1,64 @@
---
- name: Create directories
file:
path: "{{ item }}"
state: directory
with_items:
- "{{ data_folder }}/vaultwarden"
- "{{ data_folder }}/vaultwarden/config"
- name: Create the vaultwarden container
docker_container:
name: vaultwarden
image: vaultwarden/server:1.32.0
restart_policy: unless-stopped
recreate: true
networks:
- name: proxy
env:
PUID: "1000"
PGID: "1000"
TZ: "Australia/Brisbane"
volumes:
- "{{ data_folder }}/vaultwarden/data:/data"
labels:
traefik.enable: "true"
traefik.http.routers.vaultwarden.rule: "Host(`vault.comprofix.com`)"
traefik.http.routers.vaultwarden.entrypoints: "https"
traefik.http.routers.vaultwarden.tls: "true"
traefik.http.routers.vaultwarden.service: "vaultwarden"
traefik.http.services.vaultwarden.loadbalancer.server.port: "80"
register: container
- name: Create rclone config folder
file:
path: "/root/.config/rclone"
state: directory
- name: Copy rclone config
copy:
src: scripts/rclone.conf
dest: /root/.config/rclone/rclone.conf
decrypt: yes
mode: "0600"
- name: copy backup script
copy:
src: scripts/backupvpsdocker
dest: /usr/local/sbin/backupvpsdocker
mode: 0755
- name: Setup cron job for backup
cron:
name: backup backupvpsdocker
minute: 0
hour: 4
job: "/usr/local/sbin/backupvpsdocker >/dev/null 2>&1"