From 5e96c59fc63a61791de6da3fc5e30691d185a965 Mon Sep 17 00:00:00 2001 From: bcurran3 Date: Sat, 25 Apr 2020 18:12:32 -0700 Subject: [PATCH 01/92] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 46d1ede6..84a0abc6 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,7 @@ Ansible config and a bunch of Docker containers. * [Airsonic](https://airsonic.github.io/) - catalog and stream music * [Bazarr](https://github.com/morpheus65535/bazarr) - companion to Radarr and Sonarr for downloading subtitles * [Bitwarden_rs](https://github.com/dani-garcia/bitwarden_rs) - Self-Hosting port of password manager -* [Calibre](https://hub.docker.com/r/linuxserver/calibre-web) - eBook Library +* [Calibre-web](https://hub.docker.com/r/linuxserver/calibre-web) - Provides a clean interface for browsing, reading and downloading eBooks using an existing Calibre database. * [Cloud Commander](https://cloudcmd.io/) - A dual panel file manager with integrated web console and text editor * [Cloudflare DDNS](https://hub.docker.com/r/joshuaavalon/cloudflare-ddns/) - automatically update Cloudflare with your IP address * [CouchPotato](https://couchpota.to/) - for downloading and managing movies From 67d93f24c6df24e11bba9364c7e05a461d979cde Mon Sep 17 00:00:00 2001 From: bcurran3 Date: Sat, 25 Apr 2020 18:13:45 -0700 Subject: [PATCH 02/92] fix heading --- docs/applications/calibre.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/applications/calibre.md b/docs/applications/calibre.md index afef056d..04fc770e 100644 --- a/docs/applications/calibre.md +++ b/docs/applications/calibre.md @@ -1,4 +1,4 @@ -# Calibre(-web) eBook Library +# Calibre-web Homepage: [https://github.com/janeczku/calibre-web](https://github.com/linuxserver/docker-calibre-web) From 6ae6564109653cf530d19e953c9241d7d38c632f Mon Sep 17 00:00:00 2001 From: bcurran3 Date: Sat, 25 Apr 2020 18:16:58 -0700 Subject: [PATCH 03/92] fixed links [] link pointed to docker image but () linked to app site, app site is more appropriate and should rule over the docker image (Though I'd like to add all docker images' links to all the docs) --- docs/applications/calibre.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/applications/calibre.md b/docs/applications/calibre.md index 04fc770e..8fff5e07 100644 --- a/docs/applications/calibre.md +++ b/docs/applications/calibre.md @@ -1,6 +1,6 @@ # Calibre-web -Homepage: [https://github.com/janeczku/calibre-web](https://github.com/linuxserver/docker-calibre-web) +Homepage: [https://github.com/linuxserver/docker-calibre-web](https://github.com/linuxserver/docker-calibre-web) Calibre-Web is a web app providing a clean interface for browsing, reading and downloading eBooks using an existing Calibre database. From 86efca8d70f53117fbc2611456ac8bae688d1501 Mon Sep 17 00:00:00 2001 From: bcurran3 Date: Sat, 25 Apr 2020 18:17:42 -0700 Subject: [PATCH 04/92] Ooops - fixed reversed links from what I stated --- docs/applications/calibre.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/applications/calibre.md b/docs/applications/calibre.md index 8fff5e07..03b5dc1a 100644 --- a/docs/applications/calibre.md +++ b/docs/applications/calibre.md @@ -1,6 +1,6 @@ # Calibre-web -Homepage: [https://github.com/linuxserver/docker-calibre-web](https://github.com/linuxserver/docker-calibre-web) +Homepage: [https://github.com/janeczku/calibre-web](https://github.com/janeczku/calibre-web) Calibre-Web is a web app providing a clean interface for browsing, reading and downloading eBooks using an existing Calibre database. From eb79d5b7f34aae5fdb172938cf0dd87ffe929e3e Mon Sep 17 00:00:00 2001 From: bcurran3 Date: Sat, 25 Apr 2020 18:20:25 -0700 Subject: [PATCH 05/92] Calibre -> Calibre-web name correction --- docs/configuration/application_ports.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuration/application_ports.md b/docs/configuration/application_ports.md index ee55150e..4d06c77c 100644 --- a/docs/configuration/application_ports.md +++ b/docs/configuration/application_ports.md @@ -8,7 +8,7 @@ By default, applications can be found on the ports listed below. | Bazarr | 6767 | | | Bitwarden "hub" | 3012 | Web Not. | | Bitwarden | 19080 | HTTP | -| Calibre | 8084 | HTTP | +| Calibre-web | 8084 | HTTP | | Cloud Commander | 7373 | | | Couchpotato | 5050 | | | Duplicati | 8200 | | From 8345a456397758e0e8ec75e48282b5bf0c8ff13b Mon Sep 17 00:00:00 2001 From: bcurran3 Date: Sat, 25 Apr 2020 18:21:12 -0700 Subject: [PATCH 06/92] Calibre -> Calibre-web name correction --- tasks/calibre.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tasks/calibre.yml b/tasks/calibre.yml index 321fe00d..e597f473 100644 --- a/tasks/calibre.yml +++ b/tasks/calibre.yml @@ -1,11 +1,11 @@ -- name: Create Calibre Directories +- name: Create Calibre-web Directories file: path: "{{ item }}" state: directory with_items: - "{{ calibre_data_directory }}/config" -- name: Calibre Docker Container +- name: Calibre-web Docker Container docker_container: name: calibre image: linuxserver/calibre-web:latest @@ -26,4 +26,4 @@ traefik.frontend.rule: "Host:calibre.{{ ansible_nas_domain }}" traefik.enable: "{{ calibre_available_externally }}" traefik.port: "8083" - memory: 1g \ No newline at end of file + memory: 1g From c194e67c12cd893ee006492d1267b3b504d92c54 Mon Sep 17 00:00:00 2001 From: bcurran3 Date: Sat, 25 Apr 2020 18:22:04 -0700 Subject: [PATCH 07/92] Calibre -> Calibre-web name correction --- group_vars/all.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/all.yml b/group_vars/all.yml index 3bcf3f92..95704dec 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -755,7 +755,7 @@ mosquitto_port_a: "1883" mosquitto_port_b: "9001" ### -### Calibre +### Calibre-web ### calibre_available_externally: "false" calibre_data_directory: "{{ docker_home }}/calibre" From 4a2d519eba50fcdc33055e08a9a9cba1511445e7 Mon Sep 17 00:00:00 2001 From: bcurran3 Date: Sat, 25 Apr 2020 18:26:20 -0700 Subject: [PATCH 08/92] fix link --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 84a0abc6..7b22fc04 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,7 @@ Ansible config and a bunch of Docker containers. * [Airsonic](https://airsonic.github.io/) - catalog and stream music * [Bazarr](https://github.com/morpheus65535/bazarr) - companion to Radarr and Sonarr for downloading subtitles * [Bitwarden_rs](https://github.com/dani-garcia/bitwarden_rs) - Self-Hosting port of password manager -* [Calibre-web](https://hub.docker.com/r/linuxserver/calibre-web) - Provides a clean interface for browsing, reading and downloading eBooks using an existing Calibre database. +* [Calibre-web](https://github.com/janeczku/calibre-web) - Provides a clean interface for browsing, reading and downloading eBooks using an existing Calibre database. * [Cloud Commander](https://cloudcmd.io/) - A dual panel file manager with integrated web console and text editor * [Cloudflare DDNS](https://hub.docker.com/r/joshuaavalon/cloudflare-ddns/) - automatically update Cloudflare with your IP address * [CouchPotato](https://couchpota.to/) - for downloading and managing movies From d3390973372ce217826835d807a4c77797242bb6 Mon Sep 17 00:00:00 2001 From: bcurran3 Date: Sat, 25 Apr 2020 18:30:30 -0700 Subject: [PATCH 09/92] one more correction --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 7b22fc04..e9b5cb7a 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ Ansible config and a bunch of Docker containers. * A Docker host with Portainer for image and container management * An automatic dynamic DNS updater if you use Cloudflare to host your domain DNS * A Personal finance manager -* eBook management with calibre-web +* eBook management with Calibre-web * Content management with Joomla * A dual panel local file manager * Self-service media request web application From fdaf3f6f471a6f6c5411357c42f7a92b15b82f07 Mon Sep 17 00:00:00 2001 From: bcurran3 Date: Sat, 25 Apr 2020 19:32:57 -0700 Subject: [PATCH 10/92] DOCS: reference correction --- CODE_OF_CONDUCT.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index 44f32403..f0d96cfc 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -1,6 +1,6 @@ # Code of Conduct -Ansible-NAS follows the [Ansible Code Of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html). +Ansible-NAS follows the Ansible [Community Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html). Specifically, Ansible-NAS community members are expected to be: From 3b9b8f73dc885f6c4c745b83e5963c9688d95610 Mon Sep 17 00:00:00 2001 From: bcurran3 Date: Wed, 6 May 2020 00:32:22 -0700 Subject: [PATCH 11/92] fix ticks, parenthesis, and punctuation. --- CONTRIBUTING.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 39836293..63518c15 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -13,9 +13,9 @@ If you're adding a new application: * Add a documentation page to `docs/applications/` - use an existing application as an example. * Add to the list of Available Applications in 'README.md' * Add the frontend port to `docs/configuration/application_ports.md`, ensuring you've not clashed with an existing application. -* Add to the list of certificate requests in 'templates/traefik/traefik.toml' if the program is to be used externally. +* Add to the list of certificate requests in `templates/traefik/traefik.toml' if the program is to be used externally. -A typical new application PR will include 2 new files (`docs/applications/application.md` and 'tasks/application.yml') and have 5 updated files ('README.md', 'nas.yml', `docs/configuration/application_ports.md`, 'group_vars/all.yml', 'templates/traefik/traefik.toml' +A typical new application PR will include 2 new files (`docs/applications/application.md` and `tasks/application.yml`) and have 5 updated files (`README.md`, `nas.yml`, `docs/configuration/application_ports.md`, `group_vars/all.yml`, `templates/traefik/traefik.toml`). ## Things to bear in mind From 92f1c9b2f1068921493546cdcd7ecb751082833b Mon Sep 17 00:00:00 2001 From: bcurran3 Date: Wed, 6 May 2020 00:36:14 -0700 Subject: [PATCH 12/92] had to fix two more --- CONTRIBUTING.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 63518c15..6cc3e028 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -11,9 +11,9 @@ If you're adding a new application: * Ensure that the new application is disabled by default. * Add a documentation page to `docs/applications/` - use an existing application as an example. -* Add to the list of Available Applications in 'README.md' +* Add to the list of Available Applications in `README.md` * Add the frontend port to `docs/configuration/application_ports.md`, ensuring you've not clashed with an existing application. -* Add to the list of certificate requests in `templates/traefik/traefik.toml' if the program is to be used externally. +* Add to the list of certificate requests in `templates/traefik/traefik.toml` if the program is to be used externally. A typical new application PR will include 2 new files (`docs/applications/application.md` and `tasks/application.yml`) and have 5 updated files (`README.md`, `nas.yml`, `docs/configuration/application_ports.md`, `group_vars/all.yml`, `templates/traefik/traefik.toml`). From dda11d57e5da91a49e6f757c48db41b2d6e2da07 Mon Sep 17 00:00:00 2001 From: Michael Murphy Date: Sun, 17 May 2020 13:17:25 +0200 Subject: [PATCH 13/92] Fixed link for YouTubeDL-Material - the YouTubeDL-Material was linking to the [youtube-dl](https://ytdl-org.github.io/youtube-dl) project. - modified text on Krusader link --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 954ef6e7..317a8579 100644 --- a/README.md +++ b/README.md @@ -55,7 +55,7 @@ Ansible config and a bunch of Docker containers. * [Jackett](https://github.com/Jackett/Jackett) - API Support for your favorite torrent trackers * [Jellyfin](https://jellyfin.github.io) - The Free Software Media System * [Joomla](https://www.joomla.org/) - Open source content management system -* [https://krusader.org/](https://krusader.org/) - Twin panel file management for your desktop +* [Krusader](https://krusader.org/) - Twin panel file management for your desktop * [Lidarr](https://github.com/lidarr/Lidarr) - Music collection manager for Usenet and BitTorrent users * [MiniDlna](https://sourceforge.net/projects/minidlna/) - simple media server which is fully compliant with DLNA/UPnP-AV clients * [Miniflux](https://miniflux.app/) - An RSS news reader @@ -87,7 +87,7 @@ Ansible config and a bunch of Docker containers. * [Virtual Desktop](https://github.com/RattyDAVE/docker-ubuntu-xrdp-mate-custom) - A virtual desktop running on your NAS. * [Wallabag](https://wallabag.org/) - Save and classify articles. Read them later. * [Watchtower](https://github.com/v2tec/watchtower) - Monitor your Docker containers and update them if a new version is available -* [YouTubeDL-Material](https://ytdl-org.github.io/youtube-dl) - Self-hosted YouTube downloader built on Material Design +* [YouTubeDL-Material](https://github.com/Tzahi12345/YoutubeDL-Material) - Self-hosted YouTube downloader built on Material Design * [ZNC](https://wiki.znc.in/ZNC) - IRC bouncer to stay connected to favourite IRC networks and channels ## What This Could Do From dbdc6da3a10008f4c57c06e513220b0cbc0f54e9 Mon Sep 17 00:00:00 2001 From: bcurran3 Date: Tue, 19 May 2020 16:09:12 -0700 Subject: [PATCH 14/92] capitalization correction --- group_vars/all.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/all.yml b/group_vars/all.yml index 3bcf3f92..a1ec4162 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -483,7 +483,7 @@ bazarr_group_id: "0" bazarr_port: "6767" ### -### lidarr +### Lidarr ### lidarr_available_externally: "false" lidarr_data_directory: "{{ docker_home }}/lidarr/config" From c07c9044f7cede23ee21c465bb2636cb9a48b887 Mon Sep 17 00:00:00 2001 From: bcurran3 Date: Tue, 19 May 2020 16:11:45 -0700 Subject: [PATCH 15/92] name/capitalization fix (and task name per current unofficial style guide --- tasks/lidarr.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tasks/lidarr.yml b/tasks/lidarr.yml index 0c48a8b2..6f8b20ca 100644 --- a/tasks/lidarr.yml +++ b/tasks/lidarr.yml @@ -1,10 +1,10 @@ --- -- name: Create lidarr Directory +- name: Create Lidarr Directory file: path: "{{ lidarr_data_directory }}" state: directory -- name: lidarr +- name: Lidarr Docker Container docker_container: name: lidarr image: linuxserver/lidarr @@ -25,4 +25,4 @@ traefik.backend: "lidarr" traefik.frontend.rule: "Host:lidarr.{{ ansible_nas_domain }}" traefik.enable: "{{ lidarr_available_externally }}" - traefik.port: "8686" \ No newline at end of file + traefik.port: "8686" From 5cd35105a19a8bbb7cb9e3a0bb1acae0c040db37 Mon Sep 17 00:00:00 2001 From: bcurran3 Date: Mon, 25 May 2020 09:19:16 -0700 Subject: [PATCH 16/92] Ubuntu 20.04 support --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 5b83cb88..a7d78c2a 100644 --- a/requirements.yml +++ b/requirements.yml @@ -1,6 +1,6 @@ --- - name: geerlingguy.docker - version: 2.7.0 + version: 2.8.0 - name: bertvv.samba version: v2.7.1 From ad4ebc86c2470b7d8f7c42c1d0bed4c8f9eaad6a Mon Sep 17 00:00:00 2001 From: Shem <45176983+Shem-G@users.noreply.github.com> Date: Wed, 24 Jun 2020 01:26:16 +0100 Subject: [PATCH 17/92] Fix broken link to External Access page --- docs/applications/traefik.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/applications/traefik.md b/docs/applications/traefik.md index cc827a3f..3493d47e 100644 --- a/docs/applications/traefik.md +++ b/docs/applications/traefik.md @@ -7,7 +7,7 @@ Traefik is a reverse proxy used to provide external access to your Ansible-NAS b You can configure which applications are available externally by enabling the `_available_externally` setting for each application in the Advanced Settings section of your `all.yml`. -See [External Access](configuration/external_access) for more info. +See [External Access](../configuration/external_access.md) for more info. ## Usage From 3db0aa86e6f0229ff96484d3306f379fdf632ec8 Mon Sep 17 00:00:00 2001 From: Katrin Leinweber Date: Thu, 25 Jun 2020 14:09:57 +0200 Subject: [PATCH 18/92] Fix typos --- docs/applications/bazarr.md | 2 +- docs/applications/emby.md | 2 +- docs/applications/gitlab.md | 2 +- docs/applications/jellyfin.md | 2 +- docs/applications/nextcloud.md | 2 +- docs/applications/wallabag.md | 2 +- docs/upgrading.md | 2 +- docs/zfs/zfs_configuration.md | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/applications/bazarr.md b/docs/applications/bazarr.md index 328e73cf..ed0c9adf 100644 --- a/docs/applications/bazarr.md +++ b/docs/applications/bazarr.md @@ -12,4 +12,4 @@ Set `bazarr_enabled: true` in your `inventories//nas.yml` file. ## Specific Configuration -Follow the [Wiki](https://github.com/morpheus65535/bazarr/wiki) for conecting to Sonarr and Radarr. \ No newline at end of file +Follow the [Wiki](https://github.com/morpheus65535/bazarr/wiki) for connecting to Sonarr and Radarr. diff --git a/docs/applications/emby.md b/docs/applications/emby.md index 4ece0ae6..4f5a315a 100644 --- a/docs/applications/emby.md +++ b/docs/applications/emby.md @@ -35,7 +35,7 @@ configuration directory read/write. ## File system considerations -Movie and TV show files are almost alway very large and pre-compressed. If you +Movie and TV show files are almost always very large and pre-compressed. If you are using a specialized filesystem such as ZFS for bulk storage, you'll want to set the parameters accordingly. The [ZFS configuration documentation](../zfs/zfs_configuration.md) has an example of this. diff --git a/docs/applications/gitlab.md b/docs/applications/gitlab.md index 21da3207..a554d3bb 100644 --- a/docs/applications/gitlab.md +++ b/docs/applications/gitlab.md @@ -2,7 +2,7 @@ Homepage: [https://docs.gitlab.com/omnibus/docker/](https://docs.gitlab.com/omnibus/docker/) -If Gitea isn't powerful enough for you then consider GitLab. It's a much more powerful (and consquently bigger) Git repository solution that includes a suite of code analytics. On the other hand it requires more RAM. +If Gitea isn't powerful enough for you then consider GitLab. It's a much more powerful (and consequently bigger) Git repository solution that includes a suite of code analytics. On the other hand it requires more RAM. ## Usage diff --git a/docs/applications/jellyfin.md b/docs/applications/jellyfin.md index 83ddd101..4a44572d 100644 --- a/docs/applications/jellyfin.md +++ b/docs/applications/jellyfin.md @@ -33,7 +33,7 @@ configuration directory read/write. ## File system considerations -Movie and TV show files are almost alway very large and pre-compressed. If you +Movie and TV show files are almost always very large and pre-compressed. If you are using a specialized filesystem such as ZFS for bulk storage, you'll want to set the parameters accordingly. The [ZFS configuration documentation](../zfs/zfs_configuration.md) has an example of this. diff --git a/docs/applications/nextcloud.md b/docs/applications/nextcloud.md index f68d95e3..946f8e10 100644 --- a/docs/applications/nextcloud.md +++ b/docs/applications/nextcloud.md @@ -9,7 +9,7 @@ Set `nextcloud_enabled: true` in your `inventories//nas.yml` fil Tread carefully. -External access may require that you manually configure your Fully Qualified Domain Name (FQDN) as a trusted domain within the application. There is an evnironment variable set up for this in the "nextcloud task" which will most likely make manual configuration unneccessary. If you get the following [screenshot](https://docs.nextcloud.com/server/14/admin_manual/installation/installation_wizard.html#trusted-domains) warning when trying to access nextcloud externally you'll need to manually set it up. +External access may require that you manually configure your Fully Qualified Domain Name (FQDN) as a trusted domain within the application. There is an environment variable set up for this in the "nextcloud task" which will most likely make manual configuration unnecessary. If you get the following [screenshot](https://docs.nextcloud.com/server/14/admin_manual/installation/installation_wizard.html#trusted-domains) warning when trying to access nextcloud externally you'll need to manually set it up. This can be accomplished in two commands. diff --git a/docs/applications/wallabag.md b/docs/applications/wallabag.md index 73b3ab5c..9bcaa20c 100644 --- a/docs/applications/wallabag.md +++ b/docs/applications/wallabag.md @@ -10,7 +10,7 @@ Set `wallabag_enabled: true` in your `inventories//nas.yml` file If you want to access wallabag externally, don't forget to set `wallabag_available_externally: "true"` in your `inventories//nas.yml` file. -I reccomend using the mobile app, which will sync with this installation so you have access to your saved articles even if you don't have signal or wifi access. +I recommend using the mobile app, which will sync with this installation so you have access to your saved articles even if you don't have signal or wifi access. The default credentials are wallabag:wallabag diff --git a/docs/upgrading.md b/docs/upgrading.md index 42280f5a..2dee7876 100644 --- a/docs/upgrading.md +++ b/docs/upgrading.md @@ -4,7 +4,7 @@ If you're upgrading from [this](https://github.com/davestephens/ansible-nas/commit/52c7fef3aba08e30331931747c81fb7b3bfd359a) commit or earlier, these instructions are relevant to you. -Rather than having to merge every new config line into your own `all.yml` file, now you only need to maintain the differences that are relevant to you in your own `nas.yml`, stored within an inventory directory. Your inventory `nas.yml` takes prescendence over `group_vars/all.yml`, which is how this setup works. `group_vars/all.yml` is now tracked as part of the repo. +Rather than having to merge every new config line into your own `all.yml` file, now you only need to maintain the differences that are relevant to you in your own `nas.yml`, stored within an inventory directory. Your inventory `nas.yml` takes precedence over `group_vars/all.yml`, which is how this setup works. `group_vars/all.yml` is now tracked as part of the repo. This will make updates from `master` much simpler, as there will be no requirement to merge changes from `all.yml.dist` into your own `all.yml` any more. You simply pull from master, then add the bits you're interested in into your inventory `nas.yml`. diff --git a/docs/zfs/zfs_configuration.md b/docs/zfs/zfs_configuration.md index 9fd375b5..b3ebcc6d 100644 --- a/docs/zfs/zfs_configuration.md +++ b/docs/zfs/zfs_configuration.md @@ -107,7 +107,7 @@ late. Pools have properties that apply either to the pool itself or to filesystems created in the pool. You can use the command `zpool get all tank` to see the pool properties and `zfs get all tank` to see the filesystem properties. Most -default values are perfecly sensible, some you'll [want to +default values are perfectly sensible, some you'll [want to change](https://jrs-s.net/2018/08/17/zfs-tuning-cheat-sheet/). Setting defaults makes life easier when we create our filesystems. From 2b6d8a05dbcf856c59fc89099693ec3560d9104f Mon Sep 17 00:00:00 2001 From: Katrin Leinweber Date: Thu, 25 Jun 2020 16:39:50 +0200 Subject: [PATCH 19/92] Capitalise product names --- README.md | 4 ++-- docs/applications/radarr.md | 2 +- docs/applications/sonarr.md | 2 +- docs/configuration/application_ports.md | 6 +++--- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 1995c062..7bbf9428 100644 --- a/README.md +++ b/README.md @@ -44,8 +44,8 @@ Ansible config and a bunch of Docker containers. * [Emby](https://emby.media/) - Media streaming and management * [Firefly III](https://firefly-iii.org/) - Free and open source personal finance manager * [get_iplayer](https://github.com/get-iplayer/get_iplayer) - download programmes from BBC iplayer -* [Gitea](https://gitea.io/en-us/) - Simple self-hosted Github clone -* [Gitlab](https://about.gitlab.com/features/) - Self-hosted Github clone of the highest order +* [Gitea](https://gitea.io/en-us/) - Simple self-hosted GitHub clone +* [GitLab](https://about.gitlab.com/features/) - Self-hosted GitHub clone of the highest order * [Glances](https://nicolargo.github.io/glances/) - for seeing the state of your system via a web browser * [Grafana](https://github.com/grafana/grafana) - Dashboarding tool * [Guacamole](https://guacamole.apache.org/) - Web based remote desktop gateway, supports VNC, RDP and SSH diff --git a/docs/applications/radarr.md b/docs/applications/radarr.md index acc7a547..bdc3cdfc 100644 --- a/docs/applications/radarr.md +++ b/docs/applications/radarr.md @@ -18,4 +18,4 @@ Radarr will get the file path from the Download client. On default settings with For Radarr to understand that the `/movies` folder is a folder, you'll need to add a new subfolder into it. You can also do this by adding a random movie to the folder. Keep in mind to have the internal setting **Create empty movie folders** on **yes** -Comprehensive setup information can be found on the [Radarr github wiki](https://github.com/Radarr/Radarr/wiki/Setup-Guide) +Comprehensive setup information can be found on the [Radarr GitHub wiki](https://github.com/Radarr/Radarr/wiki/Setup-Guide) diff --git a/docs/applications/sonarr.md b/docs/applications/sonarr.md index bbbd93ab..26dad584 100644 --- a/docs/applications/sonarr.md +++ b/docs/applications/sonarr.md @@ -19,4 +19,4 @@ Sonarr will get the file path from the Download client. On default settings with For Sonarr to understand that the `/tv` folder is a folder, you'll need to add a folder into it. You can also do this by adding a random series to the folder. Keep in mind to have the setting **Create empty movie folders** on **yes** -For comprehensive configuration instructions see the [Sonarr github wiki](https://github.com/Sonarr/Sonarr/wiki) +For comprehensive configuration instructions see the [Sonarr GitHub wiki](https://github.com/Sonarr/Sonarr/wiki) diff --git a/docs/configuration/application_ports.md b/docs/configuration/application_ports.md index b64f3e67..2d6759da 100644 --- a/docs/configuration/application_ports.md +++ b/docs/configuration/application_ports.md @@ -18,9 +18,9 @@ By default, applications can be found on the ports listed below. | get_iplayer | 8182 | | | Gitea | 3001 | Web | | Gitea | 222 | SSH | -| Gitlab | 4080 | HTTP | -| Gitlab | 4443 | HTTPS | -| Gitlab | 422 | SSH | +| GitLab | 4080 | HTTP | +| GitLab | 4443 | HTTPS | +| GitLab | 422 | SSH | | Glances | 61208 | SSH | | Grafana | 3000 | | | Guacamole | 8090 | | From 2cb835908cb5d184133ef728f82457a33ed3280e Mon Sep 17 00:00:00 2001 From: bcurran3 Date: Sat, 18 Jul 2020 08:03:18 -0700 Subject: [PATCH 20/92] update requirements to latest versions --- requirements.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.yml b/requirements.yml index a7d78c2a..193b73a3 100644 --- a/requirements.yml +++ b/requirements.yml @@ -1,9 +1,9 @@ --- - name: geerlingguy.docker - version: 2.8.0 + version: 2.8.1 - name: bertvv.samba version: v2.7.1 - name: geerlingguy.nfs - version: 1.5.0 + version: 1.6.0 From 5b12e762fc2c9b619988e61763a13c2a2131aa86 Mon Sep 17 00:00:00 2001 From: Tzahi12345 Date: Wed, 22 Jul 2020 20:46:13 -0400 Subject: [PATCH 21/92] Updated YoutubeDL-Material link Updated link to YoutubeDL-Material to the actual link (it was set to the youtube-dl project before) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1995c062..78099142 100644 --- a/README.md +++ b/README.md @@ -87,7 +87,7 @@ Ansible config and a bunch of Docker containers. * [Virtual Desktop](https://github.com/RattyDAVE/docker-ubuntu-xrdp-mate-custom) - A virtual desktop running on your NAS. * [Wallabag](https://wallabag.org/) - Save and classify articles. Read them later. * [Watchtower](https://github.com/v2tec/watchtower) - Monitor your Docker containers and update them if a new version is available -* [YouTubeDL-Material](https://ytdl-org.github.io/youtube-dl) - Self-hosted YouTube downloader built on Material Design +* [YouTubeDL-Material](https://github.com/Tzahi12345/YoutubeDL-Material) - Self-hosted YouTube downloader built on Material Design * [ZNC](https://wiki.znc.in/ZNC) - IRC bouncer to stay connected to favourite IRC networks and channels ## What This Could Do From 7c79150ae0125a0c83eb69936a09b2ba9ac92df5 Mon Sep 17 00:00:00 2001 From: Isaac Abadi Date: Wed, 22 Jul 2020 22:20:43 -0400 Subject: [PATCH 22/92] Updated YoutubeDL-Material links in docs directory --- docs/applications/youtubedlmaterial.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/applications/youtubedlmaterial.md b/docs/applications/youtubedlmaterial.md index ca499a88..912f601d 100644 --- a/docs/applications/youtubedlmaterial.md +++ b/docs/applications/youtubedlmaterial.md @@ -1,8 +1,8 @@ # YouTubeDL-Material -Homepage: [https://ytdl-org.github.io/youtube-dl/](https://ytdl-org.github.io/youtube-dl/) -Docker Container: [https://github.com/Tzahi12345/YoutubeDL-Material](https://github.com/Tzahi12345/YoutubeDL-Material) +Homepage: [https://github.com/Tzahi12345/YoutubeDL-Material](https://github.com/Tzahi12345/YoutubeDL-Material) +Docker Container: [https://hub.docker.com/r/tzahi12345/youtubedl-material](https://hub.docker.com/r/tzahi12345/youtubedl-material) YoutubeDL-Material is a Material Design frontend for youtube-dl. It's coded using Angular 9 for the frontend, and Node.js on the backend. From f1cab2141d594081239e676d5b7b065b84d89e7f Mon Sep 17 00:00:00 2001 From: Ryan Olf Date: Thu, 13 Aug 2020 16:18:48 -0700 Subject: [PATCH 23/92] Updated cloudflare-ddns to use config.yaml, default to API token instead of deprecated global API key Uses config.yaml for docker container instead of deprecated environment variables (which weren't working for me). This change is backwards compatible (old configs using global API key still work-- or will work again). Docs updated to reflect changes. --- docs/applications/cloudflare_ddns.md | 4 ++- group_vars/all.yml | 11 ++++----- tasks/cloudflare_ddns.yml | 30 +++++++++++++++++------ templates/cloudflare-ddns/config-api.yaml | 9 +++++++ templates/cloudflare-ddns/config.yaml | 8 ++++++ 5 files changed, 48 insertions(+), 14 deletions(-) create mode 100644 templates/cloudflare-ddns/config-api.yaml create mode 100644 templates/cloudflare-ddns/config.yaml diff --git a/docs/applications/cloudflare_ddns.md b/docs/applications/cloudflare_ddns.md index 46d239bc..2809a066 100644 --- a/docs/applications/cloudflare_ddns.md +++ b/docs/applications/cloudflare_ddns.md @@ -12,4 +12,6 @@ Set `cloudflare_ddns_enabled: true` in your `inventories//nas.ym ## Specific Configuration -Make sure you set your Cloudflare login, domain and API key details within your `inventories//nas.yml` file. \ No newline at end of file +Make sure you set your domain (if different than the ansible-nas default) and access token details within your `inventories//nas.yml` file. If you need to create an API token, see https://joshuaavalon.github.io/docker-cloudflare/guide/cloudflare.html#authentication for instructions. + +Cloudflare has deprecated global API key authentication. If you have an older ansible-nas configuration using a global API key, you can upgrade to the API token-based authentication by removing the `cloudflare_api_key` variable from your local `nas.yml` configuration file and setting the `cloudflare_token` variable appropriately. diff --git a/group_vars/all.yml b/group_vars/all.yml index 3b5e2554..4ec560bb 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -286,18 +286,17 @@ nfs_exports: ### # Cloudflare is a great free DNS option for domains. If you use the cloudflare_ddns container then you'll need to # set the options below. - +# Data directory for config file +cloudflare_data_directory: "{{ docker_home }}/cloudflare_ddns" # Your domain name cloudflare_zone: "{{ ansible_nas_domain }}" # The hostname you want the container to update. You shouldn't need to change this. cloudflare_host: "*.{{ cloudflare_zone }}" -# Email address used to register for Cloudflare -cloudflare_email: "{{ ansible_nas_email }}" - -# Cloudflare 'Global API Key', can be found on the 'My Profile' page -cloudflare_api_key: abcdeabcdeabcdeabcde1234512345 +# Cloudflare scoped token (https://joshuaavalon.github.io/docker-cloudflare/guide/cloudflare.html#authentication) +# Make sure token permissions include #DNS:Edit and #Zone:Read +cloudflare_token: "" ### ### General diff --git a/tasks/cloudflare_ddns.yml b/tasks/cloudflare_ddns.yml index 77650b0a..d0f5f7ac 100644 --- a/tasks/cloudflare_ddns.yml +++ b/tasks/cloudflare_ddns.yml @@ -1,14 +1,30 @@ +- name: Cloudflare Dynamic DNS Directories + file: + path: "{{ cloudflare_data_directory }}" + state: directory + when: cloudflare_api_key is not defined + +- name: Template Cloudflare Dynamic DNS config.yaml with scoped token + template: + src: cloudflare-ddns/config.yaml + dest: "{{ cloudflare_data_directory }}/config.yaml" + register: template_files_result + when: cloudflare_api_key is not defined + +- name: Template Cloudflare Dynamic DNS config.yaml with api_key (DEPRECATED) + template: + src: cloudflare-ddns/config-api.yaml + dest: "{{ cloudflare_data_directory }}/config.yaml" + register: template_files_result_api + when: cloudflare_api_key is defined + - name: Cloudflare Dynamic DNS Container docker_container: name: cloudflare-ddns image: joshava/cloudflare-ddns:latest pull: true - env: - ZONE: "{{ cloudflare_zone }}" - HOST: "{{ cloudflare_host }}" - EMAIL: "{{ cloudflare_email }}" - API: "{{ cloudflare_api_key }}" - PROXY: "false" + volumes: + - "{{cloudflare_data_directory}}/config.yaml:/app/config.yaml" restart_policy: unless-stopped memory: 512MB - + recreate: "{{ template_files_result is changed or template_files_result_api is changed }}" diff --git a/templates/cloudflare-ddns/config-api.yaml b/templates/cloudflare-ddns/config-api.yaml new file mode 100644 index 00000000..eb45d83b --- /dev/null +++ b/templates/cloudflare-ddns/config-api.yaml @@ -0,0 +1,9 @@ +auth: + globalToken: "{{ cloudflare_api_key }}" + email: "{{ cloudflare_email }}" +domains: + - name: "{{ cloudflare_host }}" + type: A + proxied: false + create: true + zoneName: "{{ cloudflare_zone }}" diff --git a/templates/cloudflare-ddns/config.yaml b/templates/cloudflare-ddns/config.yaml new file mode 100644 index 00000000..1bc4bd5a --- /dev/null +++ b/templates/cloudflare-ddns/config.yaml @@ -0,0 +1,8 @@ +auth: + scopedToken: "{{ cloudflare_token }}" +domains: + - name: "{{ cloudflare_host }}" + type: A + proxied: false + create: true + zoneName: "{{ cloudflare_zone }}" From c9de21165bb03e6ed03e935d0bbeac842771e6f4 Mon Sep 17 00:00:00 2001 From: Ryan Olf Date: Thu, 13 Aug 2020 17:00:45 -0700 Subject: [PATCH 24/92] Fixed lint error --- tasks/cloudflare_ddns.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/cloudflare_ddns.yml b/tasks/cloudflare_ddns.yml index d0f5f7ac..6b0a4bee 100644 --- a/tasks/cloudflare_ddns.yml +++ b/tasks/cloudflare_ddns.yml @@ -24,7 +24,7 @@ image: joshava/cloudflare-ddns:latest pull: true volumes: - - "{{cloudflare_data_directory}}/config.yaml:/app/config.yaml" + - "{{ cloudflare_data_directory }}/config.yaml:/app/config.yaml" restart_policy: unless-stopped memory: 512MB recreate: "{{ template_files_result is changed or template_files_result_api is changed }}" From 7ae9f87f3215f5f6223a3ebed7a01ad4f2edcc4c Mon Sep 17 00:00:00 2001 From: Ryan Olf Date: Sat, 15 Aug 2020 14:52:56 -0700 Subject: [PATCH 25/92] Added options for setting non-default cloudflare record type and http proxy --- group_vars/all.yml | 7 +++++++ templates/cloudflare-ddns/config-api.yaml | 4 ++-- templates/cloudflare-ddns/config.yaml | 4 ++-- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/group_vars/all.yml b/group_vars/all.yml index 4ec560bb..942e9cc7 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -288,6 +288,7 @@ nfs_exports: # set the options below. # Data directory for config file cloudflare_data_directory: "{{ docker_home }}/cloudflare_ddns" + # Your domain name cloudflare_zone: "{{ ansible_nas_domain }}" @@ -298,6 +299,12 @@ cloudflare_host: "*.{{ cloudflare_zone }}" # Make sure token permissions include #DNS:Edit and #Zone:Read cloudflare_token: "" +# Set to true to make traffic go through the CloudFlare CDN. +cloudflare_proxy: false + +# Set to AAAA to use set IPv6 records instead of IPv4 records. +cloudflare_type: "A" + ### ### General ### diff --git a/templates/cloudflare-ddns/config-api.yaml b/templates/cloudflare-ddns/config-api.yaml index eb45d83b..da8c9207 100644 --- a/templates/cloudflare-ddns/config-api.yaml +++ b/templates/cloudflare-ddns/config-api.yaml @@ -3,7 +3,7 @@ auth: email: "{{ cloudflare_email }}" domains: - name: "{{ cloudflare_host }}" - type: A - proxied: false + type: "{{ cloudflare_type }}" + proxied: {{ cloudflare_proxy | bool }} create: true zoneName: "{{ cloudflare_zone }}" diff --git a/templates/cloudflare-ddns/config.yaml b/templates/cloudflare-ddns/config.yaml index 1bc4bd5a..6cf189f1 100644 --- a/templates/cloudflare-ddns/config.yaml +++ b/templates/cloudflare-ddns/config.yaml @@ -2,7 +2,7 @@ auth: scopedToken: "{{ cloudflare_token }}" domains: - name: "{{ cloudflare_host }}" - type: A - proxied: false + type: "{{ cloudflare_type }}" + proxied: {{ cloudflare_proxy | bool }} create: true zoneName: "{{ cloudflare_zone }}" From 77fc3f8463cc8f1a3778c1b0107a1c631b7bfe3f Mon Sep 17 00:00:00 2001 From: Ryan Olf Date: Sat, 15 Aug 2020 15:03:52 -0700 Subject: [PATCH 26/92] Added note that cloudflare proxy does not work with wildcard CNAMEs --- group_vars/all.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/group_vars/all.yml b/group_vars/all.yml index 942e9cc7..187b342a 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -300,6 +300,8 @@ cloudflare_host: "*.{{ cloudflare_zone }}" cloudflare_token: "" # Set to true to make traffic go through the CloudFlare CDN. +# Note that if the cloudflare host is a wildcard (the default), this must be false, as cloudflare +# does not support http proxy of wildcard CNAMEs. cloudflare_proxy: false # Set to AAAA to use set IPv6 records instead of IPv4 records. From 32139c87630051de7af88f024a2f822b15ffab87 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 2 Sep 2020 12:46:35 +0100 Subject: [PATCH 27/92] Updated to be more specific --- CODE_OF_CONDUCT.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index f0d96cfc..4ad1f938 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -1,6 +1,6 @@ # Code of Conduct -Ansible-NAS follows the Ansible [Community Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html). +Ansible-NAS follows the [Ansible Community Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html). Specifically, Ansible-NAS community members are expected to be: From 3780047201fc9e8b2bbb725e573f84db9ba9376d Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 2 Sep 2020 12:49:28 +0100 Subject: [PATCH 28/92] Update to latest docker role --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 193b73a3..45b15fae 100644 --- a/requirements.yml +++ b/requirements.yml @@ -1,6 +1,6 @@ --- - name: geerlingguy.docker - version: 2.8.1 + version: 2.8.2 - name: bertvv.samba version: v2.7.1 From e7b5f59f55308f4fbc306b0ff8be30348aa87529 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 2 Sep 2020 15:32:27 +0100 Subject: [PATCH 29/92] Fix ansible-lint warns --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 83369ee9..8f272a8c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -16,7 +16,7 @@ install: - pip install mkdocs-material script: - - ansible-lint ${PWD}/nas.yml + - ansible-lint ${PWD}/nas.yml -x 106,208 - ${PWD}/tests/test.sh - mkdocs build From 3edd13c13699ebb9422216a824c43c3ef51627d2 Mon Sep 17 00:00:00 2001 From: rodrigorodrigo <46758811+rodrigorodrigo@users.noreply.github.com> Date: Mon, 7 Sep 2020 14:23:06 -0400 Subject: [PATCH 30/92] Update portainer.yml updates Portainer package from portainer/portainer to portainer/portainer-ce, updating it to version 2.0. --- tasks/portainer.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tasks/portainer.yml b/tasks/portainer.yml index ceaac16b..207aea53 100644 --- a/tasks/portainer.yml +++ b/tasks/portainer.yml @@ -9,7 +9,7 @@ - name: Portainer Docker Container docker_container: name: portainer - image: portainer/portainer + image: portainer/portainer-ce pull: true volumes: - "{{ portainer_data_directory }}:/data:rw" @@ -23,4 +23,4 @@ traefik.backend: "portainer" traefik.frontend.rule: "Host:portainer.{{ ansible_nas_domain }}" traefik.enable: "{{ portainer_available_externally }}" - traefik.port: "9000" \ No newline at end of file + traefik.port: "9000" From d2034afb42ae23f87ae6f4031fc8e2b8b175bccf Mon Sep 17 00:00:00 2001 From: NTLx Date: Tue, 15 Sep 2020 13:34:36 +0800 Subject: [PATCH 31/92] Update firefly.yml firefly uses port 8080, not 80, reference: https://docs.firefly-iii.org/installation/docker --- tasks/firefly.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tasks/firefly.yml b/tasks/firefly.yml index 79adc796..8bfa6bef 100644 --- a/tasks/firefly.yml +++ b/tasks/firefly.yml @@ -38,7 +38,7 @@ links: - firefly-mysql:db ports: - - "{{ firefly_port }}:80" + - "{{ firefly_port }}:8080" env: APP_ENV: "local" APP_KEY: "S0m3R@nd0mString0f32Ch@rsEx@ct1y" @@ -54,4 +54,4 @@ traefik.backend: "firefly" traefik.frontend.rule: "Host:firefly.{{ ansible_nas_domain }}" traefik.enable: "{{ firefly_available_externally }}" - traefik.port: "80" \ No newline at end of file + traefik.port: "80" From b06a37c4e6a8686d4db70739296082fa05f2f887 Mon Sep 17 00:00:00 2001 From: NTLx Date: Tue, 15 Sep 2020 16:25:36 +0800 Subject: [PATCH 32/92] Update firefly.yml for port expose What this PR does / why we need it: fix a port expose bug according to firefly [official doc](https://docs.firefly-iii.org/installation/docker) Which issue (if any) this PR fixes: wrong port to expose, not 80, should be 8080 Fixes # change container firefly's port (and traefik.port) to 8080 Any other useful info: --- tasks/firefly.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/firefly.yml b/tasks/firefly.yml index 8bfa6bef..5af160e5 100644 --- a/tasks/firefly.yml +++ b/tasks/firefly.yml @@ -54,4 +54,4 @@ traefik.backend: "firefly" traefik.frontend.rule: "Host:firefly.{{ ansible_nas_domain }}" traefik.enable: "{{ firefly_available_externally }}" - traefik.port: "80" + traefik.port: "8080" From 8cc129661e18aeff08154e0963e9d0d47fc14840 Mon Sep 17 00:00:00 2001 From: hullet Date: Wed, 30 Sep 2020 22:31:22 +0100 Subject: [PATCH 33/92] Changed Nextcloud MySQL Credentials from statis string to variable, for optional increased security. --- group_vars/all.yml | 7 +++++-- tasks/nextcloud.yml | 12 ++++++------ 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/group_vars/all.yml b/group_vars/all.yml index 4df45c5e..609a6662 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -107,7 +107,7 @@ pytivo_enabled: false serposcope_enabled: false # External Access -# Traefik will allow access to certain applications externally. To enable this you'll either; a domain name that points to your +# Traefik will allow access to certain applications externally. To enable this you'll either; a domain name that points to your # home static IP address, the cloudflare with the cloudflare_ddns dynamic DNS container enabled, or use a dynamic DNS provider like no-ip. # You'll also need to map ports 80 and 443 from your router to your ansible-nas server, then enable the per-app "available_externally" # settings. @@ -567,7 +567,7 @@ couchpotato_downloads_directory: "{{ downloads_root }}" couchpotato_torrents_directory: "{{ torrents_root }}" couchpotato_user_id: "0" couchpotato_group_id: "0" -couchpotato_port: "5050" +couchpotato_port: "5050" ### ### Sickchill @@ -659,6 +659,9 @@ glances_port_two: "61209" nextcloud_available_externally: "false" nextcloud_data_directory: "{{ docker_home }}/nextcloud" nextcloud_port: "8080" +nextcloud_sql_user: "nextcloud_sql_user" +nextcloud_sql_pass: "nextcloud_sql_pass" +nextcloud_sql_secret: "nextcloud_sql_secret" ### ### nginx diff --git a/tasks/nextcloud.yml b/tasks/nextcloud.yml index d712ded0..fe2614b8 100644 --- a/tasks/nextcloud.yml +++ b/tasks/nextcloud.yml @@ -16,9 +16,9 @@ - "{{ nextcloud_data_directory }}/mysql:/var/lib/mysql:rw" env: MYSQL_DATABASE: "nextcloud" - MYSQL_USER: "nextcloud-user" - MYSQL_PASSWORD: "nextcloud-pass" - MYSQL_ROOT_PASSWORD: "nextcloud-secret" + MYSQL_USER: "{{ nextcloud_sql_user }}" + MYSQL_PASSWORD: "{{ nextcloud_sql_pass }}" + MYSQL_ROOT_PASSWORD: "{{ nextcloud_sql_secret }}" restart_policy: unless-stopped memory: 1g @@ -36,8 +36,8 @@ env: MYSQL_HOST: "mysql" MYSQL_DATABASE: "nextcloud" - MYSQL_USER: "nextcloud-user" - MYSQL_PASSWORD: "nextcloud-pass" + MYSQL_USER: "{{ nextcloud_sql_user }}" + MYSQL_PASSWORD: "{{ nextcloud_sql_pass }}" NEXTCLOUD_TRUSTED_DOMAINS: "nextcloud.{{ ansible_nas_domain }}" restart_policy: unless-stopped memory: 1g @@ -45,4 +45,4 @@ traefik.backend: "nextcloud" traefik.frontend.rule: "Host:nextcloud.{{ ansible_nas_domain }}" traefik.enable: "{{ nextcloud_available_externally }}" - traefik.port: "80" \ No newline at end of file + traefik.port: "80" From af086e2798fd6b6afeb694ce343d1247b2b6818c Mon Sep 17 00:00:00 2001 From: hullet Date: Thu, 1 Oct 2020 08:45:14 +0100 Subject: [PATCH 34/92] Default Nextcloud credentials returned to standard values --- group_vars/all.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/group_vars/all.yml b/group_vars/all.yml index 609a6662..f058b222 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -659,9 +659,9 @@ glances_port_two: "61209" nextcloud_available_externally: "false" nextcloud_data_directory: "{{ docker_home }}/nextcloud" nextcloud_port: "8080" -nextcloud_sql_user: "nextcloud_sql_user" -nextcloud_sql_pass: "nextcloud_sql_pass" -nextcloud_sql_secret: "nextcloud_sql_secret" +nextcloud_sql_user: "nextcloud-user" +nextcloud_sql_pass: "nextcloud-pass" +nextcloud_sql_secret: "nextcloud-secret" ### ### nginx From 572df920b08c43d03c6781e10c22710990cd0ac8 Mon Sep 17 00:00:00 2001 From: Elliot Pryde Date: Sun, 4 Oct 2020 01:20:41 +0100 Subject: [PATCH 35/92] Fix typo in samba config --- group_vars/all.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/group_vars/all.yml b/group_vars/all.yml index 4df45c5e..69355f45 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -194,7 +194,7 @@ samba_shares: guest_ok: yes public: yes writable: yes - browsable: yes + browseable: yes path: "{{ downloads_root }}" - name: movies @@ -202,7 +202,7 @@ samba_shares: guest_ok: yes public: yes writable: yes - browsable: yes + browseable: yes path: "{{ movies_root }}" - name: tv @@ -210,7 +210,7 @@ samba_shares: guest_ok: yes public: yes writable: yes - browsable: yes + browseable: yes path: "{{ tv_root }}" - name: music @@ -218,7 +218,7 @@ samba_shares: guest_ok: yes public: yes writable: yes - browsable: yes + browseable: yes path: "{{ music_root }}" - name: podcasts @@ -226,7 +226,7 @@ samba_shares: guest_ok: yes public: yes writable: yes - browsable: yes + browseable: yes path: "{{ podcasts_root }}" - name: dump @@ -234,7 +234,7 @@ samba_shares: guest_ok: yes public: yes writable: yes - browsable: yes + browseable: yes path: "{{ samba_shares_root }}/dump" - name: games @@ -242,7 +242,7 @@ samba_shares: guest_ok: yes public: yes writable: yes - browsable: yes + browseable: yes path: "{{ samba_shares_root }}/games" - name: photos @@ -250,7 +250,7 @@ samba_shares: guest_ok: yes public: yes writable: yes - browsable: yes + browseable: yes path: "{{ samba_shares_root }}/photos" - name: books @@ -258,7 +258,7 @@ samba_shares: guest_ok: yes public: yes writable: yes - browsable: yes + browseable: yes path: "{{ samba_shares_root }}/books" - name: comics @@ -266,7 +266,7 @@ samba_shares: guest_ok: yes public: yes writable: yes - browsable: yes + browseable: yes path: "{{ samba_shares_root }}/comics" ### From d6bbc8f23ef34acf5b908a60f1fde721f108e6b0 Mon Sep 17 00:00:00 2001 From: elliotsayes Date: Thu, 29 Oct 2020 00:30:34 +1300 Subject: [PATCH 36/92] More consistent use of variables in Samba share paths --- group_vars/all.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/group_vars/all.yml b/group_vars/all.yml index 4df45c5e..6443a56b 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -251,7 +251,7 @@ samba_shares: public: yes writable: yes browsable: yes - path: "{{ samba_shares_root }}/photos" + path: "{{ photos_root }}" - name: books comment: 'Books' @@ -259,7 +259,7 @@ samba_shares: public: yes writable: yes browsable: yes - path: "{{ samba_shares_root }}/books" + path: "{{ books_root }}" - name: comics comment: 'Comics' @@ -267,7 +267,7 @@ samba_shares: public: yes writable: yes browsable: yes - path: "{{ samba_shares_root }}/comics" + path: "{{ comics_root }}" ### ### NFS From c45d80d2671980c0efb6e5dc8277a62dffe1f595 Mon Sep 17 00:00:00 2001 From: Ken Zhou Date: Mon, 11 Jan 2021 22:52:16 +1100 Subject: [PATCH 37/92] creating the .incomplete folder for utorrent --- group_vars/all.yml | 1 + tasks/utorrent.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/group_vars/all.yml b/group_vars/all.yml index 4df45c5e..16fff548 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -392,6 +392,7 @@ openvpn_config: United-Kingdom utorrent_available_externally: "false" utorrent_config_directory: "{{ docker_home }}/utorrent/config" utorrent_download_directory: "{{ downloads_root }}" +utorrent_download_directory_active: "{{ downloads_root }}/.incomplete" utorrent_port_http: "8111" utorrent_port_bt: "6881" utorrent_user_id: "0" diff --git a/tasks/utorrent.yml b/tasks/utorrent.yml index e92c8fd1..823eb84e 100644 --- a/tasks/utorrent.yml +++ b/tasks/utorrent.yml @@ -6,6 +6,7 @@ with_items: - "{{ utorrent_config_directory }}" - "{{ utorrent_download_directory }}" + - "{{ utorrent_download_directory_active }}" - name: uTorrent Docker Container docker_container: From ee9c19788d9c00abaf35b279cd092c7caae2270b Mon Sep 17 00:00:00 2001 From: David Stephens Date: Tue, 12 Jan 2021 11:05:11 +0000 Subject: [PATCH 38/92] Update requirements to latest versions --- requirements.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.yml b/requirements.yml index 45b15fae..0749ad22 100644 --- a/requirements.yml +++ b/requirements.yml @@ -1,9 +1,9 @@ --- - name: geerlingguy.docker - version: 2.8.2 + version: 3.0.0 - name: bertvv.samba version: v2.7.1 - name: geerlingguy.nfs - version: 1.6.0 + version: 2.0.0 From f82043a252fa10d77efc3862ef864b59090efca0 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Tue, 12 Jan 2021 11:05:38 +0000 Subject: [PATCH 39/92] Move Plex to role --- group_vars/all.yml | 22 ---------------------- nas.yml | 9 +++++---- tasks/plex.yml | 34 ---------------------------------- 3 files changed, 5 insertions(+), 60 deletions(-) delete mode 100644 tasks/plex.yml diff --git a/group_vars/all.yml b/group_vars/all.yml index 4df45c5e..8fe368ba 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -415,28 +415,6 @@ pyload_user_id: "0" pyload_group_id: "0" pyload_port: "8000" -### -### Plex -### -# If you're paranoid, set permissions to "ro" so Plex won't ever be able to -# delete your files -plex_available_externally: "false" -plex_config_directory: "{{ docker_home }}/plex/config" -plex_logs: "{{ docker_home }}/plex/logs" -plex_movies_directory: "{{ movies_root }}" -plex_movies_permissions: "rw" -plex_tv_directory: "{{ tv_root }}" -plex_tv_permissions: "rw" -plex_photos_directory: "{{ photos_root }}" -plex_photos_permissions: "rw" -plex_podcasts_directory: "{{ podcasts_root }}" -plex_podcasts_permissions: "rw" -plex_music_directory: "{{ music_root }}" -plex_music_permissions: "rw" -plex_user_id: "0" -plex_group_id: "0" -plex_port: "32400" - ### ### PyTivo ### diff --git a/nas.yml b/nas.yml index 7ac03a24..a7cfef04 100644 --- a/nas.yml +++ b/nas.yml @@ -21,6 +21,11 @@ - docker - skip_ansible_lint + - role: plex + tags: + - plex + when: (plex_enabled | default(False)) + tasks: - import_tasks: tasks/general.yml tags: general @@ -48,10 +53,6 @@ when: (watchtower_enabled | default(False)) tags: watchtower - - import_tasks: tasks/plex.yml - when: (plex_enabled | default(False)) - tags: plex - - import_tasks: tasks/firefly.yml when: (firefly_enabled | default(False)) tags: firefly diff --git a/tasks/plex.yml b/tasks/plex.yml deleted file mode 100644 index f3627b26..00000000 --- a/tasks/plex.yml +++ /dev/null @@ -1,34 +0,0 @@ -- name: Create Plex Directories - file: - path: "{{ item }}" - state: directory - # mode: 0755 - with_items: - - "{{ plex_config_directory }}" - - "{{ plex_logs }}" - -- name: plex Docker Container - docker_container: - name: plex - image: linuxserver/plex - pull: true - volumes: - - "{{ plex_config_directory }}:/config:rw" - - "{{ plex_logs }}:/opt/plex/Library/Application Support/Plex Media Server/Logs:rw" - - "{{ plex_movies_directory }}:/movies:{{ plex_movies_permissions }}" - - "{{ plex_tv_directory }}:/tv:{{ plex_tv_permissions }}" - - "{{ plex_photos_directory }}:/photos:{{ plex_photos_permissions }}" - - "{{ plex_podcasts_directory }}:/podcasts:{{ plex_podcasts_permissions }}" - - "{{ plex_music_directory }}:/music:{{ plex_music_permissions }}" - network_mode: "host" - env: - TZ: "{{ ansible_nas_timezone }}" - PUID: "{{ plex_user_id }}" - PGID: "{{ plex_group_id }}" - restart_policy: unless-stopped - memory: 2g - labels: - traefik.backend: "plex" - traefik.frontend.rule: "Host:plex.{{ ansible_nas_domain }}" - traefik.enable: "{{ plex_available_externally }}" - traefik.port: "32400" From 460887fec4e32190abf8d2677e6411dd3aa1efbc Mon Sep 17 00:00:00 2001 From: David Stephens Date: Tue, 12 Jan 2021 11:53:02 +0000 Subject: [PATCH 40/92] Add Plex role --- roles/plex/defaults/main.yml | 24 ++++++++++++++++++++++++ roles/plex/tasks/main.yml | 35 +++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+) create mode 100644 roles/plex/defaults/main.yml create mode 100644 roles/plex/tasks/main.yml diff --git a/roles/plex/defaults/main.yml b/roles/plex/defaults/main.yml new file mode 100644 index 00000000..69528515 --- /dev/null +++ b/roles/plex/defaults/main.yml @@ -0,0 +1,24 @@ +--- +plex_enabled: false +plex_available_externally: "false" + +# directories +plex_config_directory: "{{ docker_home }}/plex/config" +plex_logs: "{{ docker_home }}/plex/logs" +plex_movies_directory: "{{ movies_root }}" +plex_tv_directory: "{{ tv_root }}" +plex_photos_directory: "{{ photos_root }}" +plex_podcasts_directory: "{{ podcasts_root }}" +plex_music_directory: "{{ music_root }}" + +# uid / gid +plex_user_id: "0" +plex_group_id: "0" + +# If you're paranoid, set permissions to "ro" so Plex won't ever be able to +# delete your files +plex_movies_permissions: "rw" +plex_tv_permissions: "rw" +plex_photos_permissions: "rw" +plex_podcasts_permissions: "rw" +plex_music_permissions: "rw" diff --git a/roles/plex/tasks/main.yml b/roles/plex/tasks/main.yml new file mode 100644 index 00000000..a8f65fa3 --- /dev/null +++ b/roles/plex/tasks/main.yml @@ -0,0 +1,35 @@ +--- +- name: Create Plex Directories + file: + path: "{{ item }}" + state: directory + # mode: 0755 + with_items: + - "{{ plex_config_directory }}" + - "{{ plex_logs }}" + +- name: plex Docker Container + docker_container: + name: plex + image: linuxserver/plex + pull: true + volumes: + - "{{ plex_config_directory }}:/config:rw" + - "{{ plex_logs }}:/opt/plex/Library/Application Support/Plex Media Server/Logs:rw" + - "{{ plex_movies_directory }}:/movies:{{ plex_movies_permissions }}" + - "{{ plex_tv_directory }}:/tv:{{ plex_tv_permissions }}" + - "{{ plex_photos_directory }}:/photos:{{ plex_photos_permissions }}" + - "{{ plex_podcasts_directory }}:/podcasts:{{ plex_podcasts_permissions }}" + - "{{ plex_music_directory }}:/music:{{ plex_music_permissions }}" + network_mode: "host" + env: + TZ: "{{ ansible_nas_timezone }}" + PUID: "{{ plex_user_id }}" + PGID: "{{ plex_group_id }}" + restart_policy: unless-stopped + memory: 2g + labels: + traefik.backend: "plex" + traefik.frontend.rule: "Host:plex.{{ ansible_nas_domain }}" + traefik.enable: "{{ plex_available_externally }}" + traefik.port: "32400" From 528c3461bc5eeb98ceb434d920ddafd070393ffe Mon Sep 17 00:00:00 2001 From: David Stephens Date: Tue, 12 Jan 2021 11:56:36 +0000 Subject: [PATCH 41/92] Move Heimdall to role --- nas.yml | 9 ++++---- roles/heimdall/defaults/main.yml | 5 +++++ {tasks => roles/heimdall/tasks}/heimdall.yml | 22 ++------------------ 3 files changed, 12 insertions(+), 24 deletions(-) create mode 100644 roles/heimdall/defaults/main.yml rename {tasks => roles/heimdall/tasks}/heimdall.yml (65%) diff --git a/nas.yml b/nas.yml index a7cfef04..9a783d26 100644 --- a/nas.yml +++ b/nas.yml @@ -21,6 +21,11 @@ - docker - skip_ansible_lint + - role: heimdall + tags: + - heimdall + when: (heimdall_enabled | default(False)) + - role: plex tags: - plex @@ -41,10 +46,6 @@ when: (traefik_enabled | default(False)) tags: traefik - - import_tasks: tasks/heimdall.yml - when: (heimdall_enabled | default(False)) - tags: heimdall - - import_tasks: tasks/organizr.yml when: (organizr_enabled | default(False)) tags: organizr diff --git a/roles/heimdall/defaults/main.yml b/roles/heimdall/defaults/main.yml new file mode 100644 index 00000000..4073b06d --- /dev/null +++ b/roles/heimdall/defaults/main.yml @@ -0,0 +1,5 @@ +--- +heimdall_enabled: true + +jellyfin_user_id: "0" +jellyfin_group_id: "0" \ No newline at end of file diff --git a/tasks/heimdall.yml b/roles/heimdall/tasks/heimdall.yml similarity index 65% rename from tasks/heimdall.yml rename to roles/heimdall/tasks/heimdall.yml index c7e9670b..9788d2a8 100644 --- a/tasks/heimdall.yml +++ b/roles/heimdall/tasks/heimdall.yml @@ -1,26 +1,8 @@ --- -- name: Create Heimdall group - group: - name: heimdall - gid: 1310 - state: present - -- name: Create Heimdall user - user: - name: heimdall - uid: 1310 - state: present - system: yes - update_password: on_create - create_home: no - group: heimdall - - name: Create Heimdall Directories file: path: "{{ item }}" state: directory - owner: heimdall - group: heimdall with_items: - "{{ heimdall_data_directory }}" @@ -32,8 +14,8 @@ volumes: - "{{ heimdall_data_directory }}:/config:rw" env: - PUID: "1310" - PGID: "1310" + PUID: "{{ jellyfin_user_id }}" + PGID: "{{ jellyfin_group_id }}" TZ: "{{ ansible_nas_timezone }}" ports: - "{{ heimdall_port_http }}:80" From 9884392a7f22c80b142cfc476fb781855d091a45 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Tue, 12 Jan 2021 12:11:20 +0000 Subject: [PATCH 42/92] Heimdall tweaks to uid/gid --- group_vars/all.yml | 10 +-------- roles/heimdall/defaults/main.yml | 14 ++++++++++-- .../heimdall/tasks/{heimdall.yml => main.yml} | 22 +++++++++++++++++-- 3 files changed, 33 insertions(+), 13 deletions(-) rename roles/heimdall/tasks/{heimdall.yml => main.yml} (60%) diff --git a/group_vars/all.yml b/group_vars/all.yml index 8fe368ba..2cfeb12a 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -50,7 +50,6 @@ mymediaforalexa_enabled: false miniflux_enabled: false # System Management -heimdall_enabled: false organizr_enabled: false portainer_enabled: false glances_enabled: false @@ -340,14 +339,7 @@ traefik_docker_image: traefik:v1.7 traefik_data_directory: "{{ docker_home }}/traefik" traefik_debug: "false" -### -### Heimdall -### -heimdall_available_externally: "false" -heimdall_docker_image: linuxserver/heimdall:latest -heimdall_data_directory: "{{ docker_home }}/heimdall" -heimdall_port_http: "10080" -heimdall_port_https: "10443" + ### ### Organizr diff --git a/roles/heimdall/defaults/main.yml b/roles/heimdall/defaults/main.yml index 4073b06d..f5292680 100644 --- a/roles/heimdall/defaults/main.yml +++ b/roles/heimdall/defaults/main.yml @@ -1,5 +1,15 @@ --- heimdall_enabled: true +heimdall_available_externally: "false" -jellyfin_user_id: "0" -jellyfin_group_id: "0" \ No newline at end of file +# directories +heimdall_docker_image: linuxserver/heimdall:latest +heimdall_data_directory: "{{ docker_home }}/heimdall" + +# network +heimdall_port_http: "10080" +heimdall_port_https: "10443" + +# uid / gid +heimdall_user_id: "1310" +heimdall_group_id: "1310" \ No newline at end of file diff --git a/roles/heimdall/tasks/heimdall.yml b/roles/heimdall/tasks/main.yml similarity index 60% rename from roles/heimdall/tasks/heimdall.yml rename to roles/heimdall/tasks/main.yml index 9788d2a8..b5b0ce54 100644 --- a/roles/heimdall/tasks/heimdall.yml +++ b/roles/heimdall/tasks/main.yml @@ -1,8 +1,26 @@ --- +- name: Create Heimdall group + group: + name: heimdall + gid: "{{ heimdall_group_id }}" + state: present + +- name: Create Heimdall user + user: + name: heimdall + uid: "{{ heimdall_user_id }}" + state: present + system: yes + update_password: on_create + create_home: no + group: heimdall + - name: Create Heimdall Directories file: path: "{{ item }}" state: directory + owner: heimdall + group: heimdall with_items: - "{{ heimdall_data_directory }}" @@ -14,8 +32,8 @@ volumes: - "{{ heimdall_data_directory }}:/config:rw" env: - PUID: "{{ jellyfin_user_id }}" - PGID: "{{ jellyfin_group_id }}" + PUID: "{{ heimdall_user_id }}" + PGID: "{{ heimdall_group_id }}" TZ: "{{ ansible_nas_timezone }}" ports: - "{{ heimdall_port_http }}:80" From 46fe985dd9726f8c0b6564e36d448222c367cef7 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Tue, 12 Jan 2021 12:56:03 +0000 Subject: [PATCH 43/92] Move base ansible-nas configuration to roles --- group_vars/all.yml | 31 +------------------ nas.yml | 16 ++++++---- roles/ansible-nas-docker/defaults/main.yml | 12 +++++++ .../ansible-nas-docker/tasks/main.yml | 16 +++++----- .../ansible-nas-docker/templates}/daemon.json | 0 roles/ansible-nas-general/defaults/main.yml | 20 ++++++++++++ .../ansible-nas-general/files}/motd.txt | 0 .../ansible-nas-general/tasks/main.yml | 4 +-- 8 files changed, 53 insertions(+), 46 deletions(-) create mode 100644 roles/ansible-nas-docker/defaults/main.yml rename tasks/docker.yml => roles/ansible-nas-docker/tasks/main.yml (69%) rename {templates/docker => roles/ansible-nas-docker/templates}/daemon.json (100%) create mode 100644 roles/ansible-nas-general/defaults/main.yml rename {templates/ansible-nas => roles/ansible-nas-general/files}/motd.txt (100%) rename tasks/general.yml => roles/ansible-nas-general/tasks/main.yml (94%) diff --git a/group_vars/all.yml b/group_vars/all.yml index 2cfeb12a..74064988 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -117,15 +117,7 @@ traefik_port_ui: "8083" ### ### General ### -# Sets the hostname of your Ansible NAS -ansible_nas_hostname: ansible-nas -# Sets the timezone for your Ansible NAS -# You can find a list here https://en.wikipedia.org/wiki/List_of_tz_database_time_zones -ansible_nas_timezone: Etc/UTC - -# Update all apt packages when playbook is run -keep_packages_updated: false # Will be added to the docker group to give user command line access to docker ansible_nas_user: david @@ -136,19 +128,6 @@ ansible_nas_email: me@example.com # Applications will have subdomain SSL certificates created if Traefik is enabled, e.g. ansible-nas., nextcloud. ansible_nas_domain: example.com -### -### Docker -### -# Where you want Docker to store images -docker_image_directory: "{{ docker_home }}/data" - -# Where you want Docker to store its container data. -docker_home: /mnt/Volume2/docker - -# Docker storage driver, see https://docs.docker.com/storage/storagedriver/select-storage-driver/#supported-backing-filesystems -# You might want to change this to ZFS, depending on your underlying filesystem. -docker_storage_driver: overlay2 - ### ### Samba ### @@ -301,15 +280,7 @@ cloudflare_api_key: abcdeabcdeabcdeabcde1234512345 ### ### General ### -# Extra packages to install -ansible_nas_extra_packages: - - smartmontools - - htop - - zfsutils-linux - - bonnie++ - - unzip - - lm-sensors - - ctop + ansible_python_interpreter: /usr/bin/python3 diff --git a/nas.yml b/nas.yml index 9a783d26..e2576960 100644 --- a/nas.yml +++ b/nas.yml @@ -21,6 +21,16 @@ - docker - skip_ansible_lint + - role: ansible-nas-general + tags: + - ansible-nas-general + - ansible-nas + + - role: ansible-nas-docker + tags: + - ansible-nas-docker + - ansible-nas + - role: heimdall tags: - heimdall @@ -32,12 +42,6 @@ when: (plex_enabled | default(False)) tasks: - - import_tasks: tasks/general.yml - tags: general - - - import_tasks: tasks/docker.yml - tags: docker - - import_tasks: tasks/portainer.yml when: (portainer_enabled | default(False)) tags: portainer diff --git a/roles/ansible-nas-docker/defaults/main.yml b/roles/ansible-nas-docker/defaults/main.yml new file mode 100644 index 00000000..c0eba9ac --- /dev/null +++ b/roles/ansible-nas-docker/defaults/main.yml @@ -0,0 +1,12 @@ +--- +ansible_nas_user: david + +# Where you want Docker to store its container data. +docker_home: /mnt/Volume2/docker + +# Where you want Docker to store images +docker_image_directory: "{{ docker_home }}/data" + +# Docker storage driver, see https://docs.docker.com/storage/storagedriver/select-storage-driver/#supported-backing-filesystems +# You might want to change this to ZFS, depending on your underlying filesystem. +docker_storage_driver: overlay2 \ No newline at end of file diff --git a/tasks/docker.yml b/roles/ansible-nas-docker/tasks/main.yml similarity index 69% rename from tasks/docker.yml rename to roles/ansible-nas-docker/tasks/main.yml index f7ff349c..335574c9 100644 --- a/tasks/docker.yml +++ b/roles/ansible-nas-docker/tasks/main.yml @@ -1,44 +1,44 @@ --- -- name: install python3-pip +- name: Install python3-pip apt: name: python3-pip state: present register: result until: result is succeeded -- name: 'Remove docker-py python module' +- name: Remove docker-py python module pip: name: docker-py state: absent register: result until: result is succeeded -- name: 'Install docker python module' +- name: Install docker python module pip: name: docker state: present register: result until: result is succeeded -- name: create docker home +- name: Create Docker home directory file: path: "{{ docker_home }}" mode: 0755 state: directory -- name: add user account to docker group +- name: Add user account to Docker group user: name: "{{ ansible_nas_user }}" groups: docker append: yes -- name: update docker home from install default +- name: Update Docker home from install default template: - src: docker/daemon.json + src: daemon.json dest: /etc/docker/daemon.json register: docker_config -- name: restart docker +- name: Restart Docker service: name: docker state: restarted diff --git a/templates/docker/daemon.json b/roles/ansible-nas-docker/templates/daemon.json similarity index 100% rename from templates/docker/daemon.json rename to roles/ansible-nas-docker/templates/daemon.json diff --git a/roles/ansible-nas-general/defaults/main.yml b/roles/ansible-nas-general/defaults/main.yml new file mode 100644 index 00000000..c80d62a1 --- /dev/null +++ b/roles/ansible-nas-general/defaults/main.yml @@ -0,0 +1,20 @@ +--- +# Sets the hostname of your Ansible NAS +ansible_nas_hostname: ansible-nas + +# Update all apt packages when playbook is run +keep_packages_updated: false + +# Extra packages to install +ansible_nas_extra_packages: + - smartmontools + - htop + - zfsutils-linux + - bonnie++ + - unzip + - lm-sensors + - ctop + +# Sets the timezone for your Ansible NAS +# You can find a list here https://en.wikipedia.org/wiki/List_of_tz_database_time_zones +ansible_nas_timezone: Etc/UTC \ No newline at end of file diff --git a/templates/ansible-nas/motd.txt b/roles/ansible-nas-general/files/motd.txt similarity index 100% rename from templates/ansible-nas/motd.txt rename to roles/ansible-nas-general/files/motd.txt diff --git a/tasks/general.yml b/roles/ansible-nas-general/tasks/main.yml similarity index 94% rename from tasks/general.yml rename to roles/ansible-nas-general/tasks/main.yml index 7ad21cef..9a882407 100644 --- a/tasks/general.yml +++ b/roles/ansible-nas-general/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Set login banner - template: - src: ansible-nas/motd.txt + copy: + src: motd.txt dest: /etc/motd - name: Enable Universe repository From 3a645b38194ef717330a80a815490cf86e649aec Mon Sep 17 00:00:00 2001 From: David Stephens Date: Tue, 12 Jan 2021 17:18:05 +0000 Subject: [PATCH 44/92] Move netdata to ansible role --- group_vars/all.yml | 6 ------ nas.yml | 9 +++++---- roles/netdata/defaults/main.yml | 6 ++++++ tasks/netdata.yml => roles/netdata/tasks/main.yml | 4 ++-- 4 files changed, 13 insertions(+), 12 deletions(-) create mode 100644 roles/netdata/defaults/main.yml rename tasks/netdata.yml => roles/netdata/tasks/main.yml (87%) diff --git a/group_vars/all.yml b/group_vars/all.yml index 74064988..2b20ea00 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -55,7 +55,6 @@ portainer_enabled: false glances_enabled: false stats_enabled: false guacamole_enabled: false -netdata_enabled: false watchtower_enabled: false cloudflare_ddns_enabled: false cloudcmd_enabled: false @@ -530,11 +529,6 @@ ombi_config_directory: "{{ docker_home }}/ombi/config" ombi_user_id: "0" ombi_group_id: "0" -### -### Netdata -### -netdata_available_externally: "false" -netdata_port: "19999" ### ### OpenVPN diff --git a/nas.yml b/nas.yml index e2576960..b1e43376 100644 --- a/nas.yml +++ b/nas.yml @@ -36,6 +36,11 @@ - heimdall when: (heimdall_enabled | default(False)) + - role: netdata + tags: + - netdata + when: (netdata_enabled | default(False)) + - role: plex tags: - plex @@ -102,10 +107,6 @@ when: (glances_enabled | default(False)) tags: glances - - import_tasks: tasks/netdata.yml - when: (netdata_enabled | default(False)) - tags: netdata - - import_tasks: tasks/duplicati.yml when: (duplicati_enabled | default(False)) tags: duplicati diff --git a/roles/netdata/defaults/main.yml b/roles/netdata/defaults/main.yml new file mode 100644 index 00000000..d22deb48 --- /dev/null +++ b/roles/netdata/defaults/main.yml @@ -0,0 +1,6 @@ +netdata_enabled: false +netdata_available_externally: "false" + +# network +netdata_hostname: "{{ ansible_nas_hostname }}.{{ ansible_nas_domain }}" +netdata_port: "19999" \ No newline at end of file diff --git a/tasks/netdata.yml b/roles/netdata/tasks/main.yml similarity index 87% rename from tasks/netdata.yml rename to roles/netdata/tasks/main.yml index 7065a4f0..5a1141e2 100644 --- a/tasks/netdata.yml +++ b/roles/netdata/tasks/main.yml @@ -1,4 +1,4 @@ -###### Create +--- - name: Get docker group id group: name: docker @@ -7,7 +7,7 @@ - name: Netdata Docker Container docker_container: name: netdata - hostname: "{{ ansible_nas_hostname }}.{{ ansible_nas_domain }}" + hostname: "{{ netdata_hostname }}" image: netdata/netdata state: started pull: true From 467fd688e408d09b1357080e926750140ccfda15 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 13 Jan 2021 10:01:40 +0000 Subject: [PATCH 45/92] Move lidarr to role --- group_vars/all.yml | 12 +----------- nas.yml | 9 +++++---- roles/lidarr/defaults/main.yml | 15 +++++++++++++++ tasks/lidarr.yml => roles/lidarr/tasks/main.yml | 0 4 files changed, 21 insertions(+), 15 deletions(-) create mode 100644 roles/lidarr/defaults/main.yml rename tasks/lidarr.yml => roles/lidarr/tasks/main.yml (100%) diff --git a/group_vars/all.yml b/group_vars/all.yml index 2b20ea00..17f3e3be 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -38,7 +38,7 @@ jellyfin_enabled: false emby_enabled: false bazarr_enabled: false ombi_enabled: false -lidarr_enabled: false + youtubedlmaterial_enabled: false mylar_enabled: false @@ -476,16 +476,6 @@ bazarr_user_id: "0" bazarr_group_id: "0" bazarr_port: "6767" -### -### Lidarr -### -lidarr_available_externally: "false" -lidarr_data_directory: "{{ docker_home }}/lidarr/config" -lidarr_music_directory: "{{ music_root }}" -lidarr_downloads_directory: "{{ downloads_root }}" -lidarr_user_id: "0" -lidarr_group_id: "0" -lidarr_port: "8686" ### ### YouTubeDL-Material diff --git a/nas.yml b/nas.yml index b1e43376..b9af517a 100644 --- a/nas.yml +++ b/nas.yml @@ -36,6 +36,11 @@ - heimdall when: (heimdall_enabled | default(False)) + - role: lidarr + tags: + - lidarr + when: (lidarr_enabled | default(False)) + - role: netdata tags: - netdata @@ -239,10 +244,6 @@ when: (ombi_enabled | default(False)) tags: ombi - - import_tasks: tasks/lidarr.yml - when: (lidarr_enabled | default(False)) - tags: lidarr - - import_tasks: tasks/youtubedlmaterial.yml when: (youtubedlmaterial_enabled | default(False)) tags: youtubedlmaterial diff --git a/roles/lidarr/defaults/main.yml b/roles/lidarr/defaults/main.yml new file mode 100644 index 00000000..09212171 --- /dev/null +++ b/roles/lidarr/defaults/main.yml @@ -0,0 +1,15 @@ +--- +lidarr_enabled: false +lidarr_available_externally: "false" + +# directories +lidarr_data_directory: "{{ docker_home }}/lidarr/config" +lidarr_music_directory: "{{ music_root }}" +lidarr_downloads_directory: "{{ downloads_root }}" + +# uid/gid +lidarr_user_id: "0" +lidarr_group_id: "0" + +# network +lidarr_port: "8686" \ No newline at end of file diff --git a/tasks/lidarr.yml b/roles/lidarr/tasks/main.yml similarity index 100% rename from tasks/lidarr.yml rename to roles/lidarr/tasks/main.yml From 9237381e05aaddaafc91ee1ddd1945ddf2fcd492 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 13 Jan 2021 10:10:08 +0000 Subject: [PATCH 46/92] Move Emby to role --- group_vars/all.yml | 17 +--------------- nas.yml | 9 +++++---- roles/emby/defaults/main.yml | 22 +++++++++++++++++++++ tasks/emby.yml => roles/emby/tasks/main.yml | 0 4 files changed, 28 insertions(+), 20 deletions(-) create mode 100644 roles/emby/defaults/main.yml rename tasks/emby.yml => roles/emby/tasks/main.yml (100%) diff --git a/group_vars/all.yml b/group_vars/all.yml index 17f3e3be..ababf2e9 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -35,7 +35,7 @@ get_iplayer_enabled: false jackett_enabled: false minidlna_enabled: false jellyfin_enabled: false -emby_enabled: false + bazarr_enabled: false ombi_enabled: false @@ -399,21 +399,6 @@ homebridge_user_id: "0" homebridge_group_id: "0" homebridge_port: "8087" -### -### Emby -### -# If you're paranoid, set permissions to "ro" so Emby won't ever be able to -# delete your files -emby_available_externally: "false" -emby_config_directory: "{{ docker_home }}/emby/config" -emby_movies_directory: "{{ movies_root }}" -emby_movies_permissions: "rw" -emby_tv_directory: "{{ tv_root }}" -emby_tv_permissions: "rw" -emby_user_id: "0" -emby_group_id: "0" -emby_port_http: "8096" -emby_port_https: "8920" ### ### Tautulli diff --git a/nas.yml b/nas.yml index b9af517a..751992f7 100644 --- a/nas.yml +++ b/nas.yml @@ -31,6 +31,11 @@ - ansible-nas-docker - ansible-nas + - role: emby + tags: + - emby + when: (emby_enabled | default(False)) + - role: heimdall tags: - heimdall @@ -72,10 +77,6 @@ when: (firefly_enabled | default(False)) tags: firefly - - import_tasks: tasks/emby.yml - when: (emby_enabled | default(False)) - tags: emby - - import_tasks: tasks/tautulli.yml when: (tautulli_enabled | default(False)) tags: tautulli diff --git a/roles/emby/defaults/main.yml b/roles/emby/defaults/main.yml new file mode 100644 index 00000000..f32d665b --- /dev/null +++ b/roles/emby/defaults/main.yml @@ -0,0 +1,22 @@ +--- +emby_enabled: false +emby_available_externally: "false" + +# directories +emby_config_directory: "{{ docker_home }}/emby/config" +emby_movies_directory: "{{ movies_root }}" +emby_tv_directory: "{{ tv_root }}" + + +# If you're paranoid, set permissions to "ro" so Emby won't ever be able to +# delete your files +emby_movies_permissions: "rw" +emby_tv_permissions: "rw" + +# uid / gid +emby_user_id: "0" +emby_group_id: "0" + +# network +emby_port_http: "8096" +emby_port_https: "8920" \ No newline at end of file diff --git a/tasks/emby.yml b/roles/emby/tasks/main.yml similarity index 100% rename from tasks/emby.yml rename to roles/emby/tasks/main.yml From c124eb8c89e5d156786df88d742e0052a38e5a87 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 13 Jan 2021 10:25:31 +0000 Subject: [PATCH 47/92] Move gitea docs to right place --- docs/applications/gitea.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 docs/applications/gitea.md diff --git a/docs/applications/gitea.md b/docs/applications/gitea.md new file mode 100644 index 00000000..5f6e997b --- /dev/null +++ b/docs/applications/gitea.md @@ -0,0 +1,12 @@ + +# Gitea + +Homepage: [https://gitea.io/](https://gitea.io/) + +Gitea is a painless self-hosted Git service. + +## Usage + +Set `gitea_enabled: true` in your `inventories//nas.yml` file. + +The Gitea web interface can be found at http://ansible_nas_host_or_ip:3001. From c09ca44e5e95fadab317f5d562578e116853caca Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 13 Jan 2021 10:25:57 +0000 Subject: [PATCH 48/92] Move Gitea to role --- group_vars/all.yml | 7 ---- nas.yml | 9 +++-- roles/gitea/defaults/main.yml | 10 +++++ roles/gitea/tasks/main.yml | 74 +++++++++++++++++++++++++++++++++++ tasks/gitea.md | 12 ------ tasks/gitea.yml | 74 ----------------------------------- 6 files changed, 89 insertions(+), 97 deletions(-) create mode 100644 roles/gitea/defaults/main.yml create mode 100644 roles/gitea/tasks/main.yml delete mode 100644 tasks/gitea.md diff --git a/group_vars/all.yml b/group_vars/all.yml index ababf2e9..3e5ecb26 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -539,13 +539,6 @@ stat_collection_interval: 15s grafana_influxdb_port: "8086" grafana_port: "3000" -### -### Gitea -### -gitea_available_externally: "false" -gitea_data_directory: "{{ docker_home }}/gitea" -gitea_port_http: "3001" -gitea_port_ssh: "222" ### ### Gitlab diff --git a/nas.yml b/nas.yml index 751992f7..8c4ac835 100644 --- a/nas.yml +++ b/nas.yml @@ -36,6 +36,11 @@ - emby when: (emby_enabled | default(False)) + - role: gitea + tags: + - gitea + when: (gitea_enabled | default(False)) + - role: heimdall tags: - heimdall @@ -137,10 +142,6 @@ when: (nextcloud_enabled | default(False)) tags: nextcloud - - import_tasks: tasks/gitea.yml - when: (gitea_enabled | default(False)) - tags: gitea - - import_tasks: tasks/gitlab.yml when: (gitlab_enabled | default(False)) tags: gitlab diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml new file mode 100644 index 00000000..1744bef7 --- /dev/null +++ b/roles/gitea/defaults/main.yml @@ -0,0 +1,10 @@ +--- +gitea_available_externally: "false" + +# directories +gitea_data_directory: "{{ docker_home }}/gitea" + +# network +gitea_hostname: "{{ ansible_nas_hostname }}" +gitea_port_http: "3001" +gitea_port_ssh: "222" \ No newline at end of file diff --git a/roles/gitea/tasks/main.yml b/roles/gitea/tasks/main.yml new file mode 100644 index 00000000..947ba601 --- /dev/null +++ b/roles/gitea/tasks/main.yml @@ -0,0 +1,74 @@ +--- +- name: Create Gitea group account + group: + name: git + gid: 1309 + state: present + +- name: Create Gitea user account + user: + name: git + uid: 1309 + state: present + system: yes + update_password: on_create + create_home: no + group: git + +- name: Create Gitea Directories + file: + path: "{{ item }}" + state: directory + owner: git + group: git + recurse: yes + with_items: + - "{{ gitea_data_directory }}/gitea" + - "{{ gitea_data_directory }}/mysql" + +- name: Create MySQL container for Gitea + docker_container: + name: gitea-mysql + image: mysql:5.7 + pull: true + volumes: + - "{{ gitea_data_directory }}/mysql:/var/lib/mysql:rw" + env: + MYSQL_DATABASE: "gitea" + MYSQL_USER: "gitea" + MYSQL_PASSWORD: "gitea" + MYSQL_ROOT_PASSWORD: "gitea" + restart_policy: unless-stopped + memory: 1g + +- name: Create Gitea container + docker_container: + name: gitea + image: gitea/gitea:1.6 + pull: true + links: + - gitea-mysql:db + volumes: + - "{{ gitea_data_directory }}/gitea:/data:rw" + ports: + - "{{ gitea_port_http }}:3000" + - "{{ gitea_port_ssh }}:22" + env: + DB_TYPE: "mysql" + DB_HOST: "db:3306" + DB_NAME: "gitea" + DB_USER: "gitea" + DB_PASSWD: "gitea" + RUN_MODE: "prod" + SSH_DOMAIN: "{{ gitea_hostname }}" + SSH_PORT: "{{ gitea_port_ssh }}" + ROOT_URL: "http://{{ gitea_hostname }}:{{ gitea_port_http }}/" + USER_UID: "1309" + USER_GID: "1309" + restart_policy: unless-stopped + memory: 1g + labels: + traefik.backend: "gitea" + traefik.frontend.rule: "Host:gitea.{{ ansible_nas_domain }}" + traefik.enable: "{{ gitea_available_externally }}" + traefik.port: "3000" diff --git a/tasks/gitea.md b/tasks/gitea.md deleted file mode 100644 index 5f6e997b..00000000 --- a/tasks/gitea.md +++ /dev/null @@ -1,12 +0,0 @@ - -# Gitea - -Homepage: [https://gitea.io/](https://gitea.io/) - -Gitea is a painless self-hosted Git service. - -## Usage - -Set `gitea_enabled: true` in your `inventories//nas.yml` file. - -The Gitea web interface can be found at http://ansible_nas_host_or_ip:3001. diff --git a/tasks/gitea.yml b/tasks/gitea.yml index 34efdfad..e69de29b 100644 --- a/tasks/gitea.yml +++ b/tasks/gitea.yml @@ -1,74 +0,0 @@ ---- -- name: Create Gitea group account - group: - name: git - gid: 1309 - state: present - -- name: Create Gitea user account - user: - name: git - uid: 1309 - state: present - system: yes - update_password: on_create - create_home: no - group: git - -- name: Create Gitea Directories - file: - path: "{{ item }}" - state: directory - owner: git - group: git - recurse: yes - with_items: - - "{{ gitea_data_directory }}/gitea" - - "{{ gitea_data_directory }}/mysql" - -- name: Create MySQL container for Gitea - docker_container: - name: gitea-mysql - image: mysql:5.7 - pull: true - volumes: - - "{{ gitea_data_directory }}/mysql:/var/lib/mysql:rw" - env: - MYSQL_DATABASE: "gitea" - MYSQL_USER: "gitea" - MYSQL_PASSWORD: "gitea" - MYSQL_ROOT_PASSWORD: "gitea" - restart_policy: unless-stopped - memory: 1g - -- name: Create Gitea container - docker_container: - name: gitea - image: gitea/gitea:1.6 - pull: true - links: - - gitea-mysql:db - volumes: - - "{{ gitea_data_directory }}/gitea:/data:rw" - ports: - - "{{ gitea_port_http }}:3000" - - "{{ gitea_port_ssh }}:22" - env: - DB_TYPE: "mysql" - DB_HOST: "db:3306" - DB_NAME: "gitea" - DB_USER: "gitea" - DB_PASSWD: "gitea" - RUN_MODE: "prod" - SSH_DOMAIN: "{{ ansible_nas_hostname }}" - SSH_PORT: "{{ gitea_port_ssh }}" - ROOT_URL: "http://{{ ansible_nas_hostname }}:{{ gitea_port_http }}/" - USER_UID: "1309" - USER_GID: "1309" - restart_policy: unless-stopped - memory: 1g - labels: - traefik.backend: "gitea" - traefik.frontend.rule: "Host:gitea.{{ ansible_nas_domain }}" - traefik.enable: "{{ gitea_available_externally }}" - traefik.port: "3000" From f9b38b4eb98c6682503a0d64a1e9f877eeac4a85 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 13 Jan 2021 10:31:01 +0000 Subject: [PATCH 49/92] Add missing Gitea variable --- roles/gitea/defaults/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index 1744bef7..723f2f65 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -1,4 +1,5 @@ --- +gitea_enabled: false gitea_available_externally: "false" # directories From ec282d4ab8802ee3a01d0b30a97977437ccffbdc Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 13 Jan 2021 10:32:40 +0000 Subject: [PATCH 50/92] Move Radarr to role --- group_vars/all.yml | 14 +------------- nas.yml | 9 +++++---- roles/radarr/defaults/main.yml | 15 +++++++++++++++ tasks/radarr.yml => roles/radarr/tasks/main.yml | 0 4 files changed, 21 insertions(+), 17 deletions(-) create mode 100644 roles/radarr/defaults/main.yml rename tasks/radarr.yml => roles/radarr/tasks/main.yml (100%) diff --git a/group_vars/all.yml b/group_vars/all.yml index 3e5ecb26..5e639f38 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -30,7 +30,7 @@ tautulli_enabled: false sonarr_enabled: false # tv sickchill_enabled: false couchpotato_enabled: false -radarr_enabled: false + get_iplayer_enabled: false jackett_enabled: false minidlna_enabled: false @@ -67,7 +67,6 @@ nextcloud_enabled: false timemachine_enabled: false # Software build and CI -gitea_enabled: false gitlab_enabled: false # IRC @@ -439,17 +438,6 @@ sonarr_user_id: "0" sonarr_group_id: "0" sonarr_port: "8989" -### -### Radarr -### -radarr_available_externally: "false" -radarr_movies_directory: "{{ movies_root }}" -radarr_download_directory: "{{ downloads_root }}" -radarr_data_directory: "{{ docker_home }}/radarr" -radarr_user_id: "0" -radarr_group_id: "0" -radarr_port: "7878" - ### ### Bazarr ### diff --git a/nas.yml b/nas.yml index 8c4ac835..5aa16e21 100644 --- a/nas.yml +++ b/nas.yml @@ -61,6 +61,11 @@ - plex when: (plex_enabled | default(False)) + - role: radarr + tags: + - radarr + when: (radarr_enabled | default(False)) + tasks: - import_tasks: tasks/portainer.yml when: (portainer_enabled | default(False)) @@ -110,10 +115,6 @@ when: (sonarr_enabled | default(False)) tags: sonarr - - import_tasks: tasks/radarr.yml - when: (radarr_enabled | default(False)) - tags: radarr - - import_tasks: tasks/glances.yml when: (glances_enabled | default(False)) tags: glances diff --git a/roles/radarr/defaults/main.yml b/roles/radarr/defaults/main.yml new file mode 100644 index 00000000..fb6eccb3 --- /dev/null +++ b/roles/radarr/defaults/main.yml @@ -0,0 +1,15 @@ +--- +radarr_enabled: false +radarr_available_externally: "false" + +# directories +radarr_movies_directory: "{{ movies_root }}" +radarr_download_directory: "{{ downloads_root }}" +radarr_data_directory: "{{ docker_home }}/radarr" + +# uid / gid +radarr_user_id: "0" +radarr_group_id: "0" + +# network +radarr_port: "7878" \ No newline at end of file diff --git a/tasks/radarr.yml b/roles/radarr/tasks/main.yml similarity index 100% rename from tasks/radarr.yml rename to roles/radarr/tasks/main.yml From ce788902fe24e3eac6ed089dc55c3865d8d517c5 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 13 Jan 2021 10:32:52 +0000 Subject: [PATCH 51/92] Remove roles from gitignore --- .gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 494d8a60..6d5441ff 100644 --- a/.gitignore +++ b/.gitignore @@ -1,9 +1,9 @@ tests/test.yml site .vagrant -roles *.retry *.log +inventories # Vim [._]sw[a-p] From 5d019d589aa31a36bbca7f70e1a3666dcfc9a034 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 13 Jan 2021 15:19:47 +0000 Subject: [PATCH 52/92] Move Transmission to roles --- group_vars/all.yml | 29 ------------------ nas.yml | 15 ++++++++++ .../defaults/main.yml | 30 +++++++++++++++++++ .../transmission-with-openvpn/tasks/main.yml | 6 ++-- roles/transmission/defaults/main.yml | 18 +++++++++++ .../transmission/tasks/main.yml | 4 +-- 6 files changed, 68 insertions(+), 34 deletions(-) create mode 100644 roles/transmission-with-openvpn/defaults/main.yml rename tasks/transmission_with_openvpn.yml => roles/transmission-with-openvpn/tasks/main.yml (92%) create mode 100644 roles/transmission/defaults/main.yml rename tasks/transmission.yml => roles/transmission/tasks/main.yml (94%) diff --git a/group_vars/all.yml b/group_vars/all.yml index 5e639f38..93636ab6 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -16,8 +16,6 @@ ### # Downloading -transmission_with_openvpn_enabled: false # Please see docs about how to set VPN credentials -transmission_enabled: false nzbget_enabled: false pyload_enabled: false utorrent_enabled: false @@ -320,33 +318,6 @@ organizr_port_https: "10444" organizr_user_id: "1000" organizr_group_id: "1000" -### -### Transmission -### -transmission_available_externally: "false" -transmission_with_openvpn_available_externally: "false" -transmission_config_directory: "{{ docker_home }}/transmission/config" -transmission_download_directory: "{{ downloads_root }}" -transmission_watch_directory: "{{ torrents_root }}" -transmission_user_id: "0" -transmission_group_id: "0" -transmission_local_network: "192.168.1.0/24" -transmission_webui_port: "9092" -transmission_external_port: "51414" -transmission_openvpn_webui_port: "9091" -transmission_openvpn_external_port: "51415" -transmission_openvpn_proxy_port: "3128" -transmission_openvpn_ratio_limit_enabled: "true" -transmission_openvpn_ratio_limit: "2" - -# Transmission VPN Credentials -# If you're using Transmission with a VPN, you'll need to set these credentials. -# See https://github.com/haugene/docker-transmission-openvpn/ for supported VPN providers. -openvpn_username: leisure-suit-larry -openvpn_password: secretpassword -openvpn_provider: AWESOMEVPNPROVIDER -openvpn_config: United-Kingdom - ### ### uTorrent ### diff --git a/nas.yml b/nas.yml index 5aa16e21..90337352 100644 --- a/nas.yml +++ b/nas.yml @@ -66,6 +66,21 @@ - radarr when: (radarr_enabled | default(False)) + - role: radarr + tags: + - radarr + when: (radarr_enabled | default(False)) + + - role: transmission + tags: + - transmission + when: (transmission_enabled | default(False)) + + - role: transmission_with_openvpn_enabled + tags: + - transmission_with_openvpn_enabled + when: (transmission_with_openvpn_enabled | default(False)) + tasks: - import_tasks: tasks/portainer.yml when: (portainer_enabled | default(False)) diff --git a/roles/transmission-with-openvpn/defaults/main.yml b/roles/transmission-with-openvpn/defaults/main.yml new file mode 100644 index 00000000..91b5c5d2 --- /dev/null +++ b/roles/transmission-with-openvpn/defaults/main.yml @@ -0,0 +1,30 @@ +--- +transmission_with_openvpn_enabled: false # Please see docs about how to set VPN credentials +transmission_with_openvpn_available_externally: "false" + +# directories +transmission_config_directory: "{{ docker_home }}/transmission/config" +transmission_download_directory: "{{ downloads_root }}" +transmission_watch_directory: "{{ torrents_root }}" + +# uid / gid +transmission_openvpn_user_id: "0" +transmission_openvpn_group_id: "0" + +# transmission config +transmission_openvpn_ratio_limit_enabled: "true" +transmission_openvpn_ratio_limit: "2" +transmission_openvpn_local_network: "192.168.1.0/24" + +# network config +transmission_openvpn_webui_port: "9091" +transmission_openvpn_external_port: "51415" +transmission_openvpn_proxy_port: "3128" + +# Transmission VPN Credentials +# If you're using Transmission with a VPN, you'll need to set these credentials. +# See https://github.com/haugene/docker-transmission-openvpn/ for supported VPN providers. +openvpn_username: leisure-suit-larry +openvpn_password: secretpassword +openvpn_provider: AWESOMEVPNPROVIDER +openvpn_config: United-Kingdom \ No newline at end of file diff --git a/tasks/transmission_with_openvpn.yml b/roles/transmission-with-openvpn/tasks/main.yml similarity index 92% rename from tasks/transmission_with_openvpn.yml rename to roles/transmission-with-openvpn/tasks/main.yml index 379a639e..2e303c01 100644 --- a/tasks/transmission_with_openvpn.yml +++ b/roles/transmission-with-openvpn/tasks/main.yml @@ -38,9 +38,9 @@ OPENVPN_CONFIG: "{{ openvpn_config }}" WEBPROXY_ENABLED: "true" WEBPROXY_PORT: "3128" - PUID: "{{ transmission_user_id }}" - PGID: "{{ transmission_group_id }}" - LOCAL_NETWORK: "{{ transmission_local_network }}" + PUID: "{{ transmission_openvpn_user_id }}" + PGID: "{{ transmission_openvpn_group_id }}" + LOCAL_NETWORK: "{{ transmission_openvpn_local_network }}" ENABLE_UFW: "false" devices: - /dev/net/tun diff --git a/roles/transmission/defaults/main.yml b/roles/transmission/defaults/main.yml new file mode 100644 index 00000000..7e0cdc3f --- /dev/null +++ b/roles/transmission/defaults/main.yml @@ -0,0 +1,18 @@ +--- +transmission_enabled: false +transmission_available_externally: "false" + +# directories +transmission_config_directory: "{{ docker_home }}/transmission/config" +transmission_download_directory: "{{ downloads_root }}" +transmission_watch_directory: "{{ torrents_root }}" + +# uid / gid +transmission_user_id: "0" +transmission_group_id: "0" + +# network +transmission_webui_port: "9092" +transmission_external_port: "51414" + +transmission_timezone: "{{ ansible_nas_timezone }}" \ No newline at end of file diff --git a/tasks/transmission.yml b/roles/transmission/tasks/main.yml similarity index 94% rename from tasks/transmission.yml rename to roles/transmission/tasks/main.yml index 6a04e67c..6e0fe8b0 100644 --- a/tasks/transmission.yml +++ b/roles/transmission/tasks/main.yml @@ -23,7 +23,7 @@ - "{{ transmission_external_port }}:51413" - "{{ transmission_external_port }}:51413/udp" env: - TZ: "{{ ansible_nas_timezone }}" + TZ: "{{ transmission_timezone }}" PUID: "{{ transmission_user_id }}" PGID: "{{ transmission_group_id }}" restart_policy: unless-stopped @@ -32,4 +32,4 @@ traefik.backend: "transmission" traefik.frontend.rule: "Host:transmission.{{ ansible_nas_domain }}" traefik.enable: "{{ transmission_available_externally }}" - traefik.port: "9091" + traefik.port: "9091" \ No newline at end of file From 959bb93ddcf899b0d96f1509eb431ab3e16393e8 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 13 Jan 2021 15:26:00 +0000 Subject: [PATCH 53/92] Move Organizr to ansible role --- group_vars/all.yml | 13 ------------- nas.yml | 5 +++++ roles/organizr/defaults/main.yml | 14 ++++++++++++++ .../organizr.yml => roles/organizr/tasks/main.yml | 1 - 4 files changed, 19 insertions(+), 14 deletions(-) create mode 100644 roles/organizr/defaults/main.yml rename tasks/organizr.yml => roles/organizr/tasks/main.yml (99%) diff --git a/group_vars/all.yml b/group_vars/all.yml index 93636ab6..89cf749b 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -48,7 +48,6 @@ mymediaforalexa_enabled: false miniflux_enabled: false # System Management -organizr_enabled: false portainer_enabled: false glances_enabled: false stats_enabled: false @@ -306,18 +305,6 @@ traefik_docker_image: traefik:v1.7 traefik_data_directory: "{{ docker_home }}/traefik" traefik_debug: "false" - - -### -### Organizr -### -organizr_available_externally: "false" -organizr_data_directory: "{{ docker_home }}/organizr" -organizr_port_http: "10081" -organizr_port_https: "10444" -organizr_user_id: "1000" -organizr_group_id: "1000" - ### ### uTorrent ### diff --git a/nas.yml b/nas.yml index 90337352..6ad02c77 100644 --- a/nas.yml +++ b/nas.yml @@ -56,6 +56,11 @@ - netdata when: (netdata_enabled | default(False)) + - role: organizr + tags: + - organizr + when: (organizr_enabled | default(False)) + - role: plex tags: - plex diff --git a/roles/organizr/defaults/main.yml b/roles/organizr/defaults/main.yml new file mode 100644 index 00000000..9c0d01a0 --- /dev/null +++ b/roles/organizr/defaults/main.yml @@ -0,0 +1,14 @@ +--- +organizr_enabled: false +organizr_available_externally: "false" + +# directories +organizr_data_directory: "{{ docker_home }}/organizr" + +# network +organizr_port_http: "10081" +organizr_port_https: "10444" + +# uid / gid +organizr_user_id: "1000" +organizr_group_id: "1000" \ No newline at end of file diff --git a/tasks/organizr.yml b/roles/organizr/tasks/main.yml similarity index 99% rename from tasks/organizr.yml rename to roles/organizr/tasks/main.yml index df35aeb1..98826c07 100644 --- a/tasks/organizr.yml +++ b/roles/organizr/tasks/main.yml @@ -1,4 +1,3 @@ - --- - name: Create Organizr Directories file: From 4cf0be93a181a5e0b4adee451635c8a2381792d1 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 13 Jan 2021 15:29:26 +0000 Subject: [PATCH 54/92] Move portainer to ansible role --- group_vars/all.yml | 8 -------- nas.yml | 13 +++++-------- roles/portainer/defaults/main.yml | 9 +++++++++ .../portainer.yml => roles/portainer/tasks/main.yml | 0 4 files changed, 14 insertions(+), 16 deletions(-) create mode 100644 roles/portainer/defaults/main.yml rename tasks/portainer.yml => roles/portainer/tasks/main.yml (100%) diff --git a/group_vars/all.yml b/group_vars/all.yml index 89cf749b..de974c0e 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -48,7 +48,6 @@ mymediaforalexa_enabled: false miniflux_enabled: false # System Management -portainer_enabled: false glances_enabled: false stats_enabled: false guacamole_enabled: false @@ -457,13 +456,6 @@ ombi_group_id: "0" openvpn_config_directory: "{{ docker_home }}/openvpn" -### -### Portainer -### -portainer_available_externally: "false" -portainer_data_directory: "{{ docker_home }}/portainer/config" -portainer_port: "9000" - ### ### ZNC ### diff --git a/nas.yml b/nas.yml index 6ad02c77..4f035ff1 100644 --- a/nas.yml +++ b/nas.yml @@ -61,6 +61,11 @@ - organizr when: (organizr_enabled | default(False)) + - role: portainer + tags: + - portainer + when: (portainer_enabled | default(False)) + - role: plex tags: - plex @@ -87,18 +92,10 @@ when: (transmission_with_openvpn_enabled | default(False)) tasks: - - import_tasks: tasks/portainer.yml - when: (portainer_enabled | default(False)) - tags: portainer - - import_tasks: tasks/traefik.yml when: (traefik_enabled | default(False)) tags: traefik - - import_tasks: tasks/organizr.yml - when: (organizr_enabled | default(False)) - tags: organizr - - import_tasks: tasks/watchtower.yml when: (watchtower_enabled | default(False)) tags: watchtower diff --git a/roles/portainer/defaults/main.yml b/roles/portainer/defaults/main.yml new file mode 100644 index 00000000..95ad2aaa --- /dev/null +++ b/roles/portainer/defaults/main.yml @@ -0,0 +1,9 @@ +--- +portainer_enabled: false +portainer_available_externally: "false" + +# directories +portainer_data_directory: "{{ docker_home }}/portainer/config" + +# network +portainer_port: "9000" \ No newline at end of file diff --git a/tasks/portainer.yml b/roles/portainer/tasks/main.yml similarity index 100% rename from tasks/portainer.yml rename to roles/portainer/tasks/main.yml From e8338db9c504ea44c7f0ed729f4d75ea4d8c2520 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 13 Jan 2021 15:54:57 +0000 Subject: [PATCH 55/92] Add bungcip.better-toml recommended extension --- .vscode/extensions.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.vscode/extensions.json b/.vscode/extensions.json index 23e9f478..448de533 100644 --- a/.vscode/extensions.json +++ b/.vscode/extensions.json @@ -1,6 +1,7 @@ { "recommendations": [ "haaaad.ansible", - "ybaumes.highlight-trailing-white-spaces" + "ybaumes.highlight-trailing-white-spaces", + "bungcip.better-toml" ] } \ No newline at end of file From 8bb33fc886358703f40676c3ece0297a641586dc Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 13 Jan 2021 16:38:35 +0000 Subject: [PATCH 56/92] Move Traefik to ansible role --- group_vars/all.yml | 17 +---------------- nas.yml | 9 +++++---- roles/traefik/defaults/main.yml | 18 ++++++++++++++++++ .../traefik/tasks/main.yml | 12 +----------- .../traefik/templates}/traefik.toml | 0 5 files changed, 25 insertions(+), 31 deletions(-) create mode 100644 roles/traefik/defaults/main.yml rename tasks/traefik.yml => roles/traefik/tasks/main.yml (68%) rename {templates/traefik => roles/traefik/templates}/traefik.toml (100%) diff --git a/group_vars/all.yml b/group_vars/all.yml index de974c0e..51923da1 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -99,15 +99,7 @@ pytivo_enabled: false # SEO serposcope_enabled: false -# External Access -# Traefik will allow access to certain applications externally. To enable this you'll either; a domain name that points to your -# home static IP address, the cloudflare with the cloudflare_ddns dynamic DNS container enabled, or use a dynamic DNS provider like no-ip. -# You'll also need to map ports 80 and 443 from your router to your ansible-nas server, then enable the per-app "available_externally" -# settings. -traefik_enabled: false -traefik_port_http: "80" -traefik_port_https: "443" -traefik_port_ui: "8083" + ### ### General ### @@ -297,13 +289,6 @@ samba_map_to_guest: Bad Password # The NetBIOS hostname used by Samba on your network samba_netbios_name: "{{ ansible_nas_hostname }}" -### -### Traefik -### -traefik_docker_image: traefik:v1.7 -traefik_data_directory: "{{ docker_home }}/traefik" -traefik_debug: "false" - ### ### uTorrent ### diff --git a/nas.yml b/nas.yml index 4f035ff1..930c0f9a 100644 --- a/nas.yml +++ b/nas.yml @@ -91,11 +91,12 @@ - transmission_with_openvpn_enabled when: (transmission_with_openvpn_enabled | default(False)) - tasks: - - import_tasks: tasks/traefik.yml - when: (traefik_enabled | default(False)) - tags: traefik + - role: traefik + tags: + - traefik + when: (traefik_enabled | default(False)) + tasks: - import_tasks: tasks/watchtower.yml when: (watchtower_enabled | default(False)) tags: watchtower diff --git a/roles/traefik/defaults/main.yml b/roles/traefik/defaults/main.yml new file mode 100644 index 00000000..2b2b2b42 --- /dev/null +++ b/roles/traefik/defaults/main.yml @@ -0,0 +1,18 @@ +--- +# External Access +# Traefik will allow access to certain applications externally. To enable this you'll either; a domain name that points to your +# home static IP address, the cloudflare with the cloudflare_ddns dynamic DNS container enabled, or use a dynamic DNS provider like no-ip. +# You'll also need to map ports 80 and 443 from your router to your ansible-nas server, then enable the per-app "available_externally" +# settings. +traefik_enabled: false + +# directories +traefik_data_directory: "{{ docker_home }}/traefik" + +# network +traefik_port_http: "80" +traefik_port_https: "443" +traefik_port_ui: "8083" + +traefik_docker_image: traefik:v1.7 +traefik_debug: "false" \ No newline at end of file diff --git a/tasks/traefik.yml b/roles/traefik/tasks/main.yml similarity index 68% rename from tasks/traefik.yml rename to roles/traefik/tasks/main.yml index dfcb8ec2..3f8511c4 100644 --- a/tasks/traefik.yml +++ b/roles/traefik/tasks/main.yml @@ -1,14 +1,4 @@ --- -- name: Ensure Nginx Docker Container is absent - docker_container: - name: nginx-proxy - state: absent - -- name: Nginx Letsencrypt Container is absent - docker_container: - name: letsencrypt-nginx-proxy-companion - state: absent - - name: Create Traefik Directories file: path: "{{ item }}" @@ -18,7 +8,7 @@ - name: Template Traefik config.toml template: - src: traefik/traefik.toml + src: traefik.toml dest: "{{ traefik_data_directory }}/traefik.toml" - name: Traefik Docker Container diff --git a/templates/traefik/traefik.toml b/roles/traefik/templates/traefik.toml similarity index 100% rename from templates/traefik/traefik.toml rename to roles/traefik/templates/traefik.toml From 15d650740554ff9ad143fcbc0b69cf04b2dcce03 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 13 Jan 2021 17:14:44 +0000 Subject: [PATCH 57/92] Doh! --- nas.yml | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/nas.yml b/nas.yml index 930c0f9a..ee8c62b9 100644 --- a/nas.yml +++ b/nas.yml @@ -86,7 +86,7 @@ - transmission when: (transmission_enabled | default(False)) - - role: transmission_with_openvpn_enabled + - role: transmission-with-openvpn tags: - transmission_with_openvpn_enabled when: (transmission_with_openvpn_enabled | default(False)) @@ -109,14 +109,6 @@ when: (tautulli_enabled | default(False)) tags: tautulli - - import_tasks: tasks/transmission.yml - when: (transmission_enabled | default(False)) - tags: transmission - - - import_tasks: tasks/transmission_with_openvpn.yml - when: (transmission_with_openvpn_enabled | default(False)) - tags: transmission - - import_tasks: tasks/pyload.yml when: (pyload_enabled | default(False)) tags: pyload From 1fb535cdfd43f53367bb27f8329142ce054f04e4 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Thu, 14 Jan 2021 10:42:33 +0000 Subject: [PATCH 58/92] Move Watchtower to ansible role --- group_vars/all.yml | 19 ----------------- nas.yml | 21 +++++++++++++++---- roles/watchtower/defaults/main.yml | 17 +++++++++++++++ .../watchtower/tasks/main.yml | 2 +- 4 files changed, 35 insertions(+), 24 deletions(-) create mode 100644 roles/watchtower/defaults/main.yml rename tasks/watchtower.yml => roles/watchtower/tasks/main.yml (85%) diff --git a/group_vars/all.yml b/group_vars/all.yml index 51923da1..6fc92e51 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -51,7 +51,6 @@ miniflux_enabled: false glances_enabled: false stats_enabled: false guacamole_enabled: false -watchtower_enabled: false cloudflare_ddns_enabled: false cloudcmd_enabled: false virtual_desktop_enabled: false @@ -542,24 +541,6 @@ krusader_vnc_password: "topsecret" krusader_port_http: "5800" krusader_port_vnc: "5900" -### -### Watchtower -### -# Sets the 6 field cron schedule to use for checks and updates. This will check at 5am daily. -watchtower_cron_schedule: 0 0 5 * * * - -# Sets the Watchtower Docker start command. Different options can be supplied based on whether you want to receive -# notifications or not, some examples are provided below. See https://github.com/v2tec/watchtower for more info. - -# No notifications -watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --debug" - -# Email notifications -# watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --notifications 'email' --notification-email-from 'ansible@nas.com' --notification-email-to '{{ ansible_nas_email }}' --notification-email-server 'my.email.server.com' --notification-email-server-port '25' --notification-email-server-user 'email_username' --notification-email-server-password 'top-secret'" - -# Slack notifications -# watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --notifications 'slack' --notification-slack-hook-url 'https://hooks.slack.com/services/xxx/yyyyyyyyyyyyyyy' --notification-slack-identifier 'ansible-nas'" - ### ### Time Machine ### diff --git a/nas.yml b/nas.yml index ee8c62b9..470df7f2 100644 --- a/nas.yml +++ b/nas.yml @@ -6,6 +6,10 @@ tags: users roles: + + ### + ### Requirements + ### - role: bertvv.samba tags: - samba @@ -21,6 +25,10 @@ - docker - skip_ansible_lint + + ### + ### Ansible-NAS Roles + ### - role: ansible-nas-general tags: - ansible-nas-general @@ -31,6 +39,10 @@ - ansible-nas-docker - ansible-nas + + ### + ### Applications + ### - role: emby tags: - emby @@ -96,11 +108,12 @@ - traefik when: (traefik_enabled | default(False)) - tasks: - - import_tasks: tasks/watchtower.yml - when: (watchtower_enabled | default(False)) - tags: watchtower + - role: watchtower + tags: + - watchtower + when: (watchtower_enabled | default(False)) + tasks: - import_tasks: tasks/firefly.yml when: (firefly_enabled | default(False)) tags: firefly diff --git a/roles/watchtower/defaults/main.yml b/roles/watchtower/defaults/main.yml new file mode 100644 index 00000000..84b766ce --- /dev/null +++ b/roles/watchtower/defaults/main.yml @@ -0,0 +1,17 @@ +--- +watchtower_enabled: false + +# Sets the 6 field cron schedule to use for checks and updates. This will check at 5am daily. +watchtower_cron_schedule: 0 0 5 * * * + +# Sets the Watchtower Docker start command. Different options can be supplied based on whether you want to receive +# notifications or not, some examples are provided below. See https://containrrr.dev/watchtower/arguments/ for more options. + +# No notifications +watchtower_command: "--schedule '{{ watchtower_cron_schedule }}'" + +# Email notifications +# watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --notifications 'email' --notification-email-from 'ansible@nas.com' --notification-email-to '{{ ansible_nas_email }}' --notification-email-server 'my.email.server.com' --notification-email-server-port '25' --notification-email-server-user 'email_username' --notification-email-server-password 'top-secret'" + +# Slack notifications +# watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --notifications 'slack' --notification-slack-hook-url 'https://hooks.slack.com/services/xxx/yyyyyyyyyyyyyyy' --notification-slack-identifier 'ansible-nas'" diff --git a/tasks/watchtower.yml b/roles/watchtower/tasks/main.yml similarity index 85% rename from tasks/watchtower.yml rename to roles/watchtower/tasks/main.yml index cec090f6..65ed092c 100644 --- a/tasks/watchtower.yml +++ b/roles/watchtower/tasks/main.yml @@ -2,7 +2,7 @@ - name: Watchtower Docker Container docker_container: name: watchtower - image: v2tec/watchtower + image: containrrr/watchtower pull: true volumes: - "/var/run/docker.sock:/var/run/docker.sock" From 0abe0295230433ad4eadd18c29c63936878db7e4 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Thu, 14 Jan 2021 10:44:33 +0000 Subject: [PATCH 59/92] Remove Serposcope (dead software) --- README.md | 2 -- docs/applications/serposcope.md | 11 ------- docs/configuration/application_ports.md | 1 - group_vars/all.yml | 10 ------ nas.yml | 4 --- roles/traefik/templates/traefik.toml | 1 - tasks/serposcope.yml | 44 ------------------------- 7 files changed, 73 deletions(-) delete mode 100644 docs/applications/serposcope.md delete mode 100644 tasks/serposcope.yml diff --git a/README.md b/README.md index 28049f82..2dd64d19 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,6 @@ Ansible config and a bunch of Docker containers. * Content management with Joomla * A dual panel local file manager * Self-service media request web application -* SEO tracking with Serposcope ### Available Applications @@ -73,7 +72,6 @@ Ansible config and a bunch of Docker containers. * [pyLoad](https://pyload.net/) - A download manager with a friendly web-interface * [PyTivo](http://pytivo.org) - An HMO and GoBack server for TiVos. * [Radarr](https://radarr.video/) - for organising and downloading movies -* [Serposcope](https://serposcope.serphacker.com/en/) - tracker to monitor website ranking * [Sickchill](https://sickchill.github.io/) - for managing TV episodes * [Sonarr](https://sonarr.tv/) - for downloading and managing TV episodes * [Tautulli](http://tautulli.com/) - Monitor Your Plex Media Server diff --git a/docs/applications/serposcope.md b/docs/applications/serposcope.md deleted file mode 100644 index c450691d..00000000 --- a/docs/applications/serposcope.md +++ /dev/null @@ -1,11 +0,0 @@ -# Serposcope - -Homepage: [https://serposcope.serphacker.com/en/](https://serposcope.serphacker.com/en/) - -Serposcope is a free and open-source rank tracker to monitor websites ranking in Google and improve your SEO performances - -## Usage - -Set `serposcope_enabled: true` in your `inventories//nas.yml` file. - -The Serposcope web interface can be found at http://ansible_nas_host_or_ip:7134. diff --git a/docs/configuration/application_ports.md b/docs/configuration/application_ports.md index e15810d7..129221ee 100644 --- a/docs/configuration/application_ports.md +++ b/docs/configuration/application_ports.md @@ -53,7 +53,6 @@ By default, applications can be found on the ports listed below. | PyTivo | 9032 | HTTP | | PyTivo | 2190 | UDP | | Radarr | 7878 | | -| Serposcope | 7134 | | | Sickchill | 8081 | | | Sonarr | 8989 | | | Tautulli | 8185 | | diff --git a/group_vars/all.yml b/group_vars/all.yml index 6fc92e51..81631cfc 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -95,9 +95,6 @@ joomla_enabled: false # PyTivo pytivo_enabled: false -# SEO -serposcope_enabled: false - ### ### General @@ -696,13 +693,6 @@ ubooquity_group_id: "0" ubooquity_port_webui: "2202" ubooquity_port_admin: "2203" -### -### Serposcope -### -serposcope_data_directory: "{{ docker_home }}/serposcope" -serposcope_port: 7134 -serposcope_available_externally: "false" - ### ### Virtual Desktop ### diff --git a/nas.yml b/nas.yml index 470df7f2..4e3c620d 100644 --- a/nas.yml +++ b/nas.yml @@ -274,10 +274,6 @@ when: (youtubedlmaterial_enabled | default(False)) tags: youtubedlmaterial - - import_tasks: tasks/serposcope.yml - when: (serposcope_enabled | default(False)) - tags: serposcope - - import_tasks: tasks/virtual_desktop.yml when: (virtual_desktop_enabled | default(False)) tags: virtual_desktop diff --git a/roles/traefik/templates/traefik.toml b/roles/traefik/templates/traefik.toml index 1ac2512b..119d86d7 100644 --- a/roles/traefik/templates/traefik.toml +++ b/roles/traefik/templates/traefik.toml @@ -213,7 +213,6 @@ onDemand = false # create certificate when container is created "pyload.{{ ansible_nas_domain }}", "pytivo.{{ ansible_nas_domain }}", "radarr.{{ ansible_nas_domain }}", - "serposcope.{{ ansible_nas_domain }}", "sickchill.{{ ansible_nas_domain }}", "sonarr.{{ ansible_nas_domain }}", "tautulli.{{ ansible_nas_domain }}", diff --git a/tasks/serposcope.yml b/tasks/serposcope.yml deleted file mode 100644 index 9e855eed..00000000 --- a/tasks/serposcope.yml +++ /dev/null @@ -1,44 +0,0 @@ -- name: Create Serposcope Directories - file: - path: "{{ item }}" - state: directory - with_items: - - "{{ serposcope_data_directory }}/mysql" - -- name: Create MySQL container for Serposcope - docker_container: - name: serposcope-mysql - image: mysql:5.7 - pull: true - volumes: - - "{{ serposcope_data_directory }}/mysql:/var/lib/mysql:rw" - env: - MYSQL_DATABASE: "serposcope" - MYSQL_USER: "serposcope" - MYSQL_PASSWORD: "serposcope" - MYSQL_ROOT_PASSWORD: "serposcope" - restart_policy: unless-stopped - memory: 1g - -- name: Wait for MySQL to init - pause: - seconds: 30 - -- name: Create Serposcope container - docker_container: - name: serposcope - image: davestephens/serposcope:2.11.0 - pull: true - links: - - serposcope-mysql:db - ports: - - "{{ serposcope_port }}:7134" - env: - SERPOSCOPE_DB_URL: 'jdbc:mysql://db:3306/serposcope?user=serposcope\&password=serposcope\&allowMultiQueries=true' - restart_policy: unless-stopped - memory: 1g - labels: - traefik.backend: "serposcope" - traefik.frontend.rule: "Host:serposcope.{{ ansible_nas_domain }}" - traefik.enable: "{{ serposcope_available_externally }}" - traefik.port: "7134" \ No newline at end of file From d4fc84a4aa57cc5b3da0e7e5e2890fbc5fdfaa2f Mon Sep 17 00:00:00 2001 From: David Stephens Date: Thu, 14 Jan 2021 12:50:44 +0000 Subject: [PATCH 60/92] Move airsonic to ansible role --- group_vars/all.yml | 11 ----------- nas.yml | 9 +++++---- roles/airsonic/defaults/main.yml | 11 +++++++++++ tasks/airsonic.yml => roles/airsonic/tasks/main.yml | 0 4 files changed, 16 insertions(+), 15 deletions(-) create mode 100644 roles/airsonic/defaults/main.yml rename tasks/airsonic.yml => roles/airsonic/tasks/main.yml (100%) diff --git a/group_vars/all.yml b/group_vars/all.yml index 81631cfc..f64d79a5 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -41,7 +41,6 @@ youtubedlmaterial_enabled: false mylar_enabled: false # Music -airsonic_enabled: false mymediaforalexa_enabled: false # News @@ -505,16 +504,6 @@ miniflux_admin_username: admin miniflux_admin_password: supersecure miniflux_port: "8070" -### -### Airsonic -### -airsonic_available_externally: "false" -airsonic_data_directory: "{{ docker_home }}/airsonic" -airsonic_music_directory: "{{ music_root }}" -airsonic_podcasts_directory: "{{ podcasts_root }}" -airsonic_port: "4040" - - ### ### CloudCmd ### diff --git a/nas.yml b/nas.yml index 4e3c620d..144a296c 100644 --- a/nas.yml +++ b/nas.yml @@ -43,6 +43,11 @@ ### ### Applications ### + - role: airsonic + tags: + - airsonic + when: (airsonic_enabled | default(False)) + - role: emby tags: - emby @@ -182,10 +187,6 @@ when: (guacamole_enabled | default(False)) tags: guacamole - - import_tasks: tasks/airsonic.yml - when: (airsonic_enabled | default(False)) - tags: airsonic - - import_tasks: tasks/cloudflare_ddns.yml when: (cloudflare_ddns_enabled | default(False)) tags: cloudflare_ddns diff --git a/roles/airsonic/defaults/main.yml b/roles/airsonic/defaults/main.yml new file mode 100644 index 00000000..ce8786dc --- /dev/null +++ b/roles/airsonic/defaults/main.yml @@ -0,0 +1,11 @@ +--- +airsonic_enabled: false +airsonic_available_externally: "false" + +# directories +airsonic_data_directory: "{{ docker_home }}/airsonic" +airsonic_music_directory: "{{ music_root }}" +airsonic_podcasts_directory: "{{ podcasts_root }}" + +# network +airsonic_port: "4040" \ No newline at end of file diff --git a/tasks/airsonic.yml b/roles/airsonic/tasks/main.yml similarity index 100% rename from tasks/airsonic.yml rename to roles/airsonic/tasks/main.yml From c41c0651588c460ce4d6c82f782a1bd00fab2837 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Thu, 14 Jan 2021 17:59:54 +0000 Subject: [PATCH 61/92] Move ombi to ansible role --- group_vars/all.yml | 12 +----------- nas.yml | 9 +++++---- roles/ombi/defaults/main.yml | 13 +++++++++++++ tasks/ombi.yml => roles/ombi/tasks/main.yml | 7 ++++--- 4 files changed, 23 insertions(+), 18 deletions(-) create mode 100644 roles/ombi/defaults/main.yml rename tasks/ombi.yml => roles/ombi/tasks/main.yml (82%) diff --git a/group_vars/all.yml b/group_vars/all.yml index f64d79a5..df163436 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -35,7 +35,7 @@ minidlna_enabled: false jellyfin_enabled: false bazarr_enabled: false -ombi_enabled: false + youtubedlmaterial_enabled: false mylar_enabled: false @@ -420,16 +420,6 @@ sickchill_user_id: "0" sickchill_group_id: "0" sickchill_port: "8081" - -### -### Ombi -### -ombi_available_externally: "false" -ombi_config_directory: "{{ docker_home }}/ombi/config" -ombi_user_id: "0" -ombi_group_id: "0" - - ### ### OpenVPN ### diff --git a/nas.yml b/nas.yml index 144a296c..c16bed72 100644 --- a/nas.yml +++ b/nas.yml @@ -83,6 +83,11 @@ - portainer when: (portainer_enabled | default(False)) + - role: ombi + tags: + - ombi + when: (ombi_enabled | default(False)) + - role: plex tags: - plex @@ -267,10 +272,6 @@ when: (utorrent_enabled | default(False)) tags: utorrent - - import_tasks: tasks/ombi.yml - when: (ombi_enabled | default(False)) - tags: ombi - - import_tasks: tasks/youtubedlmaterial.yml when: (youtubedlmaterial_enabled | default(False)) tags: youtubedlmaterial diff --git a/roles/ombi/defaults/main.yml b/roles/ombi/defaults/main.yml new file mode 100644 index 00000000..55ba1f99 --- /dev/null +++ b/roles/ombi/defaults/main.yml @@ -0,0 +1,13 @@ +--- +ombi_enabled: false +ombi_available_externally: "false" + +# directories +ombi_config_directory: "{{ docker_home }}/ombi/config" + +# network +ombi_port: "3579" + +# uid / gid +ombi_user_id: "0" +ombi_group_id: "0" \ No newline at end of file diff --git a/tasks/ombi.yml b/roles/ombi/tasks/main.yml similarity index 82% rename from tasks/ombi.yml rename to roles/ombi/tasks/main.yml index 1bd0307b..2a85a024 100644 --- a/tasks/ombi.yml +++ b/roles/ombi/tasks/main.yml @@ -1,10 +1,11 @@ + --- -- name: Create ombi Directories +- name: Create Ombi Directories file: path: "{{ ombi_config_directory }}" state: directory -- name: ombi +- name: Ombi Docker Container docker_container: name: ombi image: linuxserver/ombi @@ -12,7 +13,7 @@ volumes: - "{{ ombi_config_directory }}:/config:rw" ports: - - "3579:3579" + - "{{ ombi_port }}:3579" env: TZ: "{{ ansible_nas_timezone }}" PUID: "{{ ombi_user_id }}" From 38d1782056449873db969d1f92c2e3cdbe2cbd18 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Thu, 14 Jan 2021 20:47:36 +0000 Subject: [PATCH 62/92] 2021 baby! --- LICENSE | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/LICENSE b/LICENSE index 522ce4c5..d7789ada 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2017-2020 David Stephens +Copyright (c) 2017-2021 David Stephens Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal From dfae766c1c67fc26898d7b8cccb51a9bc0775888 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Fri, 15 Jan 2021 09:26:13 +0000 Subject: [PATCH 63/92] Docs update for Ubuntu 20.04 LTS support --- .github/ISSUE_TEMPLATE/bug-report.md | 2 +- README.md | 2 +- docs/overview.md | 6 +++--- docs/zfs/zfs_configuration.md | 6 +++--- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/bug-report.md b/.github/ISSUE_TEMPLATE/bug-report.md index 6cd3b7e9..ef206bf4 100644 --- a/.github/ISSUE_TEMPLATE/bug-report.md +++ b/.github/ISSUE_TEMPLATE/bug-report.md @@ -15,7 +15,7 @@ A clear and concise description of what the bug is. **Environment** - Ansible-NAS revision (`git rev-parse --short HEAD`): - Ansible version (paste the entire output of `ansible --version` on the machine you run the playbook from): -- Ansible-NAS operating system (`cat /etc/lsb-release` on the Ansible-NAS box) - _If this is anything other than Ubuntu 18.04 help will be limited_: +- Ansible-NAS operating system (`cat /etc/lsb-release` on the Ansible-NAS box) - _Support won't be provided for non-LTS releases of Ubuntu_: - Ansible-NAS kernel (`uname -a` on the Ansible-NAS box): - Ansible-NAS Python version (`python --version` on the Ansible-NAS box): - Ansible-NAS Docker version (`docker --version` on the Ansible-NAS box): diff --git a/README.md b/README.md index 2dd64d19..4979e0a6 100644 --- a/README.md +++ b/README.md @@ -131,7 +131,7 @@ Assuming that your Ubuntu system disk is separate from your storage (it should b ## Requirements * Ansible NAS targets the latest Ubuntu LTS release, which is currently Ubuntu - Server 18.04.3 LTS. + Server 20.04 LTS. * You can run Ansible-NAS on whatever you like, read the docs for more info. I use an HP Microserver. diff --git a/docs/overview.md b/docs/overview.md index 33c98eeb..5b55e28b 100644 --- a/docs/overview.md +++ b/docs/overview.md @@ -56,10 +56,10 @@ As a to-do list, before you can even install Ansible-NAS, you'll have to: account it [loves RAM](zfs/zfs_overview.md) and prefers to have the hard drives all to itself. -1. Install **Ubuntu Server**, currently 18.04 LTS, and keep it updated. You'll +1. Install **Ubuntu Server**, currently 20.04 LTS, and keep it updated. You'll probably want to perform other basic setup tasks like hardening SSH and including email notifications. There are [various - guides](https://devanswers.co/ubuntu-18-04-initial-server-setup/) for this, + guides](https://devanswers.co/ubuntu-20-04-initial-server-setup/) for this, but if you're just getting started, you'll probably need a book. You will probably want to install a specialized filesystem for bulk storage such @@ -81,4 +81,4 @@ The easiest way to take Ansible-NAS for a spin is in a virtual machine, for instance in [VirtualBox](https://www.virtualbox.org/). You'll want to create three virtual hard drives for testing: One of the actual NAS, and the two others to create a mirrored ZFS pool. This will let you experiment with installing, -configuring, and running a complete system. +configuring, and running a complete system. diff --git a/docs/zfs/zfs_configuration.md b/docs/zfs/zfs_configuration.md index 9fd375b5..4fb6530d 100644 --- a/docs/zfs/zfs_configuration.md +++ b/docs/zfs/zfs_configuration.md @@ -36,9 +36,9 @@ Ansible-NAS storage. These two drives will be **mirrored** to provide redundancy. The actual Ubuntu system will be on a different drive and is not our concern. -> [Root on ZFS](https://github.com/zfsonlinux/zfs/wiki/Ubuntu-18.04-Root-on-ZFS) -> is still a hassle for Ubuntu. If that changes, this document might be updated -> accordingly. Until then, don't ask us about it. +> [Root on ZFS](https://openzfs.github.io/openzfs-docs/Getting%20Started/Ubuntu/Ubuntu%2020.04%20Root%20on%20ZFS.html) +is possible, but not something that has been tested with Ansible-NAS. + The Ubuntu kernel is already ready for ZFS. We only need the utility package which we install with `sudo apt install zfsutils`. From 66d49fe03a939021c5d33c57ef628df9631f00ef Mon Sep 17 00:00:00 2001 From: David Stephens Date: Fri, 15 Jan 2021 09:44:22 +0000 Subject: [PATCH 64/92] Move Bazarr to ansible role --- group_vars/all.yml | 14 -------------- nas.yml | 9 +++++---- roles/bazarr/defaults/main.yml | 15 +++++++++++++++ tasks/bazarr.yml => roles/bazarr/tasks/main.yml | 0 4 files changed, 20 insertions(+), 18 deletions(-) create mode 100644 roles/bazarr/defaults/main.yml rename tasks/bazarr.yml => roles/bazarr/tasks/main.yml (100%) diff --git a/group_vars/all.yml b/group_vars/all.yml index df163436..99f0a7ee 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -34,8 +34,6 @@ jackett_enabled: false minidlna_enabled: false jellyfin_enabled: false -bazarr_enabled: false - youtubedlmaterial_enabled: false mylar_enabled: false @@ -375,18 +373,6 @@ sonarr_user_id: "0" sonarr_group_id: "0" sonarr_port: "8989" -### -### Bazarr -### -bazarr_available_externally: "false" -bazarr_data_directory: "{{ docker_home }}/bazarr/config" -bazarr_tv_directory: "{{ tv_root }}" -bazarr_movies_directory: "{{ movies_root }}" -bazarr_user_id: "0" -bazarr_group_id: "0" -bazarr_port: "6767" - - ### ### YouTubeDL-Material ### diff --git a/nas.yml b/nas.yml index c16bed72..b92e865a 100644 --- a/nas.yml +++ b/nas.yml @@ -48,6 +48,11 @@ - airsonic when: (airsonic_enabled | default(False)) + - role: bazarr + tags: + - bazarr + when: (bazarr_enabled | default(False)) + - role: emby tags: - emby @@ -244,10 +249,6 @@ when: (homeassistant_enabled | default(False)) tags: homeassistant - - import_tasks: tasks/bazarr.yml - when: (bazarr_enabled | default(False)) - tags: bazarr - - import_tasks: tasks/openhab.yml when: (openhab_enabled | default(False)) tags: openhab diff --git a/roles/bazarr/defaults/main.yml b/roles/bazarr/defaults/main.yml new file mode 100644 index 00000000..c09626c1 --- /dev/null +++ b/roles/bazarr/defaults/main.yml @@ -0,0 +1,15 @@ +--- +bazarr_enabled: false +bazarr_available_externally: "false" + +# directories +bazarr_data_directory: "{{ docker_home }}/bazarr/config" +bazarr_tv_directory: "{{ tv_root }}" +bazarr_movies_directory: "{{ movies_root }}" + +# uid/gid +bazarr_user_id: "0" +bazarr_group_id: "0" + +# network +bazarr_port: "6767" \ No newline at end of file diff --git a/tasks/bazarr.yml b/roles/bazarr/tasks/main.yml similarity index 100% rename from tasks/bazarr.yml rename to roles/bazarr/tasks/main.yml From 46b37dd56eebd882559863b5f4920dc3c74e64c9 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Fri, 15 Jan 2021 10:34:42 +0000 Subject: [PATCH 65/92] Move Sickchill to ansible role --- group_vars/all.yml | 12 ------------ nas.yml | 9 +++++---- roles/sickchill/defaults/main.yml | 15 +++++++++++++++ .../sickchill/tasks/main.yml | 6 ------ 4 files changed, 20 insertions(+), 22 deletions(-) create mode 100644 roles/sickchill/defaults/main.yml rename tasks/sickchill.yml => roles/sickchill/tasks/main.yml (87%) diff --git a/group_vars/all.yml b/group_vars/all.yml index 99f0a7ee..9524f001 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -26,7 +26,6 @@ tautulli_enabled: false # Media Sourcing sonarr_enabled: false # tv -sickchill_enabled: false couchpotato_enabled: false get_iplayer_enabled: false @@ -395,17 +394,6 @@ couchpotato_user_id: "0" couchpotato_group_id: "0" couchpotato_port: "5050" -### -### Sickchill -### -sickchill_available_externally: "false" -sickchill_config_directory: "{{ docker_home }}/sickchill/config" -sickchill_tv_directory: "{{ tv_root }}" -sickchill_downloads_directory: "{{ downloads_root }}/completed" -sickchill_user_id: "0" -sickchill_group_id: "0" -sickchill_port: "8081" - ### ### OpenVPN ### diff --git a/nas.yml b/nas.yml index b92e865a..c7f1fc16 100644 --- a/nas.yml +++ b/nas.yml @@ -108,6 +108,11 @@ - radarr when: (radarr_enabled | default(False)) + - role: sickchill + tags: + - sickchill + when: (sickchill_enabled | default(False)) + - role: transmission tags: - transmission @@ -165,10 +170,6 @@ when: (couchpotato_enabled | default(False)) tags: couchpotato - - import_tasks: tasks/sickchill.yml - when: (sickchill_enabled | default(False)) - tags: sickchill - - import_tasks: tasks/znc.yml when: (znc_enabled | default(False)) tags: znc diff --git a/roles/sickchill/defaults/main.yml b/roles/sickchill/defaults/main.yml new file mode 100644 index 00000000..1c98e35c --- /dev/null +++ b/roles/sickchill/defaults/main.yml @@ -0,0 +1,15 @@ +--- +sickchill_enabled: false +sickchill_available_externally: "false" + +# directories +sickchill_config_directory: "{{ docker_home }}/sickchill/config" +sickchill_tv_directory: "{{ tv_root }}" +sickchill_downloads_directory: "{{ downloads_root }}/completed" + +# uid / gid +sickchill_user_id: "0" +sickchill_group_id: "0" + +# network +sickchill_port: "8081" \ No newline at end of file diff --git a/tasks/sickchill.yml b/roles/sickchill/tasks/main.yml similarity index 87% rename from tasks/sickchill.yml rename to roles/sickchill/tasks/main.yml index 4883501f..f9590d0d 100644 --- a/tasks/sickchill.yml +++ b/roles/sickchill/tasks/main.yml @@ -1,10 +1,4 @@ --- -- name: Remove Old Sickrage Docker Container - docker_container: - name: sickrage - state: absent - keep_volumes: true - - name: Create Sickchill Directories file: path: "{{ item }}" From 1a1574441c810c01a4d97b97d9d701129e82a5e0 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Fri, 15 Jan 2021 18:17:07 +0000 Subject: [PATCH 66/92] Remove nginx.yml --- tasks/nginx.yml | 38 -------------------------------------- 1 file changed, 38 deletions(-) delete mode 100644 tasks/nginx.yml diff --git a/tasks/nginx.yml b/tasks/nginx.yml deleted file mode 100644 index 56cd23a7..00000000 --- a/tasks/nginx.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -- name: Create Nginx Directories - file: - path: "{{ item }}" - state: directory - with_items: - - "{{ nginx_data_directory }}" - - "{{ nginx_data_directory }}/certs" - - "{{ nginx_data_directory }}/html" - - "{{ nginx_data_directory }}/vhost.d" - -- name: Nginx Docker Container - docker_container: - name: nginx-proxy - image: jwilder/nginx-proxy - pull: true - ports: - - "{{ nginx_port_http }}:80" - - "{{ nginx_port_https }}:443" - volumes: - - "{{ nginx_data_directory }}/certs:/etc/nginx/certs:ro" - - "{{ nginx_data_directory }}/vhost.d:/etc/nginx/vhost.d:rw" - - "{{ nginx_data_directory }}/html:/usr/share/nginx/html:rw" - - "/var/run/docker.sock:/tmp/docker.sock:ro" - restart_policy: unless-stopped - memory: 1g - -- name: Nginx Letsencrypt Container - docker_container: - name: letsencrypt-nginx-proxy-companion - image: jrcs/letsencrypt-nginx-proxy-companion - pull: true - volumes: - - "{{ nginx_data_directory }}/certs:/etc/nginx/certs:rw" - - "/var/run/docker.sock:/var/run/docker.sock:ro" - volumes_from: nginx-proxy - restart_policy: unless-stopped - memory: 1g \ No newline at end of file From a03b4957474177405caee8a76b91bb5ada37ab98 Mon Sep 17 00:00:00 2001 From: Dave Stephens Date: Sat, 16 Jan 2021 09:06:36 +0000 Subject: [PATCH 67/92] Move utorrent to Ansible role --- group_vars/all.yml | 13 ------------- nas.yml | 9 +++++---- roles/utorrent/defaults/main.yml | 16 ++++++++++++++++ .../utorrent/tasks/main.yml | 0 4 files changed, 21 insertions(+), 17 deletions(-) create mode 100644 roles/utorrent/defaults/main.yml rename tasks/utorrent.yml => roles/utorrent/tasks/main.yml (100%) diff --git a/group_vars/all.yml b/group_vars/all.yml index bb0f16f1..0f036254 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -18,7 +18,6 @@ # Downloading nzbget_enabled: false pyload_enabled: false -utorrent_enabled: false # Media Serving plex_enabled: false @@ -281,18 +280,6 @@ samba_map_to_guest: Bad Password # The NetBIOS hostname used by Samba on your network samba_netbios_name: "{{ ansible_nas_hostname }}" -### -### uTorrent -### -utorrent_available_externally: "false" -utorrent_config_directory: "{{ docker_home }}/utorrent/config" -utorrent_download_directory: "{{ downloads_root }}" -utorrent_download_directory_active: "{{ downloads_root }}/.incomplete" -utorrent_port_http: "8111" -utorrent_port_bt: "6881" -utorrent_user_id: "0" -utorrent_group_id: "0" - ### ### Joomla ### diff --git a/nas.yml b/nas.yml index c7f1fc16..800d0de7 100644 --- a/nas.yml +++ b/nas.yml @@ -123,6 +123,11 @@ - transmission_with_openvpn_enabled when: (transmission_with_openvpn_enabled | default(False)) + - role: utorrent + tags: + - utorrent + when: (utorrent_enabled | default(False)) + - role: traefik tags: - traefik @@ -270,10 +275,6 @@ when: (ubooquity_enabled | default(False)) tags: ubooquity - - import_tasks: tasks/utorrent.yml - when: (utorrent_enabled | default(False)) - tags: utorrent - - import_tasks: tasks/youtubedlmaterial.yml when: (youtubedlmaterial_enabled | default(False)) tags: youtubedlmaterial diff --git a/roles/utorrent/defaults/main.yml b/roles/utorrent/defaults/main.yml new file mode 100644 index 00000000..59ab5ad4 --- /dev/null +++ b/roles/utorrent/defaults/main.yml @@ -0,0 +1,16 @@ +--- +utorrent_enabled: false +utorrent_available_externally: "false" + +# directories +utorrent_config_directory: "{{ docker_home }}/utorrent/config" +utorrent_download_directory: "{{ downloads_root }}" +utorrent_download_directory_active: "{{ downloads_root }}/.incomplete" + +# uid / gid +utorrent_user_id: "0" +utorrent_group_id: "0" + +# ports +utorrent_port_http: "8111" +utorrent_port_bt: "6881" \ No newline at end of file diff --git a/tasks/utorrent.yml b/roles/utorrent/tasks/main.yml similarity index 100% rename from tasks/utorrent.yml rename to roles/utorrent/tasks/main.yml From 7ff69ab6c4c602c8dd89629be075145519a2ba14 Mon Sep 17 00:00:00 2001 From: Dave Stephens Date: Sat, 16 Jan 2021 09:16:24 +0000 Subject: [PATCH 68/92] Update Organizr to maintained image --- roles/organizr/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/organizr/tasks/main.yml b/roles/organizr/tasks/main.yml index 98826c07..d952615d 100644 --- a/roles/organizr/tasks/main.yml +++ b/roles/organizr/tasks/main.yml @@ -9,7 +9,7 @@ - name: Create Organizr container docker_container: name: organizr - image: organizrtools/organizr-v2:latest + image: organizr/organizr:latest pull: true volumes: - "{{ organizr_data_directory }}:/config:rw" From 5736f1b09e1d0618ea2142bb4e1da0ff28394ea5 Mon Sep 17 00:00:00 2001 From: Dave Stephens Date: Sat, 16 Jan 2021 09:22:36 +0000 Subject: [PATCH 69/92] true -> yes for general.yml --- roles/ansible-nas-general/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/ansible-nas-general/tasks/main.yml b/roles/ansible-nas-general/tasks/main.yml index 9a882407..c4236cba 100644 --- a/roles/ansible-nas-general/tasks/main.yml +++ b/roles/ansible-nas-general/tasks/main.yml @@ -21,7 +21,7 @@ - name: Upgrade all packages apt: - upgrade: true + upgrade: yes state: latest when: keep_packages_updated tags: From 3b5073f12f0e91c73d86d82f96e4847ba82e01f6 Mon Sep 17 00:00:00 2001 From: Dave Stephens Date: Sat, 16 Jan 2021 11:07:46 +0000 Subject: [PATCH 70/92] Fix tasks that have both ports and host network mode defined --- roles/emby/tasks/main.yml | 1 - tasks/glances.yml | 1 - tasks/minidlna.yml | 2 -- 3 files changed, 4 deletions(-) diff --git a/roles/emby/tasks/main.yml b/roles/emby/tasks/main.yml index 38ec652c..673b2ca7 100644 --- a/roles/emby/tasks/main.yml +++ b/roles/emby/tasks/main.yml @@ -17,7 +17,6 @@ ports: - "{{ emby_port_http }}:8096" - "{{ emby_port_https }}:8920" - network_mode: host env: TZ: "{{ ansible_nas_timezone }}" PUID: "{{ emby_user_id }}" diff --git a/tasks/glances.yml b/tasks/glances.yml index 8b93b1f5..5b548550 100644 --- a/tasks/glances.yml +++ b/tasks/glances.yml @@ -11,7 +11,6 @@ - "/var/run/docker.sock:/var/run/docker.sock:ro" - "/etc/timezone:/etc/timezone:ro" pid_mode: host - network_mode: host env: GLANCES_OPT: "-w" restart_policy: unless-stopped diff --git a/tasks/minidlna.yml b/tasks/minidlna.yml index 672681ad..f4d82da0 100644 --- a/tasks/minidlna.yml +++ b/tasks/minidlna.yml @@ -6,8 +6,6 @@ volumes: - "{{ minidlna_media_directory1 }}:/media1:rw" - "{{ minidlna_media_directory2 }}:/media2:rw" - ports: - - "{{ minidlna_port }}:8201" env: MINIDLNA_MEDIA_DIR1: "/media1" MINIDLNA_MEDIA_DIR2: "/media2" From 05689f57bb1563ea89ccf2a440b2b1393029b7d1 Mon Sep 17 00:00:00 2001 From: Dave Stephens Date: Sat, 16 Jan 2021 23:57:16 +0000 Subject: [PATCH 71/92] Remove gitea.yml --- tasks/gitea.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 tasks/gitea.yml diff --git a/tasks/gitea.yml b/tasks/gitea.yml deleted file mode 100644 index e69de29b..00000000 From 23b09bdfbdf8c21f8b687cc10c9b9bfa385085db Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Marques?= Date: Sat, 16 Jan 2021 22:02:44 +0000 Subject: [PATCH 72/92] Move bitwarden to role --- group_vars/all.yml | 20 +------------------ nas.yml | 9 +++++---- roles/bitwarden/defaults/main.yml | 15 ++++++++++++++ .../bitwarden/tasks/main.yml | 0 4 files changed, 21 insertions(+), 23 deletions(-) create mode 100644 roles/bitwarden/defaults/main.yml rename tasks/bitwarden.yml => roles/bitwarden/tasks/main.yml (100%) diff --git a/group_vars/all.yml b/group_vars/all.yml index 11a5034a..fb6345fb 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -380,7 +380,7 @@ couchpotato_downloads_directory: "{{ downloads_root }}" couchpotato_torrents_directory: "{{ torrents_root }}" couchpotato_user_id: "0" couchpotato_group_id: "0" -couchpotato_port: "5050" +couchpotato_port: "5050" ### ### OpenVPN @@ -526,24 +526,6 @@ thelounge_data_directory: "{{ docker_home }}/thelounge" thelounge_port_one: "113" thelounge_port_two: "9002" -### -### Bitwarden -### -bitwarden_available_externally: "false" -bitwarden_data_directory: "{{ docker_home }}/bitwarden" -bitwarden_port_a: "19080" -bitwarden_port_b: "3012" - -# Keep this token secret, this is password to access admin area of your server! -# This token can be anything, but it's recommended to use a long, randomly generated string of characters, -# for example running openssl rand -base64 48 -bitwarden_admin_token: qwertyuiop1234567890poiuytrewq0987654321 - -# To create a user set this to "true", and reprovision the container by re-running the ansible-nas playbook. -# Once you have created your user, set to "false" and run one more time. -# Target just Bitwarden by running: ansible-playbook -i inventory nas.yml -b -K -t bitwarden -bitwarden_allow_signups: false - ### ### Firefly ### diff --git a/nas.yml b/nas.yml index 800d0de7..f2a11257 100644 --- a/nas.yml +++ b/nas.yml @@ -53,6 +53,11 @@ - bazarr when: (bazarr_enabled | default(False)) + - role: bitwarden + tags: + - bitwarden + when: (bitwarden_enabled | default(False)) + - role: emby tags: - emby @@ -227,10 +232,6 @@ when: (joomla_enabled | default(False)) tags: joomla - - import_tasks: tasks/bitwarden.yml - when: (bitwarden_enabled | default(False)) - tags: bitwarden - - import_tasks: tasks/nzbget.yml when: (nzbget_enabled | default(False)) tags: nzbget diff --git a/roles/bitwarden/defaults/main.yml b/roles/bitwarden/defaults/main.yml new file mode 100644 index 00000000..715b4acb --- /dev/null +++ b/roles/bitwarden/defaults/main.yml @@ -0,0 +1,15 @@ +--- +bitwarden_available_externally: "false" +bitwarden_data_directory: "{{ docker_home }}/bitwarden" +bitwarden_port_a: "19080" +bitwarden_port_b: "3012" + +# Keep this token secret, this is password to access admin area of your server! +# This token can be anything, but it's recommended to use a long, randomly generated string of characters, +# for example running openssl rand -base64 48 +bitwarden_admin_token: qwertyuiop1234567890poiuytrewq0987654321 + +# To create a user set this to "true", and reprovision the container by re-running the ansible-nas playbook. +# Once you have created your user, set to "false" and run one more time. +# Target just Bitwarden by running: ansible-playbook -i inventory nas.yml -b -K -t bitwarden +bitwarden_allow_signups: false \ No newline at end of file diff --git a/tasks/bitwarden.yml b/roles/bitwarden/tasks/main.yml similarity index 100% rename from tasks/bitwarden.yml rename to roles/bitwarden/tasks/main.yml From 05e12f231bc75b86d9d1d6834d07fac734276fde Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Marques?= Date: Sat, 16 Jan 2021 22:07:20 +0000 Subject: [PATCH 73/92] Move nextcloud to role --- group_vars/all.yml | 7 ------- nas.yml | 9 +++++---- roles/nextcloud/defaults/main.yml | 4 ++++ tasks/nextcloud.yml => roles/nextcloud/tasks/main.yml | 0 4 files changed, 9 insertions(+), 11 deletions(-) create mode 100644 roles/nextcloud/defaults/main.yml rename tasks/nextcloud.yml => roles/nextcloud/tasks/main.yml (100%) diff --git a/group_vars/all.yml b/group_vars/all.yml index fb6345fb..0be634ca 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -426,13 +426,6 @@ glances_available_externally: "false" glances_port_one: "61208" glances_port_two: "61209" -### -### Nextcloud -### -nextcloud_available_externally: "false" -nextcloud_data_directory: "{{ docker_home }}/nextcloud" -nextcloud_port: "8080" - ### ### nginx ### diff --git a/nas.yml b/nas.yml index f2a11257..8393178b 100644 --- a/nas.yml +++ b/nas.yml @@ -83,6 +83,11 @@ - netdata when: (netdata_enabled | default(False)) + - role: nextcloud + tags: + - nextcloud + when: (nextcloud_enabled | default(False)) + - role: organizr tags: - organizr @@ -188,10 +193,6 @@ when: (miniflux_enabled | default(False)) tags: miniflux - - import_tasks: tasks/nextcloud.yml - when: (nextcloud_enabled | default(False)) - tags: nextcloud - - import_tasks: tasks/gitlab.yml when: (gitlab_enabled | default(False)) tags: gitlab diff --git a/roles/nextcloud/defaults/main.yml b/roles/nextcloud/defaults/main.yml new file mode 100644 index 00000000..879b51f1 --- /dev/null +++ b/roles/nextcloud/defaults/main.yml @@ -0,0 +1,4 @@ +--- +nextcloud_available_externally: "false" +nextcloud_data_directory: "{{ docker_home }}/nextcloud" +nextcloud_port: "8080" diff --git a/tasks/nextcloud.yml b/roles/nextcloud/tasks/main.yml similarity index 100% rename from tasks/nextcloud.yml rename to roles/nextcloud/tasks/main.yml From 69204db1746757c30bd60829ac27dfb3c409f0ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Marques?= Date: Sat, 16 Jan 2021 22:12:16 +0000 Subject: [PATCH 74/92] Move duplicati to role --- group_vars/all.yml | 8 -------- nas.yml | 9 +++++---- roles/duplicati/defaults/main.yml | 4 ++++ tasks/duplicati.yml => roles/duplicati/tasks/main.yml | 0 4 files changed, 9 insertions(+), 12 deletions(-) create mode 100644 roles/duplicati/defaults/main.yml rename tasks/duplicati.yml => roles/duplicati/tasks/main.yml (100%) diff --git a/group_vars/all.yml b/group_vars/all.yml index 0be634ca..8bea0f68 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -330,14 +330,6 @@ tautulli_user_id: "0" tautulli_group_id: "0" tautulli_port: "8185" - -### -### Duplicati -### -duplicati_available_externally: "false" -duplicati_data_directory: "{{ docker_home }}/duplicati/config" -duplicati_port: "8200" - ### ### Mylar ### diff --git a/nas.yml b/nas.yml index 8393178b..bac51942 100644 --- a/nas.yml +++ b/nas.yml @@ -58,6 +58,11 @@ - bitwarden when: (bitwarden_enabled | default(False)) + - role: duplicati + tags: + - duplicati + when: (duplicati_enabled | default(False)) + - role: emby tags: - emby @@ -177,10 +182,6 @@ when: (glances_enabled | default(False)) tags: glances - - import_tasks: tasks/duplicati.yml - when: (duplicati_enabled | default(False)) - tags: duplicati - - import_tasks: tasks/couchpotato.yml when: (couchpotato_enabled | default(False)) tags: couchpotato diff --git a/roles/duplicati/defaults/main.yml b/roles/duplicati/defaults/main.yml new file mode 100644 index 00000000..9e64e091 --- /dev/null +++ b/roles/duplicati/defaults/main.yml @@ -0,0 +1,4 @@ +--- +duplicati_available_externally: "false" +duplicati_data_directory: "{{ docker_home }}/duplicati/config" +duplicati_port: "8200" diff --git a/tasks/duplicati.yml b/roles/duplicati/tasks/main.yml similarity index 100% rename from tasks/duplicati.yml rename to roles/duplicati/tasks/main.yml From f07f64ac1afd01eb50ffc1032d51d59be6d9b778 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Marques?= Date: Sat, 16 Jan 2021 22:16:19 +0000 Subject: [PATCH 75/92] Move homeassistant to role --- group_vars/all.yml | 7 ------- nas.yml | 9 +++++---- roles/homeassistant/defaults/main.yml | 4 ++++ .../homeassistant/tasks/main.yml | 0 4 files changed, 9 insertions(+), 11 deletions(-) create mode 100644 roles/homeassistant/defaults/main.yml rename tasks/homeassistant.yml => roles/homeassistant/tasks/main.yml (100%) diff --git a/group_vars/all.yml b/group_vars/all.yml index 8bea0f68..a06a8c45 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -555,13 +555,6 @@ calibre_port: "8084" # To disable ebook conversion set calibre_ebook_conversion to "". To enable it set it to "linuxserver/calibre-web:calibre" calibre_ebook_conversion: "linuxserver/calibre-web:calibre" -### -### Home Assistant -### -homeassistant_available_externally: "false" -homeassistant_data_directory: "{{ docker_home }}/homeassistant" -homeassistant_port: "8123" - ### ### openHAB ### diff --git a/nas.yml b/nas.yml index bac51942..674cfcee 100644 --- a/nas.yml +++ b/nas.yml @@ -78,6 +78,11 @@ - heimdall when: (heimdall_enabled | default(False)) + - role: homeassistant + tags: + - homeassistant + when: (homeassistant_enabled | default(False)) + - role: lidarr tags: - lidarr @@ -254,10 +259,6 @@ when: (calibre_enabled | default(False)) tags: calibre - - import_tasks: tasks/homeassistant.yml - when: (homeassistant_enabled | default(False)) - tags: homeassistant - - import_tasks: tasks/openhab.yml when: (openhab_enabled | default(False)) tags: openhab diff --git a/roles/homeassistant/defaults/main.yml b/roles/homeassistant/defaults/main.yml new file mode 100644 index 00000000..c657b9f9 --- /dev/null +++ b/roles/homeassistant/defaults/main.yml @@ -0,0 +1,4 @@ +--- +homeassistant_available_externally: "false" +homeassistant_data_directory: "{{ docker_home }}/homeassistant" +homeassistant_port: "8123" \ No newline at end of file diff --git a/tasks/homeassistant.yml b/roles/homeassistant/tasks/main.yml similarity index 100% rename from tasks/homeassistant.yml rename to roles/homeassistant/tasks/main.yml From 181198a9ac4f3a31e39101ffb4a86b7b42718ab7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Marques?= Date: Sun, 17 Jan 2021 12:08:58 +0000 Subject: [PATCH 76/92] Move `*_enabled` vars to each role `defaults` folder --- group_vars/all.yml | 7 ------- roles/bitwarden/defaults/main.yml | 1 + roles/duplicati/defaults/main.yml | 1 + roles/homeassistant/defaults/main.yml | 1 + roles/nextcloud/defaults/main.yml | 1 + 5 files changed, 4 insertions(+), 7 deletions(-) diff --git a/group_vars/all.yml b/group_vars/all.yml index a06a8c45..3ff35eb0 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -20,7 +20,6 @@ nzbget_enabled: false pyload_enabled: false # Media Serving -plex_enabled: false tautulli_enabled: false # Media Sourcing @@ -52,8 +51,6 @@ virtual_desktop_enabled: false krusader_enabled: false # Backup & Restore -duplicati_enabled: false -nextcloud_enabled: false timemachine_enabled: false # Software build and CI @@ -63,9 +60,6 @@ gitlab_enabled: false znc_enabled: false thelounge_enabled: false -# Password Management -bitwarden_enabled: false - # Finance firefly_enabled: false @@ -73,7 +67,6 @@ firefly_enabled: false wallabag_enabled: false # Home Automation -homeassistant_enabled: false mosquitto_enabled: false homebridge_enabled: false openhab_enabled: false diff --git a/roles/bitwarden/defaults/main.yml b/roles/bitwarden/defaults/main.yml index 715b4acb..954b29bf 100644 --- a/roles/bitwarden/defaults/main.yml +++ b/roles/bitwarden/defaults/main.yml @@ -1,4 +1,5 @@ --- +bitwarden_enabled: false bitwarden_available_externally: "false" bitwarden_data_directory: "{{ docker_home }}/bitwarden" bitwarden_port_a: "19080" diff --git a/roles/duplicati/defaults/main.yml b/roles/duplicati/defaults/main.yml index 9e64e091..34575214 100644 --- a/roles/duplicati/defaults/main.yml +++ b/roles/duplicati/defaults/main.yml @@ -1,4 +1,5 @@ --- +duplicati_enabled: false duplicati_available_externally: "false" duplicati_data_directory: "{{ docker_home }}/duplicati/config" duplicati_port: "8200" diff --git a/roles/homeassistant/defaults/main.yml b/roles/homeassistant/defaults/main.yml index c657b9f9..f529215c 100644 --- a/roles/homeassistant/defaults/main.yml +++ b/roles/homeassistant/defaults/main.yml @@ -1,4 +1,5 @@ --- +homeassistant_enabled: false homeassistant_available_externally: "false" homeassistant_data_directory: "{{ docker_home }}/homeassistant" homeassistant_port: "8123" \ No newline at end of file diff --git a/roles/nextcloud/defaults/main.yml b/roles/nextcloud/defaults/main.yml index 879b51f1..44f820c3 100644 --- a/roles/nextcloud/defaults/main.yml +++ b/roles/nextcloud/defaults/main.yml @@ -1,4 +1,5 @@ --- +nextcloud_enabled: false nextcloud_available_externally: "false" nextcloud_data_directory: "{{ docker_home }}/nextcloud" nextcloud_port: "8080" From 3386a2e8d390a27e71e49274150e5afd63dee0bc Mon Sep 17 00:00:00 2001 From: David Stephens Date: Mon, 18 Jan 2021 16:02:33 +0000 Subject: [PATCH 77/92] Update CONTRIBUTING.md --- CONTRIBUTING.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 6cc3e028..3f437ae1 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -21,6 +21,8 @@ A typical new application PR will include 2 new files (`docs/applications/applic * If you break the build with your PR, please fix it :) * Pull requests that unintentionally touch files, or that show files as removed then re-added will be rejected. +* Squash your commits before creating a PR. +* Don't mess with line endings, or tabs vs. spaces. * Please know that your efforts are appreciated, thanks! :+1: # Development Environment From 692dfea2e95657f67d01e23cace313071fa20ba5 Mon Sep 17 00:00:00 2001 From: David Stephens Date: Mon, 18 Jan 2021 17:02:33 +0000 Subject: [PATCH 78/92] Change Grafana data source to proxy --- templates/grafana/provisioning/datasources/ansible-nas.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/grafana/provisioning/datasources/ansible-nas.yml b/templates/grafana/provisioning/datasources/ansible-nas.yml index 661c0a78..e67b3cfb 100644 --- a/templates/grafana/provisioning/datasources/ansible-nas.yml +++ b/templates/grafana/provisioning/datasources/ansible-nas.yml @@ -9,7 +9,7 @@ datasources: # datasource type. Required type: influxdb # access mode. direct or proxy. Required - access: direct + access: proxy # org id. will default to orgId 1 if not specified orgId: 1 # url From 6b30e9afe217251c97471128c786c974cfc3ec0a Mon Sep 17 00:00:00 2001 From: Dave Stephens Date: Tue, 19 Jan 2021 16:55:12 +0000 Subject: [PATCH 79/92] Flip to Traefik v2.3 --- group_vars/all.yml | 17 -- roles/traefik/defaults/main.yml | 11 +- roles/traefik/tasks/main.yml | 3 + roles/traefik/templates/traefik.toml | 246 ++++----------------------- 4 files changed, 45 insertions(+), 232 deletions(-) diff --git a/group_vars/all.yml b/group_vars/all.yml index 3ff35eb0..d651f2f4 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -229,23 +229,6 @@ nfs_shares_root: /mnt/Volume3 nfs_exports: - "{{ nfs_shares_root }}/public *(rw,sync,no_root_squash)" -### -### Cloudflare -### -# Cloudflare is a great free DNS option for domains. If you use the cloudflare_ddns container then you'll need to -# set the options below. - -# Your domain name -cloudflare_zone: "{{ ansible_nas_domain }}" - -# The hostname you want the container to update. You shouldn't need to change this. -cloudflare_host: "*.{{ cloudflare_zone }}" - -# Email address used to register for Cloudflare -cloudflare_email: "{{ ansible_nas_email }}" - -# Cloudflare 'Global API Key', can be found on the 'My Profile' page -cloudflare_api_key: abcdeabcdeabcdeabcde1234512345 ### ### General diff --git a/roles/traefik/defaults/main.yml b/roles/traefik/defaults/main.yml index 2b2b2b42..8f1e981f 100644 --- a/roles/traefik/defaults/main.yml +++ b/roles/traefik/defaults/main.yml @@ -14,5 +14,12 @@ traefik_port_http: "80" traefik_port_https: "443" traefik_port_ui: "8083" -traefik_docker_image: traefik:v1.7 -traefik_debug: "false" \ No newline at end of file +traefik_docker_image: traefik:v2.3 +traefik_log_level: "DEBUG" + +# find the relevant environment variables for your DNS provider at https://go-acme.github.io/lego/dns/ +traefik_environment_variables: + CF_API_EMAIL: "{{ ansible_nas_email }}" + CF_API_KEY: "abcdeabcdeabcdeabcde1234512345" +# traefik_acme_server: "https://acme-staging-v02.api.letsencrypt.org/directory" # staging +traefik_acme_server: "https://acme-v02.api.letsencrypt.org/directory" # production \ No newline at end of file diff --git a/roles/traefik/tasks/main.yml b/roles/traefik/tasks/main.yml index 3f8511c4..e7313784 100644 --- a/roles/traefik/tasks/main.yml +++ b/roles/traefik/tasks/main.yml @@ -5,6 +5,7 @@ state: directory with_items: - "{{ traefik_data_directory }}" + - "{{ traefik_data_directory }}/letsencrypt" - name: Template Traefik config.toml template: @@ -19,6 +20,8 @@ network_mode: host volumes: - "{{ traefik_data_directory }}/traefik.toml:/etc/traefik/traefik.toml:ro" + - "{{ traefik_data_directory }}/letsencrypt:/letsencrypt:rw" - "/var/run/docker.sock:/var/run/docker.sock:ro" + env: "{{ traefik_environment_variables }}" restart_policy: unless-stopped memory: 1g diff --git a/roles/traefik/templates/traefik.toml b/roles/traefik/templates/traefik.toml index 119d86d7..06b45cc3 100644 --- a/roles/traefik/templates/traefik.toml +++ b/roles/traefik/templates/traefik.toml @@ -1,226 +1,46 @@ -################################################################ -# Global configuration -################################################################ - -# Enable debug mode -# -# Optional -# Default: false -# -debug = {{ traefik_debug }} - -# Log level -# -# Optional -# Default: "ERROR" -# -# logLevel = "DEBUG" - -# Entrypoints to be used by frontends that do not specify any entrypoint. -# Each frontend can specify its own entrypoints. -# -# Optional -# Default: ["http"] -# -defaultEntryPoints = ["http", "https"] - -################################################################ -# Entrypoints configuration -################################################################ - [entryPoints] - [entryPoints.http] - address = ":{{ traefik_port_http }}" - [entryPoints.http.redirect] - entryPoint = "https" + [entryPoints.web] + address = ":80" - [entryPoints.https] - address = ":{{ traefik_port_https }}" - [entryPoints.https.tls] + [entryPoints.web.http.redirections.entryPoint] + to = "websecure" + + [entryPoints.websecure] + address = ":{{ traefik_port_https }}" + + [entryPoints.websecure.http.tls] + certResolver = "letsencrypt" + + [entryPoints.websecure.http.tls.domains] + main = "{{ ansible_nas_domain }}" + sans = [ + "*.{{ ansible_nas_domain }}" + ] [entryPoints.traefik] - address = ":{{ traefik_port_ui }}" + address = ":{{ traefik_port_ui }}" -################################################################ -# Traefik logs configuration -################################################################ +[providers] + providersThrottleDuration = "2s" + [providers.docker] + exposedbydefault = false -# Traefik logs -# Enabled by default and log to stdout -# -# Optional -# -# [traefikLog] - -# Sets the filepath for the traefik log. If not specified, stdout will be used. -# Intermediate directories are created if necessary. -# -# Optional -# Default: os.Stdout -# -# filePath = "log/traefik.log" - -# Format is either "json" or "common". -# -# Optional -# Default: "common" -# -# format = "common" - -################################################################ -# Access logs configuration -################################################################ - -# Enable access logs -# By default it will write to stdout and produce logs in the textual -# Common Log Format (CLF), extended with additional fields. -# -# Optional -# -# [accessLog] - -# Sets the file path for the access log. If not specified, stdout will be used. -# Intermediate directories are created if necessary. -# -# Optional -# Default: os.Stdout -# -# filePath = "/path/to/log/log.txt" - -# Format is either "json" or "common". -# -# Optional -# Default: "common" -# -# format = "common" - -################################################################ -# API and dashboard configuration -################################################################ - -# Enable API and dashboard [api] - - # Name of the related entry point - # - # Optional - # Default: "traefik" - # - entryPoint = "traefik" - - # Enabled Dashboard - # - # Optional - # Default: true - # + insecure = true dashboard = true -################################################################ -# Ping configuration -################################################################ +[log] + level = "{{ traefik_log_level }}" -# Enable ping [ping] + terminatingStatusCode = 0 - # Name of the related entry point - # - # Optional - # Default: "traefik" - # - # entryPoint = "traefik" +[certificatesResolvers] + [certificatesResolvers.letsencrypt] + [certificatesResolvers.letsencrypt.acme] + email = "{{ ansible_nas_email }}" + storage = "acme.json" + caserver = "https://acme-staging-v02.api.letsencrypt.org/directory" -################################################################ -# Docker configuration backend -################################################################ - -# Enable Docker configuration backend -[docker] - -# Docker server endpoint. Can be a tcp or a unix socket endpoint. -# -# Required -# Default: "unix:///var/run/docker.sock" -# -# endpoint = "tcp://10.10.10.10:2375" - -# Default domain used. -# Can be overridden by setting the "traefik.domain" label on a container. -# -# Optional -# Default: "" -# -# domain = "docker.localhost" - -# Expose containers by default in traefik -# -# Optional -# Default: true -exposedByDefault = false - - -[acme] -email = "{{ ansible_nas_email }}" -storage = "acme.json" -entryPoint = "https" -acmeLogging = true -onDemand = false # create certificate when container is created - - # [acme.dnsChallenge] - # provider = "cloudflare" - # delayBeforeCheck = 0 - - # [acme.httpChallenge] - # entryPoint = "http" - - [acme.tlsChallenge] - - [[acme.domains]] - main = "{{ ansible_nas_hostname }}.{{ ansible_nas_domain }}" - - - # we request a certificate for everything, because why not. - sans = ["airsonic.{{ ansible_nas_domain }}", - "bazarr.{{ ansible_nas_domain }}", - "bitwarden.{{ ansible_nas_domain }}", - "calibre.{{ ansible_nas_domain }}", - "cloudcmd.{{ ansible_nas_domain }}", - "couchpotato.{{ ansible_nas_domain }}", - "duplicati.{{ ansible_nas_domain }}", - "emby.{{ ansible_nas_domain }}", - "firefly.{{ ansible_nas_domain }}", - "gitea.{{ ansible_nas_domain }}", - "gitlab.{{ ansible_nas_domain }}", - "glances.{{ ansible_nas_domain }}", - "grafana.{{ ansible_nas_domain }}", - "guacamole.{{ ansible_nas_domain }}", - "heimdall.{{ ansible_nas_domain }}", - "homeassistant.{{ ansible_nas_domain }}", - "jackett.{{ ansible_nas_domain }}", - "jellyfin.{{ ansible_nas_domain }}", - "joomla.{{ ansible_nas_domain }}", - "krusader.{{ ansible_nas_domain }}", - "lidarr.{{ ansible_nas_domain }}", - "mylar.{{ ansible_nas_domain }}", - "miniflux.{{ ansible_nas_domain }}", - "netdata.{{ ansible_nas_domain }}", - "nextcloud.{{ ansible_nas_domain }}", - "nzbget.{{ ansible_nas_domain }}", - "ombi.{{ ansible_nas_domain }}", - "openhab.{{ ansible_nas_domain }}", - "organizr.{{ ansible_nas_domain }}", - "plex.{{ ansible_nas_domain }}", - "portainer.{{ ansible_nas_domain }}", - "pyload.{{ ansible_nas_domain }}", - "pytivo.{{ ansible_nas_domain }}", - "radarr.{{ ansible_nas_domain }}", - "sickchill.{{ ansible_nas_domain }}", - "sonarr.{{ ansible_nas_domain }}", - "tautulli.{{ ansible_nas_domain }}", - "thelounge.{{ ansible_nas_domain }}", - "transmission.{{ ansible_nas_domain }}", - "transmission-openvpn.{{ ansible_nas_domain }}", - "ubooquity.{{ ansible_nas_domain }}", - "utorrent.{{ ansible_nas_domain }}", - "wallabag.{{ ansible_nas_domain }}", - "youtubedlmaterial.{{ ansible_nas_domain }}", - "znc.{{ ansible_nas_domain }}"] + [certificatesResolvers.letsencrypt.acme.dnsChallenge] + provider = "cloudflare" From 967856c266ee9a1224689fdc7fb55d0d89df37ef Mon Sep 17 00:00:00 2001 From: Dave Stephens Date: Tue, 19 Jan 2021 17:18:12 +0000 Subject: [PATCH 80/92] Flip all apps in roles to Traefik v2.3 --- roles/airsonic/defaults/main.yml | 3 ++- roles/airsonic/tasks/main.yml | 8 +++++--- roles/bazarr/defaults/main.yml | 3 ++- roles/bazarr/tasks/main.yml | 8 +++++--- roles/duplicati/defaults/main.yml | 5 +++++ roles/duplicati/tasks/main.yml | 8 +++++--- roles/emby/defaults/main.yml | 3 ++- roles/emby/tasks/main.yml | 8 +++++--- roles/gitea/defaults/main.yml | 2 +- roles/gitea/tasks/main.yml | 10 ++++++---- roles/heimdall/defaults/main.yml | 1 + roles/heimdall/tasks/main.yml | 8 +++++--- roles/homeassistant/defaults/main.yml | 7 ++++++- roles/homeassistant/tasks/main.yml | 9 +++++---- roles/lidarr/defaults/main.yml | 3 ++- roles/lidarr/tasks/main.yml | 8 +++++--- roles/netdata/defaults/main.yml | 2 +- roles/netdata/tasks/main.yml | 10 ++++++---- roles/nextcloud/defaults/main.yml | 5 +++++ roles/nextcloud/tasks/main.yml | 8 +++++--- roles/ombi/defaults/main.yml | 1 + roles/ombi/tasks/main.yml | 8 +++++--- roles/organizr/defaults/main.yml | 1 + roles/organizr/tasks/main.yml | 8 +++++--- roles/plex/defaults/main.yml | 6 ++++++ roles/plex/tasks/main.yml | 10 ++++++---- roles/portainer/defaults/main.yml | 3 ++- roles/portainer/tasks/main.yml | 8 +++++--- roles/radarr/defaults/main.yml | 3 ++- roles/radarr/tasks/main.yml | 8 +++++--- roles/sickchill/defaults/main.yml | 3 ++- roles/sickchill/tasks/main.yml | 8 +++++--- roles/transmission-with-openvpn/defaults/main.yml | 1 + roles/transmission-with-openvpn/tasks/main.yml | 10 ++++++---- roles/transmission/defaults/main.yml | 1 + roles/transmission/tasks/main.yml | 8 +++++--- roles/utorrent/defaults/main.yml | 5 +++-- roles/utorrent/tasks/main.yml | 8 +++++--- 38 files changed, 145 insertions(+), 74 deletions(-) diff --git a/roles/airsonic/defaults/main.yml b/roles/airsonic/defaults/main.yml index ce8786dc..d79b5e4a 100644 --- a/roles/airsonic/defaults/main.yml +++ b/roles/airsonic/defaults/main.yml @@ -8,4 +8,5 @@ airsonic_music_directory: "{{ music_root }}" airsonic_podcasts_directory: "{{ podcasts_root }}" # network -airsonic_port: "4040" \ No newline at end of file +airsonic_port: "4040" +airsonic_hostname: "airsonic" \ No newline at end of file diff --git a/roles/airsonic/tasks/main.yml b/roles/airsonic/tasks/main.yml index dcf21cca..15326e63 100644 --- a/roles/airsonic/tasks/main.yml +++ b/roles/airsonic/tasks/main.yml @@ -23,8 +23,10 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "airsonic" - traefik.frontend.rule: "Host:airsonic.{{ ansible_nas_domain }}" traefik.enable: "{{ airsonic_available_externally }}" - traefik.port: "4040" + traefik.http.routers.airsonic.rule: "Host(`{{ airsonic_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.airsonic.tls.certresolver: "letsencrypt" + traefik.http.routers.airsonic.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.airsonic.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.airsonic.loadbalancer.server.port: "4040" diff --git a/roles/bazarr/defaults/main.yml b/roles/bazarr/defaults/main.yml index c09626c1..1244e1a7 100644 --- a/roles/bazarr/defaults/main.yml +++ b/roles/bazarr/defaults/main.yml @@ -12,4 +12,5 @@ bazarr_user_id: "0" bazarr_group_id: "0" # network -bazarr_port: "6767" \ No newline at end of file +bazarr_port: "6767" +bazarr_hostname: "bazarr" \ No newline at end of file diff --git a/roles/bazarr/tasks/main.yml b/roles/bazarr/tasks/main.yml index a606f5bc..c77d29f9 100644 --- a/roles/bazarr/tasks/main.yml +++ b/roles/bazarr/tasks/main.yml @@ -24,7 +24,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "bazarr" - traefik.frontend.rule: "Host:bazarr.{{ ansible_nas_domain }}" traefik.enable: "{{ bazarr_available_externally }}" - traefik.port: "6767" \ No newline at end of file + traefik.http.routers.bazarr.rule: "Host(`{{ bazarr_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.bazarr.tls.certresolver: "letsencrypt" + traefik.http.routers.bazarr.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.bazarr.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.bazarr.loadbalancer.server.port: "6767" \ No newline at end of file diff --git a/roles/duplicati/defaults/main.yml b/roles/duplicati/defaults/main.yml index 34575214..c96a421b 100644 --- a/roles/duplicati/defaults/main.yml +++ b/roles/duplicati/defaults/main.yml @@ -1,5 +1,10 @@ --- duplicati_enabled: false duplicati_available_externally: "false" + +# directories duplicati_data_directory: "{{ docker_home }}/duplicati/config" + +# network duplicati_port: "8200" +duplicati_hostname: "duplicati" diff --git a/roles/duplicati/tasks/main.yml b/roles/duplicati/tasks/main.yml index 593ce80e..288fa3c1 100644 --- a/roles/duplicati/tasks/main.yml +++ b/roles/duplicati/tasks/main.yml @@ -21,7 +21,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "duplicati" - traefik.frontend.rule: "Host:duplicati.{{ ansible_nas_domain }}" traefik.enable: "{{ duplicati_available_externally }}" - traefik.port: "8200" + traefik.http.routers.duplicati.rule: "Host(`{{ duplicati_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.duplicati.tls.certresolver: "letsencrypt" + traefik.http.routers.duplicati.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.duplicati.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.duplicati.loadbalancer.server.port: "8200" diff --git a/roles/emby/defaults/main.yml b/roles/emby/defaults/main.yml index f32d665b..4c72091e 100644 --- a/roles/emby/defaults/main.yml +++ b/roles/emby/defaults/main.yml @@ -19,4 +19,5 @@ emby_group_id: "0" # network emby_port_http: "8096" -emby_port_https: "8920" \ No newline at end of file +emby_port_https: "8920" +emby_hostname: "emby" \ No newline at end of file diff --git a/roles/emby/tasks/main.yml b/roles/emby/tasks/main.yml index 673b2ca7..3dd068f6 100644 --- a/roles/emby/tasks/main.yml +++ b/roles/emby/tasks/main.yml @@ -24,7 +24,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "emby" - traefik.frontend.rule: "Host:emby.{{ ansible_nas_domain }}" traefik.enable: "{{ emby_available_externally }}" - traefik.port: "8096" \ No newline at end of file + traefik.http.routers.emby.rule: "Host(`{{ emby_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.emby.tls.certresolver: "letsencrypt" + traefik.http.routers.emby.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.emby.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.emby.loadbalancer.server.port: "8096" \ No newline at end of file diff --git a/roles/gitea/defaults/main.yml b/roles/gitea/defaults/main.yml index 723f2f65..86f4981a 100644 --- a/roles/gitea/defaults/main.yml +++ b/roles/gitea/defaults/main.yml @@ -6,6 +6,6 @@ gitea_available_externally: "false" gitea_data_directory: "{{ docker_home }}/gitea" # network -gitea_hostname: "{{ ansible_nas_hostname }}" +gitea_hostname: "gitea" gitea_port_http: "3001" gitea_port_ssh: "222" \ No newline at end of file diff --git a/roles/gitea/tasks/main.yml b/roles/gitea/tasks/main.yml index 947ba601..7a0ab802 100644 --- a/roles/gitea/tasks/main.yml +++ b/roles/gitea/tasks/main.yml @@ -60,7 +60,7 @@ DB_USER: "gitea" DB_PASSWD: "gitea" RUN_MODE: "prod" - SSH_DOMAIN: "{{ gitea_hostname }}" + SSH_DOMAIN: "{{ ansible_nas_hostname }}" SSH_PORT: "{{ gitea_port_ssh }}" ROOT_URL: "http://{{ gitea_hostname }}:{{ gitea_port_http }}/" USER_UID: "1309" @@ -68,7 +68,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "gitea" - traefik.frontend.rule: "Host:gitea.{{ ansible_nas_domain }}" traefik.enable: "{{ gitea_available_externally }}" - traefik.port: "3000" + traefik.http.routers.gitea.rule: "Host(`{{ gitea_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.gitea.tls.certresolver: "letsencrypt" + traefik.http.routers.gitea.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.gitea.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.gitea.loadbalancer.server.port: "3000" diff --git a/roles/heimdall/defaults/main.yml b/roles/heimdall/defaults/main.yml index f5292680..342190bd 100644 --- a/roles/heimdall/defaults/main.yml +++ b/roles/heimdall/defaults/main.yml @@ -9,6 +9,7 @@ heimdall_data_directory: "{{ docker_home }}/heimdall" # network heimdall_port_http: "10080" heimdall_port_https: "10443" +heimdall_hostname: heimdall # uid / gid heimdall_user_id: "1310" diff --git a/roles/heimdall/tasks/main.yml b/roles/heimdall/tasks/main.yml index b5b0ce54..75896a78 100644 --- a/roles/heimdall/tasks/main.yml +++ b/roles/heimdall/tasks/main.yml @@ -41,7 +41,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "heimdall" - traefik.frontend.rule: "Host:heimdall.{{ ansible_nas_domain }}" traefik.enable: "{{ heimdall_available_externally }}" - traefik.port: "80" \ No newline at end of file + traefik.http.routers.heimdall.rule: "Host(`{{ heimdall_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.heimdall.tls.certresolver: "letsencrypt" + traefik.http.routers.heimdall.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.heimdall.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.heimdall.loadbalancer.server.port: "80" \ No newline at end of file diff --git a/roles/homeassistant/defaults/main.yml b/roles/homeassistant/defaults/main.yml index f529215c..1101b8b2 100644 --- a/roles/homeassistant/defaults/main.yml +++ b/roles/homeassistant/defaults/main.yml @@ -1,5 +1,10 @@ --- homeassistant_enabled: false homeassistant_available_externally: "false" + +# directories homeassistant_data_directory: "{{ docker_home }}/homeassistant" -homeassistant_port: "8123" \ No newline at end of file + +# network +homeassistant_port: "8123" +homeassistant_hostname: "homeassistant" \ No newline at end of file diff --git a/roles/homeassistant/tasks/main.yml b/roles/homeassistant/tasks/main.yml index 7645fd6e..960eda88 100644 --- a/roles/homeassistant/tasks/main.yml +++ b/roles/homeassistant/tasks/main.yml @@ -17,9 +17,10 @@ env: TZ: "{{ ansible_nas_timezone }}" labels: - traefik.backend: "homeassistant" - traefik.frontend.rule: "Host:homeassistant.{{ ansible_nas_domain }}" traefik.enable: "{{ homeassistant_available_externally }}" - traefik.port: "8123" - traefik.frontend.headers.SSLRedirect: "true" + traefik.http.routers.homeassistant.rule: "Host(`{{ homeassistant_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.homeassistant.tls.certresolver: "letsencrypt" + traefik.http.routers.homeassistant.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.homeassistant.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.homeassistant.loadbalancer.server.port: "8123" memory: 1g diff --git a/roles/lidarr/defaults/main.yml b/roles/lidarr/defaults/main.yml index 09212171..5bdfe9a9 100644 --- a/roles/lidarr/defaults/main.yml +++ b/roles/lidarr/defaults/main.yml @@ -12,4 +12,5 @@ lidarr_user_id: "0" lidarr_group_id: "0" # network -lidarr_port: "8686" \ No newline at end of file +lidarr_port: "8686" +lidarr_hostname: "lidarr" \ No newline at end of file diff --git a/roles/lidarr/tasks/main.yml b/roles/lidarr/tasks/main.yml index 6f8b20ca..9a2497e7 100644 --- a/roles/lidarr/tasks/main.yml +++ b/roles/lidarr/tasks/main.yml @@ -22,7 +22,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "lidarr" - traefik.frontend.rule: "Host:lidarr.{{ ansible_nas_domain }}" traefik.enable: "{{ lidarr_available_externally }}" - traefik.port: "8686" + traefik.http.routers.lidarr.rule: "Host(`{{ lidarr_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.lidarr.tls.certresolver: "letsencrypt" + traefik.http.routers.lidarr.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.lidarr.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.lidarr.loadbalancer.server.port: "8686" diff --git a/roles/netdata/defaults/main.yml b/roles/netdata/defaults/main.yml index d22deb48..3c8823f2 100644 --- a/roles/netdata/defaults/main.yml +++ b/roles/netdata/defaults/main.yml @@ -2,5 +2,5 @@ netdata_enabled: false netdata_available_externally: "false" # network -netdata_hostname: "{{ ansible_nas_hostname }}.{{ ansible_nas_domain }}" +netdata_hostname: "netdata" netdata_port: "19999" \ No newline at end of file diff --git a/roles/netdata/tasks/main.yml b/roles/netdata/tasks/main.yml index 5a1141e2..735d2a5c 100644 --- a/roles/netdata/tasks/main.yml +++ b/roles/netdata/tasks/main.yml @@ -7,7 +7,7 @@ - name: Netdata Docker Container docker_container: name: netdata - hostname: "{{ netdata_hostname }}" + hostname: "{{ ansible_nas_hostname }}.{{ ansible_nas_domain }}" image: netdata/netdata state: started pull: true @@ -26,7 +26,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "netdata" - traefik.frontend.rule: "Host:netdata.{{ ansible_nas_domain }}" traefik.enable: "{{ netdata_available_externally }}" - traefik.port: "19999" \ No newline at end of file + traefik.http.routers.netdata.rule: "Host(`{{ netdata_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.netdata.tls.certresolver: "letsencrypt" + traefik.http.routers.netdata.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.netdata.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.netdata.loadbalancer.server.port: "19999" \ No newline at end of file diff --git a/roles/nextcloud/defaults/main.yml b/roles/nextcloud/defaults/main.yml index 44f820c3..f2dd56dd 100644 --- a/roles/nextcloud/defaults/main.yml +++ b/roles/nextcloud/defaults/main.yml @@ -1,5 +1,10 @@ --- nextcloud_enabled: false nextcloud_available_externally: "false" + +# directories nextcloud_data_directory: "{{ docker_home }}/nextcloud" + +# network nextcloud_port: "8080" +nextcloud_hostname: "nextcloud" \ No newline at end of file diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml index d712ded0..6f29c57c 100644 --- a/roles/nextcloud/tasks/main.yml +++ b/roles/nextcloud/tasks/main.yml @@ -42,7 +42,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "nextcloud" - traefik.frontend.rule: "Host:nextcloud.{{ ansible_nas_domain }}" traefik.enable: "{{ nextcloud_available_externally }}" - traefik.port: "80" \ No newline at end of file + traefik.http.routers.nextcloud.rule: "Host(`{{ nextcloud_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.nextcloud.tls.certresolver: "letsencrypt" + traefik.http.routers.nextcloud.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.nextcloud.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.nextcloud.loadbalancer.server.port: "80" \ No newline at end of file diff --git a/roles/ombi/defaults/main.yml b/roles/ombi/defaults/main.yml index 55ba1f99..acd962c5 100644 --- a/roles/ombi/defaults/main.yml +++ b/roles/ombi/defaults/main.yml @@ -7,6 +7,7 @@ ombi_config_directory: "{{ docker_home }}/ombi/config" # network ombi_port: "3579" +ombi_hostname: "ombi" # uid / gid ombi_user_id: "0" diff --git a/roles/ombi/tasks/main.yml b/roles/ombi/tasks/main.yml index 2a85a024..442ceb9b 100644 --- a/roles/ombi/tasks/main.yml +++ b/roles/ombi/tasks/main.yml @@ -21,7 +21,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "ombi" - traefik.frontend.rule: "Host:ombi.{{ ansible_nas_domain }}" traefik.enable: "{{ ombi_available_externally }}" - traefik.port: "3579" \ No newline at end of file + traefik.http.routers.ombi.rule: "Host(`{{ ombi_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.ombi.tls.certresolver: "letsencrypt" + traefik.http.routers.ombi.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.ombi.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.ombi.loadbalancer.server.port: "3579" diff --git a/roles/organizr/defaults/main.yml b/roles/organizr/defaults/main.yml index 9c0d01a0..6823a3d6 100644 --- a/roles/organizr/defaults/main.yml +++ b/roles/organizr/defaults/main.yml @@ -8,6 +8,7 @@ organizr_data_directory: "{{ docker_home }}/organizr" # network organizr_port_http: "10081" organizr_port_https: "10444" +organizr_hostname: "organizr" # uid / gid organizr_user_id: "1000" diff --git a/roles/organizr/tasks/main.yml b/roles/organizr/tasks/main.yml index d952615d..3b92f276 100644 --- a/roles/organizr/tasks/main.yml +++ b/roles/organizr/tasks/main.yml @@ -23,7 +23,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "organizr" - traefik.frontend.rule: "Host:organizr.{{ ansible_nas_domain }}" traefik.enable: "{{ organizr_available_externally }}" - traefik.port: "80" + traefik.http.routers.organizr.rule: "Host(`{{ organizr_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.organizr.tls.certresolver: "letsencrypt" + traefik.http.routers.organizr.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.organizr.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.organizr.loadbalancer.server.port: "80" diff --git a/roles/plex/defaults/main.yml b/roles/plex/defaults/main.yml index 69528515..526c8ee2 100644 --- a/roles/plex/defaults/main.yml +++ b/roles/plex/defaults/main.yml @@ -22,3 +22,9 @@ plex_tv_permissions: "rw" plex_photos_permissions: "rw" plex_podcasts_permissions: "rw" plex_music_permissions: "rw" + +# network +plex_hostname: "plex" + +# specs +plex_memory: "2g" \ No newline at end of file diff --git a/roles/plex/tasks/main.yml b/roles/plex/tasks/main.yml index a8f65fa3..5587d7d2 100644 --- a/roles/plex/tasks/main.yml +++ b/roles/plex/tasks/main.yml @@ -27,9 +27,11 @@ PUID: "{{ plex_user_id }}" PGID: "{{ plex_group_id }}" restart_policy: unless-stopped - memory: 2g + memory: "{{ plex_memory }}" labels: - traefik.backend: "plex" - traefik.frontend.rule: "Host:plex.{{ ansible_nas_domain }}" traefik.enable: "{{ plex_available_externally }}" - traefik.port: "32400" + traefik.http.routers.plex.rule: "Host(`{{ plex_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.plex.tls.certresolver: "letsencrypt" + traefik.http.routers.plex.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.plex.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.plex.loadbalancer.server.port: "32400" diff --git a/roles/portainer/defaults/main.yml b/roles/portainer/defaults/main.yml index 95ad2aaa..1ac3e2ec 100644 --- a/roles/portainer/defaults/main.yml +++ b/roles/portainer/defaults/main.yml @@ -6,4 +6,5 @@ portainer_available_externally: "false" portainer_data_directory: "{{ docker_home }}/portainer/config" # network -portainer_port: "9000" \ No newline at end of file +portainer_port: "9000" +portainer_hostname: "portainer" \ No newline at end of file diff --git a/roles/portainer/tasks/main.yml b/roles/portainer/tasks/main.yml index 207aea53..b45ddc49 100644 --- a/roles/portainer/tasks/main.yml +++ b/roles/portainer/tasks/main.yml @@ -20,7 +20,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "portainer" - traefik.frontend.rule: "Host:portainer.{{ ansible_nas_domain }}" traefik.enable: "{{ portainer_available_externally }}" - traefik.port: "9000" + traefik.http.routers.portainer.rule: "Host(`{{ portainer_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.portainer.tls.certresolver: "letsencrypt" + traefik.http.routers.portainer.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.portainer.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.portainer.loadbalancer.server.port: "9000" diff --git a/roles/radarr/defaults/main.yml b/roles/radarr/defaults/main.yml index fb6eccb3..805ee8c8 100644 --- a/roles/radarr/defaults/main.yml +++ b/roles/radarr/defaults/main.yml @@ -12,4 +12,5 @@ radarr_user_id: "0" radarr_group_id: "0" # network -radarr_port: "7878" \ No newline at end of file +radarr_port: "7878" +radarr_hostname: "radarr" \ No newline at end of file diff --git a/roles/radarr/tasks/main.yml b/roles/radarr/tasks/main.yml index 3a802e80..80c615c6 100644 --- a/roles/radarr/tasks/main.yml +++ b/roles/radarr/tasks/main.yml @@ -24,7 +24,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "radarr" - traefik.frontend.rule: "Host:radarr.{{ ansible_nas_domain }}" traefik.enable: "{{ radarr_available_externally }}" - traefik.port: "7878" \ No newline at end of file + traefik.http.routers.radarr.rule: "Host(`{{ radarr_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.radarr.tls.certresolver: "letsencrypt" + traefik.http.routers.radarr.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.radarr.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.radarr.loadbalancer.server.port: "7878" \ No newline at end of file diff --git a/roles/sickchill/defaults/main.yml b/roles/sickchill/defaults/main.yml index 1c98e35c..a7cbfcc7 100644 --- a/roles/sickchill/defaults/main.yml +++ b/roles/sickchill/defaults/main.yml @@ -12,4 +12,5 @@ sickchill_user_id: "0" sickchill_group_id: "0" # network -sickchill_port: "8081" \ No newline at end of file +sickchill_port: "8081" +sickchill_hostname: "sickchill" \ No newline at end of file diff --git a/roles/sickchill/tasks/main.yml b/roles/sickchill/tasks/main.yml index f9590d0d..c037e447 100644 --- a/roles/sickchill/tasks/main.yml +++ b/roles/sickchill/tasks/main.yml @@ -25,7 +25,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "sickchill" - traefik.frontend.rule: "Host:sickchill.{{ ansible_nas_domain }}" traefik.enable: "{{ sickchill_available_externally }}" - traefik.port: "8081" + traefik.http.routers.sickchill.rule: "Host(`{{ sickchill_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.sickchill.tls.certresolver: "letsencrypt" + traefik.http.routers.sickchill.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.sickchill.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.sickchill.loadbalancer.server.port: "8081" diff --git a/roles/transmission-with-openvpn/defaults/main.yml b/roles/transmission-with-openvpn/defaults/main.yml index 91b5c5d2..d58ff75e 100644 --- a/roles/transmission-with-openvpn/defaults/main.yml +++ b/roles/transmission-with-openvpn/defaults/main.yml @@ -20,6 +20,7 @@ transmission_openvpn_local_network: "192.168.1.0/24" transmission_openvpn_webui_port: "9091" transmission_openvpn_external_port: "51415" transmission_openvpn_proxy_port: "3128" +transmission_openvpn_hostname: "transmission_openvpn" # Transmission VPN Credentials # If you're using Transmission with a VPN, you'll need to set these credentials. diff --git a/roles/transmission-with-openvpn/tasks/main.yml b/roles/transmission-with-openvpn/tasks/main.yml index 2e303c01..3374ab8b 100644 --- a/roles/transmission-with-openvpn/tasks/main.yml +++ b/roles/transmission-with-openvpn/tasks/main.yml @@ -49,7 +49,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "transmission-openvpn" - traefik.frontend.rule: "Host:transmission-openvpn.{{ ansible_nas_domain }}" - traefik.enable: "{{ transmission_with_openvpn_available_externally }}" - traefik.port: "9091" + traefik.enable: "{{ transmission_openvpn_available_externally }}" + traefik.http.routers.transmission_openvpn.rule: "Host(`{{ transmission_openvpn_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.transmission_openvpn.tls.certresolver: "letsencrypt" + traefik.http.routers.transmission_openvpn.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.transmission_openvpn.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.transmission_openvpn.loadbalancer.server.port: "9091" diff --git a/roles/transmission/defaults/main.yml b/roles/transmission/defaults/main.yml index 7e0cdc3f..8b466b6d 100644 --- a/roles/transmission/defaults/main.yml +++ b/roles/transmission/defaults/main.yml @@ -14,5 +14,6 @@ transmission_group_id: "0" # network transmission_webui_port: "9092" transmission_external_port: "51414" +transmission_hostname: "transmission" transmission_timezone: "{{ ansible_nas_timezone }}" \ No newline at end of file diff --git a/roles/transmission/tasks/main.yml b/roles/transmission/tasks/main.yml index 6e0fe8b0..99e2fe63 100644 --- a/roles/transmission/tasks/main.yml +++ b/roles/transmission/tasks/main.yml @@ -29,7 +29,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "transmission" - traefik.frontend.rule: "Host:transmission.{{ ansible_nas_domain }}" traefik.enable: "{{ transmission_available_externally }}" - traefik.port: "9091" \ No newline at end of file + traefik.http.routers.transmission.rule: "Host(`{{ transmission_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.transmission.tls.certresolver: "letsencrypt" + traefik.http.routers.transmission.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.transmission.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.transmission.loadbalancer.server.port: "9091" \ No newline at end of file diff --git a/roles/utorrent/defaults/main.yml b/roles/utorrent/defaults/main.yml index 59ab5ad4..340b756a 100644 --- a/roles/utorrent/defaults/main.yml +++ b/roles/utorrent/defaults/main.yml @@ -11,6 +11,7 @@ utorrent_download_directory_active: "{{ downloads_root }}/.incomplete" utorrent_user_id: "0" utorrent_group_id: "0" -# ports +# network utorrent_port_http: "8111" -utorrent_port_bt: "6881" \ No newline at end of file +utorrent_port_bt: "6881" +utorrent_hostname: "utorrent" \ No newline at end of file diff --git a/roles/utorrent/tasks/main.yml b/roles/utorrent/tasks/main.yml index 823eb84e..7eb7377e 100644 --- a/roles/utorrent/tasks/main.yml +++ b/roles/utorrent/tasks/main.yml @@ -31,7 +31,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "utorrent" - traefik.frontend.rule: "Host:utorrent.{{ ansible_nas_domain }}" traefik.enable: "{{ utorrent_available_externally }}" - traefik.port: "8080" + traefik.http.routers.utorrent.rule: "Host(`{{ utorrent_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.utorrent.tls.certresolver: "letsencrypt" + traefik.http.routers.utorrent.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.utorrent.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.utorrent.loadbalancer.server.port: "8080" From 30bcb1ca19232490829f45b4b2f50eac531f3d75 Mon Sep 17 00:00:00 2001 From: Dave Stephens Date: Tue, 19 Jan 2021 23:51:59 +0000 Subject: [PATCH 81/92] Update task applications to use Traefik v2.3 --- tasks/calibre.yml | 12 +++++++----- tasks/cloudcmd.yml | 8 +++++--- tasks/couchpotato.yml | 8 +++++--- tasks/firefly.yml | 8 +++++--- tasks/gitlab.yml | 8 +++++--- tasks/glances.yml | 8 +++++--- tasks/guacamole.yml | 8 +++++--- tasks/homebridge.yml | 8 +++++--- tasks/jackett.yml | 8 +++++--- tasks/jellyfin.yml | 8 +++++--- tasks/joomla.yml | 8 +++++--- tasks/krusader.yml | 12 +++++++----- tasks/miniflux.yml | 8 +++++--- tasks/mylar.yml | 8 +++++--- tasks/nzbget.yml | 8 +++++--- tasks/openhab.yml | 8 +++++--- tasks/pyload.yml | 8 +++++--- tasks/pytivo.yml | 8 +++++--- tasks/sonarr.yml | 8 +++++--- tasks/stats.yml | 8 +++++--- tasks/tautulli.yml | 8 +++++--- tasks/thelounge.yml | 8 +++++--- tasks/ubooquity.yml | 8 +++++--- tasks/wallabag.yml | 11 ++++++----- tasks/youtubedlmaterial.yml | 12 +++++++----- tasks/znc.yml | 8 +++++--- 26 files changed, 137 insertions(+), 86 deletions(-) diff --git a/tasks/calibre.yml b/tasks/calibre.yml index e597f473..b19d0187 100644 --- a/tasks/calibre.yml +++ b/tasks/calibre.yml @@ -21,9 +21,11 @@ ports: - "{{ calibre_port }}:8083" restart_policy: unless-stopped - labels: - traefik.backend: "calibre" - traefik.frontend.rule: "Host:calibre.{{ ansible_nas_domain }}" - traefik.enable: "{{ calibre_available_externally }}" - traefik.port: "8083" memory: 1g + labels: + traefik.enable: "{{ calibre_available_externally }}" + traefik.http.routers.calibre.rule: "Host(`calibre.{{ ansible_nas_domain }}`)" + traefik.http.routers.calibre.tls.certresolver: "letsencrypt" + traefik.http.routers.calibre.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.calibre.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.calibre.loadbalancer.server.port: "8083" diff --git a/tasks/cloudcmd.yml b/tasks/cloudcmd.yml index 3943b761..f67936d0 100644 --- a/tasks/cloudcmd.yml +++ b/tasks/cloudcmd.yml @@ -23,7 +23,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "cloudcmd" - traefik.frontend.rule: "Host:cloudcmd.{{ ansible_nas_domain }}" traefik.enable: "{{ cloudcmd_available_externally }}" - traefik.port: "8000" \ No newline at end of file + traefik.http.routers.cloudcmd.rule: "Host(`cloudcmd.{{ ansible_nas_domain }}`)" + traefik.http.routers.cloudcmd.tls.certresolver: "letsencrypt" + traefik.http.routers.cloudcmd.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.cloudcmd.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.cloudcmd.loadbalancer.server.port: "8000" \ No newline at end of file diff --git a/tasks/couchpotato.yml b/tasks/couchpotato.yml index c57e390d..f6beb35a 100644 --- a/tasks/couchpotato.yml +++ b/tasks/couchpotato.yml @@ -26,7 +26,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "couchpotato" - traefik.frontend.rule: "Host:couchpotato.{{ ansible_nas_domain }}" traefik.enable: "{{ couchpotato_available_externally }}" - traefik.port: "5050" \ No newline at end of file + traefik.http.routers.couchpotato.rule: "Host(`couchpotato.{{ ansible_nas_domain }}`)" + traefik.http.routers.couchpotato.tls.certresolver: "letsencrypt" + traefik.http.routers.couchpotato.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.couchpotato.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.couchpotato.loadbalancer.server.port: "5050" \ No newline at end of file diff --git a/tasks/firefly.yml b/tasks/firefly.yml index 5af160e5..04516bd4 100644 --- a/tasks/firefly.yml +++ b/tasks/firefly.yml @@ -51,7 +51,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "firefly" - traefik.frontend.rule: "Host:firefly.{{ ansible_nas_domain }}" traefik.enable: "{{ firefly_available_externally }}" - traefik.port: "8080" + traefik.http.routers.firefly.rule: "Host(`firefly.{{ ansible_nas_domain }}`)" + traefik.http.routers.firefly.tls.certresolver: "letsencrypt" + traefik.http.routers.firefly.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.firefly.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.firefly.loadbalancer.server.port: "8080" diff --git a/tasks/gitlab.yml b/tasks/gitlab.yml index 256ef701..c0cfbc6e 100644 --- a/tasks/gitlab.yml +++ b/tasks/gitlab.yml @@ -44,7 +44,9 @@ restart_policy: unless-stopped memory: 4g labels: - traefik.backend: "gitlab" - traefik.frontend.rule: "Host:gitlab.{{ ansible_nas_domain }}" traefik.enable: "{{ gitlab_available_externally }}" - traefik.port: "80" + traefik.http.routers.gitlab.rule: "Host(`gitlab.{{ ansible_nas_domain }}`)" + traefik.http.routers.gitlab.tls.certresolver: "letsencrypt" + traefik.http.routers.gitlab.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.gitlab.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.gitlab.loadbalancer.server.port: "80" diff --git a/tasks/glances.yml b/tasks/glances.yml index 5b548550..20bc1387 100644 --- a/tasks/glances.yml +++ b/tasks/glances.yml @@ -16,7 +16,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "glances" - traefik.frontend.rule: "Host:glances.{{ ansible_nas_domain }}" traefik.enable: "{{ glances_available_externally }}" - traefik.port: "61208" \ No newline at end of file + traefik.http.routers.glances.rule: "Host(`glances.{{ ansible_nas_domain }}`)" + traefik.http.routers.glances.tls.certresolver: "letsencrypt" + traefik.http.routers.glances.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.glances.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.glances.loadbalancer.server.port: "61208" \ No newline at end of file diff --git a/tasks/guacamole.yml b/tasks/guacamole.yml index 09f167c3..50b591ef 100644 --- a/tasks/guacamole.yml +++ b/tasks/guacamole.yml @@ -40,10 +40,12 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "guacamole" - traefik.frontend.rule: "Host:guacamole.{{ ansible_nas_domain }}" traefik.enable: "{{ guacamole_available_externally }}" - traefik.port: "8080" + traefik.http.routers.guacamole.rule: "Host(`guacamole.{{ ansible_nas_domain }}`)" + traefik.http.routers.guacamole.tls.certresolver: "letsencrypt" + traefik.http.routers.guacamole.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.guacamole.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.guacamole.loadbalancer.server.port: "8080" - name: Restart Guacamole Container docker_container: diff --git a/tasks/homebridge.yml b/tasks/homebridge.yml index fffd970c..f54c42db 100644 --- a/tasks/homebridge.yml +++ b/tasks/homebridge.yml @@ -23,7 +23,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "homebridge" - traefik.frontend.rule: "Host:homebridge.{{ ansible_nas_domain }}" traefik.enable: "{{ homebridge_available_externally }}" - traefik.port: "8087" + traefik.http.routers.homebridge.rule: "Host(`homebridge.{{ ansible_nas_domain }}`)" + traefik.http.routers.homebridge.tls.certresolver: "letsencrypt" + traefik.http.routers.homebridge.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.homebridge.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.homebridge.loadbalancer.server.port: "8087" diff --git a/tasks/jackett.yml b/tasks/jackett.yml index 7842f544..18eed198 100644 --- a/tasks/jackett.yml +++ b/tasks/jackett.yml @@ -20,7 +20,9 @@ TZ: "{{ ansible_nas_timezone }}" restart_policy: unless-stopped labels: - traefik.backend: "jackett" - traefik.frontend.rule: "Host:jackett.{{ ansible_nas_domain }}" traefik.enable: "{{ jackett_available_externally }}" - traefik.port: "9117" \ No newline at end of file + traefik.http.routers.jackett.rule: "Host(`jackett.{{ ansible_nas_domain }}`)" + traefik.http.routers.jackett.tls.certresolver: "letsencrypt" + traefik.http.routers.jackett.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.jackett.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.jackett.loadbalancer.server.port: "9117" \ No newline at end of file diff --git a/tasks/jellyfin.yml b/tasks/jellyfin.yml index 831ae91f..69c13bf1 100644 --- a/tasks/jellyfin.yml +++ b/tasks/jellyfin.yml @@ -26,7 +26,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "jellyfin" - traefik.frontend.rule: "Host:jellyfin.{{ ansible_nas_domain }}" traefik.enable: "{{ jellyfin_available_externally }}" - traefik.port: "8096" \ No newline at end of file + traefik.http.routers.jellyfin.rule: "Host(`jellyfin.{{ ansible_nas_domain }}`)" + traefik.http.routers.jellyfin.tls.certresolver: "letsencrypt" + traefik.http.routers.jellyfin.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.jellyfin.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.jellyfin.loadbalancer.server.port: "8096" \ No newline at end of file diff --git a/tasks/joomla.yml b/tasks/joomla.yml index c5507932..0f93e844 100644 --- a/tasks/joomla.yml +++ b/tasks/joomla.yml @@ -39,7 +39,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "joomla" - traefik.frontend.rule: "Host: joomla.{{ ansible_nas_domain }}" traefik.enable: "{{ joomla_available_externally }}" - traefik.port: "80" \ No newline at end of file + traefik.http.routers.joomla.rule: "Host(`joomla.{{ ansible_nas_domain }}`)" + traefik.http.routers.joomla.tls.certresolver: "letsencrypt" + traefik.http.routers.joomla.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.joomla.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.joomla.loadbalancer.server.port: "80" \ No newline at end of file diff --git a/tasks/krusader.yml b/tasks/krusader.yml index 164b250d..c5afd15b 100644 --- a/tasks/krusader.yml +++ b/tasks/krusader.yml @@ -25,9 +25,11 @@ TZ: "{{ ansible_nas_timezone }}" VNC_PASSWORD: "{{ krusader_vnc_password }}" restart_policy: unless-stopped - labels: - traefik.backend: "krusader" - traefik.frontend.rule: "Host:krusader.{{ ansible_nas_domain }}" - traefik.enable: "{{ krusader_available_externally }}" - traefik.port: "5800" memory: 1g + labels: + traefik.enable: "{{ krusader_available_externally }}" + traefik.http.routers.krusader.rule: "Host(`krusader.{{ ansible_nas_domain }}`)" + traefik.http.routers.krusader.tls.certresolver: "letsencrypt" + traefik.http.routers.krusader.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.krusader.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.krusader.loadbalancer.server.port: "5800" diff --git a/tasks/miniflux.yml b/tasks/miniflux.yml index 056809d0..a22110e0 100644 --- a/tasks/miniflux.yml +++ b/tasks/miniflux.yml @@ -36,7 +36,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "miniflux" - traefik.frontend.rule: "Host:miniflux.{{ ansible_nas_domain }}" traefik.enable: "{{ miniflux_available_externally }}" - traefik.port: "8080" \ No newline at end of file + traefik.http.routers.miniflux.rule: "Host(`miniflux.{{ ansible_nas_domain }}`)" + traefik.http.routers.miniflux.tls.certresolver: "letsencrypt" + traefik.http.routers.miniflux.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.miniflux.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.miniflux.loadbalancer.server.port: "8080" \ No newline at end of file diff --git a/tasks/mylar.yml b/tasks/mylar.yml index e4108a8e..40a4e819 100644 --- a/tasks/mylar.yml +++ b/tasks/mylar.yml @@ -24,7 +24,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "mylar" - traefik.frontend.rule: "Host:mylar.{{ ansible_nas_domain }}" traefik.enable: "{{ mylar_available_externally }}" - traefik.port: "{{ mylar_port_http }}" + traefik.http.routers.mylar.rule: "Host(`mylar.{{ ansible_nas_domain }}`)" + traefik.http.routers.mylar.tls.certresolver: "letsencrypt" + traefik.http.routers.mylar.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.mylar.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.mylar.loadbalancer.server.port: "8090" diff --git a/tasks/nzbget.yml b/tasks/nzbget.yml index 88ad126c..b66c5b68 100644 --- a/tasks/nzbget.yml +++ b/tasks/nzbget.yml @@ -23,7 +23,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "nzbget" - traefik.frontend.rule: "Host:nzbget.{{ ansible_nas_domain }}" traefik.enable: "{{ nzbget_available_externally }}" - traefik.port: "6789" \ No newline at end of file + traefik.http.routers.nzbget.rule: "Host(`nzbget.{{ ansible_nas_domain }}`)" + traefik.http.routers.nzbget.tls.certresolver: "letsencrypt" + traefik.http.routers.nzbget.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.nzbget.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.nzbget.loadbalancer.server.port: "6789" \ No newline at end of file diff --git a/tasks/openhab.yml b/tasks/openhab.yml index e7ceefe9..2f7e963d 100644 --- a/tasks/openhab.yml +++ b/tasks/openhab.yml @@ -45,7 +45,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "openhab" - traefik.frontend.rule: "Host:openhab.{{ ansible_nas_domain }}" traefik.enable: "{{ openhab_available_externally }}" - traefik.port: "7777" + traefik.http.routers.openhab.rule: "Host(`openhab.{{ ansible_nas_domain }}`)" + traefik.http.routers.openhab.tls.certresolver: "letsencrypt" + traefik.http.routers.openhab.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.openhab.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.openhab.loadbalancer.server.port: "7777" diff --git a/tasks/pyload.yml b/tasks/pyload.yml index e8587d73..3f783c3a 100644 --- a/tasks/pyload.yml +++ b/tasks/pyload.yml @@ -25,7 +25,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "pyload" - traefik.frontend.rule: "Host:pyload.{{ ansible_nas_domain }}" traefik.enable: "{{ pyload_available_externally }}" - traefik.port: "8000" + traefik.http.routers.pyload.rule: "Host(`pyload.{{ ansible_nas_domain }}`)" + traefik.http.routers.pyload.tls.certresolver: "letsencrypt" + traefik.http.routers.pyload.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.pyload.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.pyload.loadbalancer.server.port: "8000" diff --git a/tasks/pytivo.yml b/tasks/pytivo.yml index fced4d3e..fe50b24b 100644 --- a/tasks/pytivo.yml +++ b/tasks/pytivo.yml @@ -31,7 +31,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "pytivo" - traefik.frontend.rule: "Host:pytivo.{{ ansible_nas_domain }}" traefik.enable: "{{ pytivo_available_externally }}" - traefik.port: "9032" + traefik.http.routers.pytivo.rule: "Host(`pytivo.{{ ansible_nas_domain }}`)" + traefik.http.routers.pytivo.tls.certresolver: "letsencrypt" + traefik.http.routers.pytivo.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.pytivo.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.pytivo.loadbalancer.server.port: "9032" diff --git a/tasks/sonarr.yml b/tasks/sonarr.yml index e0f6d76d..bfd3f8d4 100644 --- a/tasks/sonarr.yml +++ b/tasks/sonarr.yml @@ -24,7 +24,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "sonarr" - traefik.frontend.rule: "Host:sonarr.{{ ansible_nas_domain }}" traefik.enable: "{{ sonarr_available_externally }}" - traefik.port: "8989" \ No newline at end of file + traefik.http.routers.sonarr.rule: "Host(`sonarr.{{ ansible_nas_domain }}`)" + traefik.http.routers.sonarr.tls.certresolver: "letsencrypt" + traefik.http.routers.sonarr.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.sonarr.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.sonarr.loadbalancer.server.port: "8989" \ No newline at end of file diff --git a/tasks/stats.yml b/tasks/stats.yml index f7c3f32c..fcaffaa9 100644 --- a/tasks/stats.yml +++ b/tasks/stats.yml @@ -109,7 +109,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "grafana" - traefik.frontend.rule: "Host:grafana.{{ ansible_nas_domain }}" traefik.enable: "{{ grafana_available_externally }}" - traefik.port: "3000" \ No newline at end of file + traefik.http.routers.grafana.rule: "Host(`grafana.{{ ansible_nas_domain }}`) " + traefik.http.routers.grafana.tls.certresolver: "letsencrypt" + traefik.http.routers.grafana.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.grafana.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.grafana.netdata.loadbalancer.server.port: "3000" \ No newline at end of file diff --git a/tasks/tautulli.yml b/tasks/tautulli.yml index 9bf4af67..277d4f65 100644 --- a/tasks/tautulli.yml +++ b/tasks/tautulli.yml @@ -24,7 +24,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "tautulli" - traefik.frontend.rule: "Host:tautulli.{{ ansible_nas_domain }}" traefik.enable: "{{ tautulli_available_externally }}" - traefik.port: "8181" \ No newline at end of file + traefik.http.routers.tautulli.rule: "Host(`tautulli.{{ ansible_nas_domain }}`)" + traefik.http.routers.tautulli.tls.certresolver: "letsencrypt" + traefik.http.routers.tautulli.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.tautulli.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.tautulli.loadbalancer.server.port: "8181" \ No newline at end of file diff --git a/tasks/thelounge.yml b/tasks/thelounge.yml index 94696948..920e4ca3 100644 --- a/tasks/thelounge.yml +++ b/tasks/thelounge.yml @@ -27,8 +27,10 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "thelounge" - traefik.frontend.rule: "Host:thelounge.{{ ansible_nas_domain }}" traefik.enable: "{{ thelounge_available_externally }}" - traefik.port: "9000" + traefik.http.routers.thelounge.rule: "Host(`thelounge.{{ ansible_nas_domain }}`)" + traefik.http.routers.thelounge.tls.certresolver: "letsencrypt" + traefik.http.routers.thelounge.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.thelounge.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.thelounge.loadbalancer.server.port: "9000" diff --git a/tasks/ubooquity.yml b/tasks/ubooquity.yml index 31e2b3a6..a1601482 100644 --- a/tasks/ubooquity.yml +++ b/tasks/ubooquity.yml @@ -26,7 +26,9 @@ - "{{ ubooquity_port_admin }}:2203" restart_policy: unless-stopped labels: - traefik.backend: "ubooquity" - traefik.frontend.rule: "Host:ubooquity.{{ ansible_nas_domain }}" traefik.enable: "{{ ubooquity_available_externally }}" - traefik.port: "2202" + traefik.http.routers.ubooquity.rule: "Host(`ubooquity.{{ ansible_nas_domain }}`)" + traefik.http.routers.ubooquity.tls.certresolver: "letsencrypt" + traefik.http.routers.ubooquity.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.ubooquity.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.ubooquity.loadbalancer.server.port: "2202" diff --git a/tasks/wallabag.yml b/tasks/wallabag.yml index c1a6065c..b98968c0 100644 --- a/tasks/wallabag.yml +++ b/tasks/wallabag.yml @@ -19,10 +19,11 @@ env: SYMFONY__ENV__DOMAIN_NAME: "https://wallabag.{{ ansible_nas_domain }}" restart_policy: unless-stopped + memory: 1g labels: - traefik.backend: "wallabag" - traefik.frontend.rule: "Host:wallabag.{{ ansible_nas_domain }}" traefik.enable: "{{ wallabag_available_externally }}" - traefik.port: "80" - traefik.frontend.headers.SSLRedirect: "true" - memory: 1g \ No newline at end of file + traefik.http.routers.wallabag.rule: "Host(`wallabag.{{ ansible_nas_domain }}`)" + traefik.http.routers.wallabag.tls.certresolver: "letsencrypt" + traefik.http.routers.wallabag.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.wallabag.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.wallabag.loadbalancer.server.port: "80" \ No newline at end of file diff --git a/tasks/youtubedlmaterial.yml b/tasks/youtubedlmaterial.yml index a7ffdc5a..f7f3cc6c 100644 --- a/tasks/youtubedlmaterial.yml +++ b/tasks/youtubedlmaterial.yml @@ -29,9 +29,11 @@ ALLOW_CONFIG_MUTATIONS: "true" TZ: "{{ ansible_nas_timezone }}" restart_policy: always - labels: - traefik.backend: "youtubedlmaterial" - traefik.frontend.rule: "Host:youtubedlmaterial.{{ ansible_nas_domain }}" - traefik.enable: "{{ youtubedlmaterial_available_externally }}" - traefik.port: "17442" memory: 1g + labels: + traefik.enable: "{{ youtubedlmaterial_available_externally }}" + traefik.http.routers.youtubedlmaterial.rule: "Host(`youtubedlmaterial.{{ ansible_nas_domain }}`)" + traefik.http.routers.youtubedlmaterial.tls.certresolver: "letsencrypt" + traefik.http.routers.youtubedlmaterial.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.youtubedlmaterial.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.youtubedlmaterial.loadbalancer.server.port: "17442" diff --git a/tasks/znc.yml b/tasks/znc.yml index 63fa3a34..2401b53b 100644 --- a/tasks/znc.yml +++ b/tasks/znc.yml @@ -22,7 +22,9 @@ restart_policy: unless-stopped memory: 1g labels: - traefik.backend: "znc" - traefik.frontend.rule: "Host:znc.{{ ansible_nas_domain }}" traefik.enable: "{{ znc_available_externally }}" - traefik.port: "6677" \ No newline at end of file + traefik.http.routers.znc.rule: "Host(`znc.{{ ansible_nas_domain }}`)" + traefik.http.routers.znc.tls.certresolver: "letsencrypt" + traefik.http.routers.znc.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.znc.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.znc.loadbalancer.server.port: "6677" \ No newline at end of file From 96328d5f382c1e8db934f932d9a2782343ec03ed Mon Sep 17 00:00:00 2001 From: Dave Stephens Date: Tue, 19 Jan 2021 23:55:47 +0000 Subject: [PATCH 82/92] Traefik default log level to INFO --- roles/traefik/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/traefik/defaults/main.yml b/roles/traefik/defaults/main.yml index 8f1e981f..9a3c891f 100644 --- a/roles/traefik/defaults/main.yml +++ b/roles/traefik/defaults/main.yml @@ -15,7 +15,7 @@ traefik_port_https: "443" traefik_port_ui: "8083" traefik_docker_image: traefik:v2.3 -traefik_log_level: "DEBUG" +traefik_log_level: "INFO" # find the relevant environment variables for your DNS provider at https://go-acme.github.io/lego/dns/ traefik_environment_variables: From dcdabe84d00a6e2259b14583d97aff38a329311b Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 20 Jan 2021 00:23:30 +0000 Subject: [PATCH 83/92] Parameterise Traefik DNS provider --- roles/traefik/defaults/main.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/roles/traefik/defaults/main.yml b/roles/traefik/defaults/main.yml index 9a3c891f..73d807e4 100644 --- a/roles/traefik/defaults/main.yml +++ b/roles/traefik/defaults/main.yml @@ -17,9 +17,10 @@ traefik_port_ui: "8083" traefik_docker_image: traefik:v2.3 traefik_log_level: "INFO" -# find the relevant environment variables for your DNS provider at https://go-acme.github.io/lego/dns/ +# find the relevant name and environment variables for your DNS provider at https://go-acme.github.io/lego/dns/ +traefik_dns_provider: cloudflare traefik_environment_variables: CF_API_EMAIL: "{{ ansible_nas_email }}" CF_API_KEY: "abcdeabcdeabcdeabcde1234512345" # traefik_acme_server: "https://acme-staging-v02.api.letsencrypt.org/directory" # staging -traefik_acme_server: "https://acme-v02.api.letsencrypt.org/directory" # production \ No newline at end of file +traefik_acme_server: "https://acme-v02.api.letsencrypt.org/directory" # production From 13d046fc4ac7f1dda6d788bd9877d1f7d5bcd04e Mon Sep 17 00:00:00 2001 From: David Stephens Date: Wed, 20 Jan 2021 00:27:33 +0000 Subject: [PATCH 84/92] Add parameters to Traefik.toml --- roles/traefik/templates/traefik.toml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/traefik/templates/traefik.toml b/roles/traefik/templates/traefik.toml index 06b45cc3..6d356da9 100644 --- a/roles/traefik/templates/traefik.toml +++ b/roles/traefik/templates/traefik.toml @@ -39,8 +39,8 @@ [certificatesResolvers.letsencrypt] [certificatesResolvers.letsencrypt.acme] email = "{{ ansible_nas_email }}" - storage = "acme.json" - caserver = "https://acme-staging-v02.api.letsencrypt.org/directory" + storage = "/letsencrypt/acme.json" + caserver = "{{ traefik_acme_server }}" [certificatesResolvers.letsencrypt.acme.dnsChallenge] - provider = "cloudflare" + provider = "{{ traefik_dns_provider }}" From 25ed3fb56598191dcad5e9e838463f30d7e37aaf Mon Sep 17 00:00:00 2001 From: Dave Stephens Date: Wed, 20 Jan 2021 10:58:11 +0000 Subject: [PATCH 85/92] Flip cloudflare_ddns to ansible role --- group_vars/all.yml | 1 - nas.yml | 9 +++--- roles/cloudflare_ddns/defaults/main.yml | 23 ++++++++++++++ roles/cloudflare_ddns/tasks/main.yml | 28 +++++++++++++++++ .../cloudflare_ddns/templates/config.yml | 0 tasks/cloudflare_ddns.yml | 30 ------------------- templates/cloudflare-ddns/config-api.yaml | 9 ------ 7 files changed, 56 insertions(+), 44 deletions(-) create mode 100644 roles/cloudflare_ddns/defaults/main.yml create mode 100644 roles/cloudflare_ddns/tasks/main.yml rename templates/cloudflare-ddns/config.yaml => roles/cloudflare_ddns/templates/config.yml (100%) delete mode 100644 tasks/cloudflare_ddns.yml delete mode 100644 templates/cloudflare-ddns/config-api.yaml diff --git a/group_vars/all.yml b/group_vars/all.yml index d651f2f4..9c6cea23 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -45,7 +45,6 @@ miniflux_enabled: false glances_enabled: false stats_enabled: false guacamole_enabled: false -cloudflare_ddns_enabled: false cloudcmd_enabled: false virtual_desktop_enabled: false krusader_enabled: false diff --git a/nas.yml b/nas.yml index 674cfcee..72c2efbd 100644 --- a/nas.yml +++ b/nas.yml @@ -58,6 +58,11 @@ - bitwarden when: (bitwarden_enabled | default(False)) + - role: cloudflare_ddns + tags: + - cloudflare_ddns + when: (cloudflare_ddns_enabled | default(False)) + - role: duplicati tags: - duplicati @@ -215,10 +220,6 @@ when: (guacamole_enabled | default(False)) tags: guacamole - - import_tasks: tasks/cloudflare_ddns.yml - when: (cloudflare_ddns_enabled | default(False)) - tags: cloudflare_ddns - - import_tasks: tasks/minidlna.yml when: (minidlna_enabled | default(False)) tags: minidlna diff --git a/roles/cloudflare_ddns/defaults/main.yml b/roles/cloudflare_ddns/defaults/main.yml new file mode 100644 index 00000000..3b10e547 --- /dev/null +++ b/roles/cloudflare_ddns/defaults/main.yml @@ -0,0 +1,23 @@ +--- +cloudflare_ddns_enabled: false + +# Data directory for config file +cloudflare_data_directory: "{{ docker_home }}/cloudflare_ddns" + +# Your domain name +cloudflare_zone: "{{ ansible_nas_domain }}" + +# The hostname you want the container to update. You shouldn't need to change this. +cloudflare_host: "*.{{ cloudflare_zone }}" + +# Cloudflare scoped token (https://github.com/joshuaavalon/docker-cloudflare#api-token) +# Make sure token permissions include #DNS:Edit and #Zone:Read +cloudflare_token: "abcdabcdabcd123412341234" + +# Set to true to make traffic go through the CloudFlare CDN. +# Note that if the cloudflare host is a wildcard (the default), this must be false, as cloudflare +# does not support http proxy of wildcard CNAMEs. +cloudflare_proxy: false + +# Set to AAAA to use set IPv6 records instead of IPv4 records. +cloudflare_type: "A" diff --git a/roles/cloudflare_ddns/tasks/main.yml b/roles/cloudflare_ddns/tasks/main.yml new file mode 100644 index 00000000..647c8560 --- /dev/null +++ b/roles/cloudflare_ddns/tasks/main.yml @@ -0,0 +1,28 @@ +--- +- name: Check for deprecated API key + fail: + msg: "Using a Cloudflare global API key is no longer supported. Please unset cloudflare_api_key and set cloudflare_token" + when: cloudflare_api_key is defined + +- name: Create cloudflare Dynamic DNS Directories + file: + path: "{{ cloudflare_data_directory }}" + state: directory + +- name: Template Cloudflare Dynamic DNS config.yml with scoped token + template: + src: config.yml + dest: "{{ cloudflare_data_directory }}/config.yml" + register: template_files_result + + +- name: Cloudflare Dynamic DNS Container + docker_container: + name: cloudflare-ddns + image: joshava/cloudflare-ddns:latest + pull: true + volumes: + - "{{ cloudflare_data_directory }}/config.yml:/app/config.yaml" + restart_policy: unless-stopped + memory: 512MB + recreate: "{{ template_files_result is changed }}" diff --git a/templates/cloudflare-ddns/config.yaml b/roles/cloudflare_ddns/templates/config.yml similarity index 100% rename from templates/cloudflare-ddns/config.yaml rename to roles/cloudflare_ddns/templates/config.yml diff --git a/tasks/cloudflare_ddns.yml b/tasks/cloudflare_ddns.yml deleted file mode 100644 index 6b0a4bee..00000000 --- a/tasks/cloudflare_ddns.yml +++ /dev/null @@ -1,30 +0,0 @@ -- name: Cloudflare Dynamic DNS Directories - file: - path: "{{ cloudflare_data_directory }}" - state: directory - when: cloudflare_api_key is not defined - -- name: Template Cloudflare Dynamic DNS config.yaml with scoped token - template: - src: cloudflare-ddns/config.yaml - dest: "{{ cloudflare_data_directory }}/config.yaml" - register: template_files_result - when: cloudflare_api_key is not defined - -- name: Template Cloudflare Dynamic DNS config.yaml with api_key (DEPRECATED) - template: - src: cloudflare-ddns/config-api.yaml - dest: "{{ cloudflare_data_directory }}/config.yaml" - register: template_files_result_api - when: cloudflare_api_key is defined - -- name: Cloudflare Dynamic DNS Container - docker_container: - name: cloudflare-ddns - image: joshava/cloudflare-ddns:latest - pull: true - volumes: - - "{{ cloudflare_data_directory }}/config.yaml:/app/config.yaml" - restart_policy: unless-stopped - memory: 512MB - recreate: "{{ template_files_result is changed or template_files_result_api is changed }}" diff --git a/templates/cloudflare-ddns/config-api.yaml b/templates/cloudflare-ddns/config-api.yaml deleted file mode 100644 index da8c9207..00000000 --- a/templates/cloudflare-ddns/config-api.yaml +++ /dev/null @@ -1,9 +0,0 @@ -auth: - globalToken: "{{ cloudflare_api_key }}" - email: "{{ cloudflare_email }}" -domains: - - name: "{{ cloudflare_host }}" - type: "{{ cloudflare_type }}" - proxied: {{ cloudflare_proxy | bool }} - create: true - zoneName: "{{ cloudflare_zone }}" From 7995c111ed402bb6336fe86a8bc496cdf6e9b27b Mon Sep 17 00:00:00 2001 From: Dave Stephens Date: Wed, 20 Jan 2021 13:38:59 +0000 Subject: [PATCH 86/92] Traefik - Prefer Cloudflare scoped token and add docs --- roles/traefik/defaults/main.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/roles/traefik/defaults/main.yml b/roles/traefik/defaults/main.yml index 73d807e4..d6bc6375 100644 --- a/roles/traefik/defaults/main.yml +++ b/roles/traefik/defaults/main.yml @@ -20,7 +20,10 @@ traefik_log_level: "INFO" # find the relevant name and environment variables for your DNS provider at https://go-acme.github.io/lego/dns/ traefik_dns_provider: cloudflare traefik_environment_variables: - CF_API_EMAIL: "{{ ansible_nas_email }}" - CF_API_KEY: "abcdeabcdeabcdeabcde1234512345" + CF_DNS_API_TOKEN: "abcdabcd123412341234" + +# Ansible-NAS requests a wildcard certificate for your domain, so there should be no reason to have to use the staging +# letsencrypt acme server. If you do want to flip between staging/production, you might need to stop Traefik and clear +# the "{{ docker_home }}/traefik" after changing this setting. # traefik_acme_server: "https://acme-staging-v02.api.letsencrypt.org/directory" # staging traefik_acme_server: "https://acme-v02.api.letsencrypt.org/directory" # production From 45ea106c89228e65b6db11771840412fbdcd92b3 Mon Sep 17 00:00:00 2001 From: Dave Stephens Date: Wed, 20 Jan 2021 13:39:15 +0000 Subject: [PATCH 87/92] Restart Traefik if config changes --- roles/traefik/tasks/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/traefik/tasks/main.yml b/roles/traefik/tasks/main.yml index e7313784..85f2f691 100644 --- a/roles/traefik/tasks/main.yml +++ b/roles/traefik/tasks/main.yml @@ -11,6 +11,7 @@ template: src: traefik.toml dest: "{{ traefik_data_directory }}/traefik.toml" + register: template_config - name: Traefik Docker Container docker_container: @@ -25,3 +26,4 @@ env: "{{ traefik_environment_variables }}" restart_policy: unless-stopped memory: 1g + recreate: "{{ template_config is changed }}" From d0c8546a2ae1887f805274c7724551e6acef3606 Mon Sep 17 00:00:00 2001 From: Dave Stephens Date: Wed, 20 Jan 2021 13:51:16 +0000 Subject: [PATCH 88/92] Update to Traefik v2.4 --- roles/traefik/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/traefik/defaults/main.yml b/roles/traefik/defaults/main.yml index d6bc6375..1a0eda9c 100644 --- a/roles/traefik/defaults/main.yml +++ b/roles/traefik/defaults/main.yml @@ -14,7 +14,7 @@ traefik_port_http: "80" traefik_port_https: "443" traefik_port_ui: "8083" -traefik_docker_image: traefik:v2.3 +traefik_docker_image: traefik:v2.4 traefik_log_level: "INFO" # find the relevant name and environment variables for your DNS provider at https://go-acme.github.io/lego/dns/ From f2e1d660ab30aadbf403823159529d3ec243ad58 Mon Sep 17 00:00:00 2001 From: Dave Stephens Date: Wed, 20 Jan 2021 14:50:45 +0000 Subject: [PATCH 89/92] Move couchpotato to an ansible role --- group_vars/all.yml | 12 ------------ nas.yml | 5 +++++ roles/couchpotato/defaults/main.yml | 16 ++++++++++++++++ .../couchpotato/tasks/main.yml | 0 4 files changed, 21 insertions(+), 12 deletions(-) create mode 100644 roles/couchpotato/defaults/main.yml rename tasks/couchpotato.yml => roles/couchpotato/tasks/main.yml (100%) diff --git a/group_vars/all.yml b/group_vars/all.yml index 9c6cea23..e27554e2 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -24,7 +24,6 @@ tautulli_enabled: false # Media Sourcing sonarr_enabled: false # tv -couchpotato_enabled: false get_iplayer_enabled: false jackett_enabled: false @@ -337,17 +336,6 @@ youtubedlmaterial_dl_video_directory: "{{ downloads_root }}/youtube/video" youtubedlmaterial_dl_subscriptions_directory: "{{ downloads_root }}/youtube/subscriptions" youtubedlmaterial_port_http: "8998" -### -### Couchpotato -### -couchpotato_available_externally: "false" -couchpotato_config_directory: "{{ docker_home }}/couchpotato/config" -couchpotato_movies_directory: "{{ movies_root }}" -couchpotato_downloads_directory: "{{ downloads_root }}" -couchpotato_torrents_directory: "{{ torrents_root }}" -couchpotato_user_id: "0" -couchpotato_group_id: "0" -couchpotato_port: "5050" ### ### OpenVPN diff --git a/nas.yml b/nas.yml index 72c2efbd..eb6bac37 100644 --- a/nas.yml +++ b/nas.yml @@ -63,6 +63,11 @@ - cloudflare_ddns when: (cloudflare_ddns_enabled | default(False)) + - role: couchpotato + tags: + - couchpotato + when: (couchpotato_enabled | default(False)) + - role: duplicati tags: - duplicati diff --git a/roles/couchpotato/defaults/main.yml b/roles/couchpotato/defaults/main.yml new file mode 100644 index 00000000..7644aba1 --- /dev/null +++ b/roles/couchpotato/defaults/main.yml @@ -0,0 +1,16 @@ +--- +couchpotato_enabled: false +couchpotato_available_externally: "false" + +# directories +couchpotato_config_directory: "{{ docker_home }}/couchpotato/config" +couchpotato_movies_directory: "{{ movies_root }}" +couchpotato_downloads_directory: "{{ downloads_root }}" +couchpotato_torrents_directory: "{{ torrents_root }}" + +# uid / gid +couchpotato_user_id: "0" +couchpotato_group_id: "0" + +# network +couchpotato_port: "5050" \ No newline at end of file diff --git a/tasks/couchpotato.yml b/roles/couchpotato/tasks/main.yml similarity index 100% rename from tasks/couchpotato.yml rename to roles/couchpotato/tasks/main.yml From 4d556c91cc75c1cb557effe6d12a05f45c024c27 Mon Sep 17 00:00:00 2001 From: Dave Stephens Date: Wed, 20 Jan 2021 15:27:48 +0000 Subject: [PATCH 90/92] nas.yml fix to remove couchpotato --- nas.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/nas.yml b/nas.yml index eb6bac37..c07a0ba3 100644 --- a/nas.yml +++ b/nas.yml @@ -197,10 +197,6 @@ when: (glances_enabled | default(False)) tags: glances - - import_tasks: tasks/couchpotato.yml - when: (couchpotato_enabled | default(False)) - tags: couchpotato - - import_tasks: tasks/znc.yml when: (znc_enabled | default(False)) tags: znc From 8d5cfc9dc0dfb482eedf0860d406c5d5a380bbe4 Mon Sep 17 00:00:00 2001 From: Dave Stephens Date: Fri, 22 Jan 2021 14:38:28 +0000 Subject: [PATCH 91/92] Incorporate @ryanolf Plex changes :+1: --- roles/plex/defaults/main.yml | 11 ++++++++++- roles/plex/tasks/main.yml | 2 ++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/roles/plex/defaults/main.yml b/roles/plex/defaults/main.yml index 526c8ee2..6c457b29 100644 --- a/roles/plex/defaults/main.yml +++ b/roles/plex/defaults/main.yml @@ -27,4 +27,13 @@ plex_music_permissions: "rw" plex_hostname: "plex" # specs -plex_memory: "2g" \ No newline at end of file +plex_memory: "2g" + +# Device mappings for the docker container. E.g. To enable hardware transcoding: +# plex_devices: +# - "/dev/dri:/dev/dri" + + +# see https://hub.docker.com/r/linuxserver/plex for details on this setting +plex_version: "docker" + diff --git a/roles/plex/tasks/main.yml b/roles/plex/tasks/main.yml index 5587d7d2..59df6d3c 100644 --- a/roles/plex/tasks/main.yml +++ b/roles/plex/tasks/main.yml @@ -22,10 +22,12 @@ - "{{ plex_podcasts_directory }}:/podcasts:{{ plex_podcasts_permissions }}" - "{{ plex_music_directory }}:/music:{{ plex_music_permissions }}" network_mode: "host" + devices: "{{ plex_devices | default(omit) }}" env: TZ: "{{ ansible_nas_timezone }}" PUID: "{{ plex_user_id }}" PGID: "{{ plex_group_id }}" + VERSION: "{{ plex_version }}" restart_policy: unless-stopped memory: "{{ plex_memory }}" labels: From 88a0c46595490d42bf6788977730b88e27e7c9e9 Mon Sep 17 00:00:00 2001 From: Dave Stephens Date: Fri, 22 Jan 2021 15:35:08 +0000 Subject: [PATCH 92/92] Move Sonarr to ansible role --- group_vars/all.yml | 12 ------------ nas.yml | 9 +++++---- roles/sonarr/defaults/main.yml | 16 ++++++++++++++++ tasks/sonarr.yml => roles/sonarr/tasks/main.yml | 2 +- 4 files changed, 22 insertions(+), 17 deletions(-) create mode 100644 roles/sonarr/defaults/main.yml rename tasks/sonarr.yml => roles/sonarr/tasks/main.yml (90%) diff --git a/group_vars/all.yml b/group_vars/all.yml index e27554e2..4baf76a5 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -23,8 +23,6 @@ pyload_enabled: false tautulli_enabled: false # Media Sourcing -sonarr_enabled: false # tv - get_iplayer_enabled: false jackett_enabled: false minidlna_enabled: false @@ -315,16 +313,6 @@ mylar_port_http: "8585" mylar_user_id: "0" mylar_group_id: "0" -### -### Sonarr -### -sonarr_available_externally: "false" -sonarr_data_directory: "{{ docker_home }}/sonarr/config" -sonarr_tv_directory: "{{ tv_root }}" -sonarr_download_directory: "{{ downloads_root }}" -sonarr_user_id: "0" -sonarr_group_id: "0" -sonarr_port: "8989" ### ### YouTubeDL-Material diff --git a/nas.yml b/nas.yml index c07a0ba3..ebcf2c92 100644 --- a/nas.yml +++ b/nas.yml @@ -143,6 +143,11 @@ - sickchill when: (sickchill_enabled | default(False)) + - role: sonarr + tags: + - sonarr + when: (sonarr_enabled | default(False)) + - role: transmission tags: - transmission @@ -189,10 +194,6 @@ when: (mylar_enabled | default(False)) tags: mylar - - import_tasks: tasks/sonarr.yml - when: (sonarr_enabled | default(False)) - tags: sonarr - - import_tasks: tasks/glances.yml when: (glances_enabled | default(False)) tags: glances diff --git a/roles/sonarr/defaults/main.yml b/roles/sonarr/defaults/main.yml new file mode 100644 index 00000000..9004c5f0 --- /dev/null +++ b/roles/sonarr/defaults/main.yml @@ -0,0 +1,16 @@ +--- +sonarr_enabled: false +sonarr_available_externally: "false" + +# directories +sonarr_data_directory: "{{ docker_home }}/sonarr/config" +sonarr_tv_directory: "{{ tv_root }}" +sonarr_download_directory: "{{ downloads_root }}" + +# uid / gid +sonarr_user_id: "0" +sonarr_group_id: "0" + +# network +sonarr_port: "8989" +sonarr_hostname: "sonarr" \ No newline at end of file diff --git a/tasks/sonarr.yml b/roles/sonarr/tasks/main.yml similarity index 90% rename from tasks/sonarr.yml rename to roles/sonarr/tasks/main.yml index bfd3f8d4..8af72def 100644 --- a/tasks/sonarr.yml +++ b/roles/sonarr/tasks/main.yml @@ -25,7 +25,7 @@ memory: 1g labels: traefik.enable: "{{ sonarr_available_externally }}" - traefik.http.routers.sonarr.rule: "Host(`sonarr.{{ ansible_nas_domain }}`)" + traefik.http.routers.sonarr.rule: "Host(`{{ sonarr_hostname }}.{{ ansible_nas_domain }}`)" traefik.http.routers.sonarr.tls.certresolver: "letsencrypt" traefik.http.routers.sonarr.tls.domains[0].main: "{{ ansible_nas_domain }}" traefik.http.routers.sonarr.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"