ansible-nas/group_vars/all.yml

646 lines
15 KiB
YAML

## ._____. .__
## _____ ____ _____|__\_ |__ | | ____ ____ _____ ______
## \__ \ / \ / ___/ || __ \| | _/ __ \ ______ / \\__ \ / ___/
## / __ \| | \\___ \| || \_\ \ |_\ ___/ /_____/ | | \/ __ \_\___ \
## (____ /___| /____ >__||___ /____/\___ > |___| (____ /____ >
## \/ \/ \/ \/ \/ \/ \/ \/
## a n s i b l e - n a s https://github.com/davestephens/ansible-nas
###
### DO NOT EDIT THIS FILE!
### Add your customisations to inventories/<your_inventory>/group_vars/nas.yml
###
###
### Ansible-NAS Applications
###
# Downloading
nzbget_enabled: false
pyload_enabled: false
# Media Serving
plex_enabled: false
tautulli_enabled: false
# Media Sourcing
sonarr_enabled: false # tv
couchpotato_enabled: false
get_iplayer_enabled: false
jackett_enabled: false
minidlna_enabled: false
jellyfin_enabled: false
youtubedlmaterial_enabled: false
mylar_enabled: false
# Music
mymediaforalexa_enabled: false
# News
miniflux_enabled: false
# System Management
glances_enabled: false
stats_enabled: false
guacamole_enabled: false
cloudflare_ddns_enabled: false
cloudcmd_enabled: false
virtual_desktop_enabled: false
krusader_enabled: false
# Backup & Restore
duplicati_enabled: false
nextcloud_enabled: false
timemachine_enabled: false
# Software build and CI
gitlab_enabled: false
# IRC
znc_enabled: false
thelounge_enabled: false
# Password Management
bitwarden_enabled: false
# Finance
firefly_enabled: false
# Wallabag
wallabag_enabled: false
# Home Automation
homeassistant_enabled: false
mosquitto_enabled: false
homebridge_enabled: false
openhab_enabled: false
# Books
calibre_enabled: false
# Ubooquity
ubooquity_enabled: false
# Joomla
joomla_enabled: false
# PyTivo
pytivo_enabled: false
###
### General
###
# Will be added to the docker group to give user command line access to docker
ansible_nas_user: david
# Your email and domain, used for Let's Encrypt SSL certs
ansible_nas_email: me@example.com
# Applications will have subdomain SSL certificates created if Traefik is enabled, e.g. ansible-nas.<your-domain>, nextcloud.<your-domain>
ansible_nas_domain: example.com
###
### Samba
###
# The location where all shares will be created by default. Can be overridden on a per-share basis.
# This path will be mounted to backup containers, Duplicati
samba_shares_root: /mnt/Volume3
# Where stuff downloaded will be stored
downloads_root: "{{ samba_shares_root }}/downloads"
# Where your movies are stored
movies_root: "{{ samba_shares_root }}/movies"
# Where your TV episodes are stored
tv_root: "{{ samba_shares_root }}/tv"
# Where torrent files are stored (picked up by Transmission for downloading)
torrents_root: "{{ samba_shares_root }}/torrents"
# Where music is stored
music_root: "{{ samba_shares_root }}/music"
# Where podcasts are stored
podcasts_root: "{{ samba_shares_root }}/podcasts"
# Where your books are stored
books_root: "{{ samba_shares_root }}/books"
# Where your comics are stored
comics_root: "{{ samba_shares_root }}/comics"
# Where photos are stored
photos_root: "{{ samba_shares_root }}/photos"
# The description that'll appear next to your Ansible-NAS box when browsing your network
samba_server_string: Ansible NAS
# Shares you want published over Samba.
samba_shares:
- name: downloads
comment: 'Stuff downloaded'
guest_ok: yes
public: yes
writable: yes
browseable: yes
path: "{{ downloads_root }}"
- name: movies
comment: 'Movies'
guest_ok: yes
public: yes
writable: yes
browseable: yes
path: "{{ movies_root }}"
- name: tv
comment: 'TV Episodes'
guest_ok: yes
public: yes
writable: yes
browseable: yes
path: "{{ tv_root }}"
- name: music
comment: 'Music'
guest_ok: yes
public: yes
writable: yes
browseable: yes
path: "{{ music_root }}"
- name: podcasts
comment: 'Podcasts'
guest_ok: yes
public: yes
writable: yes
browseable: yes
path: "{{ podcasts_root }}"
- name: dump
comment: 'File dump'
guest_ok: yes
public: yes
writable: yes
browseable: yes
path: "{{ samba_shares_root }}/dump"
- name: games
comment: 'Games'
guest_ok: yes
public: yes
writable: yes
browseable: yes
path: "{{ samba_shares_root }}/games"
- name: photos
comment: 'Pictures'
guest_ok: yes
public: yes
writable: yes
browseable: yes
path: "{{ photos_root }}"
- name: books
comment: 'Books'
guest_ok: yes
public: yes
writable: yes
browseable: yes
path: "{{ books_root }}"
- name: comics
comment: 'Comics'
guest_ok: yes
public: yes
writable: yes
browseable: yes
path: "{{ comics_root }}"
###
### NFS
###
# Data you want published over NFS. More info on the NFS config format can be found at
# https://help.ubuntu.com/community/SettingUpNFSHowTo#Shares
# WARNING: Weird things might happen if you share the same data over Samba and NFS and allow writes on both!
nfs_shares_root: /mnt/Volume3
nfs_exports:
- "{{ nfs_shares_root }}/public *(rw,sync,no_root_squash)"
###
### Cloudflare
###
# Cloudflare is a great free DNS option for domains. If you use the cloudflare_ddns container then you'll need to
# set the options below.
# Your domain name
cloudflare_zone: "{{ ansible_nas_domain }}"
# The hostname you want the container to update. You shouldn't need to change this.
cloudflare_host: "*.{{ cloudflare_zone }}"
# Email address used to register for Cloudflare
cloudflare_email: "{{ ansible_nas_email }}"
# Cloudflare 'Global API Key', can be found on the 'My Profile' page
cloudflare_api_key: abcdeabcdeabcdeabcde1234512345
###
### General
###
ansible_python_interpreter: /usr/bin/python3
###
### Samba
###
# Seems to break browsing of the \\server-name shares root when enabled
samba_mitigate_cve_2017_7494: false
# Enable apple exentensions for compatibility with apple clients
samba_apple_extensions: yes
# The account used when Samba shares are accessed. Shouldn't need to change this unless you want to
# mess with Samba user permissions.
samba_guest_account: ansible-nas
# How Samba behaves when an unknown user connects, see Samba docs for more info
samba_map_to_guest: Bad Password
# The NetBIOS hostname used by Samba on your network
samba_netbios_name: "{{ ansible_nas_hostname }}"
###
### Joomla
###
joomla_data_directory: "{{ docker_home }}/joomla"
joomla_available_externally: "false"
joomla_database_password: top_secret
joomla_port: "8181"
###
### pyLoad
###
pyload_available_externally: "false"
pyload_config_directory: "{{ docker_home }}/pyload"
pyload_download_directory: "{{ downloads_root }}"
pyload_user_id: "0"
pyload_group_id: "0"
pyload_port: "8000"
###
### PyTivo
###
pytivo_available_externally: "false"
pytivo_config_directory: "{{ docker_home }}/pytivo/config"
pytivo_movies_directory: "{{ movies_root }}"
pytivo_tv_directory: "{{ tv_root }}"
pytivo_photos_directory: "{{ photos_root }}"
pytivo_music_directory: "{{ music_root }}"
pytivo_podcasts_directory: "{{ podcasts_root }}"
pytivo_user_id: "0"
pytivo_group_id: "0"
###
### Homebridge
###
homebridge_available_externally: "false"
homebridge_config_directory: "{{ docker_home }}/homebridge/config"
homebridge_user_id: "0"
homebridge_group_id: "0"
homebridge_port: "8087"
###
### Tautulli
###
tautulli_available_externally: "false"
tautulli_config_directory: "{{ docker_home }}/tautulli/config"
tautulli_user_id: "0"
tautulli_group_id: "0"
tautulli_port: "8185"
###
### Duplicati
###
duplicati_available_externally: "false"
duplicati_data_directory: "{{ docker_home }}/duplicati/config"
duplicati_port: "8200"
###
### Mylar
###
mylar_available_externally: "false"
mylar_data_directory: "{{ docker_home }}/mylar"
mylar_comics_directory: "{{ comics_root }}"
mylar_downloads_directory: "{{ downloads_root }}"
mylar_port_http: "8585"
mylar_user_id: "0"
mylar_group_id: "0"
###
### Sonarr
###
sonarr_available_externally: "false"
sonarr_data_directory: "{{ docker_home }}/sonarr/config"
sonarr_tv_directory: "{{ tv_root }}"
sonarr_download_directory: "{{ downloads_root }}"
sonarr_user_id: "0"
sonarr_group_id: "0"
sonarr_port: "8989"
###
### YouTubeDL-Material
###
youtubedlmaterial_available_externally: "false"
youtubedlmaterial_data_directory: "{{ docker_home }}/youtubedlmaterial"
youtubedlmaterial_dl_audio_directory: "{{ downloads_root }}/youtube/audio"
youtubedlmaterial_dl_video_directory: "{{ downloads_root }}/youtube/video"
youtubedlmaterial_dl_subscriptions_directory: "{{ downloads_root }}/youtube/subscriptions"
youtubedlmaterial_port_http: "8998"
###
### Couchpotato
###
couchpotato_available_externally: "false"
couchpotato_config_directory: "{{ docker_home }}/couchpotato/config"
couchpotato_movies_directory: "{{ movies_root }}"
couchpotato_downloads_directory: "{{ downloads_root }}"
couchpotato_torrents_directory: "{{ torrents_root }}"
couchpotato_user_id: "0"
couchpotato_group_id: "0"
couchpotato_port: "5050"
###
### OpenVPN
###
openvpn_config_directory: "{{ docker_home }}/openvpn"
###
### ZNC
###
znc_available_externally: "false"
znc_data_directory: "{{ docker_home }}/znc"
znc_user_id: "0"
znc_group_id: "0"
znc_port: "6677"
###
### Stats
###
grafana_available_externally: "false"
telegraf_data_directory: "{{ docker_home }}/telegraf"
influxdb_data_directory: "{{ docker_home }}/influxdb"
grafana_data_directory: "{{ docker_home }}/grafana"
stat_collection_interval: 15s
grafana_influxdb_port: "8086"
grafana_port: "3000"
###
### Gitlab
###
gitlab_available_externally: "false"
gitlab_data_directory: "{{ docker_home }}/gitlab"
gitlab_port_http: "4080"
gitlab_port_https: "4443"
gitlab_port_ssh: "422"
###
### Glances
###
glances_available_externally: "false"
glances_port_one: "61208"
glances_port_two: "61209"
###
### Nextcloud
###
nextcloud_available_externally: "false"
nextcloud_data_directory: "{{ docker_home }}/nextcloud"
nextcloud_port: "8080"
###
### nginx
###
nginx_data_directory: "{{ docker_home }}/nginx"
nginx_port_http: "80"
nginx_port_https: "443"
###
### Guacamole
###
guacamole_available_externally: "false"
guacamole_data_directory: "{{ docker_home }}/guacamole"
guacamole_port: "8090"
###
### Miniflux
###
miniflux_available_externally: "false"
miniflux_data_directory: "{{ docker_home }}/miniflux"
miniflux_admin_username: admin
miniflux_admin_password: supersecure
miniflux_port: "8070"
###
### CloudCmd
###
cloudcmd_available_externally: "false"
cloudcmd_data_directory: "{{ docker_home }}/cloudcmd/config"
cloudcmd_browse_directory: "/"
cloudcmd_user_id: "0"
cloudcmd_group_id: "0"
cloudcmd_port: "7373"
###
### Krusader
###
krusader_available_externally: "false"
krusader_config_directory: "{{ docker_home }}/krusader/config"
krusader_browse_directory: "/"
krusader_user_id: "0"
krusader_group_id: "0"
krusader_secure_connection: "0"
krusader_vnc_password: "topsecret"
krusader_port_http: "5800"
krusader_port_vnc: "5900"
###
### Time Machine
###
timemachine_data_directory: "{{ docker_home }}/timemachine"
timemachine_volume_size_limit: "0"
timemachine_password: timemachine
timemachine_share_name: Data
timemachine_log_level: error
timemachine_port: "10445"
###
### MiniDLNA
###
minidlna_media_directory1: "{{ movies_root }}"
minidlna_media_directory2: "{{ tv_root }}"
minidlna_friendly_name: "{{ ansible_nas_hostname }}"
minidlna_port: "8201"
###
### get_iplayer
###
get_iplayer_config_directory: "{{ docker_home }}/get_iplayer"
get_iplayer_download_directory: "{{ tv_root }}/iplayer_downloads"
get_iplayer_port: "8182"
###
### mymediaforalexa
###
mymediaforalexa_media_directory: "{{ music_root }}"
mymediaforalexa_data_directory: "{{ docker_home }}/mymediaforalexa"
###
### Jackett
###
jackett_available_externally: "false"
jackett_data_directory: "{{ docker_home }}/jackett"
jackett_torrents_root: "{{ torrents_root }}"
jackett_port: "9117"
###
### The Lounge
###
thelounge_available_externally: "false"
thelounge_data_directory: "{{ docker_home }}/thelounge"
thelounge_port_one: "113"
thelounge_port_two: "9002"
###
### Bitwarden
###
bitwarden_available_externally: "false"
bitwarden_data_directory: "{{ docker_home }}/bitwarden"
bitwarden_port_a: "19080"
bitwarden_port_b: "3012"
# Keep this token secret, this is password to access admin area of your server!
# This token can be anything, but it's recommended to use a long, randomly generated string of characters,
# for example running openssl rand -base64 48
bitwarden_admin_token: qwertyuiop1234567890poiuytrewq0987654321
# To create a user set this to "true", and reprovision the container by re-running the ansible-nas playbook.
# Once you have created your user, set to "false" and run one more time.
# Target just Bitwarden by running: ansible-playbook -i inventory nas.yml -b -K -t bitwarden
bitwarden_allow_signups: false
###
### Firefly
###
firefly_available_externally: "false"
firefly_data_directory: "{{ docker_home }}/firefly"
firefly_port: "8066"
###
### Nzbget
###
nzbget_available_externally: "false"
nzbget_data_directory: "{{ docker_home }}/nzbget"
nzbget_download_directory: "{{ downloads_root }}"
nzbget_user_id: "0"
nzbget_group_id: "0"
nzbget_port: "6789"
###
### Wallabag
###
wallabag_available_externally: "false"
wallabag_data_directory: "{{ docker_home }}/wallabag"
wallabag_port: "7780"
###
### Mosquitto
###
mosquitto_available_externally: "false"
mosquitto_data_directory: "{{ docker_home }}/mosquitto"
mosquitto_port_a: "1883"
mosquitto_port_b: "9001"
###
### Calibre-web
###
calibre_available_externally: "false"
calibre_data_directory: "{{ docker_home }}/calibre"
calibre_user_id: "0"
calibre_group_id: "0"
calibre_books_root: "{{ books_root }}"
calibre_port: "8084"
# To disable ebook conversion set calibre_ebook_conversion to "". To enable it set it to "linuxserver/calibre-web:calibre"
calibre_ebook_conversion: "linuxserver/calibre-web:calibre"
###
### Home Assistant
###
homeassistant_available_externally: "false"
homeassistant_data_directory: "{{ docker_home }}/homeassistant"
homeassistant_port: "8123"
###
### openHAB
###
openhab_available_externally: "false"
openhab_docker_image: openhab/openhab:latest
openhab_data_directory: "{{ docker_home }}/openhab"
openhab_port_http: "7777"
openhab_port_https: "7778"
###
### Jellyfin
###
# If you're paranoid, set permissions to "ro" so jellyfin won't ever be able to
# delete your files
jellyfin_available_externally: "false"
jellyfin_config_directory: "{{ docker_home }}/jellyfin/config"
jellyfin_movies_directory: "{{ movies_root }}"
jellyfin_movies_permissions: "rw"
jellyfin_music_directory: "{{ music_root }}"
jellyfin_music_permissions: "rw"
jellyfin_photos_directory: "{{ photos_root }}"
jellyfin_photos_permissions: "rw"
jellyfin_tv_directory: "{{ tv_root }}"
jellyfin_tv_permissions: "rw"
jellyfin_user_id: "0"
jellyfin_group_id: "0"
jellyfin_port_http: "8896"
jellyfin_port_https: "8928"
###
### Ubooquity
###
ubooquity_available_externally: "false"
ubooquity_data_directory: "{{ docker_home }}/ubooquity"
ubooquity_user_id: "0"
ubooquity_group_id: "0"
ubooquity_port_webui: "2202"
ubooquity_port_admin: "2203"
###
### Virtual Desktop
###
vd_data_directory: "{{ docker_home }}/virtual_desktop"
vd_docker_image: "rattydave/docker-ubuntu-xrdp-mate-custom:20.04-tools"
vd_users:
- username: "{{ ansible_nas_user }}"
password: "topsecret"
sudo: "Y"
vd_rdp_port: 3389