mirror of
https://github.com/davestephens/ansible-nas
synced 2024-12-27 03:53:06 +00:00
646 lines
15 KiB
YAML
646 lines
15 KiB
YAML
## ._____. .__
|
|
## _____ ____ _____|__\_ |__ | | ____ ____ _____ ______
|
|
## \__ \ / \ / ___/ || __ \| | _/ __ \ ______ / \\__ \ / ___/
|
|
## / __ \| | \\___ \| || \_\ \ |_\ ___/ /_____/ | | \/ __ \_\___ \
|
|
## (____ /___| /____ >__||___ /____/\___ > |___| (____ /____ >
|
|
## \/ \/ \/ \/ \/ \/ \/ \/
|
|
## a n s i b l e - n a s https://github.com/davestephens/ansible-nas
|
|
|
|
###
|
|
### DO NOT EDIT THIS FILE!
|
|
### Add your customisations to inventories/<your_inventory>/group_vars/nas.yml
|
|
###
|
|
|
|
###
|
|
### Ansible-NAS Applications
|
|
###
|
|
|
|
# Downloading
|
|
nzbget_enabled: false
|
|
pyload_enabled: false
|
|
|
|
# Media Serving
|
|
plex_enabled: false
|
|
tautulli_enabled: false
|
|
|
|
# Media Sourcing
|
|
sonarr_enabled: false # tv
|
|
couchpotato_enabled: false
|
|
|
|
get_iplayer_enabled: false
|
|
jackett_enabled: false
|
|
minidlna_enabled: false
|
|
jellyfin_enabled: false
|
|
|
|
|
|
youtubedlmaterial_enabled: false
|
|
mylar_enabled: false
|
|
|
|
# Music
|
|
mymediaforalexa_enabled: false
|
|
|
|
# News
|
|
miniflux_enabled: false
|
|
|
|
# System Management
|
|
glances_enabled: false
|
|
stats_enabled: false
|
|
guacamole_enabled: false
|
|
cloudflare_ddns_enabled: false
|
|
cloudcmd_enabled: false
|
|
virtual_desktop_enabled: false
|
|
krusader_enabled: false
|
|
|
|
# Backup & Restore
|
|
duplicati_enabled: false
|
|
nextcloud_enabled: false
|
|
timemachine_enabled: false
|
|
|
|
# Software build and CI
|
|
gitlab_enabled: false
|
|
|
|
# IRC
|
|
znc_enabled: false
|
|
thelounge_enabled: false
|
|
|
|
# Password Management
|
|
bitwarden_enabled: false
|
|
|
|
# Finance
|
|
firefly_enabled: false
|
|
|
|
# Wallabag
|
|
wallabag_enabled: false
|
|
|
|
# Home Automation
|
|
homeassistant_enabled: false
|
|
mosquitto_enabled: false
|
|
homebridge_enabled: false
|
|
openhab_enabled: false
|
|
|
|
# Books
|
|
calibre_enabled: false
|
|
|
|
# Ubooquity
|
|
ubooquity_enabled: false
|
|
|
|
# Joomla
|
|
joomla_enabled: false
|
|
|
|
# PyTivo
|
|
pytivo_enabled: false
|
|
|
|
|
|
###
|
|
### General
|
|
###
|
|
|
|
|
|
# Will be added to the docker group to give user command line access to docker
|
|
ansible_nas_user: david
|
|
|
|
# Your email and domain, used for Let's Encrypt SSL certs
|
|
ansible_nas_email: me@example.com
|
|
|
|
# Applications will have subdomain SSL certificates created if Traefik is enabled, e.g. ansible-nas.<your-domain>, nextcloud.<your-domain>
|
|
ansible_nas_domain: example.com
|
|
|
|
###
|
|
### Samba
|
|
###
|
|
# The location where all shares will be created by default. Can be overridden on a per-share basis.
|
|
# This path will be mounted to backup containers, Duplicati
|
|
samba_shares_root: /mnt/Volume3
|
|
|
|
# Where stuff downloaded will be stored
|
|
downloads_root: "{{ samba_shares_root }}/downloads"
|
|
|
|
# Where your movies are stored
|
|
movies_root: "{{ samba_shares_root }}/movies"
|
|
|
|
# Where your TV episodes are stored
|
|
tv_root: "{{ samba_shares_root }}/tv"
|
|
|
|
# Where torrent files are stored (picked up by Transmission for downloading)
|
|
torrents_root: "{{ samba_shares_root }}/torrents"
|
|
|
|
# Where music is stored
|
|
music_root: "{{ samba_shares_root }}/music"
|
|
|
|
# Where podcasts are stored
|
|
podcasts_root: "{{ samba_shares_root }}/podcasts"
|
|
|
|
# Where your books are stored
|
|
books_root: "{{ samba_shares_root }}/books"
|
|
|
|
# Where your comics are stored
|
|
comics_root: "{{ samba_shares_root }}/comics"
|
|
|
|
# Where photos are stored
|
|
photos_root: "{{ samba_shares_root }}/photos"
|
|
|
|
# The description that'll appear next to your Ansible-NAS box when browsing your network
|
|
samba_server_string: Ansible NAS
|
|
|
|
# Shares you want published over Samba.
|
|
samba_shares:
|
|
- name: downloads
|
|
comment: 'Stuff downloaded'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browseable: yes
|
|
path: "{{ downloads_root }}"
|
|
|
|
- name: movies
|
|
comment: 'Movies'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browseable: yes
|
|
path: "{{ movies_root }}"
|
|
|
|
- name: tv
|
|
comment: 'TV Episodes'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browseable: yes
|
|
path: "{{ tv_root }}"
|
|
|
|
- name: music
|
|
comment: 'Music'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browseable: yes
|
|
path: "{{ music_root }}"
|
|
|
|
- name: podcasts
|
|
comment: 'Podcasts'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browseable: yes
|
|
path: "{{ podcasts_root }}"
|
|
|
|
- name: dump
|
|
comment: 'File dump'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browseable: yes
|
|
path: "{{ samba_shares_root }}/dump"
|
|
|
|
- name: games
|
|
comment: 'Games'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browseable: yes
|
|
path: "{{ samba_shares_root }}/games"
|
|
|
|
- name: photos
|
|
comment: 'Pictures'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browseable: yes
|
|
path: "{{ photos_root }}"
|
|
|
|
- name: books
|
|
comment: 'Books'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browseable: yes
|
|
path: "{{ books_root }}"
|
|
|
|
- name: comics
|
|
comment: 'Comics'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browseable: yes
|
|
path: "{{ comics_root }}"
|
|
|
|
###
|
|
### NFS
|
|
###
|
|
# Data you want published over NFS. More info on the NFS config format can be found at
|
|
# https://help.ubuntu.com/community/SettingUpNFSHowTo#Shares
|
|
# WARNING: Weird things might happen if you share the same data over Samba and NFS and allow writes on both!
|
|
|
|
nfs_shares_root: /mnt/Volume3
|
|
|
|
nfs_exports:
|
|
- "{{ nfs_shares_root }}/public *(rw,sync,no_root_squash)"
|
|
|
|
###
|
|
### Cloudflare
|
|
###
|
|
# Cloudflare is a great free DNS option for domains. If you use the cloudflare_ddns container then you'll need to
|
|
# set the options below.
|
|
|
|
# Your domain name
|
|
cloudflare_zone: "{{ ansible_nas_domain }}"
|
|
|
|
# The hostname you want the container to update. You shouldn't need to change this.
|
|
cloudflare_host: "*.{{ cloudflare_zone }}"
|
|
|
|
# Email address used to register for Cloudflare
|
|
cloudflare_email: "{{ ansible_nas_email }}"
|
|
|
|
# Cloudflare 'Global API Key', can be found on the 'My Profile' page
|
|
cloudflare_api_key: abcdeabcdeabcdeabcde1234512345
|
|
|
|
###
|
|
### General
|
|
###
|
|
|
|
|
|
ansible_python_interpreter: /usr/bin/python3
|
|
|
|
###
|
|
### Samba
|
|
###
|
|
# Seems to break browsing of the \\server-name shares root when enabled
|
|
samba_mitigate_cve_2017_7494: false
|
|
|
|
# Enable apple exentensions for compatibility with apple clients
|
|
samba_apple_extensions: yes
|
|
|
|
# The account used when Samba shares are accessed. Shouldn't need to change this unless you want to
|
|
# mess with Samba user permissions.
|
|
samba_guest_account: ansible-nas
|
|
|
|
# How Samba behaves when an unknown user connects, see Samba docs for more info
|
|
samba_map_to_guest: Bad Password
|
|
|
|
# The NetBIOS hostname used by Samba on your network
|
|
samba_netbios_name: "{{ ansible_nas_hostname }}"
|
|
|
|
###
|
|
### Joomla
|
|
###
|
|
joomla_data_directory: "{{ docker_home }}/joomla"
|
|
joomla_available_externally: "false"
|
|
joomla_database_password: top_secret
|
|
joomla_port: "8181"
|
|
|
|
###
|
|
### pyLoad
|
|
###
|
|
pyload_available_externally: "false"
|
|
pyload_config_directory: "{{ docker_home }}/pyload"
|
|
pyload_download_directory: "{{ downloads_root }}"
|
|
pyload_user_id: "0"
|
|
pyload_group_id: "0"
|
|
pyload_port: "8000"
|
|
|
|
###
|
|
### PyTivo
|
|
###
|
|
pytivo_available_externally: "false"
|
|
pytivo_config_directory: "{{ docker_home }}/pytivo/config"
|
|
pytivo_movies_directory: "{{ movies_root }}"
|
|
pytivo_tv_directory: "{{ tv_root }}"
|
|
pytivo_photos_directory: "{{ photos_root }}"
|
|
pytivo_music_directory: "{{ music_root }}"
|
|
pytivo_podcasts_directory: "{{ podcasts_root }}"
|
|
pytivo_user_id: "0"
|
|
pytivo_group_id: "0"
|
|
|
|
###
|
|
### Homebridge
|
|
###
|
|
homebridge_available_externally: "false"
|
|
homebridge_config_directory: "{{ docker_home }}/homebridge/config"
|
|
homebridge_user_id: "0"
|
|
homebridge_group_id: "0"
|
|
homebridge_port: "8087"
|
|
|
|
|
|
###
|
|
### Tautulli
|
|
###
|
|
tautulli_available_externally: "false"
|
|
tautulli_config_directory: "{{ docker_home }}/tautulli/config"
|
|
tautulli_user_id: "0"
|
|
tautulli_group_id: "0"
|
|
tautulli_port: "8185"
|
|
|
|
|
|
###
|
|
### Duplicati
|
|
###
|
|
duplicati_available_externally: "false"
|
|
duplicati_data_directory: "{{ docker_home }}/duplicati/config"
|
|
duplicati_port: "8200"
|
|
|
|
###
|
|
### Mylar
|
|
###
|
|
mylar_available_externally: "false"
|
|
mylar_data_directory: "{{ docker_home }}/mylar"
|
|
mylar_comics_directory: "{{ comics_root }}"
|
|
mylar_downloads_directory: "{{ downloads_root }}"
|
|
mylar_port_http: "8585"
|
|
mylar_user_id: "0"
|
|
mylar_group_id: "0"
|
|
|
|
###
|
|
### Sonarr
|
|
###
|
|
sonarr_available_externally: "false"
|
|
sonarr_data_directory: "{{ docker_home }}/sonarr/config"
|
|
sonarr_tv_directory: "{{ tv_root }}"
|
|
sonarr_download_directory: "{{ downloads_root }}"
|
|
sonarr_user_id: "0"
|
|
sonarr_group_id: "0"
|
|
sonarr_port: "8989"
|
|
|
|
###
|
|
### YouTubeDL-Material
|
|
###
|
|
youtubedlmaterial_available_externally: "false"
|
|
youtubedlmaterial_data_directory: "{{ docker_home }}/youtubedlmaterial"
|
|
youtubedlmaterial_dl_audio_directory: "{{ downloads_root }}/youtube/audio"
|
|
youtubedlmaterial_dl_video_directory: "{{ downloads_root }}/youtube/video"
|
|
youtubedlmaterial_dl_subscriptions_directory: "{{ downloads_root }}/youtube/subscriptions"
|
|
youtubedlmaterial_port_http: "8998"
|
|
|
|
###
|
|
### Couchpotato
|
|
###
|
|
couchpotato_available_externally: "false"
|
|
couchpotato_config_directory: "{{ docker_home }}/couchpotato/config"
|
|
couchpotato_movies_directory: "{{ movies_root }}"
|
|
couchpotato_downloads_directory: "{{ downloads_root }}"
|
|
couchpotato_torrents_directory: "{{ torrents_root }}"
|
|
couchpotato_user_id: "0"
|
|
couchpotato_group_id: "0"
|
|
couchpotato_port: "5050"
|
|
|
|
###
|
|
### OpenVPN
|
|
###
|
|
openvpn_config_directory: "{{ docker_home }}/openvpn"
|
|
|
|
|
|
###
|
|
### ZNC
|
|
###
|
|
znc_available_externally: "false"
|
|
znc_data_directory: "{{ docker_home }}/znc"
|
|
znc_user_id: "0"
|
|
znc_group_id: "0"
|
|
znc_port: "6677"
|
|
|
|
|
|
###
|
|
### Stats
|
|
###
|
|
grafana_available_externally: "false"
|
|
telegraf_data_directory: "{{ docker_home }}/telegraf"
|
|
influxdb_data_directory: "{{ docker_home }}/influxdb"
|
|
grafana_data_directory: "{{ docker_home }}/grafana"
|
|
stat_collection_interval: 15s
|
|
grafana_influxdb_port: "8086"
|
|
grafana_port: "3000"
|
|
|
|
|
|
###
|
|
### Gitlab
|
|
###
|
|
gitlab_available_externally: "false"
|
|
gitlab_data_directory: "{{ docker_home }}/gitlab"
|
|
gitlab_port_http: "4080"
|
|
gitlab_port_https: "4443"
|
|
gitlab_port_ssh: "422"
|
|
|
|
###
|
|
### Glances
|
|
###
|
|
glances_available_externally: "false"
|
|
glances_port_one: "61208"
|
|
glances_port_two: "61209"
|
|
|
|
###
|
|
### Nextcloud
|
|
###
|
|
nextcloud_available_externally: "false"
|
|
nextcloud_data_directory: "{{ docker_home }}/nextcloud"
|
|
nextcloud_port: "8080"
|
|
|
|
###
|
|
### nginx
|
|
###
|
|
nginx_data_directory: "{{ docker_home }}/nginx"
|
|
nginx_port_http: "80"
|
|
nginx_port_https: "443"
|
|
|
|
###
|
|
### Guacamole
|
|
###
|
|
guacamole_available_externally: "false"
|
|
guacamole_data_directory: "{{ docker_home }}/guacamole"
|
|
guacamole_port: "8090"
|
|
|
|
###
|
|
### Miniflux
|
|
###
|
|
miniflux_available_externally: "false"
|
|
miniflux_data_directory: "{{ docker_home }}/miniflux"
|
|
miniflux_admin_username: admin
|
|
miniflux_admin_password: supersecure
|
|
miniflux_port: "8070"
|
|
|
|
###
|
|
### CloudCmd
|
|
###
|
|
cloudcmd_available_externally: "false"
|
|
cloudcmd_data_directory: "{{ docker_home }}/cloudcmd/config"
|
|
cloudcmd_browse_directory: "/"
|
|
cloudcmd_user_id: "0"
|
|
cloudcmd_group_id: "0"
|
|
cloudcmd_port: "7373"
|
|
|
|
###
|
|
### Krusader
|
|
###
|
|
krusader_available_externally: "false"
|
|
krusader_config_directory: "{{ docker_home }}/krusader/config"
|
|
krusader_browse_directory: "/"
|
|
krusader_user_id: "0"
|
|
krusader_group_id: "0"
|
|
krusader_secure_connection: "0"
|
|
krusader_vnc_password: "topsecret"
|
|
krusader_port_http: "5800"
|
|
krusader_port_vnc: "5900"
|
|
|
|
###
|
|
### Time Machine
|
|
###
|
|
timemachine_data_directory: "{{ docker_home }}/timemachine"
|
|
timemachine_volume_size_limit: "0"
|
|
timemachine_password: timemachine
|
|
timemachine_share_name: Data
|
|
timemachine_log_level: error
|
|
timemachine_port: "10445"
|
|
|
|
###
|
|
### MiniDLNA
|
|
###
|
|
minidlna_media_directory1: "{{ movies_root }}"
|
|
minidlna_media_directory2: "{{ tv_root }}"
|
|
minidlna_friendly_name: "{{ ansible_nas_hostname }}"
|
|
minidlna_port: "8201"
|
|
|
|
###
|
|
### get_iplayer
|
|
###
|
|
get_iplayer_config_directory: "{{ docker_home }}/get_iplayer"
|
|
get_iplayer_download_directory: "{{ tv_root }}/iplayer_downloads"
|
|
get_iplayer_port: "8182"
|
|
|
|
###
|
|
### mymediaforalexa
|
|
###
|
|
mymediaforalexa_media_directory: "{{ music_root }}"
|
|
mymediaforalexa_data_directory: "{{ docker_home }}/mymediaforalexa"
|
|
|
|
###
|
|
### Jackett
|
|
###
|
|
jackett_available_externally: "false"
|
|
jackett_data_directory: "{{ docker_home }}/jackett"
|
|
jackett_torrents_root: "{{ torrents_root }}"
|
|
jackett_port: "9117"
|
|
|
|
###
|
|
### The Lounge
|
|
###
|
|
thelounge_available_externally: "false"
|
|
thelounge_data_directory: "{{ docker_home }}/thelounge"
|
|
thelounge_port_one: "113"
|
|
thelounge_port_two: "9002"
|
|
|
|
###
|
|
### Bitwarden
|
|
###
|
|
bitwarden_available_externally: "false"
|
|
bitwarden_data_directory: "{{ docker_home }}/bitwarden"
|
|
bitwarden_port_a: "19080"
|
|
bitwarden_port_b: "3012"
|
|
|
|
# Keep this token secret, this is password to access admin area of your server!
|
|
# This token can be anything, but it's recommended to use a long, randomly generated string of characters,
|
|
# for example running openssl rand -base64 48
|
|
bitwarden_admin_token: qwertyuiop1234567890poiuytrewq0987654321
|
|
|
|
# To create a user set this to "true", and reprovision the container by re-running the ansible-nas playbook.
|
|
# Once you have created your user, set to "false" and run one more time.
|
|
# Target just Bitwarden by running: ansible-playbook -i inventory nas.yml -b -K -t bitwarden
|
|
bitwarden_allow_signups: false
|
|
|
|
###
|
|
### Firefly
|
|
###
|
|
firefly_available_externally: "false"
|
|
firefly_data_directory: "{{ docker_home }}/firefly"
|
|
firefly_port: "8066"
|
|
|
|
###
|
|
### Nzbget
|
|
###
|
|
nzbget_available_externally: "false"
|
|
nzbget_data_directory: "{{ docker_home }}/nzbget"
|
|
nzbget_download_directory: "{{ downloads_root }}"
|
|
nzbget_user_id: "0"
|
|
nzbget_group_id: "0"
|
|
nzbget_port: "6789"
|
|
|
|
###
|
|
### Wallabag
|
|
###
|
|
wallabag_available_externally: "false"
|
|
wallabag_data_directory: "{{ docker_home }}/wallabag"
|
|
wallabag_port: "7780"
|
|
|
|
###
|
|
### Mosquitto
|
|
###
|
|
mosquitto_available_externally: "false"
|
|
mosquitto_data_directory: "{{ docker_home }}/mosquitto"
|
|
mosquitto_port_a: "1883"
|
|
mosquitto_port_b: "9001"
|
|
|
|
###
|
|
### Calibre-web
|
|
###
|
|
calibre_available_externally: "false"
|
|
calibre_data_directory: "{{ docker_home }}/calibre"
|
|
calibre_user_id: "0"
|
|
calibre_group_id: "0"
|
|
calibre_books_root: "{{ books_root }}"
|
|
calibre_port: "8084"
|
|
# To disable ebook conversion set calibre_ebook_conversion to "". To enable it set it to "linuxserver/calibre-web:calibre"
|
|
calibre_ebook_conversion: "linuxserver/calibre-web:calibre"
|
|
|
|
###
|
|
### Home Assistant
|
|
###
|
|
homeassistant_available_externally: "false"
|
|
homeassistant_data_directory: "{{ docker_home }}/homeassistant"
|
|
homeassistant_port: "8123"
|
|
|
|
###
|
|
### openHAB
|
|
###
|
|
openhab_available_externally: "false"
|
|
openhab_docker_image: openhab/openhab:latest
|
|
openhab_data_directory: "{{ docker_home }}/openhab"
|
|
openhab_port_http: "7777"
|
|
openhab_port_https: "7778"
|
|
|
|
###
|
|
### Jellyfin
|
|
###
|
|
# If you're paranoid, set permissions to "ro" so jellyfin won't ever be able to
|
|
# delete your files
|
|
jellyfin_available_externally: "false"
|
|
jellyfin_config_directory: "{{ docker_home }}/jellyfin/config"
|
|
jellyfin_movies_directory: "{{ movies_root }}"
|
|
jellyfin_movies_permissions: "rw"
|
|
jellyfin_music_directory: "{{ music_root }}"
|
|
jellyfin_music_permissions: "rw"
|
|
jellyfin_photos_directory: "{{ photos_root }}"
|
|
jellyfin_photos_permissions: "rw"
|
|
jellyfin_tv_directory: "{{ tv_root }}"
|
|
jellyfin_tv_permissions: "rw"
|
|
jellyfin_user_id: "0"
|
|
jellyfin_group_id: "0"
|
|
jellyfin_port_http: "8896"
|
|
jellyfin_port_https: "8928"
|
|
|
|
###
|
|
### Ubooquity
|
|
###
|
|
ubooquity_available_externally: "false"
|
|
ubooquity_data_directory: "{{ docker_home }}/ubooquity"
|
|
ubooquity_user_id: "0"
|
|
ubooquity_group_id: "0"
|
|
ubooquity_port_webui: "2202"
|
|
ubooquity_port_admin: "2203"
|
|
|
|
###
|
|
### Virtual Desktop
|
|
###
|
|
vd_data_directory: "{{ docker_home }}/virtual_desktop"
|
|
vd_docker_image: "rattydave/docker-ubuntu-xrdp-mate-custom:20.04-tools"
|
|
vd_users:
|
|
- username: "{{ ansible_nas_user }}"
|
|
password: "topsecret"
|
|
sudo: "Y"
|
|
vd_rdp_port: 3389
|