mirror of
https://github.com/davestephens/ansible-nas
synced 2025-01-26 10:15:14 +00:00
Allow all applications to be made available through Traefik, add docs
This commit is contained in:
parent
344af161a0
commit
7aa170c8a3
29 changed files with 235 additions and 38 deletions
|
@ -4,6 +4,11 @@ Homepage: [https://traefik.io](https://traefik.io)
|
|||
|
||||
Traefik is used to provide external access to your Ansible-NAS box. Additionally, Traefik will automatically request and renew SSL certificates for you.
|
||||
|
||||
You can configure which applications are available externally by enabling the `<application_name>_available_externally` setting
|
||||
for each application in the Advanced Settings section of your `all.yml`.
|
||||
|
||||
See [External Access](configuration/external_access) for more info.
|
||||
|
||||
## Usage
|
||||
|
||||
Set `traefik_enabled: true` in your `group_vars/all.yml` file.
|
||||
|
@ -12,4 +17,4 @@ Traefik's web interface can be found at http://ansible_nas_host_or_ip:8083.
|
|||
|
||||
## Specific Configuration
|
||||
|
||||
You'll need to map port 80 and 443 from your router to your Ansible-NAS box. A quick search should reveal instruction for your model of router.
|
||||
You'll need to map port 80 and 443 from your router to your Ansible-NAS box. A quick search should reveal instruction for your model of router.
|
||||
|
|
37
docs/configuration/external_access.md
Normal file
37
docs/configuration/external_access.md
Normal file
|
@ -0,0 +1,37 @@
|
|||
# External Access
|
||||
|
||||
There are a number of steps required to enable external access to the applications running on your NAS:
|
||||
|
||||
- Enable Traefik
|
||||
- Domain name and DNS configuration
|
||||
- Router configuration
|
||||
- Enable specific applications for external access
|
||||
|
||||
## :skull: :skull: :skull: Warning! :skull: :skull: :skull:
|
||||
|
||||
Enabling access to applications externally **does not** automatically secure them. If you can access an application from within your own network without a username and password, this will also be the case externally.
|
||||
|
||||
It is your responsiblity to ensure that applications you enable external access to are secured appropriately!
|
||||
|
||||
## Enable Traefik
|
||||
|
||||
Traefik routes traffic from ports 80 (HTTP) and 443 (HTTPS) on your Ansible-NAS box to the relevant application, based on hostname.
|
||||
|
||||
Simply set `traefik_enabled: true` in your `all.yml`. By default it listens on ports 80 and 443, but doesn't route any traffic.
|
||||
|
||||
## Domain Name and DNS Configuration
|
||||
|
||||
Set `ansible_nas_domain` to the domain name you want to use for your Ansible-NAS. You'll need somewhere to host the DNS for that domain - Cloudflare is a good free solution. Once you have an account and Cloudflare is hosting the DNS for your domain, create a wildcard DNS entry (`*.myawesomedomain.com`) and set it to your current IP address.
|
||||
|
||||
You then need to enable the Cloudflare Dynamic DNS container (`cloudflare_ddns_enabled: true`) so the wildcard DNS entry for your
|
||||
domain name is updated if/when your ISP issues you a new IP address.
|
||||
|
||||
## Router Configuration
|
||||
|
||||
You need to map ports 80 and 443 from your router to your Ansible-NAS box.
|
||||
|
||||
How to do this is entirely dependent on your router (and out of scope of these docs), but if you're using Ansible-NAS then this should be within your skillset. :)
|
||||
|
||||
## Enable Specific Applications
|
||||
|
||||
Every application has a `<application_name>_available_externally` setting in the Advanced Settings section of `all.yml`. Setting this to `true` will configure Traefik to route `<application>.yourdomain.com` to the application, making it available externally.
|
|
@ -1,5 +0,0 @@
|
|||
# Router Configuration
|
||||
|
||||
If you want to make certain Ansible-NAS applications available outside of your home (for example Nextcloud), then you need to map ports 80 and 443 from your router to your Ansible-NAS box.
|
||||
|
||||
How to do this is entirely dependent on your router (and out of scope of these docs), but if you're using Ansible-NAS then this should be within your skillset. :)
|
|
@ -4,9 +4,10 @@
|
|||
# Set these options to true or false to toggle specific features
|
||||
|
||||
# External Access
|
||||
# Traefik will allow access to certain applications externally. To enable this you'll need a domain name that points to your
|
||||
# home static IP address, cloudflare with the cloudflare_ddns dynamic DNS container enabled, or use a dynamic DNS provider like no-ip.
|
||||
# You'll also need to map ports 80 and 443 from your router to your ansible-nas server.
|
||||
# Traefik will allow access to certain applications externally. To enable this you'll either; a domain name that points to your
|
||||
# home static IP address, the cloudflare with the cloudflare_ddns dynamic DNS container enabled, or use a dynamic DNS provider like no-ip.
|
||||
# You'll also need to map ports 80 and 443 from your router to your ansible-nas server, then enable the per-app "availble_externally"
|
||||
# settings.
|
||||
traefik_enabled: false
|
||||
|
||||
# BitTorrent
|
||||
|
@ -196,20 +197,21 @@ samba_shares:
|
|||
# set the options below.
|
||||
|
||||
# Your domain name
|
||||
cloudflare_zone: awesomedomain.com
|
||||
cloudflare_zone: "{{ ansible_nas_domain }}"
|
||||
|
||||
# The hostname you want the container to update. You shouldn't need to change this.
|
||||
cloudflare_host: "*.{{ cloudflare_zone }}"
|
||||
|
||||
# Email address used to register for Cloudflare
|
||||
cloudflare_email: dave@awesomedomain.com
|
||||
cloudflare_email: "{{ ansible_nas_email }}"
|
||||
|
||||
# Cloudflare 'Global API Key', can be found on the 'My Profile' page
|
||||
cloudflare_api_key: abcdeabcdeabcdeabcde1234512345
|
||||
|
||||
##################################################################
|
||||
###### You shouldn't need to edit anything below this point ######
|
||||
##################################################################
|
||||
######################################################################################
|
||||
###### Advanced Settings ######
|
||||
###### Ensure you know what you're doing before getting stuck in down here 8-) ######
|
||||
######################################################################################
|
||||
|
||||
###
|
||||
### General
|
||||
|
@ -244,18 +246,22 @@ samba_netbios_name: "{{ ansible_nas_hostname }}"
|
|||
###
|
||||
### Traefik
|
||||
###
|
||||
traefik_docker_image: traefik:1.7
|
||||
traefik_docker_image: traefik:latest
|
||||
traefik_data_directory: "{{ docker_home }}/traefik"
|
||||
traefik_debug: "false"
|
||||
|
||||
###
|
||||
### Heimdall
|
||||
###
|
||||
heimdall_available_externally: "false"
|
||||
heimdall_docker_image: linuxserver/heimdall:latest
|
||||
heimdall_data_directory: "{{ docker_home }}/heimdall"
|
||||
|
||||
###
|
||||
### Transmission
|
||||
###
|
||||
transmission_available_externally: "false"
|
||||
transmission_with_openvpn_available_externally: "false"
|
||||
transmission_config_directory: "{{ docker_home }}/transmission/config"
|
||||
transmission_download_directory: "{{ downloads_root }}"
|
||||
transmission_watch_directory: "{{ torrents_root }}"
|
||||
|
@ -267,6 +273,7 @@ transmission_local_network: "192.168.1.0/24"
|
|||
###
|
||||
### Plex
|
||||
###
|
||||
plex_available_externally: "false"
|
||||
plex_config_directory: "{{ docker_home }}/plex/config"
|
||||
plex_movies_directory: "{{ movies_root }}"
|
||||
plex_tv_directory: "{{ tv_root }}"
|
||||
|
@ -276,6 +283,7 @@ plex_group_id: 0
|
|||
###
|
||||
### Emby
|
||||
###
|
||||
emby_available_externally: "false"
|
||||
emby_config_directory: "{{ docker_home }}/emby/config"
|
||||
emby_movies_directory: "{{ movies_root }}"
|
||||
emby_tv_directory: "{{ tv_root }}"
|
||||
|
@ -285,6 +293,7 @@ emby_group_id: 0
|
|||
###
|
||||
### Tautulli
|
||||
###
|
||||
tautulli_available_externally: "false"
|
||||
tautulli_config_directory: "{{ docker_home }}/tautulli/config"
|
||||
tautulli_user_id: 0
|
||||
tautulli_group_id: 0
|
||||
|
@ -293,12 +302,14 @@ tautulli_group_id: 0
|
|||
###
|
||||
### Duplicati
|
||||
###
|
||||
duplicati_available_externally: "false"
|
||||
duplicati_data_directory: "{{ docker_home }}/duplicati/config"
|
||||
|
||||
|
||||
###
|
||||
### Sonarr
|
||||
###
|
||||
sonarr_available_externally: "false"
|
||||
sonarr_data_directory: "{{ docker_home }}/sonarr/config"
|
||||
sonarr_tv_directory: "{{ tv_root }}"
|
||||
sonarr_download_directory: "{{ downloads_root }}"
|
||||
|
@ -309,6 +320,7 @@ sonarr_group_id: 0
|
|||
###
|
||||
### Radarr
|
||||
###
|
||||
radarr_available_externally: "false"
|
||||
radarr_movies_directory: "{{ movies_root }}"
|
||||
radarr_download_directory: "{{ downloads_root }}"
|
||||
radarr_data_directory: "{{ docker_home }}/radarr"
|
||||
|
@ -319,6 +331,7 @@ radarr_group_id: 0
|
|||
###
|
||||
### Couchpotato
|
||||
###
|
||||
couchpotato_available_externally: "false"
|
||||
couchpotato_config_directory: "{{ docker_home }}/couchpotato/config"
|
||||
couchpotato_movies_directory: "{{ movies_root }}"
|
||||
couchpotato_downloads_directory: "{{ downloads_root }}"
|
||||
|
@ -330,12 +343,17 @@ couchpotato_group_id: 0
|
|||
###
|
||||
### Sickrage
|
||||
###
|
||||
sickrage_available_externally: "false"
|
||||
sickrage_config_directory: "{{ docker_home }}/sickrage/config"
|
||||
sickrage_tv_directory: "{{ tv_root }}"
|
||||
sickrage_downloads_directory: "{{ downloads_root }}"
|
||||
sickrage_user_id: 0
|
||||
sickrage_group_id: 0
|
||||
|
||||
###
|
||||
### Netdata
|
||||
###
|
||||
netdata_available_externally: "false"
|
||||
|
||||
###
|
||||
### OpenVPN
|
||||
|
@ -346,12 +364,14 @@ openvpn_config_directory: "{{ docker_home }}/openvpn"
|
|||
###
|
||||
### Portainer
|
||||
###
|
||||
portainer_available_externally: "false"
|
||||
portainer_data_directory: "{{ docker_home }}/portainer/config"
|
||||
|
||||
|
||||
###
|
||||
### ZNC
|
||||
###
|
||||
znc_available_externally: "false"
|
||||
znc_data_directory: "{{ docker_home }}/znc"
|
||||
znc_user_id: 0
|
||||
znc_group_id: 0
|
||||
|
@ -360,6 +380,7 @@ znc_group_id: 0
|
|||
###
|
||||
### Stats
|
||||
###
|
||||
grafana_available_externally: "false"
|
||||
telegraf_data_directory: "{{ docker_home }}/telegraf"
|
||||
influxdb_data_directory: "{{ docker_home }}/influxdb"
|
||||
grafana_data_directory: "{{ docker_home }}/grafana"
|
||||
|
@ -368,11 +389,18 @@ stat_collection_interval: 15s
|
|||
###
|
||||
### Gitea
|
||||
###
|
||||
gitea_available_externally: "false"
|
||||
gitea_data_directory: "{{ docker_home }}/gitea"
|
||||
|
||||
###
|
||||
### Glances
|
||||
###
|
||||
glances_available_externally: "false"
|
||||
|
||||
###
|
||||
### Nextcloud
|
||||
###
|
||||
nextcloud_available_externally: "false"
|
||||
nextcloud_data_directory: "{{ docker_home }}/nextcloud"
|
||||
|
||||
###
|
||||
|
@ -383,6 +411,7 @@ nginx_data_directory: "{{ docker_home }}/nginx"
|
|||
###
|
||||
### Guacamole
|
||||
###
|
||||
guacamole_available_externally: "false"
|
||||
guacamole_docker_image: guacamole/guacamole:0.9.14
|
||||
guacamole_guacd_docker_image: guacamole/guacd:0.9.14
|
||||
guacamole_data_directory: "{{ docker_home }}/guacamole"
|
||||
|
@ -390,6 +419,7 @@ guacamole_data_directory: "{{ docker_home }}/guacamole"
|
|||
###
|
||||
### Miniflux
|
||||
###
|
||||
miniflux_available_externally: "false"
|
||||
miniflux_data_directory: "{{ docker_home }}/miniflux"
|
||||
miniflux_admin_username: admin
|
||||
miniflux_admin_password: supersecure
|
||||
|
@ -397,6 +427,7 @@ miniflux_admin_password: supersecure
|
|||
###
|
||||
### Airsonic
|
||||
###
|
||||
airsonic_available_externally: "false"
|
||||
airsonic_data_directory: "{{ docker_home }}/airsonic"
|
||||
|
||||
###
|
||||
|
@ -448,4 +479,5 @@ mymediaforalexa_data_directory: "{{ docker_home }}/mymediaforalexa"
|
|||
###
|
||||
### jackett
|
||||
###
|
||||
jackett_available_externally: "false"
|
||||
jackett_data_directory: "{{ docker_home }}/jackett"
|
||||
|
|
|
@ -20,11 +20,11 @@
|
|||
- "{{ samba_shares_root }}/podcasts:/airsonic/podcasts:rw"
|
||||
ports:
|
||||
- "4040:4040"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "airsonic"
|
||||
traefik.frontend.rule: "Host:airsonic.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "true"
|
||||
traefik.enable: "{{ airsonic_available_externally }}"
|
||||
traefik.port: "4040"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
|
||||
|
|
|
@ -8,6 +8,7 @@
|
|||
HOST: "{{ cloudflare_host }}"
|
||||
EMAIL: "{{ cloudflare_email }}"
|
||||
API: "{{ cloudflare_api_key }}"
|
||||
PROXY: "false"
|
||||
restart_policy: unless-stopped
|
||||
memory: 512MB
|
||||
|
||||
|
|
|
@ -24,4 +24,9 @@
|
|||
PUID: "{{ couchpotato_user_id }}"
|
||||
PGID: "{{ couchpotato_group_id }}"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "couchpotato"
|
||||
traefik.frontend.rule: "Host:couchpotato.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ couchpotato_available_externally }}"
|
||||
traefik.port: "5050"
|
|
@ -20,3 +20,8 @@
|
|||
- "/etc/timezone:/etc/timezone:ro"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "duplicati"
|
||||
traefik.frontend.rule: "Host:duplicati.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ duplicati_available_externally }}"
|
||||
traefik.port: "8200"
|
||||
|
|
|
@ -24,3 +24,8 @@
|
|||
PGID: "{{ emby_group_id }}"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "emby"
|
||||
traefik.frontend.rule: "Host:emby.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ emby_available_externally }}"
|
||||
traefik.port: "8096"
|
||||
|
|
|
@ -67,3 +67,8 @@
|
|||
USER_GID: 1309
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "gitea"
|
||||
traefik.frontend.rule: "Host:gitea.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ gitea_available_externally }}"
|
||||
traefik.port: "3000"
|
||||
|
|
|
@ -16,3 +16,8 @@
|
|||
GLANCES_OPT: "-w"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "glances"
|
||||
traefik.frontend.rule: "Host:glances.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ glances_available_externally }}"
|
||||
traefik.port: "61208"
|
||||
|
|
|
@ -49,10 +49,10 @@
|
|||
MYSQL_DATABASE: guacamole
|
||||
MYSQL_USER: guacamole-user
|
||||
MYSQL_PASSWORD: guacamole-pass
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "guacamole"
|
||||
traefik.frontend.rule: "Host:guacamole.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "true"
|
||||
traefik.enable: "{{ guacamole_available_externally }}"
|
||||
traefik.port: "8080"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
|
|
|
@ -40,3 +40,8 @@
|
|||
- "10443:443"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "heimdall"
|
||||
traefik.frontend.rule: "Host:heimdall.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ heimdall_available_externally }}"
|
||||
traefik.port: "80"
|
||||
|
|
|
@ -18,4 +18,9 @@
|
|||
- "9117:9117"
|
||||
env:
|
||||
TZ: "{{ ansible_nas_timezone }}"
|
||||
restart_policy: unless-stopped
|
||||
restart_policy: unless-stopped
|
||||
labels:
|
||||
traefik.backend: "jackett"
|
||||
traefik.frontend.rule: "Host:jackett.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ jackett_available_externally }}"
|
||||
traefik.port: "9117"
|
|
@ -35,3 +35,8 @@
|
|||
ADMIN_PASSWORD: "{{ miniflux_admin_password }}"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "miniflux"
|
||||
traefik.frontend.rule: "Host:miniflux.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ miniflux_available_externally }}"
|
||||
traefik.port: "8080"
|
||||
|
|
|
@ -25,3 +25,8 @@
|
|||
- apparmor:unconfined
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "netdata"
|
||||
traefik.frontend.rule: "Host:netdata.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ netdata_available_externally }}"
|
||||
traefik.port: "19999"
|
|
@ -38,10 +38,10 @@
|
|||
MYSQL_DATABASE: nextcloud
|
||||
MYSQL_USER: nextcloud-user
|
||||
MYSQL_PASSWORD: nextcloud-pass
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "nextcloud"
|
||||
traefik.frontend.rule: "Host:nextcloud.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "true"
|
||||
traefik.enable: "{{ nextcloud_available_externally }}"
|
||||
traefik.port: "80"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
|
|
|
@ -22,3 +22,8 @@
|
|||
PGID: "{{ plex_group_id }}"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "plex"
|
||||
traefik.frontend.rule: "Host:plex.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ plex_available_externally }}"
|
||||
traefik.port: "32400"
|
||||
|
|
|
@ -19,4 +19,9 @@
|
|||
- "9000:9000"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "portainer"
|
||||
traefik.frontend.rule: "Host:portainer.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ portainer_available_externally }}"
|
||||
traefik.port: "9000"
|
||||
|
||||
|
|
|
@ -23,3 +23,8 @@
|
|||
PGID: "{{ radarr_group_id }}"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "radarr"
|
||||
traefik.frontend.rule: "Host:radarr.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ radarr_available_externally }}"
|
||||
traefik.port: "7878"
|
|
@ -23,4 +23,9 @@
|
|||
PUID: "{{ sickrage_user_id }}"
|
||||
PGID: "{{ sickrage_group_id }}"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "sickrage"
|
||||
traefik.frontend.rule: "Host:sickrage.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ sickrage_available_externally }}"
|
||||
traefik.port: "8081"
|
|
@ -23,3 +23,8 @@
|
|||
PGID: "{{ sonarr_group_id }}"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "sonarr"
|
||||
traefik.frontend.rule: "Host:sonarr.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ sonarr_available_externally }}"
|
||||
traefik.port: "8989"
|
|
@ -64,4 +64,9 @@
|
|||
ports:
|
||||
- "3000:3000"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "grafana"
|
||||
traefik.frontend.rule: "Host:grafana.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ grafana_available_externally }}"
|
||||
traefik.port: "3000"
|
|
@ -20,3 +20,8 @@
|
|||
PGID: "{{ tautulli_group_id }}"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "tautulli"
|
||||
traefik.frontend.rule: "Host:tautulli.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ tautulli_available_externally }}"
|
||||
traefik.port: "8181"
|
|
@ -27,4 +27,8 @@
|
|||
PGID: "{{ transmission_group_id }}"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
|
||||
labels:
|
||||
traefik.backend: "transmission"
|
||||
traefik.frontend.rule: "Host:transmission.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ transmission_available_externally }}"
|
||||
traefik.port: "9091"
|
||||
|
|
|
@ -45,3 +45,8 @@
|
|||
- NET_ADMIN
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "transmission-openvpn"
|
||||
traefik.frontend.rule: "Host:transmission-openvpn.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ transmission_with_openvpn_available_externally }}"
|
||||
traefik.port: "9091"
|
|
@ -21,3 +21,8 @@
|
|||
PGID: "{{ znc_group_id }}"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "znc"
|
||||
traefik.frontend.rule: "Host:znc.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ znc_available_externally }}"
|
||||
traefik.port: "6677"
|
|
@ -7,7 +7,7 @@
|
|||
# Optional
|
||||
# Default: false
|
||||
#
|
||||
debug = false
|
||||
debug = {{ traefik_debug }}
|
||||
|
||||
# Log level
|
||||
#
|
||||
|
@ -37,7 +37,7 @@ defaultEntryPoints = ["http", "https"]
|
|||
[entryPoints.https]
|
||||
address = ":443"
|
||||
[entryPoints.https.tls]
|
||||
|
||||
|
||||
[entryPoints.traefik]
|
||||
address = ":8083"
|
||||
|
||||
|
@ -171,7 +171,7 @@ onDemand = false # create certificate when container is created
|
|||
|
||||
# [acme.httpChallenge]
|
||||
# entryPoint = "http"
|
||||
|
||||
|
||||
[acme.tlsChallenge]
|
||||
|
||||
[[acme.domains]]
|
||||
|
@ -188,6 +188,7 @@ onDemand = false # create certificate when container is created
|
|||
"grafana.{{ ansible_nas_domain }}",
|
||||
"guacamole.{{ ansible_nas_domain }}",
|
||||
"heimdall.{{ ansible_nas_domain }}",
|
||||
"jackett.{{ ansible_nas_domain }}",
|
||||
"miniflux.{{ ansible_nas_domain }}",
|
||||
"netdata.{{ ansible_nas_domain }}",
|
||||
"nextcloud.{{ ansible_nas_domain }}",
|
||||
|
@ -198,4 +199,5 @@ onDemand = false # create certificate when container is created
|
|||
"sonarr.{{ ansible_nas_domain }}",
|
||||
"tautulli.{{ ansible_nas_domain }}",
|
||||
"transmission.{{ ansible_nas_domain }}",
|
||||
"transmission-openvpn.{{ ansible_nas_domain }}",
|
||||
"znc.{{ ansible_nas_domain }}"]
|
|
@ -207,15 +207,16 @@ cloudflare_email: dave@awesomedomain.com
|
|||
# Cloudflare 'Global API Key', can be found on the 'My Profile' page
|
||||
cloudflare_api_key: abcdeabcdeabcdeabcde1234512345
|
||||
|
||||
##################################################################
|
||||
###### You shouldn't need to edit anything below this point ######
|
||||
##################################################################
|
||||
######################################################################################
|
||||
###### Advanced Settings ######
|
||||
###### Ensure you know what you're doing before getting stuck in down here 8-) ######
|
||||
######################################################################################
|
||||
|
||||
###
|
||||
### General
|
||||
###
|
||||
# Extra packages to install
|
||||
ansible_nas_extra_packages:
|
||||
ansible_nas_extra_packages:
|
||||
- smartmontools
|
||||
- htop
|
||||
- zfsutils-linux
|
||||
|
@ -244,18 +245,22 @@ samba_netbios_name: "{{ ansible_nas_hostname }}"
|
|||
###
|
||||
### Traefik
|
||||
###
|
||||
traefik_docker_image: traefik:1.7
|
||||
traefik_docker_image: traefik:latest
|
||||
traefik_data_directory: "{{ docker_home }}/traefik"
|
||||
traefik_debug: "false"
|
||||
|
||||
###
|
||||
### Heimdall
|
||||
###
|
||||
heimdall_available_externally: "false"
|
||||
heimdall_docker_image: linuxserver/heimdall:latest
|
||||
heimdall_data_directory: "{{ docker_home }}/heimdall"
|
||||
|
||||
###
|
||||
### Transmission
|
||||
###
|
||||
transmission_available_externally: "false"
|
||||
transmission_with_openvpn_available_externally: "false"
|
||||
transmission_config_directory: "{{ docker_home }}/transmission/config"
|
||||
transmission_download_directory: "{{ downloads_root }}"
|
||||
transmission_watch_directory: "{{ torrents_root }}"
|
||||
|
@ -267,6 +272,7 @@ transmission_local_network: "192.168.1.0/24"
|
|||
###
|
||||
### Plex
|
||||
###
|
||||
plex_available_externally: "false"
|
||||
plex_config_directory: "{{ docker_home }}/plex/config"
|
||||
plex_movies_directory: "{{ movies_root }}"
|
||||
plex_tv_directory: "{{ tv_root }}"
|
||||
|
@ -276,6 +282,7 @@ plex_group_id: 0
|
|||
###
|
||||
### Emby
|
||||
###
|
||||
emby_available_externally: "false"
|
||||
emby_config_directory: "{{ docker_home }}/emby/config"
|
||||
emby_movies_directory: "{{ movies_root }}"
|
||||
emby_tv_directory: "{{ tv_root }}"
|
||||
|
@ -285,6 +292,7 @@ emby_group_id: 0
|
|||
###
|
||||
### Tautulli
|
||||
###
|
||||
tautulli_available_externally: "false"
|
||||
tautulli_config_directory: "{{ docker_home }}/tautulli/config"
|
||||
tautulli_user_id: 0
|
||||
tautulli_group_id: 0
|
||||
|
@ -293,12 +301,14 @@ tautulli_group_id: 0
|
|||
###
|
||||
### Duplicati
|
||||
###
|
||||
duplicati_available_externally: "false"
|
||||
duplicati_data_directory: "{{ docker_home }}/duplicati/config"
|
||||
|
||||
|
||||
###
|
||||
### Sonarr
|
||||
###
|
||||
sonarr_available_externally: "false"
|
||||
sonarr_data_directory: "{{ docker_home }}/sonarr/config"
|
||||
sonarr_tv_directory: "{{ tv_root }}"
|
||||
sonarr_download_directory: "{{ downloads_root }}"
|
||||
|
@ -309,6 +319,7 @@ sonarr_group_id: 0
|
|||
###
|
||||
### Radarr
|
||||
###
|
||||
radarr_available_externally: "false"
|
||||
radarr_movies_directory: "{{ movies_root }}"
|
||||
radarr_download_directory: "{{ downloads_root }}"
|
||||
radarr_data_directory: "{{ docker_home }}/radarr"
|
||||
|
@ -319,6 +330,7 @@ radarr_group_id: 0
|
|||
###
|
||||
### Couchpotato
|
||||
###
|
||||
couchpotato_available_externally: "false"
|
||||
couchpotato_config_directory: "{{ docker_home }}/couchpotato/config"
|
||||
couchpotato_movies_directory: "{{ movies_root }}"
|
||||
couchpotato_downloads_directory: "{{ downloads_root }}"
|
||||
|
@ -330,12 +342,17 @@ couchpotato_group_id: 0
|
|||
###
|
||||
### Sickrage
|
||||
###
|
||||
sickrage_available_externally: "false"
|
||||
sickrage_config_directory: "{{ docker_home }}/sickrage/config"
|
||||
sickrage_tv_directory: "{{ tv_root }}"
|
||||
sickrage_downloads_directory: "{{ downloads_root }}"
|
||||
sickrage_user_id: 0
|
||||
sickrage_group_id: 0
|
||||
|
||||
###
|
||||
### Netdata
|
||||
###
|
||||
netdata_available_externally: "false"
|
||||
|
||||
###
|
||||
### OpenVPN
|
||||
|
@ -346,12 +363,14 @@ openvpn_config_directory: "{{ docker_home }}/openvpn"
|
|||
###
|
||||
### Portainer
|
||||
###
|
||||
portainer_available_externally: "false"
|
||||
portainer_data_directory: "{{ docker_home }}/portainer/config"
|
||||
|
||||
|
||||
###
|
||||
### ZNC
|
||||
###
|
||||
znc_available_externally: "false"
|
||||
znc_data_directory: "{{ docker_home }}/znc"
|
||||
znc_user_id: 0
|
||||
znc_group_id: 0
|
||||
|
@ -360,6 +379,7 @@ znc_group_id: 0
|
|||
###
|
||||
### Stats
|
||||
###
|
||||
grafana_available_externally: "false"
|
||||
telegraf_data_directory: "{{ docker_home }}/telegraf"
|
||||
influxdb_data_directory: "{{ docker_home }}/influxdb"
|
||||
grafana_data_directory: "{{ docker_home }}/grafana"
|
||||
|
@ -368,11 +388,18 @@ stat_collection_interval: 15s
|
|||
###
|
||||
### Gitea
|
||||
###
|
||||
gitea_available_externally: "false"
|
||||
gitea_data_directory: "{{ docker_home }}/gitea"
|
||||
|
||||
###
|
||||
### Glances
|
||||
###
|
||||
glances_available_externally: "false"
|
||||
|
||||
###
|
||||
### Nextcloud
|
||||
###
|
||||
nextcloud_available_externally: "false"
|
||||
nextcloud_data_directory: "{{ docker_home }}/nextcloud"
|
||||
|
||||
###
|
||||
|
@ -383,6 +410,7 @@ nginx_data_directory: "{{ docker_home }}/nginx"
|
|||
###
|
||||
### Guacamole
|
||||
###
|
||||
guacamole_available_externally: "false"
|
||||
guacamole_docker_image: guacamole/guacamole:0.9.14
|
||||
guacamole_guacd_docker_image: guacamole/guacd:0.9.14
|
||||
guacamole_data_directory: "{{ docker_home }}/guacamole"
|
||||
|
@ -390,6 +418,7 @@ guacamole_data_directory: "{{ docker_home }}/guacamole"
|
|||
###
|
||||
### Miniflux
|
||||
###
|
||||
miniflux_available_externally: "false"
|
||||
miniflux_data_directory: "{{ docker_home }}/miniflux"
|
||||
miniflux_admin_username: admin
|
||||
miniflux_admin_password: supersecure
|
||||
|
@ -397,6 +426,7 @@ miniflux_admin_password: supersecure
|
|||
###
|
||||
### Airsonic
|
||||
###
|
||||
airsonic_available_externally: "false"
|
||||
airsonic_data_directory: "{{ docker_home }}/airsonic"
|
||||
|
||||
###
|
||||
|
@ -420,7 +450,7 @@ watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --debug"
|
|||
###
|
||||
### Time Machine
|
||||
###
|
||||
timemachine_data_directory: "{{ docker_home }}/timemachine" # needs to be an absolute path
|
||||
timemachine_data_directory: "{{ docker_home }}/timemachine"
|
||||
timemachine_volume_size_limit: 0
|
||||
timemachine_password: timemachine
|
||||
timemachine_share_name: TimeMachine
|
||||
|
@ -448,4 +478,5 @@ mymediaforalexa_data_directory: "{{ docker_home }}/mymediaforalexa"
|
|||
###
|
||||
### jackett
|
||||
###
|
||||
jackett_available_externally: "false"
|
||||
jackett_data_directory: "{{ docker_home }}/jackett"
|
||||
|
|
Loading…
Reference in a new issue