mirror of
https://github.com/davestephens/ansible-nas
synced 2025-01-26 10:15:14 +00:00
First portion of migration
freshrss, get_iplayer, gitlab, glances, gotify, guacamole, healthchecks.io
This commit is contained in:
parent
bcee9bf5a0
commit
4960286632
50 changed files with 818 additions and 217 deletions
15
ansible-nas.code-workspace
Normal file
15
ansible-nas.code-workspace
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
{
|
||||||
|
"folders": [
|
||||||
|
{
|
||||||
|
"path": "."
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"settings": {
|
||||||
|
"yaml.schemas": {
|
||||||
|
"https://raw.githubusercontent.com/ansible/ansible-lint/main/src/ansiblelint/schemas/ansible.json#/$defs/tasks": "file:///c%3A/Users/anarion/Documents/repos/ansible-nas/roles/immich/tasks/main.yml"
|
||||||
|
},
|
||||||
|
"files.associations": {
|
||||||
|
"*.yaml": "home-assistant"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
}
|
7
nas.yml
7
nas.yml
|
@ -116,12 +116,10 @@
|
||||||
- role: freshrss
|
- role: freshrss
|
||||||
tags:
|
tags:
|
||||||
- freshrss
|
- freshrss
|
||||||
when: (freshrss_enabled | default(False))
|
|
||||||
|
|
||||||
- role: get_iplayer
|
- role: get_iplayer
|
||||||
tags:
|
tags:
|
||||||
- get_iplayer
|
- get_iplayer
|
||||||
when: (get_iplayer_enabled | default(False))
|
|
||||||
|
|
||||||
- role: gitea
|
- role: gitea
|
||||||
tags:
|
tags:
|
||||||
|
@ -130,27 +128,22 @@
|
||||||
- role: gitlab
|
- role: gitlab
|
||||||
tags:
|
tags:
|
||||||
- gitlab
|
- gitlab
|
||||||
when: (gitlab_enabled | default(False))
|
|
||||||
|
|
||||||
- role: glances
|
- role: glances
|
||||||
tags:
|
tags:
|
||||||
- glances
|
- glances
|
||||||
when: (glances_enabled | default(False))
|
|
||||||
|
|
||||||
- role: gotify
|
- role: gotify
|
||||||
tags:
|
tags:
|
||||||
- gotify
|
- gotify
|
||||||
when: (gotify_enabled | default(False))
|
|
||||||
|
|
||||||
- role: guacamole
|
- role: guacamole
|
||||||
tags:
|
tags:
|
||||||
- guacamole
|
- guacamole
|
||||||
when: (guacamole_enabled | default(False))
|
|
||||||
|
|
||||||
- role: healthchecks.io
|
- role: healthchecks.io
|
||||||
tags:
|
tags:
|
||||||
- healthchecks.io
|
- healthchecks.io
|
||||||
when: (healthchecks_enabled | default(False))
|
|
||||||
|
|
||||||
- role: heimdall
|
- role: heimdall
|
||||||
tags:
|
tags:
|
||||||
|
|
|
@ -10,5 +10,10 @@ freshrss_extensions_directory: "{{ docker_home }}/freshrss"
|
||||||
freshrss_port: "8089"
|
freshrss_port: "8089"
|
||||||
freshrss_hostname: "freshrss"
|
freshrss_hostname: "freshrss"
|
||||||
|
|
||||||
|
# docker
|
||||||
|
freshrss_container_name: freshrss
|
||||||
|
freshrss_image_name: "freshrss/freshrss"
|
||||||
|
freshrss_image_version: latest
|
||||||
|
|
||||||
# specs
|
# specs
|
||||||
freshrss_memory: 1g
|
freshrss_memory: 1g
|
||||||
|
|
21
roles/freshrss/docs/freshrss.md
Normal file
21
roles/freshrss/docs/freshrss.md
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
# Freshrss
|
||||||
|
|
||||||
|
Homepage: <https://freshrss.org/>
|
||||||
|
|
||||||
|
FreshRSS is a self-hosted RSS feed aggregator like Leed or Kriss Feed.
|
||||||
|
|
||||||
|
It is lightweight, easy to work with, powerful, and customizable.
|
||||||
|
|
||||||
|
It is a multi-user application with an anonymous reading mode. It supports custom tags. There is an API for (mobile) clients, and a Command-Line Interface.
|
||||||
|
|
||||||
|
Thanks to the WebSub standard (formerly PubSubHubbub), FreshRSS is able to receive instant push notifications from compatible sources, such as Mastodon, Friendica, WordPress, Blogger, FeedBurner, etc.
|
||||||
|
|
||||||
|
FreshRSS natively supports basic Web scraping, based on XPath, for Web sites not providing any RSS / Atom feed.
|
||||||
|
|
||||||
|
Finally, it supports extensions for further tuning.
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
Set `freshrss_enabled: true` in your `inventories/<your_inventory>/nas.yml` file.
|
||||||
|
|
||||||
|
The FreshRSS web interface can be found at <http://ansible_nas_host_or_ip:8089>.
|
6
roles/freshrss/molecule/default/molecule.yml
Normal file
6
roles/freshrss/molecule/default/molecule.yml
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
provisioner:
|
||||||
|
inventory:
|
||||||
|
group_vars:
|
||||||
|
all:
|
||||||
|
freshrss_enabled: true
|
10
roles/freshrss/molecule/default/side_effect.yml
Normal file
10
roles/freshrss/molecule/default/side_effect.yml
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
---
|
||||||
|
- name: Stop
|
||||||
|
hosts: all
|
||||||
|
become: true
|
||||||
|
tasks:
|
||||||
|
- name: "Include {{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }} role"
|
||||||
|
ansible.builtin.include_role:
|
||||||
|
name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
|
||||||
|
vars:
|
||||||
|
freshrss_enabled: false
|
19
roles/freshrss/molecule/default/verify.yml
Normal file
19
roles/freshrss/molecule/default/verify.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
- name: Verify
|
||||||
|
hosts: all
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: Include vars
|
||||||
|
ansible.builtin.include_vars:
|
||||||
|
file: ../../defaults/main.yml
|
||||||
|
|
||||||
|
- name: Get freshrss container state
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ freshrss_container_name }}"
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- name: Check if freshrss containers are running
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- result.container['State']['Status'] == "running"
|
||||||
|
- result.container['State']['Restarting'] == false
|
19
roles/freshrss/molecule/default/verify_stopped.yml
Normal file
19
roles/freshrss/molecule/default/verify_stopped.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
- name: Verify
|
||||||
|
hosts: all
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: Include vars
|
||||||
|
ansible.builtin.include_vars:
|
||||||
|
file: ../../defaults/main.yml
|
||||||
|
|
||||||
|
- name: Try and stop and remove freshrss
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ freshrss_container_name }}"
|
||||||
|
state: absent
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- name: Check if freshrss is stopped
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- not result.changed
|
|
@ -1,32 +1,44 @@
|
||||||
---
|
---
|
||||||
- name: Create FreshRSS Directories
|
- name: Start FreshRSS
|
||||||
file:
|
block:
|
||||||
path: "{{ item }}"
|
- name: Create FreshRSS Directories
|
||||||
state: directory
|
ansible.builtin.file:
|
||||||
# mode: 0755
|
path: "{{ item }}"
|
||||||
with_items:
|
state: directory
|
||||||
- "{{ freshrss_data_directory }}/data"
|
with_items:
|
||||||
- "{{ freshrss_extensions_directory }}/extensions"
|
- "{{ freshrss_data_directory }}/data"
|
||||||
|
- "{{ freshrss_extensions_directory }}/extensions"
|
||||||
|
|
||||||
- name: FreshRSS Docker Container
|
- name: FreshRSS Docker Container
|
||||||
docker_container:
|
community.docker.docker_container:
|
||||||
name: freshrss
|
container_default_behavior: no_defaults
|
||||||
image: freshrss/freshrss
|
name: "{{ freshrss_container_name }}"
|
||||||
pull: true
|
image: "{{ freshrss_image_name }}:{{ freshrss_image_version }}"
|
||||||
volumes:
|
pull: true
|
||||||
- "{{ freshrss_data_directory }}/data:/var/www/FreshRSS/data:rw"
|
volumes:
|
||||||
- "{{ freshrss_extensions_directory }}/extensions:/var/www/FreshRSS/extensions:rw"
|
- "{{ freshrss_data_directory }}/data:/var/www/FreshRSS/data:rw"
|
||||||
ports:
|
- "{{ freshrss_extensions_directory }}/extensions:/var/www/FreshRSS/extensions:rw"
|
||||||
- "{{ freshrss_port }}:80"
|
ports:
|
||||||
env:
|
- "{{ freshrss_port }}:80"
|
||||||
TZ: "{{ ansible_nas_timezone }}"
|
env:
|
||||||
CRON_MIN: "1,31"
|
TZ: "{{ ansible_nas_timezone }}"
|
||||||
restart_policy: unless-stopped
|
CRON_MIN: "1,31"
|
||||||
memory: "{{ freshrss_memory }}"
|
restart_policy: unless-stopped
|
||||||
labels:
|
memory: "{{ freshrss_memory }}"
|
||||||
traefik.enable: "{{ freshrss_available_externally | string }}"
|
labels:
|
||||||
traefik.http.routers.freshrss.rule: "Host(`{{ freshrss_hostname }}.{{ ansible_nas_domain }}`)"
|
traefik.enable: "{{ freshrss_available_externally | string }}"
|
||||||
traefik.http.routers.freshrss.tls.certresolver: "letsencrypt"
|
traefik.http.routers.freshrss.rule: "Host(`{{ freshrss_hostname }}.{{ ansible_nas_domain }}`)"
|
||||||
traefik.http.routers.freshrss.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
traefik.http.routers.freshrss.tls.certresolver: "letsencrypt"
|
||||||
traefik.http.routers.freshrss.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
traefik.http.routers.freshrss.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||||
traefik.http.services.freshrss.loadbalancer.server.port: "80"
|
traefik.http.routers.freshrss.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||||
|
traefik.http.services.freshrss.loadbalancer.server.port: "80"
|
||||||
|
when: freshrss_enabled is true
|
||||||
|
|
||||||
|
|
||||||
|
- name: Stop FreshRSS
|
||||||
|
block:
|
||||||
|
- name: Stop FreshRSS
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ freshrss_container_name }}"
|
||||||
|
state: absent
|
||||||
|
when: freshrss_enabled is false
|
||||||
|
|
|
@ -8,5 +8,10 @@ get_iplayer_download_directory: "{{ tv_root }}/iplayer_downloads"
|
||||||
# network
|
# network
|
||||||
get_iplayer_port: "8182"
|
get_iplayer_port: "8182"
|
||||||
|
|
||||||
|
# docker
|
||||||
|
get_iplayer_container_name: "get_iplayer"
|
||||||
|
get_iplayer_image_name: "kolonuk/get_iplayer"
|
||||||
|
get_iplayer_image_version: "latest"
|
||||||
|
|
||||||
# specs
|
# specs
|
||||||
get_iplayer_memory: "1g"
|
get_iplayer_memory: "1g"
|
||||||
|
|
11
roles/get_iplayer/docs/get_iplayer.md
Normal file
11
roles/get_iplayer/docs/get_iplayer.md
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
# Get_iPlayer
|
||||||
|
|
||||||
|
Homepage: <https://github.com/get-iplayer/get_iplayer>
|
||||||
|
|
||||||
|
Downloads TV and radio programmes from BBC iPlayer.
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
Set `get_iplayer_enabled: true` in your `inventories/<your_inventory>/nas.yml` file.
|
||||||
|
|
||||||
|
The get_iplayer web interface can be found at <http://ansible_nas_host_or_ip:8182>.
|
6
roles/get_iplayer/molecule/default/molecule.yml
Normal file
6
roles/get_iplayer/molecule/default/molecule.yml
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
provisioner:
|
||||||
|
inventory:
|
||||||
|
group_vars:
|
||||||
|
all:
|
||||||
|
get_iplayer_enabled: true
|
10
roles/get_iplayer/molecule/default/side_effect.yml
Normal file
10
roles/get_iplayer/molecule/default/side_effect.yml
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
---
|
||||||
|
- name: Stop
|
||||||
|
hosts: all
|
||||||
|
become: true
|
||||||
|
tasks:
|
||||||
|
- name: "Include {{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }} role"
|
||||||
|
ansible.builtin.include_role:
|
||||||
|
name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
|
||||||
|
vars:
|
||||||
|
get_iplayer_enabled: false
|
19
roles/get_iplayer/molecule/default/verify.yml
Normal file
19
roles/get_iplayer/molecule/default/verify.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
- name: Verify
|
||||||
|
hosts: all
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: Include vars
|
||||||
|
ansible.builtin.include_vars:
|
||||||
|
file: ../../defaults/main.yml
|
||||||
|
|
||||||
|
- name: Get get_iplayer container state
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ get_iplayer_container_name }}"
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- name: Check if get_iplayer containers are running
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- result.container['State']['Status'] == "running"
|
||||||
|
- result.container['State']['Restarting'] == false
|
19
roles/get_iplayer/molecule/default/verify_stopped.yml
Normal file
19
roles/get_iplayer/molecule/default/verify_stopped.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
- name: Verify
|
||||||
|
hosts: all
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: Include vars
|
||||||
|
ansible.builtin.include_vars:
|
||||||
|
file: ../../defaults/main.yml
|
||||||
|
|
||||||
|
- name: Try and stop and remove get_iplayer
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ get_iplayer_container_name }}"
|
||||||
|
state: absent
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- name: Check if get_iplayer is stopped
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- not result.changed
|
|
@ -1,21 +1,33 @@
|
||||||
---
|
---
|
||||||
- name: Create get_iplayer Directories
|
- name: Start get_iplayer
|
||||||
file:
|
block:
|
||||||
path: "{{ item }}"
|
- name: Create get_iplayer Directories
|
||||||
state: directory
|
ansible.builtin.file:
|
||||||
with_items:
|
path: "{{ item }}"
|
||||||
- "{{ get_iplayer_config_directory }}"
|
state: directory
|
||||||
- "{{ get_iplayer_download_directory }}"
|
with_items:
|
||||||
|
- "{{ get_iplayer_config_directory }}"
|
||||||
|
- "{{ get_iplayer_download_directory }}"
|
||||||
|
|
||||||
- name: Get_iplayer Docker Container
|
- name: Create get_iplayer Docker Container
|
||||||
docker_container:
|
community.docker.docker_container:
|
||||||
name: get_iplayer
|
container_default_behavior: no_defaults
|
||||||
image: kolonuk/get_iplayer
|
name: "{{ get_iplayer_container_name }}"
|
||||||
pull: true
|
image: "{{ get_iplayer_image_name }}:{{ get_iplayer_image_version }}"
|
||||||
volumes:
|
pull: true
|
||||||
- "{{ get_iplayer_config_directory }}:/root/.get_iplayer:rw"
|
volumes:
|
||||||
- "{{ get_iplayer_download_directory }}:/root/output:rw"
|
- "{{ get_iplayer_config_directory }}:/root/.get_iplayer:rw"
|
||||||
ports:
|
- "{{ get_iplayer_download_directory }}:/root/output:rw"
|
||||||
- "{{ get_iplayer_port }}:8181"
|
ports:
|
||||||
restart_policy: unless-stopped
|
- "{{ get_iplayer_port }}:8181"
|
||||||
memory: "{{ get_iplayer_memory }}"
|
restart_policy: unless-stopped
|
||||||
|
memory: "{{ get_iplayer_memory }}"
|
||||||
|
when: get_iplayer_enabled is true
|
||||||
|
|
||||||
|
- name: Stop get_iplayer
|
||||||
|
block:
|
||||||
|
- name: Stop get_iplayer
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ get_iplayer_container_name }}"
|
||||||
|
state: absent
|
||||||
|
when: get_iplayer_enabled is false
|
||||||
|
|
|
@ -12,5 +12,12 @@ gitlab_port_http: "4080"
|
||||||
gitlab_port_https: "4443"
|
gitlab_port_https: "4443"
|
||||||
gitlab_port_ssh: "422"
|
gitlab_port_ssh: "422"
|
||||||
|
|
||||||
|
# docker
|
||||||
|
gitlab_container_name: "gitlab"
|
||||||
|
gitlab_image_name: "gitlab/gitlab-ce"
|
||||||
|
gitlab_image_version: "latest"
|
||||||
|
gitlab_user_id: "1000"
|
||||||
|
gitlab_group_id: "1000"
|
||||||
|
|
||||||
# specs
|
# specs
|
||||||
gitlab_memory: "4g"
|
gitlab_memory: "4g"
|
||||||
|
|
13
roles/gitlab/docs/gitlab.md
Normal file
13
roles/gitlab/docs/gitlab.md
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
# GitLab
|
||||||
|
|
||||||
|
Homepage: <https://docs.gitlab.com/omnibus/docker/>
|
||||||
|
|
||||||
|
If Gitea isn't powerful enough for you then consider GitLab. It's a much more powerful (and consequently bigger) Git repository solution that includes a suite of code analytics. On the other hand it requires more RAM.
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
Set `gitlab_enabled: true` in your `inventories/<your_inventory>/nas.yml` file.
|
||||||
|
|
||||||
|
To make GitLab available externally via Traefik set `gitlab_available_externally: true` in your `inventories/<your_inventory>/nas.yml` file.
|
||||||
|
|
||||||
|
The first time you run GitLab you'll be prompted for an account's password. The password is for GitLab's `root` administrator account. From there you can log in to create additional users and further configure the application.
|
6
roles/gitlab/molecule/default/molecule.yml
Normal file
6
roles/gitlab/molecule/default/molecule.yml
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
provisioner:
|
||||||
|
inventory:
|
||||||
|
group_vars:
|
||||||
|
all:
|
||||||
|
gitlab_enabled: true
|
10
roles/gitlab/molecule/default/side_effect.yml
Normal file
10
roles/gitlab/molecule/default/side_effect.yml
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
---
|
||||||
|
- name: Stop
|
||||||
|
hosts: all
|
||||||
|
become: true
|
||||||
|
tasks:
|
||||||
|
- name: "Include {{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }} role"
|
||||||
|
ansible.builtin.include_role:
|
||||||
|
name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
|
||||||
|
vars:
|
||||||
|
gitlab_enabled: false
|
19
roles/gitlab/molecule/default/verify.yml
Normal file
19
roles/gitlab/molecule/default/verify.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
- name: Verify
|
||||||
|
hosts: all
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: Include vars
|
||||||
|
ansible.builtin.include_vars:
|
||||||
|
file: ../../defaults/main.yml
|
||||||
|
|
||||||
|
- name: Get gitlab container state
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ gitlab_container_name }}"
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- name: Check if gitlab containers are running
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- result.container['State']['Status'] == "running"
|
||||||
|
- result.container['State']['Restarting'] == false
|
19
roles/gitlab/molecule/default/verify_stopped.yml
Normal file
19
roles/gitlab/molecule/default/verify_stopped.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
- name: Verify
|
||||||
|
hosts: all
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: Include vars
|
||||||
|
ansible.builtin.include_vars:
|
||||||
|
file: ../../defaults/main.yml
|
||||||
|
|
||||||
|
- name: Try and stop and remove gitlab
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ gitlab_container_name }}"
|
||||||
|
state: absent
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- name: Check if gitlab is stopped
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- not result.changed
|
|
@ -1,57 +1,69 @@
|
||||||
---
|
---
|
||||||
# The gitlab uid/gid matches 'git:git' in the Gitlab Docker image.
|
- name: Start Gitlab
|
||||||
- name: Create Gitlab group account
|
block:
|
||||||
group:
|
# The gitlab uid/gid matches 'git:git' in the Gitlab Docker image.
|
||||||
name: gitlab
|
- name: Create Gitlab group account
|
||||||
gid: 998
|
group:
|
||||||
state: present
|
name: gitlab
|
||||||
|
gid: 998
|
||||||
|
state: present
|
||||||
|
|
||||||
- name: Create Gitlab user account
|
- name: Create Gitlab user account
|
||||||
user:
|
user:
|
||||||
name: gitlab
|
name: gitlab
|
||||||
uid: 998
|
uid: 998
|
||||||
state: present
|
state: present
|
||||||
system: yes
|
system: yes
|
||||||
update_password: on_create
|
update_password: on_create
|
||||||
create_home: no
|
create_home: no
|
||||||
group: gitlab
|
group: gitlab
|
||||||
|
|
||||||
- name: Create Gitlab Directories
|
- name: Create Gitlab Directories
|
||||||
file:
|
file:
|
||||||
path: "{{ item }}"
|
path: "{{ item }}"
|
||||||
state: directory
|
state: directory
|
||||||
owner: gitlab
|
owner: gitlab
|
||||||
group: gitlab
|
group: gitlab
|
||||||
with_items:
|
with_items:
|
||||||
- "{{ gitlab_data_directory }}/config"
|
- "{{ gitlab_data_directory }}/config"
|
||||||
- "{{ gitlab_data_directory }}/log"
|
- "{{ gitlab_data_directory }}/log"
|
||||||
- "{{ gitlab_data_directory }}/data"
|
- "{{ gitlab_data_directory }}/data"
|
||||||
|
|
||||||
- name: Create Gitlab Docker Container
|
- name: Create Gitlab Docker Container
|
||||||
docker_container:
|
community.docker.docker_container:
|
||||||
name: gitlab
|
container_default_behavior: no_defaults
|
||||||
image: gitlab/gitlab-ce:latest
|
name: "{{ gitlab_container_name }}"
|
||||||
pull: true
|
image: "{{ gitlab_image_name }}:{{ gitlab_image_version }}"
|
||||||
volumes:
|
pull: true
|
||||||
- "{{ gitlab_data_directory }}/config:/etc/gitlab:rw"
|
volumes:
|
||||||
- "{{ gitlab_data_directory }}/log:/var/log/gitlab:rw"
|
- "{{ gitlab_data_directory }}/config:/etc/gitlab:rw"
|
||||||
- "{{ gitlab_data_directory }}/data:/var/opt/gitlab:rw"
|
- "{{ gitlab_data_directory }}/log:/var/log/gitlab:rw"
|
||||||
network_mode: "bridge"
|
- "{{ gitlab_data_directory }}/data:/var/opt/gitlab:rw"
|
||||||
ports:
|
network_mode: "bridge"
|
||||||
- "{{ gitlab_port_http }}:80"
|
ports:
|
||||||
- "{{ gitlab_port_https }}:443"
|
- "{{ gitlab_port_http }}:80"
|
||||||
- "{{ gitlab_port_ssh }}:22"
|
- "{{ gitlab_port_https }}:443"
|
||||||
env:
|
- "{{ gitlab_port_ssh }}:22"
|
||||||
TZ: "{{ ansible_nas_timezone }}"
|
env:
|
||||||
PUID: "{{ gitlab_user_id }}"
|
TZ: "{{ ansible_nas_timezone }}"
|
||||||
PGID: "{{ gitlab_group_id }}"
|
PUID: "{{ gitlab_user_id }}"
|
||||||
restart_policy: unless-stopped
|
PGID: "{{ gitlab_group_id }}"
|
||||||
hostname: "{{ gitlab_hostname }}.{{ ansible_nas_domain }}"
|
restart_policy: unless-stopped
|
||||||
memory: "{{ gitlab_memory }}"
|
hostname: "{{ gitlab_hostname }}.{{ ansible_nas_domain }}"
|
||||||
labels:
|
memory: "{{ gitlab_memory }}"
|
||||||
traefik.enable: "{{ gitlab_available_externally | string }}"
|
labels:
|
||||||
traefik.http.routers.gitlab.rule: "Host(`{{ gitlab_hostname }}.{{ ansible_nas_domain }}`)"
|
traefik.enable: "{{ gitlab_available_externally | string }}"
|
||||||
traefik.http.routers.gitlab.tls.certresolver: "letsencrypt"
|
traefik.http.routers.gitlab.rule: "Host(`{{ gitlab_hostname }}.{{ ansible_nas_domain }}`)"
|
||||||
traefik.http.routers.gitlab.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
traefik.http.routers.gitlab.tls.certresolver: "letsencrypt"
|
||||||
traefik.http.routers.gitlab.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
traefik.http.routers.gitlab.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||||
traefik.http.services.gitlab.loadbalancer.server.port: "80"
|
traefik.http.routers.gitlab.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||||
|
traefik.http.services.gitlab.loadbalancer.server.port: "80"
|
||||||
|
when: gitlab_enabled is true
|
||||||
|
|
||||||
|
- name: Stop Gitlab
|
||||||
|
block:
|
||||||
|
- name: Stop Gitlab
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ gitlab_container_name }}"
|
||||||
|
state: absent
|
||||||
|
when: gitlab_enabled is false
|
||||||
|
|
|
@ -12,5 +12,10 @@ glances_port_two: "61209"
|
||||||
glances_security_options:
|
glances_security_options:
|
||||||
- "apparmor=unconfined"
|
- "apparmor=unconfined"
|
||||||
|
|
||||||
|
# docker
|
||||||
|
glances_container_name: "glances"
|
||||||
|
glances_image_name: "nicolargo/glances"
|
||||||
|
glances_image_version: "latest"
|
||||||
|
|
||||||
# specs
|
# specs
|
||||||
glances_memory: 1g
|
glances_memory: 1g
|
||||||
|
|
15
roles/glances/docs/glances.md
Normal file
15
roles/glances/docs/glances.md
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
# Glances
|
||||||
|
|
||||||
|
Homepage: <https://nicolargo.github.io/glances/>
|
||||||
|
|
||||||
|
Glances is a cross-platform system monitoring tool written in Python.
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
Set `glances_enabled: true` in your `inventories/<your_inventory>/nas.yml` file.
|
||||||
|
|
||||||
|
The Glances web interface can be found at <http://ansible_nas_host_or_ip:61208>.
|
||||||
|
|
||||||
|
## Specific Configuration
|
||||||
|
|
||||||
|
Glances can be integrated with InfluxDB and Grafana.
|
6
roles/glances/molecule/default/molecule.yml
Normal file
6
roles/glances/molecule/default/molecule.yml
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
provisioner:
|
||||||
|
inventory:
|
||||||
|
group_vars:
|
||||||
|
all:
|
||||||
|
glances_enabled: true
|
10
roles/glances/molecule/default/side_effect.yml
Normal file
10
roles/glances/molecule/default/side_effect.yml
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
---
|
||||||
|
- name: Stop
|
||||||
|
hosts: all
|
||||||
|
become: true
|
||||||
|
tasks:
|
||||||
|
- name: "Include {{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }} role"
|
||||||
|
ansible.builtin.include_role:
|
||||||
|
name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
|
||||||
|
vars:
|
||||||
|
glances_enabled: false
|
19
roles/glances/molecule/default/verify.yml
Normal file
19
roles/glances/molecule/default/verify.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
- name: Verify
|
||||||
|
hosts: all
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: Include vars
|
||||||
|
ansible.builtin.include_vars:
|
||||||
|
file: ../../defaults/main.yml
|
||||||
|
|
||||||
|
- name: Get glances container state
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ glances_container_name }}"
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- name: Check if glances containers are running
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- result.container['State']['Status'] == "running"
|
||||||
|
- result.container['State']['Restarting'] == false
|
19
roles/glances/molecule/default/verify_stopped.yml
Normal file
19
roles/glances/molecule/default/verify_stopped.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
- name: Verify
|
||||||
|
hosts: all
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: Include vars
|
||||||
|
ansible.builtin.include_vars:
|
||||||
|
file: ../../defaults/main.yml
|
||||||
|
|
||||||
|
- name: Try and stop and remove glances
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ glances_container_name }}"
|
||||||
|
state: absent
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- name: Check if glances is stopped
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- not result.changed
|
|
@ -1,25 +1,37 @@
|
||||||
---
|
---
|
||||||
- name: Create Glances Docker Container
|
- name: Start Glances
|
||||||
docker_container:
|
block:
|
||||||
name: glances
|
- name: Create Glances Docker Container
|
||||||
image: nicolargo/glances
|
community.docker.docker_container:
|
||||||
pull: true
|
container_default_behavior: no_defaults
|
||||||
volumes:
|
name: "{{ glances_container_name }}"
|
||||||
- "/var/run/docker.sock:/var/run/docker.sock:ro"
|
image: "{{ glances_image_name }}:{{ glances_image_version }}"
|
||||||
- "/etc/timezone:/etc/timezone:ro"
|
pull: true
|
||||||
pid_mode: host
|
volumes:
|
||||||
ports:
|
- "/var/run/docker.sock:/var/run/docker.sock:ro"
|
||||||
- "{{ glances_port_one }}:61208"
|
- "/etc/timezone:/etc/timezone:ro"
|
||||||
- "{{ glances_port_two }}:61209"
|
pid_mode: host
|
||||||
env:
|
ports:
|
||||||
GLANCES_OPT: "-w"
|
- "{{ glances_port_one }}:61208"
|
||||||
restart_policy: unless-stopped
|
- "{{ glances_port_two }}:61209"
|
||||||
security_opts: "{{ glances_security_options }}"
|
env:
|
||||||
memory: "{{ glances_memory }}"
|
GLANCES_OPT: "-w"
|
||||||
labels:
|
restart_policy: unless-stopped
|
||||||
traefik.enable: "{{ glances_available_externally | string }}"
|
security_opts: "{{ glances_security_options }}"
|
||||||
traefik.http.routers.glances.rule: "Host(`{{ glances_hostname }}.{{ ansible_nas_domain }}`)"
|
memory: "{{ glances_memory }}"
|
||||||
traefik.http.routers.glances.tls.certresolver: "letsencrypt"
|
labels:
|
||||||
traefik.http.routers.glances.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
traefik.enable: "{{ glances_available_externally | string }}"
|
||||||
traefik.http.routers.glances.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
traefik.http.routers.glances.rule: "Host(`{{ glances_hostname }}.{{ ansible_nas_domain }}`)"
|
||||||
traefik.http.services.glances.loadbalancer.server.port: "61208"
|
traefik.http.routers.glances.tls.certresolver: "letsencrypt"
|
||||||
|
traefik.http.routers.glances.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||||
|
traefik.http.routers.glances.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||||
|
traefik.http.services.glances.loadbalancer.server.port: "61208"
|
||||||
|
when: glances_enabled is true
|
||||||
|
|
||||||
|
- name: Stop Glances
|
||||||
|
block:
|
||||||
|
- name: Stop Glances
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ glances_container_name }}"
|
||||||
|
state: absent
|
||||||
|
when: glances_enabled is false
|
||||||
|
|
|
@ -5,14 +5,14 @@ gotify_available_externally: false
|
||||||
# data directory
|
# data directory
|
||||||
gotify_data_directory: "{{ docker_home }}/gotify"
|
gotify_data_directory: "{{ docker_home }}/gotify"
|
||||||
|
|
||||||
# docker image to use
|
|
||||||
gotify_docker_image: gotify/server:latest
|
|
||||||
|
|
||||||
# network
|
# network
|
||||||
gotify_port: "2346"
|
gotify_port: "2346"
|
||||||
gotify_hostname: "gotify"
|
gotify_hostname: "gotify"
|
||||||
|
|
||||||
# user to run container with
|
# docker
|
||||||
|
gotify_container_name: "gotify"
|
||||||
|
gotify_image_name: "gotify/server"
|
||||||
|
gotify_image_version: "latest"
|
||||||
gotify_user_id: "0"
|
gotify_user_id: "0"
|
||||||
gotify_group_id: "0"
|
gotify_group_id: "0"
|
||||||
|
|
||||||
|
|
16
roles/gotify/docs/gotify.md
Normal file
16
roles/gotify/docs/gotify.md
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
# Gotify
|
||||||
|
|
||||||
|
Homepage: <https://gotify.net/>
|
||||||
|
|
||||||
|
A simple server for sending and receiving messages in real-time per WebSocket. (Includes a sleek web-ui)
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
Set `gotify_enabled: true` in your `inventories/<your_inventory>/nas.yml` file.
|
||||||
|
|
||||||
|
The Gotify web interface can be found at <http://ansible_nas_host_or_ip:2346>.
|
||||||
|
|
||||||
|
Android client: [https://play.google.com/store/apps/details?id=com.github.gotify](https://play.google.com/store/apps/details?id=com.github.gotify)
|
||||||
|
iOS client: n/a
|
||||||
|
Chrome extension: n/a
|
||||||
|
Firefox extension: <https://addons.mozilla.org/en-US/firefox/addon/gotify-for-firefox/>
|
6
roles/gotify/molecule/default/molecule.yml
Normal file
6
roles/gotify/molecule/default/molecule.yml
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
provisioner:
|
||||||
|
inventory:
|
||||||
|
group_vars:
|
||||||
|
all:
|
||||||
|
gotify_enabled: true
|
10
roles/gotify/molecule/default/side_effect.yml
Normal file
10
roles/gotify/molecule/default/side_effect.yml
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
---
|
||||||
|
- name: Stop
|
||||||
|
hosts: all
|
||||||
|
become: true
|
||||||
|
tasks:
|
||||||
|
- name: "Include {{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }} role"
|
||||||
|
ansible.builtin.include_role:
|
||||||
|
name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
|
||||||
|
vars:
|
||||||
|
gotify_enabled: false
|
19
roles/gotify/molecule/default/verify.yml
Normal file
19
roles/gotify/molecule/default/verify.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
- name: Verify
|
||||||
|
hosts: all
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: Include vars
|
||||||
|
ansible.builtin.include_vars:
|
||||||
|
file: ../../defaults/main.yml
|
||||||
|
|
||||||
|
- name: Get gotify container state
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ gotify_container_name }}"
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- name: Check if gotify containers are running
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- result.container['State']['Status'] == "running"
|
||||||
|
- result.container['State']['Restarting'] == false
|
19
roles/gotify/molecule/default/verify_stopped.yml
Normal file
19
roles/gotify/molecule/default/verify_stopped.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
- name: Verify
|
||||||
|
hosts: all
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: Include vars
|
||||||
|
ansible.builtin.include_vars:
|
||||||
|
file: ../../defaults/main.yml
|
||||||
|
|
||||||
|
- name: Try and stop and remove gotify
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ gotify_container_name }}"
|
||||||
|
state: absent
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- name: Check if gotify is stopped
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- not result.changed
|
|
@ -1,31 +1,43 @@
|
||||||
---
|
---
|
||||||
- name: Create Gotify Data Directory
|
- name: Start Gotify
|
||||||
file:
|
block:
|
||||||
path: "{{ item }}"
|
- name: Create Gotify Data Directory
|
||||||
state: directory
|
ansible.builtin.file:
|
||||||
with_items:
|
path: "{{ item }}"
|
||||||
- "{{ gotify_data_directory }}"
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "{{ gotify_data_directory }}"
|
||||||
|
|
||||||
- name: Gotify Docker Container
|
- name: Gotify Docker Container
|
||||||
docker_container:
|
community.docker.docker_container:
|
||||||
name: gotify
|
container_default_behavior: no_defaults
|
||||||
image: "{{ gotify_docker_image }}"
|
name: "{{ gotify_container_name }}"
|
||||||
pull: true
|
image: "{{ gotify_image_name }}:{{ gotify_image_version }}"
|
||||||
ports:
|
pull: true
|
||||||
- "{{ gotify_port }}:80"
|
ports:
|
||||||
volumes:
|
- "{{ gotify_port }}:80"
|
||||||
- "/var/run/docker.sock:/var/run/docker.sock"
|
volumes:
|
||||||
- "{{ gotify_data_directory }}:/app/data:rw"
|
- "/var/run/docker.sock:/var/run/docker.sock"
|
||||||
env:
|
- "{{ gotify_data_directory }}:/app/data:rw"
|
||||||
TZ: "{{ ansible_nas_timezone }}"
|
env:
|
||||||
PUID: "{{ gotify_user_id }}"
|
TZ: "{{ ansible_nas_timezone }}"
|
||||||
PGID: "{{ gotify_group_id }}"
|
PUID: "{{ gotify_user_id }}"
|
||||||
restart_policy: unless-stopped
|
PGID: "{{ gotify_group_id }}"
|
||||||
memory: "{{ gotify_memory }}"
|
restart_policy: unless-stopped
|
||||||
labels:
|
memory: "{{ gotify_memory }}"
|
||||||
traefik.enable: "{{ gotify_available_externally | string }}"
|
labels:
|
||||||
traefik.http.routers.gotify.rule: "Host(`{{ gotify_hostname }}.{{ ansible_nas_domain }}`)"
|
traefik.enable: "{{ gotify_available_externally | string }}"
|
||||||
traefik.http.routers.gotify.tls.certresolver: "letsencrypt"
|
traefik.http.routers.gotify.rule: "Host(`{{ gotify_hostname }}.{{ ansible_nas_domain }}`)"
|
||||||
traefik.http.routers.gotify.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
traefik.http.routers.gotify.tls.certresolver: "letsencrypt"
|
||||||
traefik.http.routers.gotify.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
traefik.http.routers.gotify.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||||
traefik.http.services.gotify.loadbalancer.server.port: "80"
|
traefik.http.routers.gotify.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||||
|
traefik.http.services.gotify.loadbalancer.server.port: "80"
|
||||||
|
when: gotify_enabled is true
|
||||||
|
|
||||||
|
- name: Stop Gotify
|
||||||
|
block:
|
||||||
|
- name: Stop Gotify
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ gotify_container_name }}"
|
||||||
|
state: absent
|
||||||
|
when: gotify_enabled is false
|
||||||
|
|
|
@ -9,5 +9,10 @@ guacamole_data_directory: "{{ docker_home }}/guacamole"
|
||||||
guacamole_port: "8090"
|
guacamole_port: "8090"
|
||||||
guacamole_hostname: "guacamole"
|
guacamole_hostname: "guacamole"
|
||||||
|
|
||||||
|
# docker
|
||||||
|
guacamole_container_name: "guacamole"
|
||||||
|
guacamole_image_name: "oznu/guacamole"
|
||||||
|
guacamole_image_version: "latest"
|
||||||
|
|
||||||
# specs
|
# specs
|
||||||
guacamole_memory: 1g
|
guacamole_memory: 1g
|
||||||
|
|
17
roles/guacamole/docs/guacamole.md
Normal file
17
roles/guacamole/docs/guacamole.md
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
# Guacamole
|
||||||
|
|
||||||
|
Homepage: <https://guacamole.apache.org/>
|
||||||
|
|
||||||
|
Apache Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH.
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
Set `guacamole_enabled: true` in your `inventories/<your_inventory>/nas.yml` file.
|
||||||
|
|
||||||
|
## Specific Configuration
|
||||||
|
|
||||||
|
The default username and password is `guacadmin`. Change it!
|
||||||
|
|
||||||
|
## What to connect to?
|
||||||
|
|
||||||
|
You can run a virtual desktop from your Ansible-NAS box, check out the [Virtual Desktop docs](virtual_desktop.md).
|
6
roles/guacamole/molecule/default/molecule.yml
Normal file
6
roles/guacamole/molecule/default/molecule.yml
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
provisioner:
|
||||||
|
inventory:
|
||||||
|
group_vars:
|
||||||
|
all:
|
||||||
|
guacamole_enabled: true
|
10
roles/guacamole/molecule/default/side_effect.yml
Normal file
10
roles/guacamole/molecule/default/side_effect.yml
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
---
|
||||||
|
- name: Stop
|
||||||
|
hosts: all
|
||||||
|
become: true
|
||||||
|
tasks:
|
||||||
|
- name: "Include {{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }} role"
|
||||||
|
ansible.builtin.include_role:
|
||||||
|
name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
|
||||||
|
vars:
|
||||||
|
guacamole_enabled: false
|
19
roles/guacamole/molecule/default/verify.yml
Normal file
19
roles/guacamole/molecule/default/verify.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
- name: Verify
|
||||||
|
hosts: all
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: Include vars
|
||||||
|
ansible.builtin.include_vars:
|
||||||
|
file: ../../defaults/main.yml
|
||||||
|
|
||||||
|
- name: Get guacamole container state
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ guacamole_container_name }}"
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- name: Check if guacamole containers are running
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- result.container['State']['Status'] == "running"
|
||||||
|
- result.container['State']['Restarting'] == false
|
19
roles/guacamole/molecule/default/verify_stopped.yml
Normal file
19
roles/guacamole/molecule/default/verify_stopped.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
- name: Verify
|
||||||
|
hosts: all
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: Include vars
|
||||||
|
ansible.builtin.include_vars:
|
||||||
|
file: ../../defaults/main.yml
|
||||||
|
|
||||||
|
- name: Try and stop and remove guacamole
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ guacamole_container_name }}"
|
||||||
|
state: absent
|
||||||
|
register: result
|
||||||
|
|
||||||
|
- name: Check if guacamole is stopped
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- not result.changed
|
|
@ -1,51 +1,63 @@
|
||||||
---
|
---
|
||||||
- name: Create Guacamole directories
|
- name: Start Guacamole
|
||||||
file:
|
block:
|
||||||
path: "{{ item }}"
|
- name: Create Guacamole directories
|
||||||
state: directory
|
ansible.builtin.file:
|
||||||
with_items:
|
path: "{{ item }}"
|
||||||
- "{{ guacamole_data_directory }}/config"
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- "{{ guacamole_data_directory }}/config"
|
||||||
|
|
||||||
- name: Remove Old Guacamole Mysql Docker Container
|
- name: Remove Old Guacamole Mysql Docker Container
|
||||||
docker_container:
|
docker_container:
|
||||||
name: guacamole-mysql
|
name: guacamole-mysql
|
||||||
state: absent
|
state: absent
|
||||||
keep_volumes: true
|
keep_volumes: true
|
||||||
|
|
||||||
- name: Remove Old Guacamole guacd Docker Container
|
- name: Remove Old Guacamole guacd Docker Container
|
||||||
docker_container:
|
docker_container:
|
||||||
name: guacamole-guacd
|
name: guacamole-guacd
|
||||||
state: absent
|
state: absent
|
||||||
keep_volumes: true
|
keep_volumes: true
|
||||||
|
|
||||||
- name: Remove old Guacamole directories
|
- name: Remove old Guacamole directories
|
||||||
file:
|
file:
|
||||||
path: "{{ item }}"
|
path: "{{ item }}"
|
||||||
state: absent
|
state: absent
|
||||||
with_items:
|
with_items:
|
||||||
- "{{ guacamole_data_directory }}/mysql"
|
- "{{ guacamole_data_directory }}/mysql"
|
||||||
|
|
||||||
- name: Guacamole Container
|
- name: Guacamole Container
|
||||||
docker_container:
|
community.docker.docker_container:
|
||||||
name: guacamole
|
container_default_behavior: no_defaults
|
||||||
image: "oznu/guacamole"
|
name: "{{ guacamole_container_name }}"
|
||||||
pull: true
|
image: "{{ guacamole_image_name }}:{{ guacamole_image_version }}"
|
||||||
volumes:
|
pull: true
|
||||||
- "{{ guacamole_data_directory }}/config:/config:rw"
|
volumes:
|
||||||
ports:
|
- "{{ guacamole_data_directory }}/config:/config:rw"
|
||||||
- "{{ guacamole_port }}:8080"
|
ports:
|
||||||
restart_policy: unless-stopped
|
- "{{ guacamole_port }}:8080"
|
||||||
memory: "{{ guacamole_memory }}"
|
restart_policy: unless-stopped
|
||||||
labels:
|
memory: "{{ guacamole_memory }}"
|
||||||
traefik.enable: "{{ guacamole_available_externally | string }}"
|
labels:
|
||||||
traefik.http.routers.guacamole.rule: "Host(`{{ guacamole_hostname }}.{{ ansible_nas_domain }}`)"
|
traefik.enable: "{{ guacamole_available_externally | string }}"
|
||||||
traefik.http.routers.guacamole.tls.certresolver: "letsencrypt"
|
traefik.http.routers.guacamole.rule: "Host(`{{ guacamole_hostname }}.{{ ansible_nas_domain }}`)"
|
||||||
traefik.http.routers.guacamole.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
traefik.http.routers.guacamole.tls.certresolver: "letsencrypt"
|
||||||
traefik.http.routers.guacamole.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
traefik.http.routers.guacamole.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||||
traefik.http.services.guacamole.loadbalancer.server.port: "8080"
|
traefik.http.routers.guacamole.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||||
|
traefik.http.services.guacamole.loadbalancer.server.port: "8080"
|
||||||
|
|
||||||
- name: Restart Guacamole Container
|
- name: Restart Guacamole Container
|
||||||
docker_container:
|
community.docker.docker_container:
|
||||||
name: guacamole
|
name: "{{ guacamole_container_name }}"
|
||||||
image: "oznu/guacamole"
|
image: "{{ guacamole_image_name }}:{{ guacamole_image_version }}"
|
||||||
restart: true
|
restart: true
|
||||||
|
when: guacamole_enabled is true
|
||||||
|
|
||||||
|
- name: Stop Guacamole
|
||||||
|
block:
|
||||||
|
- name: Stop Guacamole
|
||||||
|
community.docker.docker_container:
|
||||||
|
name: "{{ guacamole_container_name }}"
|
||||||
|
state: absent
|
||||||
|
when: guacamole_enabled is false
|
||||||
|
|
11
roles/healthchecks.io/docs/healthchecks.io.md
Normal file
11
roles/healthchecks.io/docs/healthchecks.io.md
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
# Healthchecks.io
|
||||||
|
|
||||||
|
Homepage: <https://healthchecks.io/>
|
||||||
|
|
||||||
|
A simple cronjob that uses `curl` to ping a given endpoint on the `healthchecks.io` servers. You can choose how often it should ping the endpoint, and what happens when it doesn't. Email/Slack/Telegram and many more services can be integrated.
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
Create your own project on <https://healthchecks.io/>, and set both the time between pings and the grace time. Set your prefered integration such as email.
|
||||||
|
|
||||||
|
Set `healthchecks_enabled: true` in your `inventories/<your_inventory>/nas.yml` file, and if your time between pings is different than the default `healthchecks_ping_minutes`, change it. Finally, set your ping url in the `healthchecks_url` variable.
|
6
roles/healthchecks.io/molecule/default/molecule.yml
Normal file
6
roles/healthchecks.io/molecule/default/molecule.yml
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
provisioner:
|
||||||
|
inventory:
|
||||||
|
group_vars:
|
||||||
|
all:
|
||||||
|
healthchecks_enabled: true
|
10
roles/healthchecks.io/molecule/default/side_effect.yml
Normal file
10
roles/healthchecks.io/molecule/default/side_effect.yml
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
---
|
||||||
|
- name: Stop
|
||||||
|
hosts: all
|
||||||
|
become: true
|
||||||
|
tasks:
|
||||||
|
- name: "Include {{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }} role"
|
||||||
|
ansible.builtin.include_role:
|
||||||
|
name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
|
||||||
|
vars:
|
||||||
|
healthchecks_enabled: false
|
19
roles/healthchecks.io/molecule/default/verify.yml
Normal file
19
roles/healthchecks.io/molecule/default/verify.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
- name: Verify
|
||||||
|
hosts: all
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: Include vars
|
||||||
|
ansible.builtin.include_vars:
|
||||||
|
file: ../../defaults/main.yml
|
||||||
|
|
||||||
|
- name: Check cron job file
|
||||||
|
ansible.builtin.fetch:
|
||||||
|
src: /var/spool/cron/crontabs/root
|
||||||
|
dest: /tmp/fetched
|
||||||
|
|
||||||
|
- name: Check if cron job does exist
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that: "lookup('file', '/tmp/fetched/instance/var/spool/cron/crontabs/root') is search('healthchecks.io')"
|
||||||
|
fail_msg: "Cron job 'healthchecks.io' does not exist!"
|
||||||
|
success_msg: "Cron job 'healthchecks.io' does exist!"
|
19
roles/healthchecks.io/molecule/default/verify_stopped.yml
Normal file
19
roles/healthchecks.io/molecule/default/verify_stopped.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
- name: Verify
|
||||||
|
hosts: all
|
||||||
|
gather_facts: false
|
||||||
|
tasks:
|
||||||
|
- name: Include vars
|
||||||
|
ansible.builtin.include_vars:
|
||||||
|
file: ../../defaults/main.yml
|
||||||
|
|
||||||
|
- name: Check cron job file
|
||||||
|
ansible.builtin.fetch:
|
||||||
|
src: /var/spool/cron/crontabs/root
|
||||||
|
dest: /tmp/fetched
|
||||||
|
|
||||||
|
- name: Check if cron job does not exist
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that: "not lookup('file', '/tmp/fetched/instance/var/spool/cron/crontabs/root') is search('healthchecks.io')"
|
||||||
|
fail_msg: "Cron job 'healthchecks.io' still exists!"
|
||||||
|
success_msg: "Cron job 'healthchecks.io' does not exist!"
|
|
@ -1,7 +1,19 @@
|
||||||
---
|
---
|
||||||
- name: Add healthchecks.io cronjob
|
- name: Start Healthchecks
|
||||||
cron:
|
block:
|
||||||
name: healthchecks.io
|
- name: Add healthchecks.io cronjob
|
||||||
minute: "*/{{ healthchecks_ping_minutes }}"
|
ansible.builtin.cron:
|
||||||
user: root
|
name: healthchecks.io
|
||||||
job: "curl -m 10 --retry 5 {{ healthchecks_url }}"
|
minute: "*/{{ healthchecks_ping_minutes }}"
|
||||||
|
user: root
|
||||||
|
job: "curl -m 10 --retry 5 {{ healthchecks_url }}"
|
||||||
|
when: healthchecks_enabled is true
|
||||||
|
|
||||||
|
- name: Stop Healthchecks
|
||||||
|
block:
|
||||||
|
- name: Remove healthchecks.io cronjob
|
||||||
|
ansible.builtin.cron:
|
||||||
|
name: healthchecks.io
|
||||||
|
user: root
|
||||||
|
state: absent
|
||||||
|
when: healthchecks_enabled is false
|
||||||
|
|
Loading…
Reference in a new issue