mirror of
https://github.com/davestephens/ansible-nas
synced 2025-01-26 10:15:14 +00:00
Merge branch 'master' into jellyfin-books
This commit is contained in:
commit
f59ceaf0fb
118 changed files with 1065 additions and 1086 deletions
2
.github/ISSUE_TEMPLATE/bug-report.md
vendored
2
.github/ISSUE_TEMPLATE/bug-report.md
vendored
|
@ -15,7 +15,7 @@ A clear and concise description of what the bug is.
|
|||
**Environment**
|
||||
- Ansible-NAS revision (`git rev-parse --short HEAD`):
|
||||
- Ansible version (paste the entire output of `ansible --version` on the machine you run the playbook from):
|
||||
- Ansible-NAS operating system (`cat /etc/lsb-release` on the Ansible-NAS box) - _If this is anything other than Ubuntu 18.04 help will be limited_:
|
||||
- Ansible-NAS operating system (`cat /etc/lsb-release` on the Ansible-NAS box) - _Support won't be provided for non-LTS releases of Ubuntu_:
|
||||
- Ansible-NAS kernel (`uname -a` on the Ansible-NAS box):
|
||||
- Ansible-NAS Python version (`python --version` on the Ansible-NAS box):
|
||||
- Ansible-NAS Docker version (`docker --version` on the Ansible-NAS box):
|
||||
|
|
2
.gitignore
vendored
2
.gitignore
vendored
|
@ -1,9 +1,9 @@
|
|||
tests/test.yml
|
||||
site
|
||||
.vagrant
|
||||
roles
|
||||
*.retry
|
||||
*.log
|
||||
inventories
|
||||
|
||||
# Vim
|
||||
[._]sw[a-p]
|
||||
|
|
|
@ -16,7 +16,7 @@ install:
|
|||
- pip install mkdocs-material
|
||||
|
||||
script:
|
||||
- ansible-lint ${PWD}/nas.yml
|
||||
- ansible-lint ${PWD}/nas.yml -x 106,208
|
||||
- ${PWD}/tests/test.sh
|
||||
- mkdocs build
|
||||
|
||||
|
|
3
.vscode/extensions.json
vendored
3
.vscode/extensions.json
vendored
|
@ -1,6 +1,7 @@
|
|||
{
|
||||
"recommendations": [
|
||||
"haaaad.ansible",
|
||||
"ybaumes.highlight-trailing-white-spaces"
|
||||
"ybaumes.highlight-trailing-white-spaces",
|
||||
"bungcip.better-toml"
|
||||
]
|
||||
}
|
|
@ -1,6 +1,6 @@
|
|||
# Code of Conduct
|
||||
|
||||
Ansible-NAS follows the [Ansible Code Of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html).
|
||||
Ansible-NAS follows the [Ansible Community Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html).
|
||||
|
||||
Specifically, Ansible-NAS community members are expected to be:
|
||||
|
||||
|
|
|
@ -11,16 +11,18 @@ If you're adding a new application:
|
|||
|
||||
* Ensure that the new application is disabled by default.
|
||||
* Add a documentation page to `docs/applications/` - use an existing application as an example.
|
||||
* Add to the list of Available Applications in 'README.md'
|
||||
* Add to the list of Available Applications in `README.md`
|
||||
* Add the frontend port to `docs/configuration/application_ports.md`, ensuring you've not clashed with an existing application.
|
||||
* Add to the list of certificate requests in 'templates/traefik/traefik.toml' if the program is to be used externally.
|
||||
* Add to the list of certificate requests in `templates/traefik/traefik.toml` if the program is to be used externally.
|
||||
|
||||
A typical new application PR will include 2 new files (`docs/applications/application.md` and 'tasks/application.yml') and have 5 updated files ('README.md', 'nas.yml', `docs/configuration/application_ports.md`, 'group_vars/all.yml', 'templates/traefik/traefik.toml'
|
||||
A typical new application PR will include 2 new files (`docs/applications/application.md` and `tasks/application.yml`) and have 5 updated files (`README.md`, `nas.yml`, `docs/configuration/application_ports.md`, `group_vars/all.yml`, `templates/traefik/traefik.toml`).
|
||||
|
||||
## Things to bear in mind
|
||||
|
||||
* If you break the build with your PR, please fix it :)
|
||||
* Pull requests that unintentionally touch files, or that show files as removed then re-added will be rejected.
|
||||
* Squash your commits before creating a PR.
|
||||
* Don't mess with line endings, or tabs vs. spaces.
|
||||
* Please know that your efforts are appreciated, thanks! :+1:
|
||||
|
||||
# Development Environment
|
||||
|
|
2
LICENSE
2
LICENSE
|
@ -1,6 +1,6 @@
|
|||
MIT License
|
||||
|
||||
Copyright (c) 2017-2020 David Stephens
|
||||
Copyright (c) 2017-2021 David Stephens
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
|
|
16
README.md
16
README.md
|
@ -25,18 +25,17 @@ Ansible config and a bunch of Docker containers.
|
|||
* A Docker host with Portainer for image and container management
|
||||
* An automatic dynamic DNS updater if you use Cloudflare to host your domain DNS
|
||||
* A Personal finance manager
|
||||
* eBook management with calibre-web
|
||||
* eBook management with Calibre-web
|
||||
* Content management with Joomla
|
||||
* A dual panel local file manager
|
||||
* Self-service media request web application
|
||||
* SEO tracking with Serposcope
|
||||
|
||||
### Available Applications
|
||||
|
||||
* [Airsonic](https://airsonic.github.io/) - catalog and stream music
|
||||
* [Bazarr](https://github.com/morpheus65535/bazarr) - companion to Radarr and Sonarr for downloading subtitles
|
||||
* [Bitwarden_rs](https://github.com/dani-garcia/bitwarden_rs) - Self-Hosting port of password manager
|
||||
* [Calibre](https://hub.docker.com/r/linuxserver/calibre-web) - eBook Library
|
||||
* [Calibre-web](https://github.com/janeczku/calibre-web) - Provides a clean interface for browsing, reading and downloading eBooks using an existing Calibre database.
|
||||
* [Cloud Commander](https://cloudcmd.io/) - A dual panel file manager with integrated web console and text editor
|
||||
* [Cloudflare DDNS](https://hub.docker.com/r/joshuaavalon/cloudflare-ddns/) - automatically update Cloudflare with your IP address
|
||||
* [CouchPotato](https://couchpota.to/) - for downloading and managing movies
|
||||
|
@ -44,8 +43,8 @@ Ansible config and a bunch of Docker containers.
|
|||
* [Emby](https://emby.media/) - Media streaming and management
|
||||
* [Firefly III](https://firefly-iii.org/) - Free and open source personal finance manager
|
||||
* [get_iplayer](https://github.com/get-iplayer/get_iplayer) - download programmes from BBC iplayer
|
||||
* [Gitea](https://gitea.io/en-us/) - Simple self-hosted Github clone
|
||||
* [Gitlab](https://about.gitlab.com/features/) - Self-hosted Github clone of the highest order
|
||||
* [Gitea](https://gitea.io/en-us/) - Simple self-hosted GitHub clone
|
||||
* [GitLab](https://about.gitlab.com/features/) - Self-hosted GitHub clone of the highest order
|
||||
* [Glances](https://nicolargo.github.io/glances/) - for seeing the state of your system via a web browser
|
||||
* [Grafana](https://github.com/grafana/grafana) - Dashboarding tool
|
||||
* [Guacamole](https://guacamole.apache.org/) - Web based remote desktop gateway, supports VNC, RDP and SSH
|
||||
|
@ -55,7 +54,7 @@ Ansible config and a bunch of Docker containers.
|
|||
* [Jackett](https://github.com/Jackett/Jackett) - API Support for your favorite torrent trackers
|
||||
* [Jellyfin](https://jellyfin.github.io) - The Free Software Media System
|
||||
* [Joomla](https://www.joomla.org/) - Open source content management system
|
||||
* [https://krusader.org/](https://krusader.org/) - Twin panel file management for your desktop
|
||||
* [Krusader](https://krusader.org/) - Twin panel file management for your desktop
|
||||
* [Lidarr](https://github.com/lidarr/Lidarr) - Music collection manager for Usenet and BitTorrent users
|
||||
* [MiniDLNA](https://sourceforge.net/projects/minidlna/) - simple media server which is fully compliant with DLNA/UPnP-AV clients
|
||||
* [Miniflux](https://miniflux.app/) - An RSS news reader
|
||||
|
@ -73,7 +72,6 @@ Ansible config and a bunch of Docker containers.
|
|||
* [pyLoad](https://pyload.net/) - A download manager with a friendly web-interface
|
||||
* [PyTivo](http://pytivo.org) - An HMO and GoBack server for TiVos.
|
||||
* [Radarr](https://radarr.video/) - for organising and downloading movies
|
||||
* [Serposcope](https://serposcope.serphacker.com/en/) - tracker to monitor website ranking
|
||||
* [Sickchill](https://sickchill.github.io/) - for managing TV episodes
|
||||
* [Sonarr](https://sonarr.tv/) - for downloading and managing TV episodes
|
||||
* [Tautulli](http://tautulli.com/) - Monitor Your Plex Media Server
|
||||
|
@ -87,7 +85,7 @@ Ansible config and a bunch of Docker containers.
|
|||
* [Virtual Desktop](https://github.com/RattyDAVE/docker-ubuntu-xrdp-mate-custom) - A virtual desktop running on your NAS.
|
||||
* [Wallabag](https://wallabag.org/) - Save and classify articles. Read them later.
|
||||
* [Watchtower](https://github.com/v2tec/watchtower) - Monitor your Docker containers and update them if a new version is available
|
||||
* [YouTubeDL-Material](https://ytdl-org.github.io/youtube-dl) - Self-hosted YouTube downloader built on Material Design
|
||||
* [YouTubeDL-Material](https://github.com/Tzahi12345/YoutubeDL-Material) - Self-hosted YouTube downloader built on Material Design
|
||||
* [ZNC](https://wiki.znc.in/ZNC) - IRC bouncer to stay connected to favourite IRC networks and channels
|
||||
|
||||
## What This Could Do
|
||||
|
@ -133,7 +131,7 @@ Assuming that your Ubuntu system disk is separate from your storage (it should b
|
|||
## Requirements
|
||||
|
||||
* Ansible NAS targets the latest Ubuntu LTS release, which is currently Ubuntu
|
||||
Server 18.04.3 LTS.
|
||||
Server 20.04 LTS.
|
||||
* You can run Ansible-NAS on whatever you like, read the docs for more info. I
|
||||
use an HP Microserver.
|
||||
|
||||
|
|
|
@ -12,4 +12,4 @@ Set `bazarr_enabled: true` in your `inventories/<your_inventory>/nas.yml` file.
|
|||
|
||||
## Specific Configuration
|
||||
|
||||
Follow the [Wiki](https://github.com/morpheus65535/bazarr/wiki) for conecting to Sonarr and Radarr.
|
||||
Follow the [Wiki](https://github.com/morpheus65535/bazarr/wiki) for connecting to Sonarr and Radarr.
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# Calibre(-web) eBook Library
|
||||
# Calibre-web
|
||||
|
||||
Homepage: [https://github.com/janeczku/calibre-web](https://github.com/linuxserver/docker-calibre-web)
|
||||
Homepage: [https://github.com/janeczku/calibre-web](https://github.com/janeczku/calibre-web)
|
||||
|
||||
|
||||
Calibre-Web is a web app providing a clean interface for browsing, reading and downloading eBooks using an existing Calibre database.
|
||||
|
|
|
@ -12,4 +12,6 @@ Set `cloudflare_ddns_enabled: true` in your `inventories/<your_inventory>/nas.ym
|
|||
|
||||
## Specific Configuration
|
||||
|
||||
Make sure you set your Cloudflare login, domain and API key details within your `inventories/<your_inventory>/nas.yml` file.
|
||||
Make sure you set your domain (if different than the ansible-nas default) and access token details within your `inventories/<your_inventory>/nas.yml` file. If you need to create an API token, see https://joshuaavalon.github.io/docker-cloudflare/guide/cloudflare.html#authentication for instructions.
|
||||
|
||||
Cloudflare has deprecated global API key authentication. If you have an older ansible-nas configuration using a global API key, you can upgrade to the API token-based authentication by removing the `cloudflare_api_key` variable from your local `nas.yml` configuration file and setting the `cloudflare_token` variable appropriately.
|
||||
|
|
|
@ -35,7 +35,7 @@ configuration directory read/write.
|
|||
|
||||
## File system considerations
|
||||
|
||||
Movie and TV show files are almost alway very large and pre-compressed. If you
|
||||
Movie and TV show files are almost always very large and pre-compressed. If you
|
||||
are using a specialized filesystem such as ZFS for bulk storage, you'll want to
|
||||
set the parameters accordingly. The [ZFS configuration
|
||||
documentation](../zfs/zfs_configuration.md) has an example of this.
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
Homepage: [https://docs.gitlab.com/omnibus/docker/](https://docs.gitlab.com/omnibus/docker/)
|
||||
|
||||
If Gitea isn't powerful enough for you then consider GitLab. It's a much more powerful (and consquently bigger) Git repository solution that includes a suite of code analytics. On the other hand it requires more RAM.
|
||||
If Gitea isn't powerful enough for you then consider GitLab. It's a much more powerful (and consequently bigger) Git repository solution that includes a suite of code analytics. On the other hand it requires more RAM.
|
||||
|
||||
## Usage
|
||||
|
||||
|
|
|
@ -36,7 +36,7 @@ configuration directory read/write.
|
|||
|
||||
## File system considerations
|
||||
|
||||
Movie and TV show files are almost alway very large and pre-compressed. If you
|
||||
Movie and TV show files are almost always very large and pre-compressed. If you
|
||||
are using a specialized filesystem such as ZFS for bulk storage, you'll want to
|
||||
set the parameters accordingly. The [ZFS configuration
|
||||
documentation](../zfs/zfs_configuration.md) has an example of this.
|
||||
|
|
|
@ -9,7 +9,7 @@ Set `nextcloud_enabled: true` in your `inventories/<your_inventory>/nas.yml` fil
|
|||
|
||||
Tread carefully.
|
||||
|
||||
External access may require that you manually configure your Fully Qualified Domain Name (FQDN) as a trusted domain within the application. There is an evnironment variable set up for this in the "nextcloud task" which will most likely make manual configuration unneccessary. If you get the following [screenshot](https://docs.nextcloud.com/server/14/admin_manual/installation/installation_wizard.html#trusted-domains) warning when trying to access nextcloud externally you'll need to manually set it up.
|
||||
External access may require that you manually configure your Fully Qualified Domain Name (FQDN) as a trusted domain within the application. There is an environment variable set up for this in the "nextcloud task" which will most likely make manual configuration unnecessary. If you get the following [screenshot](https://docs.nextcloud.com/server/14/admin_manual/installation/installation_wizard.html#trusted-domains) warning when trying to access nextcloud externally you'll need to manually set it up.
|
||||
|
||||
This can be accomplished in two commands.
|
||||
|
||||
|
|
|
@ -18,4 +18,4 @@ Radarr will get the file path from the Download client. On default settings with
|
|||
For Radarr to understand that the `/movies` folder is a folder, you'll need to add a new subfolder into it.
|
||||
You can also do this by adding a random movie to the folder. Keep in mind to have the internal setting **Create empty movie folders** on **yes**
|
||||
|
||||
Comprehensive setup information can be found on the [Radarr github wiki](https://github.com/Radarr/Radarr/wiki/Setup-Guide)
|
||||
Comprehensive setup information can be found on the [Radarr GitHub wiki](https://github.com/Radarr/Radarr/wiki/Setup-Guide)
|
||||
|
|
|
@ -1,11 +0,0 @@
|
|||
# Serposcope
|
||||
|
||||
Homepage: [https://serposcope.serphacker.com/en/](https://serposcope.serphacker.com/en/)
|
||||
|
||||
Serposcope is a free and open-source rank tracker to monitor websites ranking in Google and improve your SEO performances
|
||||
|
||||
## Usage
|
||||
|
||||
Set `serposcope_enabled: true` in your `inventories/<your_inventory>/nas.yml` file.
|
||||
|
||||
The Serposcope web interface can be found at http://ansible_nas_host_or_ip:7134.
|
|
@ -19,4 +19,4 @@ Sonarr will get the file path from the Download client. On default settings with
|
|||
For Sonarr to understand that the `/tv` folder is a folder, you'll need to add a folder into it.
|
||||
You can also do this by adding a random series to the folder. Keep in mind to have the setting **Create empty movie folders** on **yes**
|
||||
|
||||
For comprehensive configuration instructions see the [Sonarr github wiki](https://github.com/Sonarr/Sonarr/wiki)
|
||||
For comprehensive configuration instructions see the [Sonarr GitHub wiki](https://github.com/Sonarr/Sonarr/wiki)
|
||||
|
|
|
@ -7,7 +7,7 @@ Traefik is a reverse proxy used to provide external access to your Ansible-NAS b
|
|||
You can configure which applications are available externally by enabling the `<application_name>_available_externally` setting
|
||||
for each application in the Advanced Settings section of your `all.yml`.
|
||||
|
||||
See [External Access](configuration/external_access) for more info.
|
||||
See [External Access](../configuration/external_access.md) for more info.
|
||||
|
||||
## Usage
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ Set `wallabag_enabled: true` in your `inventories/<your_inventory>/nas.yml` file
|
|||
|
||||
If you want to access wallabag externally, don't forget to set `wallabag_available_externally: "true"` in your `inventories/<your_inventory>/nas.yml` file.
|
||||
|
||||
I reccomend using the mobile app, which will sync with this installation so you have access to your saved articles even if you don't have signal or wifi access.
|
||||
I recommend using the mobile app, which will sync with this installation so you have access to your saved articles even if you don't have signal or wifi access.
|
||||
|
||||
The default credentials are wallabag:wallabag
|
||||
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
|
||||
# YouTubeDL-Material
|
||||
|
||||
Homepage: [https://ytdl-org.github.io/youtube-dl/](https://ytdl-org.github.io/youtube-dl/)
|
||||
Docker Container: [https://github.com/Tzahi12345/YoutubeDL-Material](https://github.com/Tzahi12345/YoutubeDL-Material)
|
||||
Homepage: [https://github.com/Tzahi12345/YoutubeDL-Material](https://github.com/Tzahi12345/YoutubeDL-Material)
|
||||
Docker Container: [https://hub.docker.com/r/tzahi12345/youtubedl-material](https://hub.docker.com/r/tzahi12345/youtubedl-material)
|
||||
|
||||
YoutubeDL-Material is a Material Design frontend for youtube-dl. It's coded using Angular 9 for the frontend, and Node.js on the backend.
|
||||
|
||||
|
|
|
@ -8,7 +8,7 @@ By default, applications can be found on the ports listed below.
|
|||
| Bazarr | 6767 | |
|
||||
| Bitwarden "hub" | 3012 | Web Not. |
|
||||
| Bitwarden | 19080 | HTTP |
|
||||
| Calibre | 8084 | HTTP |
|
||||
| Calibre-web | 8084 | HTTP |
|
||||
| Cloud Commander | 7373 | |
|
||||
| Couchpotato | 5050 | |
|
||||
| Duplicati | 8200 | |
|
||||
|
@ -18,9 +18,9 @@ By default, applications can be found on the ports listed below.
|
|||
| get_iplayer | 8182 | |
|
||||
| Gitea | 3001 | Web |
|
||||
| Gitea | 222 | SSH |
|
||||
| Gitlab | 4080 | HTTP |
|
||||
| Gitlab | 4443 | HTTPS |
|
||||
| Gitlab | 422 | SSH |
|
||||
| GitLab | 4080 | HTTP |
|
||||
| GitLab | 4443 | HTTPS |
|
||||
| GitLab | 422 | SSH |
|
||||
| Glances | 61208 | SSH |
|
||||
| Grafana | 3000 | |
|
||||
| Guacamole | 8090 | |
|
||||
|
@ -53,7 +53,6 @@ By default, applications can be found on the ports listed below.
|
|||
| PyTivo | 9032 | HTTP |
|
||||
| PyTivo | 2190 | UDP |
|
||||
| Radarr | 7878 | |
|
||||
| Serposcope | 7134 | |
|
||||
| Sickchill | 8081 | |
|
||||
| Sonarr | 8989 | |
|
||||
| Tautulli | 8185 | |
|
||||
|
|
|
@ -56,10 +56,10 @@ As a to-do list, before you can even install Ansible-NAS, you'll have to:
|
|||
account it [loves RAM](zfs/zfs_overview.md) and prefers to have the hard
|
||||
drives all to itself.
|
||||
|
||||
1. Install **Ubuntu Server**, currently 18.04 LTS, and keep it updated. You'll
|
||||
1. Install **Ubuntu Server**, currently 20.04 LTS, and keep it updated. You'll
|
||||
probably want to perform other basic setup tasks like hardening SSH and
|
||||
including email notifications. There are [various
|
||||
guides](https://devanswers.co/ubuntu-18-04-initial-server-setup/) for this,
|
||||
guides](https://devanswers.co/ubuntu-20-04-initial-server-setup/) for this,
|
||||
but if you're just getting started, you'll probably need a book.
|
||||
|
||||
You will probably want to install a specialized filesystem for bulk storage such
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
|
||||
If you're upgrading from [this](https://github.com/davestephens/ansible-nas/commit/52c7fef3aba08e30331931747c81fb7b3bfd359a) commit or earlier, these instructions are relevant to you.
|
||||
|
||||
Rather than having to merge every new config line into your own `all.yml` file, now you only need to maintain the differences that are relevant to you in your own `nas.yml`, stored within an inventory directory. Your inventory `nas.yml` takes prescendence over `group_vars/all.yml`, which is how this setup works. `group_vars/all.yml` is now tracked as part of the repo.
|
||||
Rather than having to merge every new config line into your own `all.yml` file, now you only need to maintain the differences that are relevant to you in your own `nas.yml`, stored within an inventory directory. Your inventory `nas.yml` takes precedence over `group_vars/all.yml`, which is how this setup works. `group_vars/all.yml` is now tracked as part of the repo.
|
||||
|
||||
This will make updates from `master` much simpler, as there will be no requirement to merge changes from `all.yml.dist` into your own `all.yml` any more. You simply pull from master, then add the bits you're interested in into your inventory `nas.yml`.
|
||||
|
||||
|
|
|
@ -36,9 +36,9 @@ Ansible-NAS storage. These two drives will be **mirrored** to provide
|
|||
redundancy. The actual Ubuntu system will be on a different drive and is not our
|
||||
concern.
|
||||
|
||||
> [Root on ZFS](https://github.com/zfsonlinux/zfs/wiki/Ubuntu-18.04-Root-on-ZFS)
|
||||
> is still a hassle for Ubuntu. If that changes, this document might be updated
|
||||
> accordingly. Until then, don't ask us about it.
|
||||
> [Root on ZFS](https://openzfs.github.io/openzfs-docs/Getting%20Started/Ubuntu/Ubuntu%2020.04%20Root%20on%20ZFS.html)
|
||||
is possible, but not something that has been tested with Ansible-NAS.
|
||||
|
||||
|
||||
The Ubuntu kernel is already ready for ZFS. We only need the utility package
|
||||
which we install with `sudo apt install zfsutils`.
|
||||
|
@ -107,7 +107,7 @@ late.
|
|||
Pools have properties that apply either to the pool itself or to filesystems
|
||||
created in the pool. You can use the command `zpool get all tank` to see the
|
||||
pool properties and `zfs get all tank` to see the filesystem properties. Most
|
||||
default values are perfecly sensible, some you'll [want to
|
||||
default values are perfectly sensible, some you'll [want to
|
||||
change](https://jrs-s.net/2018/08/17/zfs-tuning-cheat-sheet/). Setting
|
||||
defaults makes life easier when we create our filesystems.
|
||||
|
||||
|
|
|
@ -16,69 +16,46 @@
|
|||
###
|
||||
|
||||
# Downloading
|
||||
transmission_with_openvpn_enabled: false # Please see docs about how to set VPN credentials
|
||||
transmission_enabled: false
|
||||
nzbget_enabled: false
|
||||
pyload_enabled: false
|
||||
utorrent_enabled: false
|
||||
|
||||
# Media Serving
|
||||
plex_enabled: false
|
||||
tautulli_enabled: false
|
||||
|
||||
# Media Sourcing
|
||||
sonarr_enabled: false # tv
|
||||
sickchill_enabled: false
|
||||
couchpotato_enabled: false
|
||||
radarr_enabled: false
|
||||
get_iplayer_enabled: false
|
||||
jackett_enabled: false
|
||||
minidlna_enabled: false
|
||||
jellyfin_enabled: false
|
||||
emby_enabled: false
|
||||
bazarr_enabled: false
|
||||
ombi_enabled: false
|
||||
lidarr_enabled: false
|
||||
|
||||
|
||||
youtubedlmaterial_enabled: false
|
||||
mylar_enabled: false
|
||||
|
||||
# Music
|
||||
airsonic_enabled: false
|
||||
mymediaforalexa_enabled: false
|
||||
|
||||
# News
|
||||
miniflux_enabled: false
|
||||
|
||||
# System Management
|
||||
heimdall_enabled: false
|
||||
organizr_enabled: false
|
||||
portainer_enabled: false
|
||||
glances_enabled: false
|
||||
stats_enabled: false
|
||||
guacamole_enabled: false
|
||||
netdata_enabled: false
|
||||
watchtower_enabled: false
|
||||
cloudflare_ddns_enabled: false
|
||||
cloudcmd_enabled: false
|
||||
virtual_desktop_enabled: false
|
||||
krusader_enabled: false
|
||||
|
||||
# Backup & Restore
|
||||
duplicati_enabled: false
|
||||
nextcloud_enabled: false
|
||||
timemachine_enabled: false
|
||||
|
||||
# Software build and CI
|
||||
gitea_enabled: false
|
||||
gitlab_enabled: false
|
||||
|
||||
# IRC
|
||||
znc_enabled: false
|
||||
thelounge_enabled: false
|
||||
|
||||
# Password Management
|
||||
bitwarden_enabled: false
|
||||
|
||||
# Finance
|
||||
firefly_enabled: false
|
||||
|
||||
|
@ -86,7 +63,6 @@ firefly_enabled: false
|
|||
wallabag_enabled: false
|
||||
|
||||
# Home Automation
|
||||
homeassistant_enabled: false
|
||||
mosquitto_enabled: false
|
||||
homebridge_enabled: false
|
||||
openhab_enabled: false
|
||||
|
@ -103,30 +79,10 @@ joomla_enabled: false
|
|||
# PyTivo
|
||||
pytivo_enabled: false
|
||||
|
||||
# SEO
|
||||
serposcope_enabled: false
|
||||
|
||||
# External Access
|
||||
# Traefik will allow access to certain applications externally. To enable this you'll either; a domain name that points to your
|
||||
# home static IP address, the cloudflare with the cloudflare_ddns dynamic DNS container enabled, or use a dynamic DNS provider like no-ip.
|
||||
# You'll also need to map ports 80 and 443 from your router to your ansible-nas server, then enable the per-app "available_externally"
|
||||
# settings.
|
||||
traefik_enabled: false
|
||||
traefik_port_http: "80"
|
||||
traefik_port_https: "443"
|
||||
traefik_port_ui: "8083"
|
||||
###
|
||||
### General
|
||||
###
|
||||
# Sets the hostname of your Ansible NAS
|
||||
ansible_nas_hostname: ansible-nas
|
||||
|
||||
# Sets the timezone for your Ansible NAS
|
||||
# You can find a list here https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
|
||||
ansible_nas_timezone: Etc/UTC
|
||||
|
||||
# Update all apt packages when playbook is run
|
||||
keep_packages_updated: false
|
||||
|
||||
# Will be added to the docker group to give user command line access to docker
|
||||
ansible_nas_user: david
|
||||
|
@ -137,19 +93,6 @@ ansible_nas_email: me@example.com
|
|||
# Applications will have subdomain SSL certificates created if Traefik is enabled, e.g. ansible-nas.<your-domain>, nextcloud.<your-domain>
|
||||
ansible_nas_domain: example.com
|
||||
|
||||
###
|
||||
### Docker
|
||||
###
|
||||
# Where you want Docker to store images
|
||||
docker_image_directory: "{{ docker_home }}/data"
|
||||
|
||||
# Where you want Docker to store its container data.
|
||||
docker_home: /mnt/Volume2/docker
|
||||
|
||||
# Docker storage driver, see https://docs.docker.com/storage/storagedriver/select-storage-driver/#supported-backing-filesystems
|
||||
# You might want to change this to ZFS, depending on your underlying filesystem.
|
||||
docker_storage_driver: overlay2
|
||||
|
||||
###
|
||||
### Samba
|
||||
###
|
||||
|
@ -197,7 +140,7 @@ samba_shares:
|
|||
guest_ok: yes
|
||||
public: yes
|
||||
writable: yes
|
||||
browsable: yes
|
||||
browseable: yes
|
||||
path: "{{ downloads_root }}"
|
||||
|
||||
- name: movies
|
||||
|
@ -205,7 +148,7 @@ samba_shares:
|
|||
guest_ok: yes
|
||||
public: yes
|
||||
writable: yes
|
||||
browsable: yes
|
||||
browseable: yes
|
||||
path: "{{ movies_root }}"
|
||||
|
||||
- name: tv
|
||||
|
@ -213,7 +156,7 @@ samba_shares:
|
|||
guest_ok: yes
|
||||
public: yes
|
||||
writable: yes
|
||||
browsable: yes
|
||||
browseable: yes
|
||||
path: "{{ tv_root }}"
|
||||
|
||||
- name: music
|
||||
|
@ -221,7 +164,7 @@ samba_shares:
|
|||
guest_ok: yes
|
||||
public: yes
|
||||
writable: yes
|
||||
browsable: yes
|
||||
browseable: yes
|
||||
path: "{{ music_root }}"
|
||||
|
||||
- name: podcasts
|
||||
|
@ -229,7 +172,7 @@ samba_shares:
|
|||
guest_ok: yes
|
||||
public: yes
|
||||
writable: yes
|
||||
browsable: yes
|
||||
browseable: yes
|
||||
path: "{{ podcasts_root }}"
|
||||
|
||||
- name: dump
|
||||
|
@ -237,7 +180,7 @@ samba_shares:
|
|||
guest_ok: yes
|
||||
public: yes
|
||||
writable: yes
|
||||
browsable: yes
|
||||
browseable: yes
|
||||
path: "{{ samba_shares_root }}/dump"
|
||||
|
||||
- name: games
|
||||
|
@ -245,7 +188,7 @@ samba_shares:
|
|||
guest_ok: yes
|
||||
public: yes
|
||||
writable: yes
|
||||
browsable: yes
|
||||
browseable: yes
|
||||
path: "{{ samba_shares_root }}/games"
|
||||
|
||||
- name: photos
|
||||
|
@ -253,16 +196,16 @@ samba_shares:
|
|||
guest_ok: yes
|
||||
public: yes
|
||||
writable: yes
|
||||
browsable: yes
|
||||
path: "{{ samba_shares_root }}/photos"
|
||||
browseable: yes
|
||||
path: "{{ photos_root }}"
|
||||
|
||||
- name: books
|
||||
comment: 'Books'
|
||||
guest_ok: yes
|
||||
public: yes
|
||||
writable: yes
|
||||
browsable: yes
|
||||
path: "{{ samba_shares_root }}/books"
|
||||
browseable: yes
|
||||
path: "{{ books_root }}"
|
||||
|
||||
- name: audiobooks
|
||||
comment: 'Audiobooks'
|
||||
|
@ -277,8 +220,8 @@ samba_shares:
|
|||
guest_ok: yes
|
||||
public: yes
|
||||
writable: yes
|
||||
browsable: yes
|
||||
path: "{{ samba_shares_root }}/comics"
|
||||
browseable: yes
|
||||
path: "{{ comics_root }}"
|
||||
|
||||
###
|
||||
### NFS
|
||||
|
@ -292,36 +235,11 @@ nfs_shares_root: /mnt/Volume3
|
|||
nfs_exports:
|
||||
- "{{ nfs_shares_root }}/public *(rw,sync,no_root_squash)"
|
||||
|
||||
###
|
||||
### Cloudflare
|
||||
###
|
||||
# Cloudflare is a great free DNS option for domains. If you use the cloudflare_ddns container then you'll need to
|
||||
# set the options below.
|
||||
|
||||
# Your domain name
|
||||
cloudflare_zone: "{{ ansible_nas_domain }}"
|
||||
|
||||
# The hostname you want the container to update. You shouldn't need to change this.
|
||||
cloudflare_host: "*.{{ cloudflare_zone }}"
|
||||
|
||||
# Email address used to register for Cloudflare
|
||||
cloudflare_email: "{{ ansible_nas_email }}"
|
||||
|
||||
# Cloudflare 'Global API Key', can be found on the 'My Profile' page
|
||||
cloudflare_api_key: abcdeabcdeabcdeabcde1234512345
|
||||
|
||||
###
|
||||
### General
|
||||
###
|
||||
# Extra packages to install
|
||||
ansible_nas_extra_packages:
|
||||
- smartmontools
|
||||
- htop
|
||||
- zfsutils-linux
|
||||
- bonnie++
|
||||
- unzip
|
||||
- lm-sensors
|
||||
- ctop
|
||||
|
||||
|
||||
ansible_python_interpreter: /usr/bin/python3
|
||||
|
||||
|
@ -344,70 +262,6 @@ samba_map_to_guest: Bad Password
|
|||
# The NetBIOS hostname used by Samba on your network
|
||||
samba_netbios_name: "{{ ansible_nas_hostname }}"
|
||||
|
||||
###
|
||||
### Traefik
|
||||
###
|
||||
traefik_docker_image: traefik:v1.7
|
||||
traefik_data_directory: "{{ docker_home }}/traefik"
|
||||
traefik_debug: "false"
|
||||
|
||||
###
|
||||
### Heimdall
|
||||
###
|
||||
heimdall_available_externally: "false"
|
||||
heimdall_docker_image: linuxserver/heimdall:latest
|
||||
heimdall_data_directory: "{{ docker_home }}/heimdall"
|
||||
heimdall_port_http: "10080"
|
||||
heimdall_port_https: "10443"
|
||||
|
||||
###
|
||||
### Organizr
|
||||
###
|
||||
organizr_available_externally: "false"
|
||||
organizr_data_directory: "{{ docker_home }}/organizr"
|
||||
organizr_port_http: "10081"
|
||||
organizr_port_https: "10444"
|
||||
organizr_user_id: "1000"
|
||||
organizr_group_id: "1000"
|
||||
|
||||
###
|
||||
### Transmission
|
||||
###
|
||||
transmission_available_externally: "false"
|
||||
transmission_with_openvpn_available_externally: "false"
|
||||
transmission_config_directory: "{{ docker_home }}/transmission/config"
|
||||
transmission_download_directory: "{{ downloads_root }}"
|
||||
transmission_watch_directory: "{{ torrents_root }}"
|
||||
transmission_user_id: "0"
|
||||
transmission_group_id: "0"
|
||||
transmission_local_network: "192.168.1.0/24"
|
||||
transmission_webui_port: "9092"
|
||||
transmission_external_port: "51414"
|
||||
transmission_openvpn_webui_port: "9091"
|
||||
transmission_openvpn_external_port: "51415"
|
||||
transmission_openvpn_proxy_port: "3128"
|
||||
transmission_openvpn_ratio_limit_enabled: "true"
|
||||
transmission_openvpn_ratio_limit: "2"
|
||||
|
||||
# Transmission VPN Credentials
|
||||
# If you're using Transmission with a VPN, you'll need to set these credentials.
|
||||
# See https://github.com/haugene/docker-transmission-openvpn/ for supported VPN providers.
|
||||
openvpn_username: leisure-suit-larry
|
||||
openvpn_password: secretpassword
|
||||
openvpn_provider: AWESOMEVPNPROVIDER
|
||||
openvpn_config: United-Kingdom
|
||||
|
||||
###
|
||||
### uTorrent
|
||||
###
|
||||
utorrent_available_externally: "false"
|
||||
utorrent_config_directory: "{{ docker_home }}/utorrent/config"
|
||||
utorrent_download_directory: "{{ downloads_root }}"
|
||||
utorrent_port_http: "8111"
|
||||
utorrent_port_bt: "6881"
|
||||
utorrent_user_id: "0"
|
||||
utorrent_group_id: "0"
|
||||
|
||||
###
|
||||
### Joomla
|
||||
###
|
||||
|
@ -426,28 +280,6 @@ pyload_user_id: "0"
|
|||
pyload_group_id: "0"
|
||||
pyload_port: "8000"
|
||||
|
||||
###
|
||||
### Plex
|
||||
###
|
||||
# If you're paranoid, set permissions to "ro" so Plex won't ever be able to
|
||||
# delete your files
|
||||
plex_available_externally: "false"
|
||||
plex_config_directory: "{{ docker_home }}/plex/config"
|
||||
plex_logs: "{{ docker_home }}/plex/logs"
|
||||
plex_movies_directory: "{{ movies_root }}"
|
||||
plex_movies_permissions: "rw"
|
||||
plex_tv_directory: "{{ tv_root }}"
|
||||
plex_tv_permissions: "rw"
|
||||
plex_photos_directory: "{{ photos_root }}"
|
||||
plex_photos_permissions: "rw"
|
||||
plex_podcasts_directory: "{{ podcasts_root }}"
|
||||
plex_podcasts_permissions: "rw"
|
||||
plex_music_directory: "{{ music_root }}"
|
||||
plex_music_permissions: "rw"
|
||||
plex_user_id: "0"
|
||||
plex_group_id: "0"
|
||||
plex_port: "32400"
|
||||
|
||||
###
|
||||
### PyTivo
|
||||
###
|
||||
|
@ -470,21 +302,6 @@ homebridge_user_id: "0"
|
|||
homebridge_group_id: "0"
|
||||
homebridge_port: "8087"
|
||||
|
||||
###
|
||||
### Emby
|
||||
###
|
||||
# If you're paranoid, set permissions to "ro" so Emby won't ever be able to
|
||||
# delete your files
|
||||
emby_available_externally: "false"
|
||||
emby_config_directory: "{{ docker_home }}/emby/config"
|
||||
emby_movies_directory: "{{ movies_root }}"
|
||||
emby_movies_permissions: "rw"
|
||||
emby_tv_directory: "{{ tv_root }}"
|
||||
emby_tv_permissions: "rw"
|
||||
emby_user_id: "0"
|
||||
emby_group_id: "0"
|
||||
emby_port_http: "8096"
|
||||
emby_port_https: "8920"
|
||||
|
||||
###
|
||||
### Tautulli
|
||||
|
@ -495,14 +312,6 @@ tautulli_user_id: "0"
|
|||
tautulli_group_id: "0"
|
||||
tautulli_port: "8185"
|
||||
|
||||
|
||||
###
|
||||
### Duplicati
|
||||
###
|
||||
duplicati_available_externally: "false"
|
||||
duplicati_data_directory: "{{ docker_home }}/duplicati/config"
|
||||
duplicati_port: "8200"
|
||||
|
||||
###
|
||||
### Mylar
|
||||
###
|
||||
|
@ -514,49 +323,6 @@ mylar_port_http: "8585"
|
|||
mylar_user_id: "0"
|
||||
mylar_group_id: "0"
|
||||
|
||||
###
|
||||
### Sonarr
|
||||
###
|
||||
sonarr_available_externally: "false"
|
||||
sonarr_data_directory: "{{ docker_home }}/sonarr/config"
|
||||
sonarr_tv_directory: "{{ tv_root }}"
|
||||
sonarr_download_directory: "{{ downloads_root }}"
|
||||
sonarr_user_id: "0"
|
||||
sonarr_group_id: "0"
|
||||
sonarr_port: "8989"
|
||||
|
||||
###
|
||||
### Radarr
|
||||
###
|
||||
radarr_available_externally: "false"
|
||||
radarr_movies_directory: "{{ movies_root }}"
|
||||
radarr_download_directory: "{{ downloads_root }}"
|
||||
radarr_data_directory: "{{ docker_home }}/radarr"
|
||||
radarr_user_id: "0"
|
||||
radarr_group_id: "0"
|
||||
radarr_port: "7878"
|
||||
|
||||
###
|
||||
### Bazarr
|
||||
###
|
||||
bazarr_available_externally: "false"
|
||||
bazarr_data_directory: "{{ docker_home }}/bazarr/config"
|
||||
bazarr_tv_directory: "{{ tv_root }}"
|
||||
bazarr_movies_directory: "{{ movies_root }}"
|
||||
bazarr_user_id: "0"
|
||||
bazarr_group_id: "0"
|
||||
bazarr_port: "6767"
|
||||
|
||||
###
|
||||
### lidarr
|
||||
###
|
||||
lidarr_available_externally: "false"
|
||||
lidarr_data_directory: "{{ docker_home }}/lidarr/config"
|
||||
lidarr_music_directory: "{{ music_root }}"
|
||||
lidarr_downloads_directory: "{{ downloads_root }}"
|
||||
lidarr_user_id: "0"
|
||||
lidarr_group_id: "0"
|
||||
lidarr_port: "8686"
|
||||
|
||||
###
|
||||
### YouTubeDL-Material
|
||||
|
@ -568,43 +334,6 @@ youtubedlmaterial_dl_video_directory: "{{ downloads_root }}/youtube/video"
|
|||
youtubedlmaterial_dl_subscriptions_directory: "{{ downloads_root }}/youtube/subscriptions"
|
||||
youtubedlmaterial_port_http: "8998"
|
||||
|
||||
###
|
||||
### Couchpotato
|
||||
###
|
||||
couchpotato_available_externally: "false"
|
||||
couchpotato_config_directory: "{{ docker_home }}/couchpotato/config"
|
||||
couchpotato_movies_directory: "{{ movies_root }}"
|
||||
couchpotato_downloads_directory: "{{ downloads_root }}"
|
||||
couchpotato_torrents_directory: "{{ torrents_root }}"
|
||||
couchpotato_user_id: "0"
|
||||
couchpotato_group_id: "0"
|
||||
couchpotato_port: "5050"
|
||||
|
||||
###
|
||||
### Sickchill
|
||||
###
|
||||
sickchill_available_externally: "false"
|
||||
sickchill_config_directory: "{{ docker_home }}/sickchill/config"
|
||||
sickchill_tv_directory: "{{ tv_root }}"
|
||||
sickchill_downloads_directory: "{{ downloads_root }}/completed"
|
||||
sickchill_user_id: "0"
|
||||
sickchill_group_id: "0"
|
||||
sickchill_port: "8081"
|
||||
|
||||
|
||||
###
|
||||
### Ombi
|
||||
###
|
||||
ombi_available_externally: "false"
|
||||
ombi_config_directory: "{{ docker_home }}/ombi/config"
|
||||
ombi_user_id: "0"
|
||||
ombi_group_id: "0"
|
||||
|
||||
###
|
||||
### Netdata
|
||||
###
|
||||
netdata_available_externally: "false"
|
||||
netdata_port: "19999"
|
||||
|
||||
###
|
||||
### OpenVPN
|
||||
|
@ -612,13 +341,6 @@ netdata_port: "19999"
|
|||
openvpn_config_directory: "{{ docker_home }}/openvpn"
|
||||
|
||||
|
||||
###
|
||||
### Portainer
|
||||
###
|
||||
portainer_available_externally: "false"
|
||||
portainer_data_directory: "{{ docker_home }}/portainer/config"
|
||||
portainer_port: "9000"
|
||||
|
||||
###
|
||||
### ZNC
|
||||
###
|
||||
|
@ -640,13 +362,6 @@ stat_collection_interval: 15s
|
|||
grafana_influxdb_port: "8086"
|
||||
grafana_port: "3000"
|
||||
|
||||
###
|
||||
### Gitea
|
||||
###
|
||||
gitea_available_externally: "false"
|
||||
gitea_data_directory: "{{ docker_home }}/gitea"
|
||||
gitea_port_http: "3001"
|
||||
gitea_port_ssh: "222"
|
||||
|
||||
###
|
||||
### Gitlab
|
||||
|
@ -664,13 +379,6 @@ glances_available_externally: "false"
|
|||
glances_port_one: "61208"
|
||||
glances_port_two: "61209"
|
||||
|
||||
###
|
||||
### Nextcloud
|
||||
###
|
||||
nextcloud_available_externally: "false"
|
||||
nextcloud_data_directory: "{{ docker_home }}/nextcloud"
|
||||
nextcloud_port: "8080"
|
||||
|
||||
###
|
||||
### nginx
|
||||
###
|
||||
|
@ -694,16 +402,6 @@ miniflux_admin_username: admin
|
|||
miniflux_admin_password: supersecure
|
||||
miniflux_port: "8070"
|
||||
|
||||
###
|
||||
### Airsonic
|
||||
###
|
||||
airsonic_available_externally: "false"
|
||||
airsonic_data_directory: "{{ docker_home }}/airsonic"
|
||||
airsonic_music_directory: "{{ music_root }}"
|
||||
airsonic_podcasts_directory: "{{ podcasts_root }}"
|
||||
airsonic_port: "4040"
|
||||
|
||||
|
||||
###
|
||||
### CloudCmd
|
||||
###
|
||||
|
@ -727,24 +425,6 @@ krusader_vnc_password: "topsecret"
|
|||
krusader_port_http: "5800"
|
||||
krusader_port_vnc: "5900"
|
||||
|
||||
###
|
||||
### Watchtower
|
||||
###
|
||||
# Sets the 6 field cron schedule to use for checks and updates. This will check at 5am daily.
|
||||
watchtower_cron_schedule: 0 0 5 * * *
|
||||
|
||||
# Sets the Watchtower Docker start command. Different options can be supplied based on whether you want to receive
|
||||
# notifications or not, some examples are provided below. See https://github.com/v2tec/watchtower for more info.
|
||||
|
||||
# No notifications
|
||||
watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --debug"
|
||||
|
||||
# Email notifications
|
||||
# watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --notifications 'email' --notification-email-from 'ansible@nas.com' --notification-email-to '{{ ansible_nas_email }}' --notification-email-server 'my.email.server.com' --notification-email-server-port '25' --notification-email-server-user 'email_username' --notification-email-server-password 'top-secret'"
|
||||
|
||||
# Slack notifications
|
||||
# watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --notifications 'slack' --notification-slack-hook-url 'https://hooks.slack.com/services/xxx/yyyyyyyyyyyyyyy' --notification-slack-identifier 'ansible-nas'"
|
||||
|
||||
###
|
||||
### Time Machine
|
||||
###
|
||||
|
@ -792,24 +472,6 @@ thelounge_data_directory: "{{ docker_home }}/thelounge"
|
|||
thelounge_port_one: "113"
|
||||
thelounge_port_two: "9002"
|
||||
|
||||
###
|
||||
### Bitwarden
|
||||
###
|
||||
bitwarden_available_externally: "false"
|
||||
bitwarden_data_directory: "{{ docker_home }}/bitwarden"
|
||||
bitwarden_port_a: "19080"
|
||||
bitwarden_port_b: "3012"
|
||||
|
||||
# Keep this token secret, this is password to access admin area of your server!
|
||||
# This token can be anything, but it's recommended to use a long, randomly generated string of characters,
|
||||
# for example running openssl rand -base64 48
|
||||
bitwarden_admin_token: qwertyuiop1234567890poiuytrewq0987654321
|
||||
|
||||
# To create a user set this to "true", and reprovision the container by re-running the ansible-nas playbook.
|
||||
# Once you have created your user, set to "false" and run one more time.
|
||||
# Target just Bitwarden by running: ansible-playbook -i inventory nas.yml -b -K -t bitwarden
|
||||
bitwarden_allow_signups: false
|
||||
|
||||
###
|
||||
### Firefly
|
||||
###
|
||||
|
@ -843,7 +505,7 @@ mosquitto_port_a: "1883"
|
|||
mosquitto_port_b: "9001"
|
||||
|
||||
###
|
||||
### Calibre
|
||||
### Calibre-web
|
||||
###
|
||||
calibre_available_externally: "false"
|
||||
calibre_data_directory: "{{ docker_home }}/calibre"
|
||||
|
@ -854,13 +516,6 @@ calibre_port: "8084"
|
|||
# To disable ebook conversion set calibre_ebook_conversion to "". To enable it set it to "linuxserver/calibre-web:calibre"
|
||||
calibre_ebook_conversion: "linuxserver/calibre-web:calibre"
|
||||
|
||||
###
|
||||
### Home Assistant
|
||||
###
|
||||
homeassistant_available_externally: "false"
|
||||
homeassistant_data_directory: "{{ docker_home }}/homeassistant"
|
||||
homeassistant_port: "8123"
|
||||
|
||||
###
|
||||
### openHAB
|
||||
###
|
||||
|
@ -904,13 +559,6 @@ ubooquity_group_id: "0"
|
|||
ubooquity_port_webui: "2202"
|
||||
ubooquity_port_admin: "2203"
|
||||
|
||||
###
|
||||
### Serposcope
|
||||
###
|
||||
serposcope_data_directory: "{{ docker_home }}/serposcope"
|
||||
serposcope_port: 7134
|
||||
serposcope_available_externally: "false"
|
||||
|
||||
###
|
||||
### Virtual Desktop
|
||||
###
|
||||
|
|
242
nas.yml
242
nas.yml
|
@ -6,6 +6,10 @@
|
|||
tags: users
|
||||
|
||||
roles:
|
||||
|
||||
###
|
||||
### Requirements
|
||||
###
|
||||
- role: bertvv.samba
|
||||
tags:
|
||||
- samba
|
||||
|
@ -21,57 +25,163 @@
|
|||
- docker
|
||||
- skip_ansible_lint
|
||||
|
||||
tasks:
|
||||
- import_tasks: tasks/general.yml
|
||||
tags: general
|
||||
|
||||
- import_tasks: tasks/docker.yml
|
||||
tags: docker
|
||||
###
|
||||
### Ansible-NAS Roles
|
||||
###
|
||||
- role: ansible-nas-general
|
||||
tags:
|
||||
- ansible-nas-general
|
||||
- ansible-nas
|
||||
|
||||
- import_tasks: tasks/portainer.yml
|
||||
when: (portainer_enabled | default(False))
|
||||
tags: portainer
|
||||
- role: ansible-nas-docker
|
||||
tags:
|
||||
- ansible-nas-docker
|
||||
- ansible-nas
|
||||
|
||||
- import_tasks: tasks/traefik.yml
|
||||
when: (traefik_enabled | default(False))
|
||||
tags: traefik
|
||||
|
||||
- import_tasks: tasks/heimdall.yml
|
||||
###
|
||||
### Applications
|
||||
###
|
||||
- role: airsonic
|
||||
tags:
|
||||
- airsonic
|
||||
when: (airsonic_enabled | default(False))
|
||||
|
||||
- role: bazarr
|
||||
tags:
|
||||
- bazarr
|
||||
when: (bazarr_enabled | default(False))
|
||||
|
||||
- role: bitwarden
|
||||
tags:
|
||||
- bitwarden
|
||||
when: (bitwarden_enabled | default(False))
|
||||
|
||||
- role: cloudflare_ddns
|
||||
tags:
|
||||
- cloudflare_ddns
|
||||
when: (cloudflare_ddns_enabled | default(False))
|
||||
|
||||
- role: couchpotato
|
||||
tags:
|
||||
- couchpotato
|
||||
when: (couchpotato_enabled | default(False))
|
||||
|
||||
- role: duplicati
|
||||
tags:
|
||||
- duplicati
|
||||
when: (duplicati_enabled | default(False))
|
||||
|
||||
- role: emby
|
||||
tags:
|
||||
- emby
|
||||
when: (emby_enabled | default(False))
|
||||
|
||||
- role: gitea
|
||||
tags:
|
||||
- gitea
|
||||
when: (gitea_enabled | default(False))
|
||||
|
||||
- role: heimdall
|
||||
tags:
|
||||
- heimdall
|
||||
when: (heimdall_enabled | default(False))
|
||||
tags: heimdall
|
||||
|
||||
- import_tasks: tasks/organizr.yml
|
||||
- role: homeassistant
|
||||
tags:
|
||||
- homeassistant
|
||||
when: (homeassistant_enabled | default(False))
|
||||
|
||||
- role: lidarr
|
||||
tags:
|
||||
- lidarr
|
||||
when: (lidarr_enabled | default(False))
|
||||
|
||||
- role: netdata
|
||||
tags:
|
||||
- netdata
|
||||
when: (netdata_enabled | default(False))
|
||||
|
||||
- role: nextcloud
|
||||
tags:
|
||||
- nextcloud
|
||||
when: (nextcloud_enabled | default(False))
|
||||
|
||||
- role: organizr
|
||||
tags:
|
||||
- organizr
|
||||
when: (organizr_enabled | default(False))
|
||||
tags: organizr
|
||||
|
||||
- import_tasks: tasks/watchtower.yml
|
||||
when: (watchtower_enabled | default(False))
|
||||
tags: watchtower
|
||||
- role: portainer
|
||||
tags:
|
||||
- portainer
|
||||
when: (portainer_enabled | default(False))
|
||||
|
||||
- import_tasks: tasks/plex.yml
|
||||
- role: ombi
|
||||
tags:
|
||||
- ombi
|
||||
when: (ombi_enabled | default(False))
|
||||
|
||||
- role: plex
|
||||
tags:
|
||||
- plex
|
||||
when: (plex_enabled | default(False))
|
||||
tags: plex
|
||||
|
||||
- role: radarr
|
||||
tags:
|
||||
- radarr
|
||||
when: (radarr_enabled | default(False))
|
||||
|
||||
- role: radarr
|
||||
tags:
|
||||
- radarr
|
||||
when: (radarr_enabled | default(False))
|
||||
|
||||
- role: sickchill
|
||||
tags:
|
||||
- sickchill
|
||||
when: (sickchill_enabled | default(False))
|
||||
|
||||
- role: sonarr
|
||||
tags:
|
||||
- sonarr
|
||||
when: (sonarr_enabled | default(False))
|
||||
|
||||
- role: transmission
|
||||
tags:
|
||||
- transmission
|
||||
when: (transmission_enabled | default(False))
|
||||
|
||||
- role: transmission-with-openvpn
|
||||
tags:
|
||||
- transmission_with_openvpn_enabled
|
||||
when: (transmission_with_openvpn_enabled | default(False))
|
||||
|
||||
- role: utorrent
|
||||
tags:
|
||||
- utorrent
|
||||
when: (utorrent_enabled | default(False))
|
||||
|
||||
- role: traefik
|
||||
tags:
|
||||
- traefik
|
||||
when: (traefik_enabled | default(False))
|
||||
|
||||
- role: watchtower
|
||||
tags:
|
||||
- watchtower
|
||||
when: (watchtower_enabled | default(False))
|
||||
|
||||
tasks:
|
||||
- import_tasks: tasks/firefly.yml
|
||||
when: (firefly_enabled | default(False))
|
||||
tags: firefly
|
||||
|
||||
- import_tasks: tasks/emby.yml
|
||||
when: (emby_enabled | default(False))
|
||||
tags: emby
|
||||
|
||||
- import_tasks: tasks/tautulli.yml
|
||||
when: (tautulli_enabled | default(False))
|
||||
tags: tautulli
|
||||
|
||||
- import_tasks: tasks/transmission.yml
|
||||
when: (transmission_enabled | default(False))
|
||||
tags: transmission
|
||||
|
||||
- import_tasks: tasks/transmission_with_openvpn.yml
|
||||
when: (transmission_with_openvpn_enabled | default(False))
|
||||
tags: transmission
|
||||
|
||||
- import_tasks: tasks/pyload.yml
|
||||
when: (pyload_enabled | default(False))
|
||||
tags: pyload
|
||||
|
@ -84,34 +194,10 @@
|
|||
when: (mylar_enabled | default(False))
|
||||
tags: mylar
|
||||
|
||||
- import_tasks: tasks/sonarr.yml
|
||||
when: (sonarr_enabled | default(False))
|
||||
tags: sonarr
|
||||
|
||||
- import_tasks: tasks/radarr.yml
|
||||
when: (radarr_enabled | default(False))
|
||||
tags: radarr
|
||||
|
||||
- import_tasks: tasks/glances.yml
|
||||
when: (glances_enabled | default(False))
|
||||
tags: glances
|
||||
|
||||
- import_tasks: tasks/netdata.yml
|
||||
when: (netdata_enabled | default(False))
|
||||
tags: netdata
|
||||
|
||||
- import_tasks: tasks/duplicati.yml
|
||||
when: (duplicati_enabled | default(False))
|
||||
tags: duplicati
|
||||
|
||||
- import_tasks: tasks/couchpotato.yml
|
||||
when: (couchpotato_enabled | default(False))
|
||||
tags: couchpotato
|
||||
|
||||
- import_tasks: tasks/sickchill.yml
|
||||
when: (sickchill_enabled | default(False))
|
||||
tags: sickchill
|
||||
|
||||
- import_tasks: tasks/znc.yml
|
||||
when: (znc_enabled | default(False))
|
||||
tags: znc
|
||||
|
@ -120,14 +206,6 @@
|
|||
when: (miniflux_enabled | default(False))
|
||||
tags: miniflux
|
||||
|
||||
- import_tasks: tasks/nextcloud.yml
|
||||
when: (nextcloud_enabled | default(False))
|
||||
tags: nextcloud
|
||||
|
||||
- import_tasks: tasks/gitea.yml
|
||||
when: (gitea_enabled | default(False))
|
||||
tags: gitea
|
||||
|
||||
- import_tasks: tasks/gitlab.yml
|
||||
when: (gitlab_enabled | default(False))
|
||||
tags: gitlab
|
||||
|
@ -144,14 +222,6 @@
|
|||
when: (guacamole_enabled | default(False))
|
||||
tags: guacamole
|
||||
|
||||
- import_tasks: tasks/airsonic.yml
|
||||
when: (airsonic_enabled | default(False))
|
||||
tags: airsonic
|
||||
|
||||
- import_tasks: tasks/cloudflare_ddns.yml
|
||||
when: (cloudflare_ddns_enabled | default(False))
|
||||
tags: cloudflare_ddns
|
||||
|
||||
- import_tasks: tasks/minidlna.yml
|
||||
when: (minidlna_enabled | default(False))
|
||||
tags: minidlna
|
||||
|
@ -172,10 +242,6 @@
|
|||
when: (joomla_enabled | default(False))
|
||||
tags: joomla
|
||||
|
||||
- import_tasks: tasks/bitwarden.yml
|
||||
when: (bitwarden_enabled | default(False))
|
||||
tags: bitwarden
|
||||
|
||||
- import_tasks: tasks/nzbget.yml
|
||||
when: (nzbget_enabled | default(False))
|
||||
tags: nzbget
|
||||
|
@ -196,14 +262,6 @@
|
|||
when: (calibre_enabled | default(False))
|
||||
tags: calibre
|
||||
|
||||
- import_tasks: tasks/homeassistant.yml
|
||||
when: (homeassistant_enabled | default(False))
|
||||
tags: homeassistant
|
||||
|
||||
- import_tasks: tasks/bazarr.yml
|
||||
when: (bazarr_enabled | default(False))
|
||||
tags: bazarr
|
||||
|
||||
- import_tasks: tasks/openhab.yml
|
||||
when: (openhab_enabled | default(False))
|
||||
tags: openhab
|
||||
|
@ -224,26 +282,10 @@
|
|||
when: (ubooquity_enabled | default(False))
|
||||
tags: ubooquity
|
||||
|
||||
- import_tasks: tasks/utorrent.yml
|
||||
when: (utorrent_enabled | default(False))
|
||||
tags: utorrent
|
||||
|
||||
- import_tasks: tasks/ombi.yml
|
||||
when: (ombi_enabled | default(False))
|
||||
tags: ombi
|
||||
|
||||
- import_tasks: tasks/lidarr.yml
|
||||
when: (lidarr_enabled | default(False))
|
||||
tags: lidarr
|
||||
|
||||
- import_tasks: tasks/youtubedlmaterial.yml
|
||||
when: (youtubedlmaterial_enabled | default(False))
|
||||
tags: youtubedlmaterial
|
||||
|
||||
- import_tasks: tasks/serposcope.yml
|
||||
when: (serposcope_enabled | default(False))
|
||||
tags: serposcope
|
||||
|
||||
- import_tasks: tasks/virtual_desktop.yml
|
||||
when: (virtual_desktop_enabled | default(False))
|
||||
tags: virtual_desktop
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
---
|
||||
- name: geerlingguy.docker
|
||||
version: 2.7.0
|
||||
version: 3.0.0
|
||||
|
||||
- name: bertvv.samba
|
||||
version: v2.7.1
|
||||
|
||||
- name: geerlingguy.nfs
|
||||
version: 1.5.0
|
||||
version: 2.0.0
|
||||
|
|
12
roles/airsonic/defaults/main.yml
Normal file
12
roles/airsonic/defaults/main.yml
Normal file
|
@ -0,0 +1,12 @@
|
|||
---
|
||||
airsonic_enabled: false
|
||||
airsonic_available_externally: "false"
|
||||
|
||||
# directories
|
||||
airsonic_data_directory: "{{ docker_home }}/airsonic"
|
||||
airsonic_music_directory: "{{ music_root }}"
|
||||
airsonic_podcasts_directory: "{{ podcasts_root }}"
|
||||
|
||||
# network
|
||||
airsonic_port: "4040"
|
||||
airsonic_hostname: "airsonic"
|
|
@ -23,8 +23,10 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "airsonic"
|
||||
traefik.frontend.rule: "Host:airsonic.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ airsonic_available_externally }}"
|
||||
traefik.port: "4040"
|
||||
traefik.http.routers.airsonic.rule: "Host(`{{ airsonic_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.airsonic.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.airsonic.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.airsonic.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.airsonic.loadbalancer.server.port: "4040"
|
||||
|
12
roles/ansible-nas-docker/defaults/main.yml
Normal file
12
roles/ansible-nas-docker/defaults/main.yml
Normal file
|
@ -0,0 +1,12 @@
|
|||
---
|
||||
ansible_nas_user: david
|
||||
|
||||
# Where you want Docker to store its container data.
|
||||
docker_home: /mnt/Volume2/docker
|
||||
|
||||
# Where you want Docker to store images
|
||||
docker_image_directory: "{{ docker_home }}/data"
|
||||
|
||||
# Docker storage driver, see https://docs.docker.com/storage/storagedriver/select-storage-driver/#supported-backing-filesystems
|
||||
# You might want to change this to ZFS, depending on your underlying filesystem.
|
||||
docker_storage_driver: overlay2
|
|
@ -1,44 +1,44 @@
|
|||
---
|
||||
- name: install python3-pip
|
||||
- name: Install python3-pip
|
||||
apt:
|
||||
name: python3-pip
|
||||
state: present
|
||||
register: result
|
||||
until: result is succeeded
|
||||
|
||||
- name: 'Remove docker-py python module'
|
||||
- name: Remove docker-py python module
|
||||
pip:
|
||||
name: docker-py
|
||||
state: absent
|
||||
register: result
|
||||
until: result is succeeded
|
||||
|
||||
- name: 'Install docker python module'
|
||||
- name: Install docker python module
|
||||
pip:
|
||||
name: docker
|
||||
state: present
|
||||
register: result
|
||||
until: result is succeeded
|
||||
|
||||
- name: create docker home
|
||||
- name: Create Docker home directory
|
||||
file:
|
||||
path: "{{ docker_home }}"
|
||||
mode: 0755
|
||||
state: directory
|
||||
|
||||
- name: add user account to docker group
|
||||
- name: Add user account to Docker group
|
||||
user:
|
||||
name: "{{ ansible_nas_user }}"
|
||||
groups: docker
|
||||
append: yes
|
||||
|
||||
- name: update docker home from install default
|
||||
- name: Update Docker home from install default
|
||||
template:
|
||||
src: docker/daemon.json
|
||||
src: daemon.json
|
||||
dest: /etc/docker/daemon.json
|
||||
register: docker_config
|
||||
|
||||
- name: restart docker
|
||||
- name: Restart Docker
|
||||
service:
|
||||
name: docker
|
||||
state: restarted
|
20
roles/ansible-nas-general/defaults/main.yml
Normal file
20
roles/ansible-nas-general/defaults/main.yml
Normal file
|
@ -0,0 +1,20 @@
|
|||
---
|
||||
# Sets the hostname of your Ansible NAS
|
||||
ansible_nas_hostname: ansible-nas
|
||||
|
||||
# Update all apt packages when playbook is run
|
||||
keep_packages_updated: false
|
||||
|
||||
# Extra packages to install
|
||||
ansible_nas_extra_packages:
|
||||
- smartmontools
|
||||
- htop
|
||||
- zfsutils-linux
|
||||
- bonnie++
|
||||
- unzip
|
||||
- lm-sensors
|
||||
- ctop
|
||||
|
||||
# Sets the timezone for your Ansible NAS
|
||||
# You can find a list here https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
|
||||
ansible_nas_timezone: Etc/UTC
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: Set login banner
|
||||
template:
|
||||
src: ansible-nas/motd.txt
|
||||
copy:
|
||||
src: motd.txt
|
||||
dest: /etc/motd
|
||||
|
||||
- name: Enable Universe repository
|
||||
|
@ -21,7 +21,7 @@
|
|||
|
||||
- name: Upgrade all packages
|
||||
apt:
|
||||
upgrade: true
|
||||
upgrade: yes
|
||||
state: latest
|
||||
when: keep_packages_updated
|
||||
tags:
|
16
roles/bazarr/defaults/main.yml
Normal file
16
roles/bazarr/defaults/main.yml
Normal file
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
bazarr_enabled: false
|
||||
bazarr_available_externally: "false"
|
||||
|
||||
# directories
|
||||
bazarr_data_directory: "{{ docker_home }}/bazarr/config"
|
||||
bazarr_tv_directory: "{{ tv_root }}"
|
||||
bazarr_movies_directory: "{{ movies_root }}"
|
||||
|
||||
# uid/gid
|
||||
bazarr_user_id: "0"
|
||||
bazarr_group_id: "0"
|
||||
|
||||
# network
|
||||
bazarr_port: "6767"
|
||||
bazarr_hostname: "bazarr"
|
|
@ -24,7 +24,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "bazarr"
|
||||
traefik.frontend.rule: "Host:bazarr.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ bazarr_available_externally }}"
|
||||
traefik.port: "6767"
|
||||
traefik.http.routers.bazarr.rule: "Host(`{{ bazarr_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.bazarr.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.bazarr.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.bazarr.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.bazarr.loadbalancer.server.port: "6767"
|
16
roles/bitwarden/defaults/main.yml
Normal file
16
roles/bitwarden/defaults/main.yml
Normal file
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
bitwarden_enabled: false
|
||||
bitwarden_available_externally: "false"
|
||||
bitwarden_data_directory: "{{ docker_home }}/bitwarden"
|
||||
bitwarden_port_a: "19080"
|
||||
bitwarden_port_b: "3012"
|
||||
|
||||
# Keep this token secret, this is password to access admin area of your server!
|
||||
# This token can be anything, but it's recommended to use a long, randomly generated string of characters,
|
||||
# for example running openssl rand -base64 48
|
||||
bitwarden_admin_token: qwertyuiop1234567890poiuytrewq0987654321
|
||||
|
||||
# To create a user set this to "true", and reprovision the container by re-running the ansible-nas playbook.
|
||||
# Once you have created your user, set to "false" and run one more time.
|
||||
# Target just Bitwarden by running: ansible-playbook -i inventory nas.yml -b -K -t bitwarden
|
||||
bitwarden_allow_signups: false
|
23
roles/cloudflare_ddns/defaults/main.yml
Normal file
23
roles/cloudflare_ddns/defaults/main.yml
Normal file
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
cloudflare_ddns_enabled: false
|
||||
|
||||
# Data directory for config file
|
||||
cloudflare_data_directory: "{{ docker_home }}/cloudflare_ddns"
|
||||
|
||||
# Your domain name
|
||||
cloudflare_zone: "{{ ansible_nas_domain }}"
|
||||
|
||||
# The hostname you want the container to update. You shouldn't need to change this.
|
||||
cloudflare_host: "*.{{ cloudflare_zone }}"
|
||||
|
||||
# Cloudflare scoped token (https://github.com/joshuaavalon/docker-cloudflare#api-token)
|
||||
# Make sure token permissions include #DNS:Edit and #Zone:Read
|
||||
cloudflare_token: "abcdabcdabcd123412341234"
|
||||
|
||||
# Set to true to make traffic go through the CloudFlare CDN.
|
||||
# Note that if the cloudflare host is a wildcard (the default), this must be false, as cloudflare
|
||||
# does not support http proxy of wildcard CNAMEs.
|
||||
cloudflare_proxy: false
|
||||
|
||||
# Set to AAAA to use set IPv6 records instead of IPv4 records.
|
||||
cloudflare_type: "A"
|
28
roles/cloudflare_ddns/tasks/main.yml
Normal file
28
roles/cloudflare_ddns/tasks/main.yml
Normal file
|
@ -0,0 +1,28 @@
|
|||
---
|
||||
- name: Check for deprecated API key
|
||||
fail:
|
||||
msg: "Using a Cloudflare global API key is no longer supported. Please unset cloudflare_api_key and set cloudflare_token"
|
||||
when: cloudflare_api_key is defined
|
||||
|
||||
- name: Create cloudflare Dynamic DNS Directories
|
||||
file:
|
||||
path: "{{ cloudflare_data_directory }}"
|
||||
state: directory
|
||||
|
||||
- name: Template Cloudflare Dynamic DNS config.yml with scoped token
|
||||
template:
|
||||
src: config.yml
|
||||
dest: "{{ cloudflare_data_directory }}/config.yml"
|
||||
register: template_files_result
|
||||
|
||||
|
||||
- name: Cloudflare Dynamic DNS Container
|
||||
docker_container:
|
||||
name: cloudflare-ddns
|
||||
image: joshava/cloudflare-ddns:latest
|
||||
pull: true
|
||||
volumes:
|
||||
- "{{ cloudflare_data_directory }}/config.yml:/app/config.yaml"
|
||||
restart_policy: unless-stopped
|
||||
memory: 512MB
|
||||
recreate: "{{ template_files_result is changed }}"
|
8
roles/cloudflare_ddns/templates/config.yml
Normal file
8
roles/cloudflare_ddns/templates/config.yml
Normal file
|
@ -0,0 +1,8 @@
|
|||
auth:
|
||||
scopedToken: "{{ cloudflare_token }}"
|
||||
domains:
|
||||
- name: "{{ cloudflare_host }}"
|
||||
type: "{{ cloudflare_type }}"
|
||||
proxied: {{ cloudflare_proxy | bool }}
|
||||
create: true
|
||||
zoneName: "{{ cloudflare_zone }}"
|
16
roles/couchpotato/defaults/main.yml
Normal file
16
roles/couchpotato/defaults/main.yml
Normal file
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
couchpotato_enabled: false
|
||||
couchpotato_available_externally: "false"
|
||||
|
||||
# directories
|
||||
couchpotato_config_directory: "{{ docker_home }}/couchpotato/config"
|
||||
couchpotato_movies_directory: "{{ movies_root }}"
|
||||
couchpotato_downloads_directory: "{{ downloads_root }}"
|
||||
couchpotato_torrents_directory: "{{ torrents_root }}"
|
||||
|
||||
# uid / gid
|
||||
couchpotato_user_id: "0"
|
||||
couchpotato_group_id: "0"
|
||||
|
||||
# network
|
||||
couchpotato_port: "5050"
|
|
@ -26,7 +26,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "couchpotato"
|
||||
traefik.frontend.rule: "Host:couchpotato.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ couchpotato_available_externally }}"
|
||||
traefik.port: "5050"
|
||||
traefik.http.routers.couchpotato.rule: "Host(`couchpotato.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.couchpotato.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.couchpotato.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.couchpotato.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.couchpotato.loadbalancer.server.port: "5050"
|
10
roles/duplicati/defaults/main.yml
Normal file
10
roles/duplicati/defaults/main.yml
Normal file
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
duplicati_enabled: false
|
||||
duplicati_available_externally: "false"
|
||||
|
||||
# directories
|
||||
duplicati_data_directory: "{{ docker_home }}/duplicati/config"
|
||||
|
||||
# network
|
||||
duplicati_port: "8200"
|
||||
duplicati_hostname: "duplicati"
|
|
@ -21,7 +21,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "duplicati"
|
||||
traefik.frontend.rule: "Host:duplicati.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ duplicati_available_externally }}"
|
||||
traefik.port: "8200"
|
||||
traefik.http.routers.duplicati.rule: "Host(`{{ duplicati_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.duplicati.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.duplicati.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.duplicati.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.duplicati.loadbalancer.server.port: "8200"
|
23
roles/emby/defaults/main.yml
Normal file
23
roles/emby/defaults/main.yml
Normal file
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
emby_enabled: false
|
||||
emby_available_externally: "false"
|
||||
|
||||
# directories
|
||||
emby_config_directory: "{{ docker_home }}/emby/config"
|
||||
emby_movies_directory: "{{ movies_root }}"
|
||||
emby_tv_directory: "{{ tv_root }}"
|
||||
|
||||
|
||||
# If you're paranoid, set permissions to "ro" so Emby won't ever be able to
|
||||
# delete your files
|
||||
emby_movies_permissions: "rw"
|
||||
emby_tv_permissions: "rw"
|
||||
|
||||
# uid / gid
|
||||
emby_user_id: "0"
|
||||
emby_group_id: "0"
|
||||
|
||||
# network
|
||||
emby_port_http: "8096"
|
||||
emby_port_https: "8920"
|
||||
emby_hostname: "emby"
|
|
@ -17,7 +17,6 @@
|
|||
ports:
|
||||
- "{{ emby_port_http }}:8096"
|
||||
- "{{ emby_port_https }}:8920"
|
||||
network_mode: host
|
||||
env:
|
||||
TZ: "{{ ansible_nas_timezone }}"
|
||||
PUID: "{{ emby_user_id }}"
|
||||
|
@ -25,7 +24,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "emby"
|
||||
traefik.frontend.rule: "Host:emby.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ emby_available_externally }}"
|
||||
traefik.port: "8096"
|
||||
traefik.http.routers.emby.rule: "Host(`{{ emby_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.emby.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.emby.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.emby.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.emby.loadbalancer.server.port: "8096"
|
11
roles/gitea/defaults/main.yml
Normal file
11
roles/gitea/defaults/main.yml
Normal file
|
@ -0,0 +1,11 @@
|
|||
---
|
||||
gitea_enabled: false
|
||||
gitea_available_externally: "false"
|
||||
|
||||
# directories
|
||||
gitea_data_directory: "{{ docker_home }}/gitea"
|
||||
|
||||
# network
|
||||
gitea_hostname: "gitea"
|
||||
gitea_port_http: "3001"
|
||||
gitea_port_ssh: "222"
|
|
@ -62,13 +62,15 @@
|
|||
RUN_MODE: "prod"
|
||||
SSH_DOMAIN: "{{ ansible_nas_hostname }}"
|
||||
SSH_PORT: "{{ gitea_port_ssh }}"
|
||||
ROOT_URL: "http://{{ ansible_nas_hostname }}:{{ gitea_port_http }}/"
|
||||
ROOT_URL: "http://{{ gitea_hostname }}:{{ gitea_port_http }}/"
|
||||
USER_UID: "1309"
|
||||
USER_GID: "1309"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "gitea"
|
||||
traefik.frontend.rule: "Host:gitea.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ gitea_available_externally }}"
|
||||
traefik.port: "3000"
|
||||
traefik.http.routers.gitea.rule: "Host(`{{ gitea_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.gitea.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.gitea.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.gitea.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.gitea.loadbalancer.server.port: "3000"
|
16
roles/heimdall/defaults/main.yml
Normal file
16
roles/heimdall/defaults/main.yml
Normal file
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
heimdall_enabled: true
|
||||
heimdall_available_externally: "false"
|
||||
|
||||
# directories
|
||||
heimdall_docker_image: linuxserver/heimdall:latest
|
||||
heimdall_data_directory: "{{ docker_home }}/heimdall"
|
||||
|
||||
# network
|
||||
heimdall_port_http: "10080"
|
||||
heimdall_port_https: "10443"
|
||||
heimdall_hostname: heimdall
|
||||
|
||||
# uid / gid
|
||||
heimdall_user_id: "1310"
|
||||
heimdall_group_id: "1310"
|
|
@ -2,13 +2,13 @@
|
|||
- name: Create Heimdall group
|
||||
group:
|
||||
name: heimdall
|
||||
gid: 1310
|
||||
gid: "{{ heimdall_group_id }}"
|
||||
state: present
|
||||
|
||||
- name: Create Heimdall user
|
||||
user:
|
||||
name: heimdall
|
||||
uid: 1310
|
||||
uid: "{{ heimdall_user_id }}"
|
||||
state: present
|
||||
system: yes
|
||||
update_password: on_create
|
||||
|
@ -32,8 +32,8 @@
|
|||
volumes:
|
||||
- "{{ heimdall_data_directory }}:/config:rw"
|
||||
env:
|
||||
PUID: "1310"
|
||||
PGID: "1310"
|
||||
PUID: "{{ heimdall_user_id }}"
|
||||
PGID: "{{ heimdall_group_id }}"
|
||||
TZ: "{{ ansible_nas_timezone }}"
|
||||
ports:
|
||||
- "{{ heimdall_port_http }}:80"
|
||||
|
@ -41,7 +41,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "heimdall"
|
||||
traefik.frontend.rule: "Host:heimdall.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ heimdall_available_externally }}"
|
||||
traefik.port: "80"
|
||||
traefik.http.routers.heimdall.rule: "Host(`{{ heimdall_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.heimdall.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.heimdall.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.heimdall.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.heimdall.loadbalancer.server.port: "80"
|
10
roles/homeassistant/defaults/main.yml
Normal file
10
roles/homeassistant/defaults/main.yml
Normal file
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
homeassistant_enabled: false
|
||||
homeassistant_available_externally: "false"
|
||||
|
||||
# directories
|
||||
homeassistant_data_directory: "{{ docker_home }}/homeassistant"
|
||||
|
||||
# network
|
||||
homeassistant_port: "8123"
|
||||
homeassistant_hostname: "homeassistant"
|
|
@ -17,9 +17,10 @@
|
|||
env:
|
||||
TZ: "{{ ansible_nas_timezone }}"
|
||||
labels:
|
||||
traefik.backend: "homeassistant"
|
||||
traefik.frontend.rule: "Host:homeassistant.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ homeassistant_available_externally }}"
|
||||
traefik.port: "8123"
|
||||
traefik.frontend.headers.SSLRedirect: "true"
|
||||
traefik.http.routers.homeassistant.rule: "Host(`{{ homeassistant_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.homeassistant.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.homeassistant.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.homeassistant.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.homeassistant.loadbalancer.server.port: "8123"
|
||||
memory: 1g
|
16
roles/lidarr/defaults/main.yml
Normal file
16
roles/lidarr/defaults/main.yml
Normal file
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
lidarr_enabled: false
|
||||
lidarr_available_externally: "false"
|
||||
|
||||
# directories
|
||||
lidarr_data_directory: "{{ docker_home }}/lidarr/config"
|
||||
lidarr_music_directory: "{{ music_root }}"
|
||||
lidarr_downloads_directory: "{{ downloads_root }}"
|
||||
|
||||
# uid/gid
|
||||
lidarr_user_id: "0"
|
||||
lidarr_group_id: "0"
|
||||
|
||||
# network
|
||||
lidarr_port: "8686"
|
||||
lidarr_hostname: "lidarr"
|
|
@ -1,10 +1,10 @@
|
|||
---
|
||||
- name: Create lidarr Directory
|
||||
- name: Create Lidarr Directory
|
||||
file:
|
||||
path: "{{ lidarr_data_directory }}"
|
||||
state: directory
|
||||
|
||||
- name: lidarr
|
||||
- name: Lidarr Docker Container
|
||||
docker_container:
|
||||
name: lidarr
|
||||
image: linuxserver/lidarr
|
||||
|
@ -22,7 +22,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "lidarr"
|
||||
traefik.frontend.rule: "Host:lidarr.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ lidarr_available_externally }}"
|
||||
traefik.port: "8686"
|
||||
traefik.http.routers.lidarr.rule: "Host(`{{ lidarr_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.lidarr.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.lidarr.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.lidarr.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.lidarr.loadbalancer.server.port: "8686"
|
6
roles/netdata/defaults/main.yml
Normal file
6
roles/netdata/defaults/main.yml
Normal file
|
@ -0,0 +1,6 @@
|
|||
netdata_enabled: false
|
||||
netdata_available_externally: "false"
|
||||
|
||||
# network
|
||||
netdata_hostname: "netdata"
|
||||
netdata_port: "19999"
|
|
@ -1,4 +1,4 @@
|
|||
###### Create
|
||||
---
|
||||
- name: Get docker group id
|
||||
group:
|
||||
name: docker
|
||||
|
@ -26,7 +26,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "netdata"
|
||||
traefik.frontend.rule: "Host:netdata.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ netdata_available_externally }}"
|
||||
traefik.port: "19999"
|
||||
traefik.http.routers.netdata.rule: "Host(`{{ netdata_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.netdata.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.netdata.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.netdata.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.netdata.loadbalancer.server.port: "19999"
|
15
roles/nextcloud/defaults/main.yml
Normal file
15
roles/nextcloud/defaults/main.yml
Normal file
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
nextcloud_enabled: false
|
||||
nextcloud_available_externally: "false"
|
||||
|
||||
# directories
|
||||
nextcloud_data_directory: "{{ docker_home }}/nextcloud"
|
||||
|
||||
# network
|
||||
nextcloud_port: "8080"
|
||||
nextcloud_hostname: "nextcloud"
|
||||
|
||||
# username / passwords
|
||||
nextcloud_sql_user: "nextcloud-user"
|
||||
nextcloud_sql_pass: "nextcloud-pass"
|
||||
nextcloud_sql_secret: "nextcloud-secret"
|
|
@ -16,9 +16,9 @@
|
|||
- "{{ nextcloud_data_directory }}/mysql:/var/lib/mysql:rw"
|
||||
env:
|
||||
MYSQL_DATABASE: "nextcloud"
|
||||
MYSQL_USER: "nextcloud-user"
|
||||
MYSQL_PASSWORD: "nextcloud-pass"
|
||||
MYSQL_ROOT_PASSWORD: "nextcloud-secret"
|
||||
MYSQL_USER: "{{ nextcloud_sql_user }}"
|
||||
MYSQL_PASSWORD: "{{ nextcloud_sql_pass }}"
|
||||
MYSQL_ROOT_PASSWORD: "{{ nextcloud_sql_secret }}"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
|
||||
|
@ -36,13 +36,16 @@
|
|||
env:
|
||||
MYSQL_HOST: "mysql"
|
||||
MYSQL_DATABASE: "nextcloud"
|
||||
MYSQL_USER: "nextcloud-user"
|
||||
MYSQL_PASSWORD: "nextcloud-pass"
|
||||
NEXTCLOUD_TRUSTED_DOMAINS: "nextcloud.{{ ansible_nas_domain }}"
|
||||
MYSQL_USER: "{{ nextcloud_sql_user }}"
|
||||
MYSQL_PASSWORD: "{{ nextcloud_sql_pass }}"
|
||||
NEXTCLOUD_TRUSTED_DOMAINS: "{{ nextcloud_hostname }}.{{ ansible_nas_domain }}"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "nextcloud"
|
||||
traefik.frontend.rule: "Host:nextcloud.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ nextcloud_available_externally }}"
|
||||
traefik.port: "80"
|
||||
traefik.http.routers.nextcloud.rule: "Host(`{{ nextcloud_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.nextcloud.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.nextcloud.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.nextcloud.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.nextcloud.loadbalancer.server.port: "80"
|
||||
|
14
roles/ombi/defaults/main.yml
Normal file
14
roles/ombi/defaults/main.yml
Normal file
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
ombi_enabled: false
|
||||
ombi_available_externally: "false"
|
||||
|
||||
# directories
|
||||
ombi_config_directory: "{{ docker_home }}/ombi/config"
|
||||
|
||||
# network
|
||||
ombi_port: "3579"
|
||||
ombi_hostname: "ombi"
|
||||
|
||||
# uid / gid
|
||||
ombi_user_id: "0"
|
||||
ombi_group_id: "0"
|
29
roles/ombi/tasks/main.yml
Normal file
29
roles/ombi/tasks/main.yml
Normal file
|
@ -0,0 +1,29 @@
|
|||
|
||||
---
|
||||
- name: Create Ombi Directories
|
||||
file:
|
||||
path: "{{ ombi_config_directory }}"
|
||||
state: directory
|
||||
|
||||
- name: Ombi Docker Container
|
||||
docker_container:
|
||||
name: ombi
|
||||
image: linuxserver/ombi
|
||||
pull: true
|
||||
volumes:
|
||||
- "{{ ombi_config_directory }}:/config:rw"
|
||||
ports:
|
||||
- "{{ ombi_port }}:3579"
|
||||
env:
|
||||
TZ: "{{ ansible_nas_timezone }}"
|
||||
PUID: "{{ ombi_user_id }}"
|
||||
PGID: "{{ ombi_group_id }}"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.enable: "{{ ombi_available_externally }}"
|
||||
traefik.http.routers.ombi.rule: "Host(`{{ ombi_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.ombi.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.ombi.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.ombi.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.ombi.loadbalancer.server.port: "3579"
|
15
roles/organizr/defaults/main.yml
Normal file
15
roles/organizr/defaults/main.yml
Normal file
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
organizr_enabled: false
|
||||
organizr_available_externally: "false"
|
||||
|
||||
# directories
|
||||
organizr_data_directory: "{{ docker_home }}/organizr"
|
||||
|
||||
# network
|
||||
organizr_port_http: "10081"
|
||||
organizr_port_https: "10444"
|
||||
organizr_hostname: "organizr"
|
||||
|
||||
# uid / gid
|
||||
organizr_user_id: "1000"
|
||||
organizr_group_id: "1000"
|
|
@ -1,4 +1,3 @@
|
|||
|
||||
---
|
||||
- name: Create Organizr Directories
|
||||
file:
|
||||
|
@ -10,7 +9,7 @@
|
|||
- name: Create Organizr container
|
||||
docker_container:
|
||||
name: organizr
|
||||
image: organizrtools/organizr-v2:latest
|
||||
image: organizr/organizr:latest
|
||||
pull: true
|
||||
volumes:
|
||||
- "{{ organizr_data_directory }}:/config:rw"
|
||||
|
@ -24,7 +23,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "organizr"
|
||||
traefik.frontend.rule: "Host:organizr.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ organizr_available_externally }}"
|
||||
traefik.port: "80"
|
||||
traefik.http.routers.organizr.rule: "Host(`{{ organizr_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.organizr.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.organizr.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.organizr.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.organizr.loadbalancer.server.port: "80"
|
39
roles/plex/defaults/main.yml
Normal file
39
roles/plex/defaults/main.yml
Normal file
|
@ -0,0 +1,39 @@
|
|||
---
|
||||
plex_enabled: false
|
||||
plex_available_externally: "false"
|
||||
|
||||
# directories
|
||||
plex_config_directory: "{{ docker_home }}/plex/config"
|
||||
plex_logs: "{{ docker_home }}/plex/logs"
|
||||
plex_movies_directory: "{{ movies_root }}"
|
||||
plex_tv_directory: "{{ tv_root }}"
|
||||
plex_photos_directory: "{{ photos_root }}"
|
||||
plex_podcasts_directory: "{{ podcasts_root }}"
|
||||
plex_music_directory: "{{ music_root }}"
|
||||
|
||||
# uid / gid
|
||||
plex_user_id: "0"
|
||||
plex_group_id: "0"
|
||||
|
||||
# If you're paranoid, set permissions to "ro" so Plex won't ever be able to
|
||||
# delete your files
|
||||
plex_movies_permissions: "rw"
|
||||
plex_tv_permissions: "rw"
|
||||
plex_photos_permissions: "rw"
|
||||
plex_podcasts_permissions: "rw"
|
||||
plex_music_permissions: "rw"
|
||||
|
||||
# network
|
||||
plex_hostname: "plex"
|
||||
|
||||
# specs
|
||||
plex_memory: "2g"
|
||||
|
||||
# Device mappings for the docker container. E.g. To enable hardware transcoding:
|
||||
# plex_devices:
|
||||
# - "/dev/dri:/dev/dri"
|
||||
|
||||
|
||||
# see https://hub.docker.com/r/linuxserver/plex for details on this setting
|
||||
plex_version: "docker"
|
||||
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
- name: Create Plex Directories
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
|
@ -21,14 +22,18 @@
|
|||
- "{{ plex_podcasts_directory }}:/podcasts:{{ plex_podcasts_permissions }}"
|
||||
- "{{ plex_music_directory }}:/music:{{ plex_music_permissions }}"
|
||||
network_mode: "host"
|
||||
devices: "{{ plex_devices | default(omit) }}"
|
||||
env:
|
||||
TZ: "{{ ansible_nas_timezone }}"
|
||||
PUID: "{{ plex_user_id }}"
|
||||
PGID: "{{ plex_group_id }}"
|
||||
VERSION: "{{ plex_version }}"
|
||||
restart_policy: unless-stopped
|
||||
memory: 2g
|
||||
memory: "{{ plex_memory }}"
|
||||
labels:
|
||||
traefik.backend: "plex"
|
||||
traefik.frontend.rule: "Host:plex.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ plex_available_externally }}"
|
||||
traefik.port: "32400"
|
||||
traefik.http.routers.plex.rule: "Host(`{{ plex_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.plex.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.plex.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.plex.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.plex.loadbalancer.server.port: "32400"
|
10
roles/portainer/defaults/main.yml
Normal file
10
roles/portainer/defaults/main.yml
Normal file
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
portainer_enabled: false
|
||||
portainer_available_externally: "false"
|
||||
|
||||
# directories
|
||||
portainer_data_directory: "{{ docker_home }}/portainer/config"
|
||||
|
||||
# network
|
||||
portainer_port: "9000"
|
||||
portainer_hostname: "portainer"
|
|
@ -9,7 +9,7 @@
|
|||
- name: Portainer Docker Container
|
||||
docker_container:
|
||||
name: portainer
|
||||
image: portainer/portainer
|
||||
image: portainer/portainer-ce
|
||||
pull: true
|
||||
volumes:
|
||||
- "{{ portainer_data_directory }}:/data:rw"
|
||||
|
@ -20,7 +20,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "portainer"
|
||||
traefik.frontend.rule: "Host:portainer.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ portainer_available_externally }}"
|
||||
traefik.port: "9000"
|
||||
traefik.http.routers.portainer.rule: "Host(`{{ portainer_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.portainer.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.portainer.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.portainer.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.portainer.loadbalancer.server.port: "9000"
|
16
roles/radarr/defaults/main.yml
Normal file
16
roles/radarr/defaults/main.yml
Normal file
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
radarr_enabled: false
|
||||
radarr_available_externally: "false"
|
||||
|
||||
# directories
|
||||
radarr_movies_directory: "{{ movies_root }}"
|
||||
radarr_download_directory: "{{ downloads_root }}"
|
||||
radarr_data_directory: "{{ docker_home }}/radarr"
|
||||
|
||||
# uid / gid
|
||||
radarr_user_id: "0"
|
||||
radarr_group_id: "0"
|
||||
|
||||
# network
|
||||
radarr_port: "7878"
|
||||
radarr_hostname: "radarr"
|
|
@ -24,7 +24,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "radarr"
|
||||
traefik.frontend.rule: "Host:radarr.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ radarr_available_externally }}"
|
||||
traefik.port: "7878"
|
||||
traefik.http.routers.radarr.rule: "Host(`{{ radarr_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.radarr.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.radarr.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.radarr.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.radarr.loadbalancer.server.port: "7878"
|
16
roles/sickchill/defaults/main.yml
Normal file
16
roles/sickchill/defaults/main.yml
Normal file
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
sickchill_enabled: false
|
||||
sickchill_available_externally: "false"
|
||||
|
||||
# directories
|
||||
sickchill_config_directory: "{{ docker_home }}/sickchill/config"
|
||||
sickchill_tv_directory: "{{ tv_root }}"
|
||||
sickchill_downloads_directory: "{{ downloads_root }}/completed"
|
||||
|
||||
# uid / gid
|
||||
sickchill_user_id: "0"
|
||||
sickchill_group_id: "0"
|
||||
|
||||
# network
|
||||
sickchill_port: "8081"
|
||||
sickchill_hostname: "sickchill"
|
|
@ -1,10 +1,4 @@
|
|||
---
|
||||
- name: Remove Old Sickrage Docker Container
|
||||
docker_container:
|
||||
name: sickrage
|
||||
state: absent
|
||||
keep_volumes: true
|
||||
|
||||
- name: Create Sickchill Directories
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
|
@ -31,7 +25,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "sickchill"
|
||||
traefik.frontend.rule: "Host:sickchill.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ sickchill_available_externally }}"
|
||||
traefik.port: "8081"
|
||||
traefik.http.routers.sickchill.rule: "Host(`{{ sickchill_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.sickchill.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.sickchill.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.sickchill.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.sickchill.loadbalancer.server.port: "8081"
|
16
roles/sonarr/defaults/main.yml
Normal file
16
roles/sonarr/defaults/main.yml
Normal file
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
sonarr_enabled: false
|
||||
sonarr_available_externally: "false"
|
||||
|
||||
# directories
|
||||
sonarr_data_directory: "{{ docker_home }}/sonarr/config"
|
||||
sonarr_tv_directory: "{{ tv_root }}"
|
||||
sonarr_download_directory: "{{ downloads_root }}"
|
||||
|
||||
# uid / gid
|
||||
sonarr_user_id: "0"
|
||||
sonarr_group_id: "0"
|
||||
|
||||
# network
|
||||
sonarr_port: "8989"
|
||||
sonarr_hostname: "sonarr"
|
|
@ -24,7 +24,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "sonarr"
|
||||
traefik.frontend.rule: "Host:sonarr.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ sonarr_available_externally }}"
|
||||
traefik.port: "8989"
|
||||
traefik.http.routers.sonarr.rule: "Host(`{{ sonarr_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.sonarr.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.sonarr.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.sonarr.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.sonarr.loadbalancer.server.port: "8989"
|
29
roles/traefik/defaults/main.yml
Normal file
29
roles/traefik/defaults/main.yml
Normal file
|
@ -0,0 +1,29 @@
|
|||
---
|
||||
# External Access
|
||||
# Traefik will allow access to certain applications externally. To enable this you'll either; a domain name that points to your
|
||||
# home static IP address, the cloudflare with the cloudflare_ddns dynamic DNS container enabled, or use a dynamic DNS provider like no-ip.
|
||||
# You'll also need to map ports 80 and 443 from your router to your ansible-nas server, then enable the per-app "available_externally"
|
||||
# settings.
|
||||
traefik_enabled: false
|
||||
|
||||
# directories
|
||||
traefik_data_directory: "{{ docker_home }}/traefik"
|
||||
|
||||
# network
|
||||
traefik_port_http: "80"
|
||||
traefik_port_https: "443"
|
||||
traefik_port_ui: "8083"
|
||||
|
||||
traefik_docker_image: traefik:v2.4
|
||||
traefik_log_level: "INFO"
|
||||
|
||||
# find the relevant name and environment variables for your DNS provider at https://go-acme.github.io/lego/dns/
|
||||
traefik_dns_provider: cloudflare
|
||||
traefik_environment_variables:
|
||||
CF_DNS_API_TOKEN: "abcdabcd123412341234"
|
||||
|
||||
# Ansible-NAS requests a wildcard certificate for your domain, so there should be no reason to have to use the staging
|
||||
# letsencrypt acme server. If you do want to flip between staging/production, you might need to stop Traefik and clear
|
||||
# the "{{ docker_home }}/traefik" after changing this setting.
|
||||
# traefik_acme_server: "https://acme-staging-v02.api.letsencrypt.org/directory" # staging
|
||||
traefik_acme_server: "https://acme-v02.api.letsencrypt.org/directory" # production
|
|
@ -1,25 +1,17 @@
|
|||
---
|
||||
- name: Ensure Nginx Docker Container is absent
|
||||
docker_container:
|
||||
name: nginx-proxy
|
||||
state: absent
|
||||
|
||||
- name: Nginx Letsencrypt Container is absent
|
||||
docker_container:
|
||||
name: letsencrypt-nginx-proxy-companion
|
||||
state: absent
|
||||
|
||||
- name: Create Traefik Directories
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
with_items:
|
||||
- "{{ traefik_data_directory }}"
|
||||
- "{{ traefik_data_directory }}/letsencrypt"
|
||||
|
||||
- name: Template Traefik config.toml
|
||||
template:
|
||||
src: traefik/traefik.toml
|
||||
src: traefik.toml
|
||||
dest: "{{ traefik_data_directory }}/traefik.toml"
|
||||
register: template_config
|
||||
|
||||
- name: Traefik Docker Container
|
||||
docker_container:
|
||||
|
@ -29,6 +21,9 @@
|
|||
network_mode: host
|
||||
volumes:
|
||||
- "{{ traefik_data_directory }}/traefik.toml:/etc/traefik/traefik.toml:ro"
|
||||
- "{{ traefik_data_directory }}/letsencrypt:/letsencrypt:rw"
|
||||
- "/var/run/docker.sock:/var/run/docker.sock:ro"
|
||||
env: "{{ traefik_environment_variables }}"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
recreate: "{{ template_config is changed }}"
|
46
roles/traefik/templates/traefik.toml
Normal file
46
roles/traefik/templates/traefik.toml
Normal file
|
@ -0,0 +1,46 @@
|
|||
[entryPoints]
|
||||
[entryPoints.web]
|
||||
address = ":80"
|
||||
|
||||
[entryPoints.web.http.redirections.entryPoint]
|
||||
to = "websecure"
|
||||
|
||||
[entryPoints.websecure]
|
||||
address = ":{{ traefik_port_https }}"
|
||||
|
||||
[entryPoints.websecure.http.tls]
|
||||
certResolver = "letsencrypt"
|
||||
|
||||
[entryPoints.websecure.http.tls.domains]
|
||||
main = "{{ ansible_nas_domain }}"
|
||||
sans = [
|
||||
"*.{{ ansible_nas_domain }}"
|
||||
]
|
||||
|
||||
[entryPoints.traefik]
|
||||
address = ":{{ traefik_port_ui }}"
|
||||
|
||||
[providers]
|
||||
providersThrottleDuration = "2s"
|
||||
[providers.docker]
|
||||
exposedbydefault = false
|
||||
|
||||
[api]
|
||||
insecure = true
|
||||
dashboard = true
|
||||
|
||||
[log]
|
||||
level = "{{ traefik_log_level }}"
|
||||
|
||||
[ping]
|
||||
terminatingStatusCode = 0
|
||||
|
||||
[certificatesResolvers]
|
||||
[certificatesResolvers.letsencrypt]
|
||||
[certificatesResolvers.letsencrypt.acme]
|
||||
email = "{{ ansible_nas_email }}"
|
||||
storage = "/letsencrypt/acme.json"
|
||||
caserver = "{{ traefik_acme_server }}"
|
||||
|
||||
[certificatesResolvers.letsencrypt.acme.dnsChallenge]
|
||||
provider = "{{ traefik_dns_provider }}"
|
31
roles/transmission-with-openvpn/defaults/main.yml
Normal file
31
roles/transmission-with-openvpn/defaults/main.yml
Normal file
|
@ -0,0 +1,31 @@
|
|||
---
|
||||
transmission_with_openvpn_enabled: false # Please see docs about how to set VPN credentials
|
||||
transmission_with_openvpn_available_externally: "false"
|
||||
|
||||
# directories
|
||||
transmission_config_directory: "{{ docker_home }}/transmission/config"
|
||||
transmission_download_directory: "{{ downloads_root }}"
|
||||
transmission_watch_directory: "{{ torrents_root }}"
|
||||
|
||||
# uid / gid
|
||||
transmission_openvpn_user_id: "0"
|
||||
transmission_openvpn_group_id: "0"
|
||||
|
||||
# transmission config
|
||||
transmission_openvpn_ratio_limit_enabled: "true"
|
||||
transmission_openvpn_ratio_limit: "2"
|
||||
transmission_openvpn_local_network: "192.168.1.0/24"
|
||||
|
||||
# network config
|
||||
transmission_openvpn_webui_port: "9091"
|
||||
transmission_openvpn_external_port: "51415"
|
||||
transmission_openvpn_proxy_port: "3128"
|
||||
transmission_openvpn_hostname: "transmission_openvpn"
|
||||
|
||||
# Transmission VPN Credentials
|
||||
# If you're using Transmission with a VPN, you'll need to set these credentials.
|
||||
# See https://github.com/haugene/docker-transmission-openvpn/ for supported VPN providers.
|
||||
openvpn_username: leisure-suit-larry
|
||||
openvpn_password: secretpassword
|
||||
openvpn_provider: AWESOMEVPNPROVIDER
|
||||
openvpn_config: United-Kingdom
|
|
@ -38,9 +38,9 @@
|
|||
OPENVPN_CONFIG: "{{ openvpn_config }}"
|
||||
WEBPROXY_ENABLED: "true"
|
||||
WEBPROXY_PORT: "3128"
|
||||
PUID: "{{ transmission_user_id }}"
|
||||
PGID: "{{ transmission_group_id }}"
|
||||
LOCAL_NETWORK: "{{ transmission_local_network }}"
|
||||
PUID: "{{ transmission_openvpn_user_id }}"
|
||||
PGID: "{{ transmission_openvpn_group_id }}"
|
||||
LOCAL_NETWORK: "{{ transmission_openvpn_local_network }}"
|
||||
ENABLE_UFW: "false"
|
||||
devices:
|
||||
- /dev/net/tun
|
||||
|
@ -49,7 +49,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "transmission-openvpn"
|
||||
traefik.frontend.rule: "Host:transmission-openvpn.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ transmission_with_openvpn_available_externally }}"
|
||||
traefik.port: "9091"
|
||||
traefik.enable: "{{ transmission_openvpn_available_externally }}"
|
||||
traefik.http.routers.transmission_openvpn.rule: "Host(`{{ transmission_openvpn_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.transmission_openvpn.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.transmission_openvpn.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.transmission_openvpn.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.transmission_openvpn.loadbalancer.server.port: "9091"
|
19
roles/transmission/defaults/main.yml
Normal file
19
roles/transmission/defaults/main.yml
Normal file
|
@ -0,0 +1,19 @@
|
|||
---
|
||||
transmission_enabled: false
|
||||
transmission_available_externally: "false"
|
||||
|
||||
# directories
|
||||
transmission_config_directory: "{{ docker_home }}/transmission/config"
|
||||
transmission_download_directory: "{{ downloads_root }}"
|
||||
transmission_watch_directory: "{{ torrents_root }}"
|
||||
|
||||
# uid / gid
|
||||
transmission_user_id: "0"
|
||||
transmission_group_id: "0"
|
||||
|
||||
# network
|
||||
transmission_webui_port: "9092"
|
||||
transmission_external_port: "51414"
|
||||
transmission_hostname: "transmission"
|
||||
|
||||
transmission_timezone: "{{ ansible_nas_timezone }}"
|
|
@ -23,13 +23,15 @@
|
|||
- "{{ transmission_external_port }}:51413"
|
||||
- "{{ transmission_external_port }}:51413/udp"
|
||||
env:
|
||||
TZ: "{{ ansible_nas_timezone }}"
|
||||
TZ: "{{ transmission_timezone }}"
|
||||
PUID: "{{ transmission_user_id }}"
|
||||
PGID: "{{ transmission_group_id }}"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "transmission"
|
||||
traefik.frontend.rule: "Host:transmission.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ transmission_available_externally }}"
|
||||
traefik.port: "9091"
|
||||
traefik.http.routers.transmission.rule: "Host(`{{ transmission_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.transmission.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.transmission.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.transmission.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.transmission.loadbalancer.server.port: "9091"
|
17
roles/utorrent/defaults/main.yml
Normal file
17
roles/utorrent/defaults/main.yml
Normal file
|
@ -0,0 +1,17 @@
|
|||
---
|
||||
utorrent_enabled: false
|
||||
utorrent_available_externally: "false"
|
||||
|
||||
# directories
|
||||
utorrent_config_directory: "{{ docker_home }}/utorrent/config"
|
||||
utorrent_download_directory: "{{ downloads_root }}"
|
||||
utorrent_download_directory_active: "{{ downloads_root }}/.incomplete"
|
||||
|
||||
# uid / gid
|
||||
utorrent_user_id: "0"
|
||||
utorrent_group_id: "0"
|
||||
|
||||
# network
|
||||
utorrent_port_http: "8111"
|
||||
utorrent_port_bt: "6881"
|
||||
utorrent_hostname: "utorrent"
|
|
@ -6,6 +6,7 @@
|
|||
with_items:
|
||||
- "{{ utorrent_config_directory }}"
|
||||
- "{{ utorrent_download_directory }}"
|
||||
- "{{ utorrent_download_directory_active }}"
|
||||
|
||||
- name: uTorrent Docker Container
|
||||
docker_container:
|
||||
|
@ -30,7 +31,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "utorrent"
|
||||
traefik.frontend.rule: "Host:utorrent.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ utorrent_available_externally }}"
|
||||
traefik.port: "8080"
|
||||
traefik.http.routers.utorrent.rule: "Host(`{{ utorrent_hostname }}.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.utorrent.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.utorrent.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.utorrent.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.utorrent.loadbalancer.server.port: "8080"
|
17
roles/watchtower/defaults/main.yml
Normal file
17
roles/watchtower/defaults/main.yml
Normal file
|
@ -0,0 +1,17 @@
|
|||
---
|
||||
watchtower_enabled: false
|
||||
|
||||
# Sets the 6 field cron schedule to use for checks and updates. This will check at 5am daily.
|
||||
watchtower_cron_schedule: 0 0 5 * * *
|
||||
|
||||
# Sets the Watchtower Docker start command. Different options can be supplied based on whether you want to receive
|
||||
# notifications or not, some examples are provided below. See https://containrrr.dev/watchtower/arguments/ for more options.
|
||||
|
||||
# No notifications
|
||||
watchtower_command: "--schedule '{{ watchtower_cron_schedule }}'"
|
||||
|
||||
# Email notifications
|
||||
# watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --notifications 'email' --notification-email-from 'ansible@nas.com' --notification-email-to '{{ ansible_nas_email }}' --notification-email-server 'my.email.server.com' --notification-email-server-port '25' --notification-email-server-user 'email_username' --notification-email-server-password 'top-secret'"
|
||||
|
||||
# Slack notifications
|
||||
# watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --notifications 'slack' --notification-slack-hook-url 'https://hooks.slack.com/services/xxx/yyyyyyyyyyyyyyy' --notification-slack-identifier 'ansible-nas'"
|
|
@ -2,7 +2,7 @@
|
|||
- name: Watchtower Docker Container
|
||||
docker_container:
|
||||
name: watchtower
|
||||
image: v2tec/watchtower
|
||||
image: containrrr/watchtower
|
||||
pull: true
|
||||
volumes:
|
||||
- "/var/run/docker.sock:/var/run/docker.sock"
|
|
@ -1,11 +1,11 @@
|
|||
- name: Create Calibre Directories
|
||||
- name: Create Calibre-web Directories
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
with_items:
|
||||
- "{{ calibre_data_directory }}/config"
|
||||
|
||||
- name: Calibre Docker Container
|
||||
- name: Calibre-web Docker Container
|
||||
docker_container:
|
||||
name: calibre
|
||||
image: linuxserver/calibre-web:latest
|
||||
|
@ -21,9 +21,11 @@
|
|||
ports:
|
||||
- "{{ calibre_port }}:8083"
|
||||
restart_policy: unless-stopped
|
||||
labels:
|
||||
traefik.backend: "calibre"
|
||||
traefik.frontend.rule: "Host:calibre.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ calibre_available_externally }}"
|
||||
traefik.port: "8083"
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.enable: "{{ calibre_available_externally }}"
|
||||
traefik.http.routers.calibre.rule: "Host(`calibre.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.calibre.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.calibre.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.calibre.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.calibre.loadbalancer.server.port: "8083"
|
||||
|
|
|
@ -23,7 +23,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "cloudcmd"
|
||||
traefik.frontend.rule: "Host:cloudcmd.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ cloudcmd_available_externally }}"
|
||||
traefik.port: "8000"
|
||||
traefik.http.routers.cloudcmd.rule: "Host(`cloudcmd.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.cloudcmd.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.cloudcmd.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.cloudcmd.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.cloudcmd.loadbalancer.server.port: "8000"
|
|
@ -1,14 +0,0 @@
|
|||
- name: Cloudflare Dynamic DNS Container
|
||||
docker_container:
|
||||
name: cloudflare-ddns
|
||||
image: joshava/cloudflare-ddns:latest
|
||||
pull: true
|
||||
env:
|
||||
ZONE: "{{ cloudflare_zone }}"
|
||||
HOST: "{{ cloudflare_host }}"
|
||||
EMAIL: "{{ cloudflare_email }}"
|
||||
API: "{{ cloudflare_api_key }}"
|
||||
PROXY: "false"
|
||||
restart_policy: unless-stopped
|
||||
memory: 512MB
|
||||
|
|
@ -38,7 +38,7 @@
|
|||
links:
|
||||
- firefly-mysql:db
|
||||
ports:
|
||||
- "{{ firefly_port }}:80"
|
||||
- "{{ firefly_port }}:8080"
|
||||
env:
|
||||
APP_ENV: "local"
|
||||
APP_KEY: "S0m3R@nd0mString0f32Ch@rsEx@ct1y"
|
||||
|
@ -51,7 +51,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "firefly"
|
||||
traefik.frontend.rule: "Host:firefly.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ firefly_available_externally }}"
|
||||
traefik.port: "80"
|
||||
traefik.http.routers.firefly.rule: "Host(`firefly.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.firefly.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.firefly.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.firefly.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.firefly.loadbalancer.server.port: "8080"
|
||||
|
|
|
@ -44,7 +44,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 4g
|
||||
labels:
|
||||
traefik.backend: "gitlab"
|
||||
traefik.frontend.rule: "Host:gitlab.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ gitlab_available_externally }}"
|
||||
traefik.port: "80"
|
||||
traefik.http.routers.gitlab.rule: "Host(`gitlab.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.gitlab.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.gitlab.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.gitlab.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.gitlab.loadbalancer.server.port: "80"
|
||||
|
|
|
@ -11,13 +11,14 @@
|
|||
- "/var/run/docker.sock:/var/run/docker.sock:ro"
|
||||
- "/etc/timezone:/etc/timezone:ro"
|
||||
pid_mode: host
|
||||
network_mode: host
|
||||
env:
|
||||
GLANCES_OPT: "-w"
|
||||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "glances"
|
||||
traefik.frontend.rule: "Host:glances.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ glances_available_externally }}"
|
||||
traefik.port: "61208"
|
||||
traefik.http.routers.glances.rule: "Host(`glances.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.glances.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.glances.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.glances.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.glances.loadbalancer.server.port: "61208"
|
|
@ -40,10 +40,12 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "guacamole"
|
||||
traefik.frontend.rule: "Host:guacamole.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ guacamole_available_externally }}"
|
||||
traefik.port: "8080"
|
||||
traefik.http.routers.guacamole.rule: "Host(`guacamole.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.guacamole.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.guacamole.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.guacamole.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.guacamole.loadbalancer.server.port: "8080"
|
||||
|
||||
- name: Restart Guacamole Container
|
||||
docker_container:
|
||||
|
|
|
@ -23,7 +23,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "homebridge"
|
||||
traefik.frontend.rule: "Host:homebridge.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ homebridge_available_externally }}"
|
||||
traefik.port: "8087"
|
||||
traefik.http.routers.homebridge.rule: "Host(`homebridge.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.homebridge.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.homebridge.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.homebridge.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.homebridge.loadbalancer.server.port: "8087"
|
||||
|
|
|
@ -20,7 +20,9 @@
|
|||
TZ: "{{ ansible_nas_timezone }}"
|
||||
restart_policy: unless-stopped
|
||||
labels:
|
||||
traefik.backend: "jackett"
|
||||
traefik.frontend.rule: "Host:jackett.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ jackett_available_externally }}"
|
||||
traefik.port: "9117"
|
||||
traefik.http.routers.jackett.rule: "Host(`jackett.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.jackett.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.jackett.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.jackett.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.jackett.loadbalancer.server.port: "9117"
|
|
@ -28,7 +28,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "jellyfin"
|
||||
traefik.frontend.rule: "Host:jellyfin.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ jellyfin_available_externally }}"
|
||||
traefik.port: "8096"
|
||||
traefik.http.routers.jellyfin.rule: "Host(`jellyfin.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.jellyfin.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.jellyfin.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.jellyfin.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.jellyfin.loadbalancer.server.port: "8096"
|
||||
|
|
|
@ -39,7 +39,9 @@
|
|||
restart_policy: unless-stopped
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.backend: "joomla"
|
||||
traefik.frontend.rule: "Host: joomla.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ joomla_available_externally }}"
|
||||
traefik.port: "80"
|
||||
traefik.http.routers.joomla.rule: "Host(`joomla.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.joomla.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.joomla.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.joomla.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.joomla.loadbalancer.server.port: "80"
|
|
@ -25,9 +25,11 @@
|
|||
TZ: "{{ ansible_nas_timezone }}"
|
||||
VNC_PASSWORD: "{{ krusader_vnc_password }}"
|
||||
restart_policy: unless-stopped
|
||||
labels:
|
||||
traefik.backend: "krusader"
|
||||
traefik.frontend.rule: "Host:krusader.{{ ansible_nas_domain }}"
|
||||
traefik.enable: "{{ krusader_available_externally }}"
|
||||
traefik.port: "5800"
|
||||
memory: 1g
|
||||
labels:
|
||||
traefik.enable: "{{ krusader_available_externally }}"
|
||||
traefik.http.routers.krusader.rule: "Host(`krusader.{{ ansible_nas_domain }}`)"
|
||||
traefik.http.routers.krusader.tls.certresolver: "letsencrypt"
|
||||
traefik.http.routers.krusader.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||
traefik.http.routers.krusader.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||
traefik.http.services.krusader.loadbalancer.server.port: "5800"
|
||||
|
|
|
@ -6,8 +6,6 @@
|
|||
volumes:
|
||||
- "{{ minidlna_media_directory1 }}:/media1:rw"
|
||||
- "{{ minidlna_media_directory2 }}:/media2:rw"
|
||||
ports:
|
||||
- "{{ minidlna_port }}:8201"
|
||||
env:
|
||||
MINIDLNA_MEDIA_DIR1: "/media1"
|
||||
MINIDLNA_MEDIA_DIR2: "/media2"
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue