mirror of
https://github.com/davestephens/ansible-nas
synced 2024-12-26 11:33:08 +00:00
5c1459068d
* 'sickrage-to-sickchill' of git://github.com/l3rady/ansible-nas: Allow sickchill downloads path to be fully managed by sickchill_downloads_directory variable Remove old sickrage container first but keep volumes to allow migration Rename sickrage task to sickchill Change all text instances of sickrage to sickchill
519 lines
13 KiB
Text
519 lines
13 KiB
Text
###
|
|
### Ansible NAS Features
|
|
###
|
|
# Set these options to true or false to toggle specific features
|
|
|
|
# External Access
|
|
# Traefik will allow access to certain applications externally. To enable this you'll either; a domain name that points to your
|
|
# home static IP address, the cloudflare with the cloudflare_ddns dynamic DNS container enabled, or use a dynamic DNS provider like no-ip.
|
|
# You'll also need to map ports 80 and 443 from your router to your ansible-nas server, then enable the per-app "availble_externally"
|
|
# settings.
|
|
traefik_enabled: false
|
|
|
|
# BitTorrent
|
|
# If you plan to use Transmission with OpenVPN, you'll need to copy group_vars/vpn_credentials.yml.dist
|
|
# to group_vars/vpn_credentials.yml, then update it with your own settings.
|
|
transmission_with_openvpn_enabled: false
|
|
transmission_enabled: false
|
|
|
|
# Plex
|
|
plex_enabled: false
|
|
tautulli_enabled: false
|
|
|
|
# Emby
|
|
emby_enabled: false
|
|
|
|
# minidlna
|
|
minidlna_enabled: false
|
|
|
|
# Media Sourcing
|
|
sonarr_enabled: false
|
|
sickchill_enabled: false
|
|
couchpotato_enabled: false
|
|
radarr_enabled: false
|
|
get_iplayer_enabled: false
|
|
jackett_enabled: false
|
|
|
|
# Music
|
|
airsonic_enabled: false
|
|
mymediaforalexa_enabled: false
|
|
|
|
# News
|
|
miniflux_enabled: false
|
|
|
|
# System Management
|
|
heimdall_enabled: true
|
|
portainer_enabled: true
|
|
glances_enabled: false
|
|
stats_enabled: false
|
|
guacamole_enabled: false
|
|
netdata_enabled: false
|
|
watchtower_enabled: false
|
|
cloudflare_ddns_enabled: false
|
|
|
|
# Backup & Restore
|
|
duplicati_enabled: false
|
|
nextcloud_enabled: false
|
|
gitea_enabled: false
|
|
timemachine_enabled: false
|
|
|
|
# IRC
|
|
znc_enabled: false
|
|
thelounge_enabled: false
|
|
|
|
# Password Management
|
|
bitwarden_enabled: false
|
|
|
|
###
|
|
### General
|
|
###
|
|
# Sets the hostname of your Ansible NAS
|
|
ansible_nas_hostname: ansible-nas
|
|
|
|
# Sets the timezone for your Ansible NAS
|
|
# You can find a list here https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
|
|
ansible_nas_timezone: Etc/UTC
|
|
|
|
# Update all apt packages when playbook is run
|
|
keep_packages_updated: false
|
|
|
|
# Will be added to the docker group to give user command line access to docker
|
|
ansible_nas_user: david
|
|
|
|
# Your email and domain, used for LetsEncrypt SSL certs
|
|
ansible_nas_email: me@example.com
|
|
|
|
# Applications will have subdomain SSL certificates created, eg ansible-nas.<your-domain>, nextcloud.<your-domain>
|
|
ansible_nas_domain: example.com
|
|
|
|
###
|
|
### Docker
|
|
###
|
|
# Where you want Docker to store images
|
|
docker_image_directory: "{{ docker_home }}/data"
|
|
|
|
# Where you want Docker to store its container data.
|
|
docker_home: /mnt/Volume2/docker
|
|
|
|
# Docker storage driver, see https://docs.docker.com/storage/storagedriver/select-storage-driver/#supported-backing-filesystems
|
|
# You might want to change this to ZFS, depending on your underlying filesystem.
|
|
docker_storage_driver: overlay2
|
|
|
|
###
|
|
### Samba
|
|
###
|
|
# The location where all shares will be created by default. Can be overridden on a per-share basis.
|
|
# This path will be mounted to backup containers, Duplicati
|
|
samba_shares_root: /mnt/Volume3
|
|
|
|
# Where stuff downloaded will be stored
|
|
downloads_root: "{{ samba_shares_root }}/downloads"
|
|
|
|
# Where your movies are stored
|
|
movies_root: "{{ samba_shares_root }}/movies"
|
|
|
|
# Where your TV episodes are stored
|
|
tv_root: "{{ samba_shares_root }}/tv"
|
|
|
|
# Where torrent files are stored (picked up by Transmission for downloading)
|
|
torrents_root: "{{ samba_shares_root }}/torrents"
|
|
|
|
# Where music is stored
|
|
music_root: "{{ samba_shares_root }}/music"
|
|
|
|
# Where podcasts are stored
|
|
podcasts_root: "{{ samba_shares_root }}/podcasts"
|
|
|
|
# The description that'll appear next to your Ansible-NAS box when browsing your network
|
|
samba_server_string: Ansible NAS
|
|
|
|
# Shares you want published over Samba.
|
|
samba_shares:
|
|
- name: downloads
|
|
comment: 'Stuff downloaded'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browsable: yes
|
|
path: "{{ downloads_root }}"
|
|
|
|
- name: movies
|
|
comment: 'Movies'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browsable: yes
|
|
path: "{{ movies_root }}"
|
|
|
|
- name: tv
|
|
comment: 'TV Episodes'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browsable: yes
|
|
path: "{{ tv_root }}"
|
|
|
|
- name: music
|
|
comment: 'Music'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browsable: yes
|
|
path: "{{ samba_shares_root }}/music"
|
|
|
|
- name: podcasts
|
|
comment: 'Podcasts'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browsable: yes
|
|
path: "{{ samba_shares_root }}/podcasts"
|
|
|
|
- name: dump
|
|
comment: 'File dump'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browsable: yes
|
|
path: "{{ samba_shares_root }}/dump"
|
|
|
|
- name: games
|
|
comment: 'Games'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browsable: yes
|
|
path: "{{ samba_shares_root }}/games"
|
|
|
|
- name: photos
|
|
comment: 'Pictures'
|
|
guest_ok: yes
|
|
public: yes
|
|
writable: yes
|
|
browsable: yes
|
|
path: "{{ samba_shares_root }}/photos"
|
|
|
|
###
|
|
### NFS
|
|
###
|
|
# Data you want published over NFS. More info on the nfs config format can be found at
|
|
# https://help.ubuntu.com/community/SettingUpNFSHowTo#Shares
|
|
# WARNING: Weird things might happen if you share the same data over Samba and NFS and allow writes on both!
|
|
|
|
nfs_shares_root: /mnt/Volume3
|
|
|
|
nfs_exports:
|
|
- "{{ nfs_shares_root }}/public *(rw,sync,no_root_squash)"
|
|
|
|
###
|
|
### Cloudflare
|
|
###
|
|
# Cloudflare is a great free DNS option for domains. If you use the cloudflare_ddns container then you'll need to
|
|
# set the options below.
|
|
|
|
# Your domain name
|
|
cloudflare_zone: "{{ ansible_nas_domain }}"
|
|
|
|
# The hostname you want the container to update. You shouldn't need to change this.
|
|
cloudflare_host: "*.{{ cloudflare_zone }}"
|
|
|
|
# Email address used to register for Cloudflare
|
|
cloudflare_email: "{{ ansible_nas_email }}"
|
|
|
|
# Cloudflare 'Global API Key', can be found on the 'My Profile' page
|
|
cloudflare_api_key: abcdeabcdeabcdeabcde1234512345
|
|
|
|
##################################################################
|
|
###### You shouldn't need to edit anything below this point ######
|
|
##################################################################
|
|
|
|
###
|
|
### General
|
|
###
|
|
# Extra packages to install
|
|
ansible_nas_extra_packages:
|
|
- smartmontools
|
|
- htop
|
|
- zfsutils-linux
|
|
- bonnie++
|
|
- unzip
|
|
- lm-sensors
|
|
|
|
ansible_python_interpreter: /usr/bin/python3
|
|
|
|
###
|
|
### Samba
|
|
###
|
|
# Seems to break browsing of the \\server-name shares root when enabled
|
|
samba_mitigate_cve_2017_7494: false
|
|
|
|
# The account used when Samba shares are accessed. Shouldn't need to change this unless you want to
|
|
# mess with Samba user permissions.
|
|
samba_guest_account: ansible-nas
|
|
|
|
# How Samba behaves when an unknown user connects, see Samba docs for more info
|
|
samba_map_to_guest: Bad Password
|
|
|
|
# The Netbios hostname used by Samba on your network
|
|
samba_netbios_name: "{{ ansible_nas_hostname }}"
|
|
|
|
###
|
|
### Traefik
|
|
###
|
|
traefik_docker_image: traefik:latest
|
|
traefik_data_directory: "{{ docker_home }}/traefik"
|
|
traefik_debug: "false"
|
|
|
|
###
|
|
### Heimdall
|
|
###
|
|
heimdall_available_externally: "false"
|
|
heimdall_docker_image: linuxserver/heimdall:latest
|
|
heimdall_data_directory: "{{ docker_home }}/heimdall"
|
|
|
|
###
|
|
### Transmission
|
|
###
|
|
transmission_available_externally: "false"
|
|
transmission_with_openvpn_available_externally: "false"
|
|
transmission_config_directory: "{{ docker_home }}/transmission/config"
|
|
transmission_download_directory: "{{ downloads_root }}"
|
|
transmission_watch_directory: "{{ torrents_root }}"
|
|
transmission_user_id: 0
|
|
transmission_group_id: 0
|
|
transmission_local_network: "192.168.1.0/24"
|
|
|
|
|
|
###
|
|
### Plex
|
|
###
|
|
plex_available_externally: "false"
|
|
plex_config_directory: "{{ docker_home }}/plex/config"
|
|
plex_movies_directory: "{{ movies_root }}"
|
|
plex_tv_directory: "{{ tv_root }}"
|
|
plex_user_id: 0
|
|
plex_group_id: 0
|
|
|
|
###
|
|
### Emby
|
|
###
|
|
emby_available_externally: "false"
|
|
emby_config_directory: "{{ docker_home }}/emby/config"
|
|
emby_movies_directory: "{{ movies_root }}"
|
|
emby_tv_directory: "{{ tv_root }}"
|
|
emby_user_id: 0
|
|
emby_group_id: 0
|
|
|
|
###
|
|
### Tautulli
|
|
###
|
|
tautulli_available_externally: "false"
|
|
tautulli_config_directory: "{{ docker_home }}/tautulli/config"
|
|
tautulli_user_id: 0
|
|
tautulli_group_id: 0
|
|
|
|
|
|
###
|
|
### Duplicati
|
|
###
|
|
duplicati_available_externally: "false"
|
|
duplicati_data_directory: "{{ docker_home }}/duplicati/config"
|
|
|
|
|
|
###
|
|
### Sonarr
|
|
###
|
|
sonarr_available_externally: "false"
|
|
sonarr_data_directory: "{{ docker_home }}/sonarr/config"
|
|
sonarr_tv_directory: "{{ tv_root }}"
|
|
sonarr_download_directory: "{{ downloads_root }}"
|
|
sonarr_user_id: 0
|
|
sonarr_group_id: 0
|
|
|
|
|
|
###
|
|
### Radarr
|
|
###
|
|
radarr_available_externally: "false"
|
|
radarr_movies_directory: "{{ movies_root }}"
|
|
radarr_download_directory: "{{ downloads_root }}"
|
|
radarr_data_directory: "{{ docker_home }}/radarr"
|
|
radarr_user_id: 0
|
|
radarr_group_id: 0
|
|
|
|
|
|
###
|
|
### Couchpotato
|
|
###
|
|
couchpotato_available_externally: "false"
|
|
couchpotato_config_directory: "{{ docker_home }}/couchpotato/config"
|
|
couchpotato_movies_directory: "{{ movies_root }}"
|
|
couchpotato_downloads_directory: "{{ downloads_root }}"
|
|
couchpotato_torrents_directory: "{{ torrents_root }}"
|
|
couchpotato_user_id: 0
|
|
couchpotato_group_id: 0
|
|
|
|
|
|
###
|
|
### Sickchill
|
|
###
|
|
sickchill_available_externally: "false"
|
|
sickchill_config_directory: "{{ docker_home }}/sickchill/config"
|
|
sickchill_tv_directory: "{{ tv_root }}"
|
|
sickchill_downloads_directory: "{{ downloads_root }}/completed"
|
|
sickchill_user_id: 0
|
|
sickchill_group_id: 0
|
|
|
|
###
|
|
### Netdata
|
|
###
|
|
netdata_available_externally: "false"
|
|
|
|
###
|
|
### OpenVPN
|
|
###
|
|
openvpn_config_directory: "{{ docker_home }}/openvpn"
|
|
|
|
|
|
###
|
|
### Portainer
|
|
###
|
|
portainer_available_externally: "false"
|
|
portainer_data_directory: "{{ docker_home }}/portainer/config"
|
|
|
|
|
|
###
|
|
### ZNC
|
|
###
|
|
znc_available_externally: "false"
|
|
znc_data_directory: "{{ docker_home }}/znc"
|
|
znc_user_id: 0
|
|
znc_group_id: 0
|
|
|
|
|
|
###
|
|
### Stats
|
|
###
|
|
grafana_available_externally: "false"
|
|
telegraf_data_directory: "{{ docker_home }}/telegraf"
|
|
influxdb_data_directory: "{{ docker_home }}/influxdb"
|
|
grafana_data_directory: "{{ docker_home }}/grafana"
|
|
stat_collection_interval: 15s
|
|
|
|
###
|
|
### Gitea
|
|
###
|
|
gitea_available_externally: "false"
|
|
gitea_data_directory: "{{ docker_home }}/gitea"
|
|
|
|
###
|
|
### Glances
|
|
###
|
|
glances_available_externally: "false"
|
|
|
|
###
|
|
### Nextcloud
|
|
###
|
|
nextcloud_available_externally: "false"
|
|
nextcloud_data_directory: "{{ docker_home }}/nextcloud"
|
|
|
|
###
|
|
### nginx
|
|
###
|
|
nginx_data_directory: "{{ docker_home }}/nginx"
|
|
|
|
###
|
|
### Guacamole
|
|
###
|
|
guacamole_available_externally: "false"
|
|
guacamole_docker_image: guacamole/guacamole:0.9.14
|
|
guacamole_guacd_docker_image: guacamole/guacd:0.9.14
|
|
guacamole_data_directory: "{{ docker_home }}/guacamole"
|
|
|
|
###
|
|
### Miniflux
|
|
###
|
|
miniflux_available_externally: "false"
|
|
miniflux_data_directory: "{{ docker_home }}/miniflux"
|
|
miniflux_admin_username: admin
|
|
miniflux_admin_password: supersecure
|
|
|
|
###
|
|
### Airsonic
|
|
###
|
|
airsonic_available_externally: "false"
|
|
airsonic_data_directory: "{{ docker_home }}/airsonic"
|
|
|
|
###
|
|
### Watchtower
|
|
###
|
|
# Sets the 6 field cron schedule to use for checks and updates. This will check at 5am daily.
|
|
watchtower_cron_schedule: 0 0 5 * * *
|
|
|
|
# Sets the Watchtower Docker start command. Different options can be supplied based on whether you want to receive
|
|
# notifications or not, some examples are provided below. See https://github.com/v2tec/watchtower for more info.
|
|
|
|
# No notifications
|
|
watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --debug"
|
|
|
|
# Email notifications
|
|
# watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --notifications 'email' --notification-email-from 'ansible@nas.com' --notification-email-to '{{ ansible_nas_email }}' --notification-email-server 'my.email.server.com' --notification-email-server-port '25' --notification-email-server-user 'email_username' --notification-email-server-password 'top-secret'"
|
|
|
|
# Slack notifications
|
|
# watchtower_command: "--schedule '{{ watchtower_cron_schedule }}' --notifications 'slack' --notification-slack-hook-url 'https://hooks.slack.com/services/xxx/yyyyyyyyyyyyyyy' --notification-slack-identifier 'ansible-nas'"
|
|
|
|
###
|
|
### Time Machine
|
|
###
|
|
timemachine_data_directory: "{{ docker_home }}/timemachine"
|
|
timemachine_volume_size_limit: 0
|
|
timemachine_password: timemachine
|
|
timemachine_share_name: TimeMachine
|
|
timemachine_log_level: error
|
|
|
|
###
|
|
### minidlna
|
|
###
|
|
minidlna_media_directory1: "{{ movies_root }}"
|
|
minidlna_media_directory2: "{{ tv_root }}"
|
|
minidlna_friendly_name: "{{ ansible_nas_hostname }}"
|
|
|
|
###
|
|
### get_iplayer
|
|
###
|
|
get_iplayer_config_directory: "{{ docker_home }}/get_iplayer"
|
|
get_iplayer_download_directory: "{{ tv_root }}/iplayer_downloads"
|
|
|
|
###
|
|
### mymediaforalexa
|
|
###
|
|
mymediaforalexa_media_directory: "{{ music_root }}"
|
|
mymediaforalexa_data_directory: "{{ docker_home }}/mymediaforalexa"
|
|
|
|
###
|
|
### Jackett
|
|
###
|
|
jackett_available_externally: "false"
|
|
jackett_data_directory: "{{ docker_home }}/jackett"
|
|
|
|
###
|
|
### The Lounge
|
|
###
|
|
thelounge_available_externally: "false"
|
|
thelounge_data_directory: "{{ docker_home }}/thelounge"
|
|
|
|
###
|
|
### Bitwarden
|
|
###
|
|
bitwarden_available_externally: "false"
|
|
bitwarden_data_directory: "{{ docker_home }}/bitwarden"
|
|
|
|
# Keep this token secret, this is password to access admin area of your server!
|
|
# This token can be anything, but it's recommended to use a long, randomly generated string of characters,
|
|
# for example running openssl rand -base64 48
|
|
bitwarden_admin_token: qwertyuiop1234567890poiuytrewq0987654321
|
|
|
|
# To create a user set this to "true", and reprovision the container by re-running the ansible-nas playbook.
|
|
# Once you have created your user, set to "false" and run one more time.
|
|
# Target just Bitwarden by running: ansible-playbook -i inventory nas.yml -b -K -t bitwarden
|
|
bitwarden_allow_signups: false
|