diff --git a/group_vars/docker/vars.yml b/group_vars/docker/vars.yml index 522b0a3..fa636c8 100644 --- a/group_vars/docker/vars.yml +++ b/group_vars/docker/vars.yml @@ -2,14 +2,17 @@ docker: url: "https://download.docker.com/linux" apt_release_channel: "stable" directories: - opt: "/opt/docker/" - compose: "/opt/docker/compose" + config: "/opt/docker/config/" + compose: "/opt/docker/compose/" + media: "/media/docker/data/" caddy: admin_email: me+acme@tudattr.dev domain: "seyshiro.de" +elk_version: 8.17.0 + services: - name: syncthing vm: @@ -121,7 +124,7 @@ services: external: /opt/local/jellyfin/config - name: "Cache" internal: /cache - external: /opt/docker/config/jellyfin/cache + external: "{{ docker.directories.config }}/jellyfin/cache" - name: "Tv Series" internal: /tv:ro external: /media/series @@ -176,7 +179,7 @@ services: volumes: - name: "Configuration" internal: /updater/data/" - external: /opt/docker/config/ddns-updater/data/ + external: "{{ docker.directories.config }}/ddns-updater/data/" ports: - name: "http" internal: 8000 @@ -355,7 +358,7 @@ services: volumes: - name: "Data" internal: /datastore - external: /opt/docker/config/changedetection/data/ + external: "{{ docker.directories.config }}/changedetection/data/" ports: - name: "http" internal: 5000 @@ -375,7 +378,7 @@ services: volumes: - name: "Configuration" internal: /gluetun - external: /opt/docker/config/gluetun/config + external: "{{ docker.directories.config }}/gluetun/config" ports: - name: "Qbit Client" internal: 8082 @@ -405,7 +408,7 @@ services: volumes: - name: "Configuration" internal: /config - external: /opt/docker/config/torrentleech/config + external: "{{ docker.directories.config }}/torrentleech/config" - name: "Downloads" internal: /downloads external: /media/docker/data/arr_downloads @@ -431,7 +434,7 @@ services: volumes: - name: "Configuration" internal: /config - external: /opt/docker/config/qbit/config + external: "{{ docker.directories.config }}/qbit/config" - name: "Downloads" internal: /downloads external: /media/docker/data/arr_downloads @@ -470,79 +473,60 @@ services: - name: "Docker" internal: /var/lib/docker:ro external: /var/lib/docker - # - name: template - # vm: - # - - # container_name: - # image: - # restart: - # volumes: - # - name: - # internal: - # external: - # ports: - # - name: - # internal: - # external: - # environment: - # - - # - name: calibre - # vm: - # - docker-host00 - # container_name: calibre - # image: lscr.io/linuxserver/calibre-web:latest - # restart: unless-stopped - # volumes: - # - name: "Configuration" - # internal: /config" - # external: /opt/local/calibre/ - # - name: "Books" - # internal: /books" - # external: /media/docker/data/calibre/ - # ports: - # - name: "http" - # internal: 5000 - # external: 5000 - # environment: - # - PUID=1000 - # - PGID=1000 - # - TZ=Europe/Berlin - # - DOCKER_MODS=linuxserver/mods:universal-calibre - # - name: grafana - # vm: - # container_name: grafana - # image: grafana/grafana-oss - # restart: unless-stopped - # volumes: - # - name: "Configuration" - # internal: /etc/grafana/ - # external: /opt/docker/config/grafana/config/ - # - name: "Data" - # internal: /var/lib/grafana/ - # external: /media/docker/data/grafana/ - # ports: - # environment: - # - PUID=472 - # - PGID=472 - # - TZ=Europe/Berlin - # - name: prometheus - # vm: - # - docker-host00 - # container_name: prometheus - # image: prom/prometheus - # restart: unless-stopped - # volumes: - # - name: "Configuration" - # internal: /etc/prometheus/ - # external: /opt/docker/config/prometheus/ - # - name: "Data" - # internal: /prometheus/ - # external: prometheus_data - # ports: - # - name: "http" - # internal: 5000 - # external: 5000 - # environment: - # - PUID=65534 - # - PGID=65534 - # - TZ=Europe/Berlin + - name: elasticsearch + vm: + - docker-host01 + container_name: elasticsearch + image: "docker.elastic.co/elasticsearch/elasticsearch:{{ elk_version }}" + restart: unless-stopped + ports: + - name: "" + internal: 9200 + external: 9200 + - name: "" + internal: 9300 + external: 9300 + volumes: + - name: "data" + internal: /usr/share/elasticsearch/data + external: "{{ docker.directories.config }}/elk/elasticsearch/data" + - name: "certs" + internal: /usr/share/elasticsearch/config/certs + external: "{{ docker.directories.config }}/elk/certs" + environment: + - node.name=elasticsearch + - cluster.name=docker-cluster + - discovery.type=single-node + - "ELASTIC_PASSWORD={{ vault.docker.elk.elastic.password }}" + - xpack.security.enabled=true + - xpack.security.authc.api_key.enabled=true + - xpack.security.http.ssl.enabled=true + - xpack.security.http.ssl.key=certs/elasticsearch.key + - xpack.security.http.ssl.certificate=certs/elasticsearch.crt + - xpack.security.http.ssl.certificate_authorities=certs/ca.crt + - xpack.security.transport.ssl.enabled=true + - xpack.security.transport.ssl.verification_mode=certificate + - xpack.security.transport.ssl.key=certs/elasticsearch.key + - xpack.security.transport.ssl.certificate=certs/elasticsearch.crt + - xpack.security.transport.ssl.certificate_authorities=certs/ca.crt + - name: kibana + vm: + - docker-host01 + container_name: kibana + image: "docker.elastic.co/kibana/kibana:{{ elk_version }}" + restart: unless-stopped + ports: + - name: "http" + internal: 5601 + external: 5601 + volumes: + - name: "certs" + internal: /usr/share/kibana/config/certs + external: "{{ docker.directories.config }}/elk/certs/" + environment: + - ELASTICSEARCH_HOSTS=["https://elasticsearch:9200"] + - ELASTICSEARCH_USERNAME=kibana_system + - ELASTICSEARCH_PASSWORD={{ vault.docker.elk.elastic.password }} + - SERVER_SSL_ENABLED=true + - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/certs/kibana.crt + - SERVER_SSL_KEY=/usr/share/kibana/config/certs/kibana.key