Compare commits
No commits in common. "5440bd68f8ba19382c0c9ece3b38daeedd146eef" and "178b2f642bd22548ff641063beafa76fee8a6716" have entirely different histories.
5440bd68f8
...
178b2f642b
3
hosts
3
hosts
@ -7,6 +7,3 @@ vps02.comprofix.com
|
|||||||
[docker]
|
[docker]
|
||||||
docker.comprofix.xyz
|
docker.comprofix.xyz
|
||||||
|
|
||||||
[omada]
|
|
||||||
omada-lxc.comprofix.xyz ansible_user=root
|
|
||||||
|
|
||||||
|
75
main.yml
75
main.yml
@ -1,10 +1,11 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
- hosts: all
|
- hosts: all
|
||||||
name: Configure all servers
|
name: Configure all servers
|
||||||
tasks:
|
tasks:
|
||||||
- name: Gather facts if run with tags
|
- name: Gather facts if run with tags
|
||||||
ansible.builtin.setup:
|
ansible.builtin.setup:
|
||||||
when: ansible_run_tags | length
|
when: ansible_run_tags | length
|
||||||
tags: always
|
tags: always
|
||||||
|
|
||||||
- hosts: all
|
- hosts: all
|
||||||
@ -15,16 +16,17 @@
|
|||||||
|
|
||||||
- hosts: cloud
|
- hosts: cloud
|
||||||
become: yes
|
become: yes
|
||||||
roles:
|
roles:
|
||||||
- role: docker
|
- role: docker
|
||||||
tags: docker_install
|
tags: docker_install
|
||||||
|
|
||||||
- name: traefik
|
- name: traefik
|
||||||
vars:
|
vars:
|
||||||
traefik_host: traefik01.comprofix.com
|
traefik_host: traefik01.comprofix.com
|
||||||
tags: traefik_install
|
tags: traefik_install
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
|
|
||||||
- name: Deploy Vaultwarden
|
- name: Deploy Vaultwarden
|
||||||
import_tasks: tasks/vaultwarden.yml
|
import_tasks: tasks/vaultwarden.yml
|
||||||
tags: vaultwarden_install
|
tags: vaultwarden_install
|
||||||
@ -46,15 +48,16 @@
|
|||||||
tags: docker_install
|
tags: docker_install
|
||||||
- role: nfs
|
- role: nfs
|
||||||
mounts:
|
mounts:
|
||||||
- name: Data share
|
- name: Data share
|
||||||
path: /mnt/nfs/data
|
path: /mnt/nfs/data
|
||||||
src: truenas.comprofix.xyz:/mnt/datapool/data
|
src: truenas.comprofix.xyz:/mnt/datapool/data
|
||||||
tags: nfs_install
|
tags: nfs_install
|
||||||
- role: traefik
|
- role: traefik
|
||||||
vars:
|
vars:
|
||||||
traefik_host: traefik02.comprofix.xyz
|
traefik_host: traefik02.comprofix.xyz
|
||||||
tags: traefik_install
|
tags: traefik_install
|
||||||
tasks:
|
tasks:
|
||||||
|
|
||||||
- name: Deploy comprofix.com website
|
- name: Deploy comprofix.com website
|
||||||
import_tasks: tasks/comprofix.com.yml
|
import_tasks: tasks/comprofix.com.yml
|
||||||
tags: comprofix_install
|
tags: comprofix_install
|
||||||
@ -62,19 +65,19 @@
|
|||||||
- name: Deploy iDrac Fan Controller
|
- name: Deploy iDrac Fan Controller
|
||||||
import_tasks: tasks/idrac.yml
|
import_tasks: tasks/idrac.yml
|
||||||
tags: idrac_install
|
tags: idrac_install
|
||||||
|
|
||||||
- name: Deploy MariaDB
|
- name: Deploy MariaDB
|
||||||
import_tasks: tasks/mariadb.yml
|
import_tasks: tasks/mariadb.yml
|
||||||
tags: mariadb_install
|
tags: mariadb_install
|
||||||
|
|
||||||
- name: Deploy InvoiceNinja
|
- name: Deploy InvoiceNinja
|
||||||
import_tasks: tasks/invoiceninja.yml
|
import_tasks: tasks/invoiceninja.yml
|
||||||
tags: invoiceninja_install
|
tags: invoiceninja_install
|
||||||
|
|
||||||
- name: Deploy Homepage
|
- name: Deploy Homepage
|
||||||
import_tasks: tasks/homepage.yml
|
import_tasks: tasks/homepage.yml
|
||||||
tags: homepage_install
|
tags: homepage_install
|
||||||
|
|
||||||
# - name: Deploy osTicket
|
# - name: Deploy osTicket
|
||||||
# import_tasks: tasks/osticket.yml
|
# import_tasks: tasks/osticket.yml
|
||||||
# tags: osticket_install
|
# tags: osticket_install
|
||||||
@ -86,19 +89,19 @@
|
|||||||
- name: Deploy dozzle
|
- name: Deploy dozzle
|
||||||
import_tasks: tasks/dozzle.yml
|
import_tasks: tasks/dozzle.yml
|
||||||
tags: dozzle_install
|
tags: dozzle_install
|
||||||
|
|
||||||
- name: Deploy jellyseerr
|
- name: Deploy jellyseerr
|
||||||
import_tasks: tasks/jellyseerr.yml
|
import_tasks: tasks/jellyseerr.yml
|
||||||
tags: jellyseerr_install
|
tags: jellyseerr_install
|
||||||
|
|
||||||
- name: Deploy lidarr
|
- name: Deploy lidarr
|
||||||
import_tasks: tasks/lidarr.yml
|
import_tasks: tasks/lidarr.yml
|
||||||
tags: lidarr_install
|
tags: lidarr_install
|
||||||
|
|
||||||
- name: Deploy prowlarr
|
- name: Deploy prowlarr
|
||||||
import_tasks: tasks/prowlarr.yml
|
import_tasks: tasks/prowlarr.yml
|
||||||
tags: prowlarr_install
|
tags: prowlarr_install
|
||||||
|
|
||||||
- name: Deploy radarr
|
- name: Deploy radarr
|
||||||
import_tasks: tasks/radarr.yml
|
import_tasks: tasks/radarr.yml
|
||||||
tags: radarr_install
|
tags: radarr_install
|
||||||
@ -106,7 +109,7 @@
|
|||||||
- name: Deploy readarr
|
- name: Deploy readarr
|
||||||
import_tasks: tasks/readarr.yml
|
import_tasks: tasks/readarr.yml
|
||||||
tags: readarr_install
|
tags: readarr_install
|
||||||
|
|
||||||
- name: Deploy sonarr
|
- name: Deploy sonarr
|
||||||
import_tasks: tasks/sonarr.yml
|
import_tasks: tasks/sonarr.yml
|
||||||
tags: sonarr_install
|
tags: sonarr_install
|
||||||
@ -118,38 +121,24 @@
|
|||||||
- name: Deploy mealie
|
- name: Deploy mealie
|
||||||
import_tasks: tasks/mealie.yml
|
import_tasks: tasks/mealie.yml
|
||||||
tags: mealie_install
|
tags: mealie_install
|
||||||
|
|
||||||
- name: Deploy pyKMS
|
- name: Deploy pyKMS
|
||||||
import_tasks: tasks/pykms.yml
|
import_tasks: tasks/pykms.yml
|
||||||
tags: pykms_install
|
tags: pykms_install
|
||||||
|
|
||||||
- name: Deploy gitea-runner-homelab
|
- name: Deploy gitea-runner-homelab
|
||||||
import_tasks: tasks/gitea-runner-homelab.yml
|
import_tasks: tasks/gitea-runner-homelab.yml
|
||||||
tags: gitea_runner_homelab_install
|
tags: gitea_runner_homelab_install
|
||||||
|
|
||||||
tags: dockerserver_install
|
tags: dockerserver_install
|
||||||
|
|
||||||
- hosts: omada
|
|
||||||
become: yes
|
|
||||||
pre_tasks:
|
|
||||||
- name: Update packages
|
|
||||||
import_tasks: tasks/base.yml
|
|
||||||
tags: base_install
|
|
||||||
roles:
|
|
||||||
- role: docker
|
|
||||||
tags: docker_install
|
|
||||||
- role: nfs
|
|
||||||
mounts:
|
|
||||||
- name: Data share
|
|
||||||
path: /data
|
|
||||||
src: truenas.comprofix.xyz:/mnt/datapool/docker
|
|
||||||
tags: nfs_install
|
|
||||||
tasks:
|
|
||||||
- name: Deploy Dozzle Agent
|
|
||||||
import_tasks: tasks/dozzle-agent.yml
|
|
||||||
tags: dozzle_agent
|
|
||||||
|
|
||||||
- name: Deploy Omada
|
|
||||||
import_tasks: tasks/omada.yml
|
|
||||||
tags: omada_container_install
|
|
||||||
tags: omada_install
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -16,14 +16,7 @@
|
|||||||
template:
|
template:
|
||||||
src: templates/traefik.yml.j2
|
src: templates/traefik.yml.j2
|
||||||
dest: "{{ data_folder }}/traefik/data/traefik.yml"
|
dest: "{{ data_folder }}/traefik/data/traefik.yml"
|
||||||
mode: "0600"
|
mode: '0600'
|
||||||
|
|
||||||
- name: Copy Traefik config
|
|
||||||
template:
|
|
||||||
src: templates/config.yml.j2
|
|
||||||
dest: "{{ data_folder }}/traefik/data/config.yml"
|
|
||||||
mode: "0600"
|
|
||||||
when: traefik_host == "traefik02.comprofix.xyz"
|
|
||||||
|
|
||||||
- name: Check if {{ data_folder }}/traefik/data/acme.json exists
|
- name: Check if {{ data_folder }}/traefik/data/acme.json exists
|
||||||
ansible.builtin.stat:
|
ansible.builtin.stat:
|
||||||
@ -36,7 +29,7 @@
|
|||||||
state: touch
|
state: touch
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: "0600"
|
mode: '0600'
|
||||||
when: not file_status.stat.exists
|
when: not file_status.stat.exists
|
||||||
|
|
||||||
- name: Check if {{ data_folder }}/traefik/data/traefik.json.log exists
|
- name: Check if {{ data_folder }}/traefik/data/traefik.json.log exists
|
||||||
@ -50,7 +43,7 @@
|
|||||||
state: touch
|
state: touch
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: "0600"
|
mode: '0600'
|
||||||
when: not file_status.stat.exists
|
when: not file_status.stat.exists
|
||||||
|
|
||||||
- name: Create traefik Container
|
- name: Create traefik Container
|
||||||
@ -72,7 +65,7 @@
|
|||||||
- "{{ data_folder }}/traefik/data/traefik.yml:/traefik.yml:ro"
|
- "{{ data_folder }}/traefik/data/traefik.yml:/traefik.yml:ro"
|
||||||
- "{{ data_folder }}/traefik/data/acme.json:/acme.json"
|
- "{{ data_folder }}/traefik/data/acme.json:/acme.json"
|
||||||
- "{{ data_folder }}/traefik/data/traefik.json.log:/traefik.json.log"
|
- "{{ data_folder }}/traefik/data/traefik.json.log:/traefik.json.log"
|
||||||
- "{{ data_folder }}/traefik/data/config.yml:/config.yml:ro"
|
# - ./data/config.yml:/config.yml:ro
|
||||||
labels:
|
labels:
|
||||||
traefik.enable: "true"
|
traefik.enable: "true"
|
||||||
traefik.http.routers.traefik.entrypoints: "http"
|
traefik.http.routers.traefik.entrypoints: "http"
|
||||||
@ -90,4 +83,4 @@
|
|||||||
traefik.http.routers.traefik-secure.tls.domains[0].sans: "*.comprofix.com"
|
traefik.http.routers.traefik-secure.tls.domains[0].sans: "*.comprofix.com"
|
||||||
traefik.http.routers.traefik-secure.tls.domains[1].main: "comprofix.xyz"
|
traefik.http.routers.traefik-secure.tls.domains[1].main: "comprofix.xyz"
|
||||||
traefik.http.routers.traefik-secure.tls.domains[1].sans: "*.comprofix.xyz"
|
traefik.http.routers.traefik-secure.tls.domains[1].sans: "*.comprofix.xyz"
|
||||||
traefik.http.routers.traefik-secure.service: "api@internal"
|
traefik.http.routers.traefik-secure.service: "api@internal"
|
@ -1,51 +0,0 @@
|
|||||||
---
|
|
||||||
http:
|
|
||||||
routers:
|
|
||||||
oc-router:
|
|
||||||
entryPoints:
|
|
||||||
- "https"
|
|
||||||
service: oc-service
|
|
||||||
rule: "Host(`omada.comprofix.xyz`)" # change it to actual address
|
|
||||||
tls: {}
|
|
||||||
middlewares:
|
|
||||||
- default-headers
|
|
||||||
- https-redirect
|
|
||||||
|
|
||||||
services:
|
|
||||||
oc-service:
|
|
||||||
loadBalancer:
|
|
||||||
servers:
|
|
||||||
- url: https://omada-lxc.comprofix.xyz:8043 # change it to actual ip of the controller
|
|
||||||
|
|
||||||
middlewares:
|
|
||||||
https-redirect:
|
|
||||||
redirectScheme:
|
|
||||||
scheme: https
|
|
||||||
permanent: true
|
|
||||||
|
|
||||||
default-headers:
|
|
||||||
headers:
|
|
||||||
frameDeny: true
|
|
||||||
sslRedirect: true
|
|
||||||
browserXssFilter: true
|
|
||||||
contentTypeNosniff: true
|
|
||||||
forceSTSHeader: true
|
|
||||||
stsIncludeSubdomains: true
|
|
||||||
stsPreload: true
|
|
||||||
stsSeconds: 15552000
|
|
||||||
customFrameOptionsValue: SAMEORIGIN
|
|
||||||
customRequestHeaders:
|
|
||||||
X-Forwarded-Proto: https
|
|
||||||
|
|
||||||
default-whitelist:
|
|
||||||
IPAllowList:
|
|
||||||
sourceRange:
|
|
||||||
- "10.0.0.0/8"
|
|
||||||
- "192.168.0.0/16"
|
|
||||||
- "172.16.0.0/12"
|
|
||||||
- "100.64.0.0/10"
|
|
||||||
|
|
||||||
secured:
|
|
||||||
chain:
|
|
||||||
middlewares:
|
|
||||||
- default-headers
|
|
@ -1,11 +0,0 @@
|
|||||||
- name: Create the dozzle agent container
|
|
||||||
docker_container:
|
|
||||||
name: dozzle-agent
|
|
||||||
image: amir20/dozzle:v8.8.0
|
|
||||||
command: agent
|
|
||||||
restart_policy: unless-stopped
|
|
||||||
recreate: true
|
|
||||||
volumes:
|
|
||||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
||||||
ports:
|
|
||||||
- 7007:7007
|
|
@ -10,7 +10,7 @@
|
|||||||
- name: Create the dozzle container
|
- name: Create the dozzle container
|
||||||
docker_container:
|
docker_container:
|
||||||
name: dozzle
|
name: dozzle
|
||||||
image: amir20/dozzle:v8.8.0
|
image: amir20/dozzle:v8.7.2
|
||||||
restart_policy: unless-stopped
|
restart_policy: unless-stopped
|
||||||
recreate: true
|
recreate: true
|
||||||
networks:
|
networks:
|
||||||
@ -19,11 +19,11 @@
|
|||||||
- /var/run/docker.sock:/var/run/docker.sock
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
env:
|
env:
|
||||||
DOZZLE_LEVEL: "trace"
|
DOZZLE_LEVEL: "trace"
|
||||||
DOZZLE_REMOTE_AGENT: "omada-lxc.comprofix.xyz:7007"
|
DOZZLE_REMOTE_HOST: "tcp://omada.comprofix.xyz:2375,tcp://vps02.comprofix.com:2375"
|
||||||
labels:
|
labels:
|
||||||
traefik.enable: "true"
|
traefik.enable: "true"
|
||||||
traefik.http.routers.dozzle.rule: "Host(`dozzle.comprofix.xyz`)"
|
traefik.http.routers.dozzle.rule: "Host(`dozzle.comprofix.xyz`)"
|
||||||
traefik.http.routers.dozzle.entrypoints: "https"
|
traefik.http.routers.dozzle.entrypoints: "https"
|
||||||
traefik.http.routers.dozzle.tls: "true"
|
traefik.http.routers.dozzle.tls: "true"
|
||||||
traefik.http.services.dozzle.loadbalancer.server.port: "8080"
|
traefik.http.services.dozzle.loadbalancer.server.port: "8080"
|
||||||
traefik.http.services.dozzle.loadbalancer.server.scheme: "http"
|
traefik.http.services.dozzle.loadbalancer.server.scheme: "http"
|
@ -9,7 +9,7 @@
|
|||||||
IDRAC_HOST: "10.10.10.138"
|
IDRAC_HOST: "10.10.10.138"
|
||||||
IDRAC_USERNAME: "root"
|
IDRAC_USERNAME: "root"
|
||||||
IDRAC_PASSWORD: "calvin"
|
IDRAC_PASSWORD: "calvin"
|
||||||
FAN_SPEED: "50"
|
FAN_SPEED: "35"
|
||||||
CPU_TEMPERATURE_THRESHOLD: "80"
|
CPU_TEMPERATURE_THRESHOLD: "80"
|
||||||
CHECK_INTERVAL: "60"
|
CHECK_INTERVAL: "60"
|
||||||
DISABLE_THIRD_PARTY_PCIE_CARD_DELL_DEFAULT_COOLING_RESPONSE: "true"
|
DISABLE_THIRD_PARTY_PCIE_CARD_DELL_DEFAULT_COOLING_RESPONSE: "true"
|
@ -10,7 +10,7 @@
|
|||||||
- name: Create the jellyseerr container
|
- name: Create the jellyseerr container
|
||||||
docker_container:
|
docker_container:
|
||||||
name: jellyseerr
|
name: jellyseerr
|
||||||
image: fallenbagel/jellyseerr:2.1.0
|
image: fallenbagel/jellyseerr:2.0.1
|
||||||
restart_policy: unless-stopped
|
restart_policy: unless-stopped
|
||||||
recreate: true
|
recreate: true
|
||||||
networks:
|
networks:
|
||||||
|
@ -14,7 +14,7 @@
|
|||||||
- name: Create the lidarr container
|
- name: Create the lidarr container
|
||||||
docker_container:
|
docker_container:
|
||||||
name: lidarr
|
name: lidarr
|
||||||
image: ghcr.io/linuxserver/lidarr:latest@sha256:5c1f7a05944a1ceea242481801bbc5f908a4cc66e95ae0153b5a59f2d6224b17
|
image: ghcr.io/linuxserver/lidarr:latest@sha256:c4d9107e03efb0d73bd4491bdb3110fa497da8b53493f60404fbd53087ff0119
|
||||||
restart_policy: unless-stopped
|
restart_policy: unless-stopped
|
||||||
recreate: true
|
recreate: true
|
||||||
networks:
|
networks:
|
||||||
|
@ -1,24 +0,0 @@
|
|||||||
---
|
|
||||||
- name: Create directories
|
|
||||||
file:
|
|
||||||
path: "{{ item }}"
|
|
||||||
state: directory
|
|
||||||
with_items:
|
|
||||||
- "{{ data_folder }}/omada"
|
|
||||||
- "{{ data_folder }}/omada/data"
|
|
||||||
- "{{ data_folder }}/omada/logs"
|
|
||||||
|
|
||||||
- name: Create the omada container
|
|
||||||
docker_container:
|
|
||||||
name: omada
|
|
||||||
image: mbentley/omada-controller:5.14
|
|
||||||
restart_policy: unless-stopped
|
|
||||||
recreate: true
|
|
||||||
network_mode: host
|
|
||||||
volumes:
|
|
||||||
- "{{ data_folder }}/omada/data:/opt/tplink/EAPController/data"
|
|
||||||
- "{{ data_folder }}/omada/logs:/opt/tplink/EAPController/logs"
|
|
||||||
env:
|
|
||||||
PUID: "1000"
|
|
||||||
PGID: "1000"
|
|
||||||
TZ: "Australia/Brisbane"
|
|
@ -11,7 +11,7 @@
|
|||||||
- name: Create the speedtest container
|
- name: Create the speedtest container
|
||||||
docker_container:
|
docker_container:
|
||||||
name: speedtest
|
name: speedtest
|
||||||
image: lscr.io/linuxserver/speedtest-tracker:0.21.6
|
image: lscr.io/linuxserver/speedtest-tracker:0.21.5
|
||||||
restart_policy: unless-stopped
|
restart_policy: unless-stopped
|
||||||
recreate: true
|
recreate: true
|
||||||
networks:
|
networks:
|
||||||
|
Loading…
Reference in New Issue
Block a user