Allow all applications to be made available through Traefik, add docs

This commit is contained in:
David Stephens 2019-04-11 23:03:11 +01:00
parent 344af161a0
commit 7aa170c8a3
29 changed files with 235 additions and 38 deletions

View file

@ -4,6 +4,11 @@ Homepage: [https://traefik.io](https://traefik.io)
Traefik is used to provide external access to your Ansible-NAS box. Additionally, Traefik will automatically request and renew SSL certificates for you.
You can configure which applications are available externally by enabling the `<application_name>_available_externally` setting
for each application in the Advanced Settings section of your `all.yml`.
See [External Access](configuration/external_access) for more info.
## Usage
Set `traefik_enabled: true` in your `group_vars/all.yml` file.

View file

@ -0,0 +1,37 @@
# External Access
There are a number of steps required to enable external access to the applications running on your NAS:
- Enable Traefik
- Domain name and DNS configuration
- Router configuration
- Enable specific applications for external access
## :skull: :skull: :skull: Warning! :skull: :skull: :skull:
Enabling access to applications externally **does not** automatically secure them. If you can access an application from within your own network without a username and password, this will also be the case externally.
It is your responsiblity to ensure that applications you enable external access to are secured appropriately!
## Enable Traefik
Traefik routes traffic from ports 80 (HTTP) and 443 (HTTPS) on your Ansible-NAS box to the relevant application, based on hostname.
Simply set `traefik_enabled: true` in your `all.yml`. By default it listens on ports 80 and 443, but doesn't route any traffic.
## Domain Name and DNS Configuration
Set `ansible_nas_domain` to the domain name you want to use for your Ansible-NAS. You'll need somewhere to host the DNS for that domain - Cloudflare is a good free solution. Once you have an account and Cloudflare is hosting the DNS for your domain, create a wildcard DNS entry (`*.myawesomedomain.com`) and set it to your current IP address.
You then need to enable the Cloudflare Dynamic DNS container (`cloudflare_ddns_enabled: true`) so the wildcard DNS entry for your
domain name is updated if/when your ISP issues you a new IP address.
## Router Configuration
You need to map ports 80 and 443 from your router to your Ansible-NAS box.
How to do this is entirely dependent on your router (and out of scope of these docs), but if you're using Ansible-NAS then this should be within your skillset. :)
## Enable Specific Applications
Every application has a `<application_name>_available_externally` setting in the Advanced Settings section of `all.yml`. Setting this to `true` will configure Traefik to route `<application>.yourdomain.com` to the application, making it available externally.

View file

@ -1,5 +0,0 @@
# Router Configuration
If you want to make certain Ansible-NAS applications available outside of your home (for example Nextcloud), then you need to map ports 80 and 443 from your router to your Ansible-NAS box.
How to do this is entirely dependent on your router (and out of scope of these docs), but if you're using Ansible-NAS then this should be within your skillset. :)

View file

@ -4,9 +4,10 @@
# Set these options to true or false to toggle specific features
# External Access
# Traefik will allow access to certain applications externally. To enable this you'll need a domain name that points to your
# home static IP address, cloudflare with the cloudflare_ddns dynamic DNS container enabled, or use a dynamic DNS provider like no-ip.
# You'll also need to map ports 80 and 443 from your router to your ansible-nas server.
# Traefik will allow access to certain applications externally. To enable this you'll either; a domain name that points to your
# home static IP address, the cloudflare with the cloudflare_ddns dynamic DNS container enabled, or use a dynamic DNS provider like no-ip.
# You'll also need to map ports 80 and 443 from your router to your ansible-nas server, then enable the per-app "availble_externally"
# settings.
traefik_enabled: false
# BitTorrent
@ -196,20 +197,21 @@ samba_shares:
# set the options below.
# Your domain name
cloudflare_zone: awesomedomain.com
cloudflare_zone: "{{ ansible_nas_domain }}"
# The hostname you want the container to update. You shouldn't need to change this.
cloudflare_host: "*.{{ cloudflare_zone }}"
# Email address used to register for Cloudflare
cloudflare_email: dave@awesomedomain.com
cloudflare_email: "{{ ansible_nas_email }}"
# Cloudflare 'Global API Key', can be found on the 'My Profile' page
cloudflare_api_key: abcdeabcdeabcdeabcde1234512345
##################################################################
###### You shouldn't need to edit anything below this point ######
##################################################################
######################################################################################
###### Advanced Settings ######
###### Ensure you know what you're doing before getting stuck in down here 8-) ######
######################################################################################
###
### General
@ -244,18 +246,22 @@ samba_netbios_name: "{{ ansible_nas_hostname }}"
###
### Traefik
###
traefik_docker_image: traefik:1.7
traefik_docker_image: traefik:latest
traefik_data_directory: "{{ docker_home }}/traefik"
traefik_debug: "false"
###
### Heimdall
###
heimdall_available_externally: "false"
heimdall_docker_image: linuxserver/heimdall:latest
heimdall_data_directory: "{{ docker_home }}/heimdall"
###
### Transmission
###
transmission_available_externally: "false"
transmission_with_openvpn_available_externally: "false"
transmission_config_directory: "{{ docker_home }}/transmission/config"
transmission_download_directory: "{{ downloads_root }}"
transmission_watch_directory: "{{ torrents_root }}"
@ -267,6 +273,7 @@ transmission_local_network: "192.168.1.0/24"
###
### Plex
###
plex_available_externally: "false"
plex_config_directory: "{{ docker_home }}/plex/config"
plex_movies_directory: "{{ movies_root }}"
plex_tv_directory: "{{ tv_root }}"
@ -276,6 +283,7 @@ plex_group_id: 0
###
### Emby
###
emby_available_externally: "false"
emby_config_directory: "{{ docker_home }}/emby/config"
emby_movies_directory: "{{ movies_root }}"
emby_tv_directory: "{{ tv_root }}"
@ -285,6 +293,7 @@ emby_group_id: 0
###
### Tautulli
###
tautulli_available_externally: "false"
tautulli_config_directory: "{{ docker_home }}/tautulli/config"
tautulli_user_id: 0
tautulli_group_id: 0
@ -293,12 +302,14 @@ tautulli_group_id: 0
###
### Duplicati
###
duplicati_available_externally: "false"
duplicati_data_directory: "{{ docker_home }}/duplicati/config"
###
### Sonarr
###
sonarr_available_externally: "false"
sonarr_data_directory: "{{ docker_home }}/sonarr/config"
sonarr_tv_directory: "{{ tv_root }}"
sonarr_download_directory: "{{ downloads_root }}"
@ -309,6 +320,7 @@ sonarr_group_id: 0
###
### Radarr
###
radarr_available_externally: "false"
radarr_movies_directory: "{{ movies_root }}"
radarr_download_directory: "{{ downloads_root }}"
radarr_data_directory: "{{ docker_home }}/radarr"
@ -319,6 +331,7 @@ radarr_group_id: 0
###
### Couchpotato
###
couchpotato_available_externally: "false"
couchpotato_config_directory: "{{ docker_home }}/couchpotato/config"
couchpotato_movies_directory: "{{ movies_root }}"
couchpotato_downloads_directory: "{{ downloads_root }}"
@ -330,12 +343,17 @@ couchpotato_group_id: 0
###
### Sickrage
###
sickrage_available_externally: "false"
sickrage_config_directory: "{{ docker_home }}/sickrage/config"
sickrage_tv_directory: "{{ tv_root }}"
sickrage_downloads_directory: "{{ downloads_root }}"
sickrage_user_id: 0
sickrage_group_id: 0
###
### Netdata
###
netdata_available_externally: "false"
###
### OpenVPN
@ -346,12 +364,14 @@ openvpn_config_directory: "{{ docker_home }}/openvpn"
###
### Portainer
###
portainer_available_externally: "false"
portainer_data_directory: "{{ docker_home }}/portainer/config"
###
### ZNC
###
znc_available_externally: "false"
znc_data_directory: "{{ docker_home }}/znc"
znc_user_id: 0
znc_group_id: 0
@ -360,6 +380,7 @@ znc_group_id: 0
###
### Stats
###
grafana_available_externally: "false"
telegraf_data_directory: "{{ docker_home }}/telegraf"
influxdb_data_directory: "{{ docker_home }}/influxdb"
grafana_data_directory: "{{ docker_home }}/grafana"
@ -368,11 +389,18 @@ stat_collection_interval: 15s
###
### Gitea
###
gitea_available_externally: "false"
gitea_data_directory: "{{ docker_home }}/gitea"
###
### Glances
###
glances_available_externally: "false"
###
### Nextcloud
###
nextcloud_available_externally: "false"
nextcloud_data_directory: "{{ docker_home }}/nextcloud"
###
@ -383,6 +411,7 @@ nginx_data_directory: "{{ docker_home }}/nginx"
###
### Guacamole
###
guacamole_available_externally: "false"
guacamole_docker_image: guacamole/guacamole:0.9.14
guacamole_guacd_docker_image: guacamole/guacd:0.9.14
guacamole_data_directory: "{{ docker_home }}/guacamole"
@ -390,6 +419,7 @@ guacamole_data_directory: "{{ docker_home }}/guacamole"
###
### Miniflux
###
miniflux_available_externally: "false"
miniflux_data_directory: "{{ docker_home }}/miniflux"
miniflux_admin_username: admin
miniflux_admin_password: supersecure
@ -397,6 +427,7 @@ miniflux_admin_password: supersecure
###
### Airsonic
###
airsonic_available_externally: "false"
airsonic_data_directory: "{{ docker_home }}/airsonic"
###
@ -448,4 +479,5 @@ mymediaforalexa_data_directory: "{{ docker_home }}/mymediaforalexa"
###
### jackett
###
jackett_available_externally: "false"
jackett_data_directory: "{{ docker_home }}/jackett"

View file

@ -20,11 +20,11 @@
- "{{ samba_shares_root }}/podcasts:/airsonic/podcasts:rw"
ports:
- "4040:4040"
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "airsonic"
traefik.frontend.rule: "Host:airsonic.{{ ansible_nas_domain }}"
traefik.enable: "true"
traefik.enable: "{{ airsonic_available_externally }}"
traefik.port: "4040"
restart_policy: unless-stopped
memory: 1g

View file

@ -8,6 +8,7 @@
HOST: "{{ cloudflare_host }}"
EMAIL: "{{ cloudflare_email }}"
API: "{{ cloudflare_api_key }}"
PROXY: "false"
restart_policy: unless-stopped
memory: 512MB

View file

@ -25,3 +25,8 @@
PGID: "{{ couchpotato_group_id }}"
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "couchpotato"
traefik.frontend.rule: "Host:couchpotato.{{ ansible_nas_domain }}"
traefik.enable: "{{ couchpotato_available_externally }}"
traefik.port: "5050"

View file

@ -20,3 +20,8 @@
- "/etc/timezone:/etc/timezone:ro"
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "duplicati"
traefik.frontend.rule: "Host:duplicati.{{ ansible_nas_domain }}"
traefik.enable: "{{ duplicati_available_externally }}"
traefik.port: "8200"

View file

@ -24,3 +24,8 @@
PGID: "{{ emby_group_id }}"
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "emby"
traefik.frontend.rule: "Host:emby.{{ ansible_nas_domain }}"
traefik.enable: "{{ emby_available_externally }}"
traefik.port: "8096"

View file

@ -67,3 +67,8 @@
USER_GID: 1309
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "gitea"
traefik.frontend.rule: "Host:gitea.{{ ansible_nas_domain }}"
traefik.enable: "{{ gitea_available_externally }}"
traefik.port: "3000"

View file

@ -16,3 +16,8 @@
GLANCES_OPT: "-w"
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "glances"
traefik.frontend.rule: "Host:glances.{{ ansible_nas_domain }}"
traefik.enable: "{{ glances_available_externally }}"
traefik.port: "61208"

View file

@ -49,10 +49,10 @@
MYSQL_DATABASE: guacamole
MYSQL_USER: guacamole-user
MYSQL_PASSWORD: guacamole-pass
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "guacamole"
traefik.frontend.rule: "Host:guacamole.{{ ansible_nas_domain }}"
traefik.enable: "true"
traefik.enable: "{{ guacamole_available_externally }}"
traefik.port: "8080"
restart_policy: unless-stopped
memory: 1g

View file

@ -40,3 +40,8 @@
- "10443:443"
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "heimdall"
traefik.frontend.rule: "Host:heimdall.{{ ansible_nas_domain }}"
traefik.enable: "{{ heimdall_available_externally }}"
traefik.port: "80"

View file

@ -19,3 +19,8 @@
env:
TZ: "{{ ansible_nas_timezone }}"
restart_policy: unless-stopped
labels:
traefik.backend: "jackett"
traefik.frontend.rule: "Host:jackett.{{ ansible_nas_domain }}"
traefik.enable: "{{ jackett_available_externally }}"
traefik.port: "9117"

View file

@ -35,3 +35,8 @@
ADMIN_PASSWORD: "{{ miniflux_admin_password }}"
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "miniflux"
traefik.frontend.rule: "Host:miniflux.{{ ansible_nas_domain }}"
traefik.enable: "{{ miniflux_available_externally }}"
traefik.port: "8080"

View file

@ -25,3 +25,8 @@
- apparmor:unconfined
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "netdata"
traefik.frontend.rule: "Host:netdata.{{ ansible_nas_domain }}"
traefik.enable: "{{ netdata_available_externally }}"
traefik.port: "19999"

View file

@ -38,10 +38,10 @@
MYSQL_DATABASE: nextcloud
MYSQL_USER: nextcloud-user
MYSQL_PASSWORD: nextcloud-pass
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "nextcloud"
traefik.frontend.rule: "Host:nextcloud.{{ ansible_nas_domain }}"
traefik.enable: "true"
traefik.enable: "{{ nextcloud_available_externally }}"
traefik.port: "80"
restart_policy: unless-stopped
memory: 1g

View file

@ -22,3 +22,8 @@
PGID: "{{ plex_group_id }}"
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "plex"
traefik.frontend.rule: "Host:plex.{{ ansible_nas_domain }}"
traefik.enable: "{{ plex_available_externally }}"
traefik.port: "32400"

View file

@ -19,4 +19,9 @@
- "9000:9000"
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "portainer"
traefik.frontend.rule: "Host:portainer.{{ ansible_nas_domain }}"
traefik.enable: "{{ portainer_available_externally }}"
traefik.port: "9000"

View file

@ -23,3 +23,8 @@
PGID: "{{ radarr_group_id }}"
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "radarr"
traefik.frontend.rule: "Host:radarr.{{ ansible_nas_domain }}"
traefik.enable: "{{ radarr_available_externally }}"
traefik.port: "7878"

View file

@ -24,3 +24,8 @@
PGID: "{{ sickrage_group_id }}"
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "sickrage"
traefik.frontend.rule: "Host:sickrage.{{ ansible_nas_domain }}"
traefik.enable: "{{ sickrage_available_externally }}"
traefik.port: "8081"

View file

@ -23,3 +23,8 @@
PGID: "{{ sonarr_group_id }}"
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "sonarr"
traefik.frontend.rule: "Host:sonarr.{{ ansible_nas_domain }}"
traefik.enable: "{{ sonarr_available_externally }}"
traefik.port: "8989"

View file

@ -65,3 +65,8 @@
- "3000:3000"
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "grafana"
traefik.frontend.rule: "Host:grafana.{{ ansible_nas_domain }}"
traefik.enable: "{{ grafana_available_externally }}"
traefik.port: "3000"

View file

@ -20,3 +20,8 @@
PGID: "{{ tautulli_group_id }}"
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "tautulli"
traefik.frontend.rule: "Host:tautulli.{{ ansible_nas_domain }}"
traefik.enable: "{{ tautulli_available_externally }}"
traefik.port: "8181"

View file

@ -27,4 +27,8 @@
PGID: "{{ transmission_group_id }}"
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "transmission"
traefik.frontend.rule: "Host:transmission.{{ ansible_nas_domain }}"
traefik.enable: "{{ transmission_available_externally }}"
traefik.port: "9091"

View file

@ -45,3 +45,8 @@
- NET_ADMIN
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "transmission-openvpn"
traefik.frontend.rule: "Host:transmission-openvpn.{{ ansible_nas_domain }}"
traefik.enable: "{{ transmission_with_openvpn_available_externally }}"
traefik.port: "9091"

View file

@ -21,3 +21,8 @@
PGID: "{{ znc_group_id }}"
restart_policy: unless-stopped
memory: 1g
labels:
traefik.backend: "znc"
traefik.frontend.rule: "Host:znc.{{ ansible_nas_domain }}"
traefik.enable: "{{ znc_available_externally }}"
traefik.port: "6677"

View file

@ -7,7 +7,7 @@
# Optional
# Default: false
#
debug = false
debug = {{ traefik_debug }}
# Log level
#
@ -188,6 +188,7 @@ onDemand = false # create certificate when container is created
"grafana.{{ ansible_nas_domain }}",
"guacamole.{{ ansible_nas_domain }}",
"heimdall.{{ ansible_nas_domain }}",
"jackett.{{ ansible_nas_domain }}",
"miniflux.{{ ansible_nas_domain }}",
"netdata.{{ ansible_nas_domain }}",
"nextcloud.{{ ansible_nas_domain }}",
@ -198,4 +199,5 @@ onDemand = false # create certificate when container is created
"sonarr.{{ ansible_nas_domain }}",
"tautulli.{{ ansible_nas_domain }}",
"transmission.{{ ansible_nas_domain }}",
"transmission-openvpn.{{ ansible_nas_domain }}",
"znc.{{ ansible_nas_domain }}"]

View file

@ -207,9 +207,10 @@ cloudflare_email: dave@awesomedomain.com
# Cloudflare 'Global API Key', can be found on the 'My Profile' page
cloudflare_api_key: abcdeabcdeabcdeabcde1234512345
##################################################################
###### You shouldn't need to edit anything below this point ######
##################################################################
######################################################################################
###### Advanced Settings ######
###### Ensure you know what you're doing before getting stuck in down here 8-) ######
######################################################################################
###
### General
@ -244,18 +245,22 @@ samba_netbios_name: "{{ ansible_nas_hostname }}"
###
### Traefik
###
traefik_docker_image: traefik:1.7
traefik_docker_image: traefik:latest
traefik_data_directory: "{{ docker_home }}/traefik"
traefik_debug: "false"
###
### Heimdall
###
heimdall_available_externally: "false"
heimdall_docker_image: linuxserver/heimdall:latest
heimdall_data_directory: "{{ docker_home }}/heimdall"
###
### Transmission
###
transmission_available_externally: "false"
transmission_with_openvpn_available_externally: "false"
transmission_config_directory: "{{ docker_home }}/transmission/config"
transmission_download_directory: "{{ downloads_root }}"
transmission_watch_directory: "{{ torrents_root }}"
@ -267,6 +272,7 @@ transmission_local_network: "192.168.1.0/24"
###
### Plex
###
plex_available_externally: "false"
plex_config_directory: "{{ docker_home }}/plex/config"
plex_movies_directory: "{{ movies_root }}"
plex_tv_directory: "{{ tv_root }}"
@ -276,6 +282,7 @@ plex_group_id: 0
###
### Emby
###
emby_available_externally: "false"
emby_config_directory: "{{ docker_home }}/emby/config"
emby_movies_directory: "{{ movies_root }}"
emby_tv_directory: "{{ tv_root }}"
@ -285,6 +292,7 @@ emby_group_id: 0
###
### Tautulli
###
tautulli_available_externally: "false"
tautulli_config_directory: "{{ docker_home }}/tautulli/config"
tautulli_user_id: 0
tautulli_group_id: 0
@ -293,12 +301,14 @@ tautulli_group_id: 0
###
### Duplicati
###
duplicati_available_externally: "false"
duplicati_data_directory: "{{ docker_home }}/duplicati/config"
###
### Sonarr
###
sonarr_available_externally: "false"
sonarr_data_directory: "{{ docker_home }}/sonarr/config"
sonarr_tv_directory: "{{ tv_root }}"
sonarr_download_directory: "{{ downloads_root }}"
@ -309,6 +319,7 @@ sonarr_group_id: 0
###
### Radarr
###
radarr_available_externally: "false"
radarr_movies_directory: "{{ movies_root }}"
radarr_download_directory: "{{ downloads_root }}"
radarr_data_directory: "{{ docker_home }}/radarr"
@ -319,6 +330,7 @@ radarr_group_id: 0
###
### Couchpotato
###
couchpotato_available_externally: "false"
couchpotato_config_directory: "{{ docker_home }}/couchpotato/config"
couchpotato_movies_directory: "{{ movies_root }}"
couchpotato_downloads_directory: "{{ downloads_root }}"
@ -330,12 +342,17 @@ couchpotato_group_id: 0
###
### Sickrage
###
sickrage_available_externally: "false"
sickrage_config_directory: "{{ docker_home }}/sickrage/config"
sickrage_tv_directory: "{{ tv_root }}"
sickrage_downloads_directory: "{{ downloads_root }}"
sickrage_user_id: 0
sickrage_group_id: 0
###
### Netdata
###
netdata_available_externally: "false"
###
### OpenVPN
@ -346,12 +363,14 @@ openvpn_config_directory: "{{ docker_home }}/openvpn"
###
### Portainer
###
portainer_available_externally: "false"
portainer_data_directory: "{{ docker_home }}/portainer/config"
###
### ZNC
###
znc_available_externally: "false"
znc_data_directory: "{{ docker_home }}/znc"
znc_user_id: 0
znc_group_id: 0
@ -360,6 +379,7 @@ znc_group_id: 0
###
### Stats
###
grafana_available_externally: "false"
telegraf_data_directory: "{{ docker_home }}/telegraf"
influxdb_data_directory: "{{ docker_home }}/influxdb"
grafana_data_directory: "{{ docker_home }}/grafana"
@ -368,11 +388,18 @@ stat_collection_interval: 15s
###
### Gitea
###
gitea_available_externally: "false"
gitea_data_directory: "{{ docker_home }}/gitea"
###
### Glances
###
glances_available_externally: "false"
###
### Nextcloud
###
nextcloud_available_externally: "false"
nextcloud_data_directory: "{{ docker_home }}/nextcloud"
###
@ -383,6 +410,7 @@ nginx_data_directory: "{{ docker_home }}/nginx"
###
### Guacamole
###
guacamole_available_externally: "false"
guacamole_docker_image: guacamole/guacamole:0.9.14
guacamole_guacd_docker_image: guacamole/guacd:0.9.14
guacamole_data_directory: "{{ docker_home }}/guacamole"
@ -390,6 +418,7 @@ guacamole_data_directory: "{{ docker_home }}/guacamole"
###
### Miniflux
###
miniflux_available_externally: "false"
miniflux_data_directory: "{{ docker_home }}/miniflux"
miniflux_admin_username: admin
miniflux_admin_password: supersecure
@ -397,6 +426,7 @@ miniflux_admin_password: supersecure
###
### Airsonic
###
airsonic_available_externally: "false"
airsonic_data_directory: "{{ docker_home }}/airsonic"
###
@ -420,7 +450,7 @@ watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --debug"
###
### Time Machine
###
timemachine_data_directory: "{{ docker_home }}/timemachine" # needs to be an absolute path
timemachine_data_directory: "{{ docker_home }}/timemachine"
timemachine_volume_size_limit: 0
timemachine_password: timemachine
timemachine_share_name: TimeMachine
@ -448,4 +478,5 @@ mymediaforalexa_data_directory: "{{ docker_home }}/mymediaforalexa"
###
### jackett
###
jackett_available_externally: "false"
jackett_data_directory: "{{ docker_home }}/jackett"