Mirrors/ansible-nas
2
0
Fork 0
mirror of https://github.com/davestephens/ansible-nas synced 2024-12-26 03:23:11 +00:00
Code Issues Projects Releases Packages Wiki Activity
ansible-nas/group_vars/all.yml
bcurran3 1d05f3a87f
subjective change
2020-05-12 10:51:35 -07:00

839 lines
21 KiB
YAML
Raw Blame History

## ._____. .__
## _____ ____ _____|__\_ |__ | | ____ ____ _____ ______
## \__ \ / \ / ___/ || __ \| | _/ __ \ ______ / \\__ \ / ___/
## / __ \| | \\___ \| || \_\ \ |_\ ___/ /_____/ | | \/ __ \_\___ \
## (____ /___| /____ >__||___ /____/\___ > |___| (____ /____ >
## \/ \/ \/ \/ \/ \/ \/ \/
## a n s i b l e - n a s https://github.com/davestephens/ansible-nas
###
### DO NOT EDIT THIS FILE!
### Add your customisations to inventories/<your_inventory>/group_vars/nas.yml
###
###
### Ansible-NAS Applications
###
# Downloading
transmission_with_openvpn_enabled: false # Please see docs about how to set VPN credentials
transmission_enabled: false
nzbget_enabled: false
pyload_enabled: false
# Media Serving
plex_enabled: false
tautulli_enabled: false
# Media Sourcing
sonarr_enabled: false # tv
sickchill_enabled: false
couchpotato_enabled: false
radarr_enabled: false
get_iplayer_enabled: false
jackett_enabled: false
minidlna_enabled: false
jellyfin_enabled: false
emby_enabled: false
bazarr_enabled: false
ombi_enabled: false
lidarr_enabled: false
mylar_enabled: false
# Music
airsonic_enabled: false
mymediaforalexa_enabled: false
# News
miniflux_enabled: false
# System Management
heimdall_enabled: false
portainer_enabled: false
glances_enabled: false
stats_enabled: false
guacamole_enabled: false
netdata_enabled: false
watchtower_enabled: false
cloudflare_ddns_enabled: false
cloudcmd_enabled: false
virtual_desktop_enabled: false
# Backup & Restore
duplicati_enabled: false
nextcloud_enabled: false
timemachine_enabled: false
# Software build and CI
gitea_enabled: false
gitlab_enabled: false
# IRC
znc_enabled: false
thelounge_enabled: false
# Password Management
bitwarden_enabled: false
# Finance
firefly_enabled: false
# Wallabag
wallabag_enabled: false
# Home Automation
homeassistant_enabled: false
mosquitto_enabled: false
homebridge_enabled: false
openhab_enabled: false
# Books
calibre_enabled: false
# Ubooquity
ubooquity_enabled: false
# Joomla
joomla_enabled: false
# SEO
serposcope_enabled: false
# External Access
# Traefik will allow access to certain applications externally. To enable this you'll either; a domain name that points to your
# home static IP address, the cloudflare with the cloudflare_ddns dynamic DNS container enabled, or use a dynamic DNS provider like no-ip.
# You'll also need to map ports 80 and 443 from your router to your ansible-nas server, then enable the per-app "available_externally"
# settings.
traefik_enabled: false
traefik_port_http: "80"
traefik_port_https: "443"
traefik_port_ui: "8083"
###
### General
###
# Sets the hostname of your Ansible NAS
ansible_nas_hostname: ansible-nas
# Sets the timezone for your Ansible NAS
# You can find a list here https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
ansible_nas_timezone: Etc/UTC
# Update all apt packages when playbook is run
keep_packages_updated: false
# Will be added to the docker group to give user command line access to docker
ansible_nas_user: david
# Your email and domain, used for Let's Encrypt SSL certs
ansible_nas_email: me@example.com
# Applications will have subdomain SSL certificates created if Traefik is enabled, e.g. ansible-nas.<your-domain>, nextcloud.<your-domain>
ansible_nas_domain: example.com
###
### Docker
###
# Where you want Docker to store images
docker_image_directory: "{{ docker_home }}/data"
# Where you want Docker to store its container data.
docker_home: /mnt/Volume2/docker
# Docker storage driver, see https://docs.docker.com/storage/storagedriver/select-storage-driver/#supported-backing-filesystems
# You might want to change this to ZFS, depending on your underlying filesystem.
docker_storage_driver: overlay2
###
### Samba
###
# The location where all shares will be created by default. Can be overridden on a per-share basis.
# This path will be mounted to backup containers, Duplicati
samba_shares_root: /mnt/Volume3
# Where stuff downloaded will be stored
downloads_root: "{{ samba_shares_root }}/downloads"
# Where your movies are stored
movies_root: "{{ samba_shares_root }}/movies"
# Where your TV episodes are stored
tv_root: "{{ samba_shares_root }}/tv"
# Where torrent files are stored (picked up by Transmission for downloading)
torrents_root: "{{ samba_shares_root }}/torrents"
# Where music is stored
music_root: "{{ samba_shares_root }}/music"
# Where podcasts are stored
podcasts_root: "{{ samba_shares_root }}/podcasts"
# Where your books are stored
books_root: "{{ samba_shares_root }}/books"
# Where your books are stored
comics_root: "{{ samba_shares_root }}/comics"
# Where photos are stored
photos_root: "{{ samba_shares_root }}/photos"
# The description that'll appear next to your Ansible-NAS box when browsing your network
samba_server_string: Ansible NAS
# Shares you want published over Samba.
samba_shares:
- name: downloads
comment: 'Stuff downloaded'
guest_ok: yes
public: yes
writable: yes
browsable: yes
path: "{{ downloads_root }}"
- name: movies
comment: 'Movies'
guest_ok: yes
public: yes
writable: yes
browsable: yes
path: "{{ movies_root }}"
- name: tv
comment: 'TV Episodes'
guest_ok: yes
public: yes
writable: yes
browsable: yes
path: "{{ tv_root }}"
- name: music
comment: 'Music'
guest_ok: yes
public: yes
writable: yes
browsable: yes
path: "{{ music_root }}"
- name: podcasts
comment: 'Podcasts'
guest_ok: yes
public: yes
writable: yes
browsable: yes
path: "{{ podcasts_root }}"
- name: dump
comment: 'File dump'
guest_ok: yes
public: yes
writable: yes
browsable: yes
path: "{{ samba_shares_root }}/dump"
- name: games
comment: 'Games'
guest_ok: yes
public: yes
writable: yes
browsable: yes
path: "{{ samba_shares_root }}/games"
- name: photos
comment: 'Pictures'
guest_ok: yes
public: yes
writable: yes
browsable: yes
path: "{{ samba_shares_root }}/photos"
- name: books
comment: 'Books'
guest_ok: yes
public: yes
writable: yes
browsable: yes
path: "{{ samba_shares_root }}/books"
- name: comics
comment: 'Comics'
guest_ok: yes
public: yes
writable: yes
browsable: yes
path: "{{ samba_shares_root }}/comics"
###
### NFS
###
# Data you want published over NFS. More info on the NFS config format can be found at
# https://help.ubuntu.com/community/SettingUpNFSHowTo#Shares
# WARNING: Weird things might happen if you share the same data over Samba and NFS and allow writes on both!
nfs_shares_root: /mnt/Volume3
nfs_exports:
- "{{ nfs_shares_root }}/public *(rw,sync,no_root_squash)"
###
### Cloudflare
###
# Cloudflare is a great free DNS option for domains. If you use the cloudflare_ddns container then you'll need to
# set the options below.
# Your domain name
cloudflare_zone: "{{ ansible_nas_domain }}"
# The hostname you want the container to update. You shouldn't need to change this.
cloudflare_host: "*.{{ cloudflare_zone }}"
# Email address used to register for Cloudflare
cloudflare_email: "{{ ansible_nas_email }}"
# Cloudflare 'Global API Key', can be found on the 'My Profile' page
cloudflare_api_key: abcdeabcdeabcdeabcde1234512345
###
### General
###
# Extra packages to install
ansible_nas_extra_packages:
- smartmontools
- htop
- zfsutils-linux
- bonnie++
- unzip
- lm-sensors
- ctop
ansible_python_interpreter: /usr/bin/python3
###
### Samba
###
# Seems to break browsing of the \\server-name shares root when enabled
samba_mitigate_cve_2017_7494: false
# Enable apple exentensions for compatibility with apple clients
samba_apple_extensions: yes
# The account used when Samba shares are accessed. Shouldn't need to change this unless you want to
# mess with Samba user permissions.
samba_guest_account: ansible-nas
# How Samba behaves when an unknown user connects, see Samba docs for more info
samba_map_to_guest: Bad Password
# The NetBIOS hostname used by Samba on your network
samba_netbios_name: "{{ ansible_nas_hostname }}"
###
### Traefik
###
traefik_docker_image: traefik:v1.7
traefik_data_directory: "{{ docker_home }}/traefik"
traefik_debug: "false"
###
### Heimdall
###
heimdall_available_externally: "false"
heimdall_docker_image: linuxserver/heimdall:latest
heimdall_data_directory: "{{ docker_home }}/heimdall"
heimdall_port_http: "10080"
heimdall_port_https: "10443"
###
### Transmission
###
transmission_available_externally: "false"
transmission_with_openvpn_available_externally: "false"
transmission_config_directory: "{{ docker_home }}/transmission/config"
transmission_download_directory: "{{ downloads_root }}"
transmission_watch_directory: "{{ torrents_root }}"
transmission_user_id: "0"
transmission_group_id: "0"
transmission_local_network: "192.168.1.0/24"
transmission_webui_port: "9092"
transmission_external_port: "51414"
transmission_openvpn_webui_port: "9091"
transmission_openvpn_external_port: "51415"
transmission_openvpn_proxy_port: "3128"
transmission_openvpn_ratio_limit_enabled: "true"
transmission_openvpn_ratio_limit: "2"
# Transmission VPN Credentials
# If you're using Transmission with a VPN, you'll need to set these credentials.
# See https://github.com/haugene/docker-transmission-openvpn/ for supported VPN providers.
openvpn_username: leisure-suit-larry
openvpn_password: secretpassword
openvpn_provider: AWESOMEVPNPROVIDER
openvpn_config: United-Kingdom
###
### Joomla
###
joomla_data_directory: "{{ docker_home }}/joomla"
joomla_available_externally: "false"
joomla_database_password: top_secret
joomla_port: "8181"
###
### pyLoad
###
pyload_available_externally: "false"
pyload_config_directory: "{{ docker_home }}/pyload"
pyload_download_directory: "{{ downloads_root }}"
pyload_user_id: "0"
pyload_group_id: "0"
pyload_port: "8000"
###
### Plex
###
# If you're paranoid, set permissions to "ro" so Plex won't ever be able to
# delete your files
plex_available_externally: "false"
plex_config_directory: "{{ docker_home }}/plex/config"
plex_logs: "{{ docker_home }}/plex/logs"
plex_transcode_directory: "{{ downloads_root}}/transcode"
plex_movies_directory: "{{ movies_root }}"
plex_movies_permissions: "rw"
plex_tv_directory: "{{ tv_root }}"
plex_tv_permissions: "rw"
plex_photos_directory: "{{ photos_root }}"
plex_photos_permissions: "rw"
plex_music_directory: "{{ music_root }}"
plex_music_permissions: "rw"
plex_user_id: "0"
plex_group_id: "0"
plex_port: "32400"
###
### Homebridge
###
homebridge_available_externally: "false"
homebridge_config_directory: "{{ docker_home }}/homebridge/config"
homebridge_user_id: "0"
homebridge_group_id: "0"
homebridge_port: "8087"
###
### Emby
###
# If you're paranoid, set permissions to "ro" so Emby won't ever be able to
# delete your files
emby_available_externally: "false"
emby_config_directory: "{{ docker_home }}/emby/config"
emby_movies_directory: "{{ movies_root }}"
emby_movies_permissions: "rw"
emby_tv_directory: "{{ tv_root }}"
emby_tv_permissions: "rw"
emby_user_id: "0"
emby_group_id: "0"
emby_port_http: "8096"
emby_port_https: "8920"
###
### Tautulli
###
tautulli_available_externally: "false"
tautulli_config_directory: "{{ docker_home }}/tautulli/config"
tautulli_user_id: "0"
tautulli_group_id: "0"
tautulli_port: "8185"
###
### Duplicati
###
duplicati_available_externally: "false"
duplicati_data_directory: "{{ docker_home }}/duplicati/config"
duplicati_port: "8200"
###
### Mylar
###
mylar_available_externally: "false"
mylar_data_directory: "{{ docker_home }}/mylar"
mylar_comics_directory: "{{ comics_root }}"
mylar_downloads_directory: "{{ downloads_root }}"
mylar_port_http: "8585"
mylar_user_id: "0"
mylar_group_id: "0"
###
### Sonarr
###
sonarr_available_externally: "false"
sonarr_data_directory: "{{ docker_home }}/sonarr/config"
sonarr_tv_directory: "{{ tv_root }}"
sonarr_download_directory: "{{ downloads_root }}"
sonarr_user_id: "0"
sonarr_group_id: "0"
sonarr_port: "8989"
###
### Radarr
###
radarr_available_externally: "false"
radarr_movies_directory: "{{ movies_root }}"
radarr_download_directory: "{{ downloads_root }}"
radarr_data_directory: "{{ docker_home }}/radarr"
radarr_user_id: "0"
radarr_group_id: "0"
radarr_port: "7878"
###
### Bazarr
###
bazarr_available_externally: "false"
bazarr_data_directory: "{{ docker_home }}/bazarr/config"
bazarr_tv_directory: "{{ tv_root }}"
bazarr_movies_directory: "{{ movies_root }}"
bazarr_user_id: "0"
bazarr_group_id: "0"
bazarr_port: "6767"
###
### lidarr
###
lidarr_available_externally: "false"
lidarr_data_directory: "{{ docker_home }}/lidarr/config"
lidarr_music_directory: "{{ music_root }}"
lidarr_downloads_directory: "{{ downloads_root }}"
lidarr_user_id: "0"
lidarr_group_id: "0"
lidarr_port: "8686"
###
### Couchpotato
###
couchpotato_available_externally: "false"
couchpotato_config_directory: "{{ docker_home }}/couchpotato/config"
couchpotato_movies_directory: "{{ movies_root }}"
couchpotato_downloads_directory: "{{ downloads_root }}"
couchpotato_torrents_directory: "{{ torrents_root }}"
couchpotato_user_id: "0"
couchpotato_group_id: "0"
couchpotato_port: "5050"
###
### Sickchill
###
sickchill_available_externally: "false"
sickchill_config_directory: "{{ docker_home }}/sickchill/config"
sickchill_tv_directory: "{{ tv_root }}"
sickchill_downloads_directory: "{{ downloads_root }}/completed"
sickchill_user_id: "0"
sickchill_group_id: "0"
sickchill_port: "8081"
###
### Ombi
###
ombi_available_externally: "false"
ombi_config_directory: "{{ docker_home }}/ombi/config"
ombi_user_id: "0"
ombi_group_id: "0"
###
### Netdata
###
netdata_available_externally: "false"
netdata_port: "19999"
###
### OpenVPN
###
openvpn_config_directory: "{{ docker_home }}/openvpn"
###
### Portainer
###
portainer_available_externally: "false"
portainer_data_directory: "{{ docker_home }}/portainer/config"
portainer_port: "9000"
###
### ZNC
###
znc_available_externally: "false"
znc_data_directory: "{{ docker_home }}/znc"
znc_user_id: "0"
znc_group_id: "0"
znc_port: "6677"
###
### Stats
###
grafana_available_externally: "false"
telegraf_data_directory: "{{ docker_home }}/telegraf"
influxdb_data_directory: "{{ docker_home }}/influxdb"
grafana_data_directory: "{{ docker_home }}/grafana"
stat_collection_interval: 15s
grafana_influxdb_port: "8086"
grafana_port: "3000"
###
### Gitea
###
gitea_available_externally: "false"
gitea_data_directory: "{{ docker_home }}/gitea"
gitea_port_http: "3001"
gitea_port_ssh: "222"
###
### Gitlab
###
gitlab_available_externally: "false"
gitlab_data_directory: "{{ docker_home }}/gitlab"
gitlab_port_http: "4080"
gitlab_port_https: "4443"
gitlab_port_ssh: "422"
###
### Glances
###
glances_available_externally: "false"
glances_port_one: "61208"
glances_port_two: "61209"
###
### Nextcloud
###
nextcloud_available_externally: "false"
nextcloud_data_directory: "{{ docker_home }}/nextcloud"
nextcloud_port: "8080"
###
### nginx
###
nginx_data_directory: "{{ docker_home }}/nginx"
nginx_port_http: "80"
nginx_port_https: "443"
###
### Guacamole
###
guacamole_available_externally: "false"
guacamole_data_directory: "{{ docker_home }}/guacamole"
guacamole_port: "8090"
###
### Miniflux
###
miniflux_available_externally: "false"
miniflux_data_directory: "{{ docker_home }}/miniflux"
miniflux_admin_username: admin
miniflux_admin_password: supersecure
miniflux_port: "8070"
###
### Airsonic
###
airsonic_available_externally: "false"
airsonic_data_directory: "{{ docker_home }}/airsonic"
airsonic_music_directory: "{{ music_root }}"
airsonic_podcasts_directory: "{{ podcasts_root }}"
airsonic_port: "4040"
###
### CloudCmd
###
cloudcmd_available_externally: "false"
cloudcmd_data_directory: "{{ docker_home }}/cloudcmd/config"
cloudcmd_browse_directory: "/"
cloudcmd_user_id: "0"
cloudcmd_group_id: "0"
cloudcmd_port: "7373"
###
### Watchtower
###
# Sets the 6 field cron schedule to use for checks and updates. This will check at 5am daily.
watchtower_cron_schedule: 0 0 5 * * *
# Sets the Watchtower Docker start command. Different options can be supplied based on whether you want to receive
# notifications or not, some examples are provided below. See https://github.com/v2tec/watchtower for more info.
# No notifications
watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --debug"
# Email notifications
# watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --notifications 'email' --notification-email-from 'ansible@nas.com' --notification-email-to '{{ ansible_nas_email }}' --notification-email-server 'my.email.server.com' --notification-email-server-port '25' --notification-email-server-user 'email_username' --notification-email-server-password 'top-secret'"
# Slack notifications
# watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --notifications 'slack' --notification-slack-hook-url 'https://hooks.slack.com/services/xxx/yyyyyyyyyyyyyyy' --notification-slack-identifier 'ansible-nas'"
###
### Time Machine
###
timemachine_data_directory: "{{ docker_home }}/timemachine"
timemachine_volume_size_limit: "0"
timemachine_password: timemachine
timemachine_share_name: Data
timemachine_log_level: error
timemachine_port: "10445"
###
### minidlna
###
minidlna_media_directory1: "{{ movies_root }}"
minidlna_media_directory2: "{{ tv_root }}"
minidlna_friendly_name: "{{ ansible_nas_hostname }}"
minidlna_port: "8201"
###
### get_iplayer
###
get_iplayer_config_directory: "{{ docker_home }}/get_iplayer"
get_iplayer_download_directory: "{{ tv_root }}/iplayer_downloads"
get_iplayer_port: "8182"
###
### mymediaforalexa
###
mymediaforalexa_media_directory: "{{ music_root }}"
mymediaforalexa_data_directory: "{{ docker_home }}/mymediaforalexa"
###
### Jackett
###
jackett_available_externally: "false"
jackett_data_directory: "{{ docker_home }}/jackett"
jackett_torrents_root: "{{ torrents_root }}"
jackett_port: "9117"
###
### The Lounge
###
thelounge_available_externally: "false"
thelounge_data_directory: "{{ docker_home }}/thelounge"
thelounge_port_one: "113"
thelounge_port_two: "9002"
###
### Bitwarden
###
bitwarden_available_externally: "false"
bitwarden_data_directory: "{{ docker_home }}/bitwarden"
bitwarden_port_a: "19080"
bitwarden_port_b: "3012"
# Keep this token secret, this is password to access admin area of your server!
# This token can be anything, but it's recommended to use a long, randomly generated string of characters,
# for example running openssl rand -base64 48
bitwarden_admin_token: qwertyuiop1234567890poiuytrewq0987654321
# To create a user set this to "true", and reprovision the container by re-running the ansible-nas playbook.
# Once you have created your user, set to "false" and run one more time.
# Target just Bitwarden by running: ansible-playbook -i inventory nas.yml -b -K -t bitwarden
bitwarden_allow_signups: false
###
### Firefly
###
firefly_available_externally: "false"
firefly_data_directory: "{{ docker_home }}/firefly"
firefly_port: "8066"
###
### Nzbget
###
nzbget_available_externally: "false"
nzbget_data_directory: "{{ docker_home }}/nzbget"
nzbget_download_directory: "{{ downloads_root }}"
nzbget_user_id: "0"
nzbget_group_id: "0"
nzbget_port: "6789"
###
### Wallabag
###
wallabag_available_externally: "false"
wallabag_data_directory: "{{ docker_home }}/wallabag"
wallabag_port: "7780"
###
### Mosquitto
###
mosquitto_available_externally: "false"
mosquitto_data_directory: "{{ docker_home }}/mosquitto"
mosquitto_port_a: "1883"
mosquitto_port_b: "9001"
###
### Calibre
###
calibre_available_externally: "false"
calibre_data_directory: "{{ docker_home }}/calibre"
calibre_user_id: "0"
calibre_group_id: "0"
calibre_books_root: "{{ books_root }}"
calibre_port: "8084"
# To disable ebook conversion set calibre_ebook_conversion to "". To enable it set it to "linuxserver/calibre-web:calibre"
calibre_ebook_conversion: "linuxserver/calibre-web:calibre"
###
### Home Assistant
###
homeassistant_available_externally: "false"
homeassistant_data_directory: "{{ docker_home }}/homeassistant"
homeassistant_port: "8123"
###
### openHAB
###
openhab_available_externally: "false"
openhab_docker_image: openhab/openhab:latest
openhab_data_directory: "{{ docker_home }}/openhab"
openhab_port_http: "7777"
openhab_port_https: "7778"
###
### Jellyfin
###
# If you're paranoid, set permissions to "ro" so jellyfin won't ever be able to
# delete your files
jellyfin_available_externally: "false"
jellyfin_config_directory: "{{ docker_home }}/jellyfin/config"
jellyfin_movies_directory: "{{ movies_root }}"
jellyfin_movies_permissions: "rw"
jellyfin_tv_directory: "{{ tv_root }}"
jellyfin_tv_permissions: "rw"
jellyfin_user_id: "0"
jellyfin_group_id: "0"
jellyfin_port_http: "8896"
jellyfin_port_https: "8928"
###
### Ubooquity
###
ubooquity_available_externally: "false"
ubooquity_data_directory: "{{ docker_home }}/ubooquity"
ubooquity_user_id: "0"
ubooquity_group_id: "0"
ubooquity_port_webui: "2202"
ubooquity_port_admin: "2203"
###
### Serposcope
###
serposcope_data_directory: "{{ docker_home }}/serposcope"
serposcope_port: 7134
serposcope_available_externally: "false"
###
### Virtual Desktop
###
vd_data_directory: "{{ docker_home }}/virtual_desktop"
vd_docker_image: "rattydave/docker-ubuntu-xrdp-mate-custom:19.10-tools"
vd_users:
- username: "{{ ansible_nas_user }}"
password: "topsecret"
sudo: "Y"
vd_rdp_port: 3389
Reference in a new issue View git blame Copy permalink