diff --git a/Homelab Diagram.drawio b/Homelab Diagram.drawio
deleted file mode 100644
index 88303fe..0000000
--- a/Homelab Diagram.drawio
+++ /dev/null
@@ -1,207 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/Homelab Diagram.pdf b/Homelab Diagram.pdf
deleted file mode 100644
index 233446d..0000000
Binary files a/Homelab Diagram.pdf and /dev/null differ
diff --git a/aya01.yml b/aya01.yml
deleted file mode 100644
index 679b200..0000000
--- a/aya01.yml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-- name: Set up Servers
- hosts: aya01
- gather_facts: yes
- roles:
- - role: common
- tags:
- - common
- - role: samba
- tags:
- - samba
-# - role: power_management
-# tags:
-# - power_management
- - role: backblaze
- tags:
- - backblaze
- - role: node_exporter
- tags:
- - node_exporter
- - role: snmp_exporter
- tags:
- - snmp_exporter
- - role: smart_exporter
- tags:
- - smart_exporter
- - role: docker
- tags:
- - docker
diff --git a/roles/docker/templates/common/traefik/var-log/access.log b/genesis
similarity index 100%
rename from roles/docker/templates/common/traefik/var-log/access.log
rename to genesis
diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml
index 5094bbf..8c123bf 100644
--- a/group_vars/all/vars.yml
+++ b/group_vars/all/vars.yml
@@ -1,6 +1,7 @@
#
# Essential
#
+
user: tudattr
timezone: Europe/Berlin
rclone_config: "/root/.config/rclone/"
@@ -9,537 +10,21 @@ pgid: "1000"
pk_path: "/mnt/veracrypt1/genesis"
pubkey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKqc9fnzfCz8fQDFzla+D8PBhvaMmFu2aF+TYkkZRxl9 tuan@genesis-2022-01-20"
-
-local_domain: tudattr.dev
-local_subdomains: "local"
-remote_domain: tudattr.dev
-remote_subdomains: "www,plex,status,tautulli"
-backup_domain: seyshiro.de
-backup_subdomains: "hass,qbit,zm,"
-
-#
-# aya01
-#
-
-aya01_host: "aya01"
-aya01_ip: "192.168.20.12"
-
-#
-# mii
-#
-
-mii_host: "mii"
-mii_ip: "192.168.200.2"
-
-#
-# naruto
-#
-naruto_host: "naruto"
-naruto_ip: "192.168.20.13"
-
-#
-# pi
-#
-
-pi_host: "pi"
-pi_ip: "192.168.20.11"
-
-#
-# inko
-#
-
-inko_host: "inko"
-inko_ip: "192.168.20.14"
-
-#
-# Used to download for git releases
-#
-
-go_arch_map:
- i386: '386'
- x86_64: 'amd64'
- aarch64: 'arm64'
- armv7l: 'armv7'
- armv6l: 'armv6'
-
-go_arch: "{{ go_arch_map[ansible_architecture] | default(ansible_architecture) }}"
-
-#
-# aya01 - Disks
-#
-
-fstab_entries:
-- name: "config"
- path: "/opt"
- type: "ext4"
- uuid: "cad60133-dd84-4a2a-8db4-2881c608addf"
-- name: "media0"
- path: "/mnt/media0"
- type: "ext4"
- uuid: "c4c724ec-4fe3-4665-adf4-acd31d6b7f95"
-- name: "media1"
- path: "/mnt/media1"
- type: "ext4"
- uuid: "8d66d395-1e35-4f5a-a5a7-d181d6642ebf"
-
-mergerfs_entries:
- - name: "media"
- path: "/media"
- branches:
- - "/mnt/media0"
- - "/mnt/media1"
- opts:
- - "use_ino"
- - "allow_other"
- - "cache.files=partial"
- - "dropcacheonclose=true"
- - "category.create=mfs"
- type: "fuse.mergerfs"
+public_domain: tudattr.dev
+internal_domain: seyshiro.de
#
# Packages
#
+
common_packages:
- - sudo
+ - build-essential
+ - curl
- git
- iperf3
- - git
- - smartmontools
- - vim
- - curl
- - tree
+ - neovim
- rsync
+ - smartmontools
+ - sudo
- systemd-timesyncd
- - neofetch
- - build-essential
- - btrfs-progs
-
-#
-# Docker
-#
-docker_repo_url: https://download.docker.com/linux
-docker_apt_gpg_key: "{{ docker_repo_url }}/{{ ansible_distribution | lower }}/gpg"
-docker_apt_release_channel: stable
-docker_apt_arch: "{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}"
-docker_apt_repository: "deb [arch={{ docker_apt_arch }}] {{ docker_repo_url }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
-docker_network: "172.16.69.0/24"
-
-docker_compose_dir: /opt/docker/compose
-docker_dir: /opt/docker/config
-docker_data_dir: /media/docker/data # only available on aya01
-
-mysql_user: user
-
-#
-# ZoneMinder
-#
-
-zoneminder_host: "zm"
-zoneminder_port: "8081"
-zoneminder_network: "172.16.42.0/24"
-
-zoneminder_root: "{{ docker_dir }}/zm"
-zoneminder_config: "{{ zoneminder_root }}/config"
-zoneminder_log: "{{ zoneminder_root}}/log"
-zoneminder_db: "{{ zoneminder_root}}/db"
-
-zoneminder_data: "{{ docker_data_dir }}/zm/data"
-
-#
-# Syncthing
-#
-
-syncthing_host: "syncthing"
-syncthing_port: "8384"
-syncthing_data: "{{docker_data_dir}}/syncthing/"
-
-#
-# Softserve
-#
-
-softserve_data: "{{docker_dir}}/softserve/data"
-
-#
-# cupsd
-#
-
-cupsd_host: "cupsd"
-cupsd_port: "631"
-cupsd_config: "{{ docker_dir }}/cupsd/"
-
-#
-# Uptime Kuma
-#
-
-kuma_host: "status"
-kuma_port: "3001"
-kuma_config: "{{ docker_dir }}/kuma/"
-
-#
-# Traefik
-#
-
-traefik:
- host: "traefik"
- admin:
- port: "8080"
- config: "{{ docker_dir }}/traefik/etc-traefik/"
- data: "{{ docker_dir }}/traefik/var-log/"
- letsencrypt: "{{ docker_dir }}/traefik/letsencrypt/"
- user:
- web: "80"
- websecure: "443"
-
-#
-# DynDns Updater
-#
-
-ddns_host: "ddns"
-ddns_port: "8000"
-ddns_data: "{{ docker_dir }}/ddns-updater/data/"
-
-#
-# Home Assistant
-#
-
-ha_host: "hass"
-ha_port: "8123"
-ha_config: "{{ docker_dir }}/home-assistant/config/"
-
-#
-# pihole
-#
-
-pihole_host: "pihole"
-pihole_port: "8089"
-pihole_config: "{{ docker_dir }}/pihole/etc-pihole/"
-pihole_dnsmasq: "{{ docker_dir }}/pihole/etc-dnsmasq.d/"
-
-#
-# backblaze
-#
-
-# Directories that will be backupped to backblaze
-# MOVED TO HOSTVARS
-# backblaze_paths:
-# aya01:
-# - "{{ docker_compose_dir }}"
-# - "{{ docker_dir }}"
-# pi:
-# - "{{ docker_compose_dir }}"
-# - "{{ docker_dir }}"
-
-#
-# samba
-#
-samba:
- dependencies:
- - "samba"
- - "smbclient"
- - "cifs-utils"
- user: "smbuser"
- group: "smbshare"
- config: "templates/smb.conf"
- shares:
- media:
- name: "media"
- path: "/media"
- paperless:
- name: "paperless"
- path: "{{ paperless.data.consume }}"
-
-
-#
-# netdata
-#
-
-netdata_port: "19999"
-netdata_config: "{{ docker_dir }}/netdata/"
-netdata_lib: "{{ docker_data_dir }}/netdata/lib/"
-netdata_cache: "{{ docker_data_dir }}/netdata/cache"
-
-#
-# Plex
-#
-
-plex_host: "plex"
-# plex_ip: "172.16.69.12"
-plex_port: "32400"
-plex_config: "{{docker_data_dir}}/{{ plex_host }}/config"
-plex_tv: "/media/series"
-plex_movies: "/media/movies"
-plex_music: "/media/songs"
-
-#
-# WireGuard
-#
-
-wg_config: "templates/wg0.conf"
-wg_remote_config: "/etc/wireguard/wg0.conf"
-wg_service: "wg-quick@wg0.service"
-wg_deps: "wireguard"
-
-wg_ip: "192.168.200.2"
-wg_pubkey: "+LaPESyBF6Sb1lqkk4UcestFpXNaKYyyX99tkqwLQhU="
-wg_endpoint: "{{ local_subdomains }}.{{ local_domain }}:51820"
-wg_allowed_ips: "192.168.20.0/24,192.168.200.1/32"
-wg_dns: "{{ aya01_ip }},{{ pi_ip }},1.1.1.1"
-
-arr_downloads: "{{ docker_data_dir }}/arr_downloads"
-#
-# Sonarr
-#
-
-sonarr_port: "8989"
-sonarr_host: "sonarr"
-sonarr_config: "{{ docker_dir }}/{{ sonarr_host }}/config"
-sonarr_media: "{{ plex_tv }}"
-sonarr_downloads: "{{ arr_downloads }}/{{ sonarr_host }}"
-
-#
-# Radarr
-#
-
-radarr_port: "7878"
-radarr_host: "radarr"
-radarr_config: "{{ docker_dir }}/{{ radarr_host }}/config"
-radarr_media: "{{ plex_movies }}"
-radarr_downloads: "{{ arr_downloads }}/{{ radarr_host }}"
-
-#
-# Lidarr
-#
-
-lidarr_port: "8686"
-lidarr_host: "lidarr"
-lidarr_config: "{{ docker_dir }}/{{ lidarr_host }}/config"
-lidarr_media: "{{ plex_music }}"
-lidarr_downloads: "{{ arr_downloads }}/{{ lidarr_host }}"
-
-#
-# Prowlarr
-#
-
-prowlarr_port: "9696"
-prowlarr_host: "prowlarr"
-prowlarr_config: "{{ docker_dir }}/{{ prowlarr_host }}/config"
-
-#
-# bin
-#
-
-bin_port: "6162"
-bin_host: "bin"
-bin_upload: "{{ docker_data_dir }}/{{bin_host}}/upload"
-
-#
-# qbittorrentvpn
-#
-
-qbit_port: "8082"
-qbit_host: "qbit"
-qbit_config: "templates/aya01/qbittorrentvpn/config"
-
-qbit_remote_config: "{{ docker_dir }}/{{ qbit_host }}/config"
-qbit_downloads: "{{ arr_downloads }}"
-qbit_type: "openvpn"
-qbit_ssl: "no"
-qbit_lan: "192.168.20.0/24, 192.168.30.0/24, {{ docker_network }}"
-qbit_dns: "{{ aya01_ip }}, {{ pi_ip }}, 1.1.1.1"
-
-#
-# qbittorrentvpn - torrentleech
-#
-
-torrentleech_port: "8083"
-torrentleech_host: "torrentleech"
-torrentleech_remote_config: "{{ docker_dir }}/{{ torrentleech_host }}/config"
-
-#
-# Home Assistant
-#
-
-hass_port: ""
-hass_host: "hass"
-
-#
-# Tautulli
-#
-
-tautulli_port: "8181"
-tautulli_host: "tautulli"
-tautulli_config: "{{ docker_dir }}/{{ tautulli_host }}/config"
-
-#
-# Code Server
-#
-
-code_port: "8443"
-code_host: "code"
-code_config: "{{ docker_dir }}/{{ code_host }}/config"
-
-#
-# GlueTun
-#
-
-gluetun_port: ""
-gluetun_host: "gluetun"
-gluetun_country: "Hungary"
-gluetun_config: "{{ docker_dir }}/{{ gluetun_host }}/config"
-
-#
-# NodeExporter
-#
-
-node_exporter:
- port: 9100
- host: 'node'
- version: 'latest'
- serve: 'localhost'
- options: ''
- bin_path: /usr/local/bin/node_exporter
-
-#
-# Prometheus
-#
-
-prometheus_puid: "65534"
-prometheus_pgid: "65534"
-prometheus_host: "prometheus"
-prometheus_data: "{{docker_data_dir}}/prometheus/"
-prometheus_config: "{{docker_dir}}/prometheus/"
-prometheus_port: "9090"
-
-#
-# Grafana
-#
-
-grafana_host: "grafana"
-grafana_port: "3000"
-grafana_data: "{{docker_data_dir}}/grafana/"
-grafana_config: "{{docker_dir}}/grafana/config/"
-grafana_logs: "{{docker_dir}}/grafana/logs/"
-grafana_puid: "472"
-grafana_pgid: "472"
-
-#
-# SNMP Exporter
-#
-
-snmp_exporter_port: "9116"
-snmp_exporter_target: "192.168.20.1"
-snmp_exporter_config: "{{ docker_dir }}/snmp_exporter/"
-snmp_exporter_host: "snmp_exporter"
-
-#
-# SMART Exporter
-#
-
-smart_exporter:
- port: 9633
- version: 'latest'
- options: '--web.listen-address=9633'
- bin_path: /usr/local/bin/smart_exporter
-
-#
-# Stirling-pdf
-#
-
-stirling:
- host: "stirling"
- dns: "pdf"
- port: 8084
-
-#
-# nginx proxy manager
-#
-
-nginx:
- host: "nginx"
- endpoints:
- http: 80
- https: 443
- admin: 8080
- paths:
- letsencrypt: "{{docker_dir}}/nginx/letsencrypt"
- data: "{{docker_dir}}/nginx/data"
-
-#
-# Jellyfin
-#
-
-jellyfin:
- host: "jellyfin"
- port: "8096"
- config: "{{docker_dir}}/jellyfin/config"
- cache: "{{docker_dir}}/jellyfin/cache"
- media:
- tv: "{{ plex_tv }}"
- movies: "{{ plex_movies }}"
- music: "{{ plex_music }}"
-
-#
-# paperless-ngx
-#
-
-paperless:
- host: "paperless"
- port: "8000"
- data:
- data: "{{ docker_dir }}/paperless/data/data"
- media: "{{ docker_dir }}/paperless/data/media"
- export: "{{ docker_dir }}/paperless/data/export"
- consume: "{{ docker_dir }}/paperless/data/consume"
- db:
- host: "paperless-sqlite"
- db: "paperless"
- user: "paperless"
- password: "{{ host.paperless.db.password }}"
- data: "{{ docker_dir }}/paperless/db/data"
- redis:
- host: "paperless-redis"
- data: "{{ docker_dir }}/paperless/redis/data"
-
-#
-# Homarr
-#
-
-homarr:
- host: "homarr"
- volumes:
- configs: "{{docker_dir}}/homarr/configs"
- data: "{{ docker_data_dir }}/homarr/data/"
- icons: "{{docker_dir}}/homarr/icons"
-
-#
-# gitea
-#
-
-gitea:
- host: "git"
- url: "https://git.tudattr.dev"
- volumes:
- data: "{{ docker_data_dir }}/gitea/data"
- config: "{{ docker_dir }}/gitea/config"
- ports:
- http: "3000"
- ssh: "2222"
- runner:
- host: "gitea-runner-{{ host.hostname }}"
- token: "{{ host.gitea.runner.token }}"
- name: "{{ host.hostname }}"
- volumes:
- data: "{{ docker_data_dir }}/gitea/runner/data/"
- config: "{{ docker_dir }}/gitea/runner/config/"
- config_file: "{{ docker_dir }}/gitea/runner/config/config.yml"
-
-#
-# Jellyseer
-#
-
-jellyseer:
- host: "jellyseer"
- ports:
- http: "5055"
- volumes:
- config: "{{ docker_dir }}/jellyseer/config"
+ - tree
diff --git a/host_vars/genesis.yml b/host_vars/genesis.yml
new file mode 100644
index 0000000..c2afc30
--- /dev/null
+++ b/host_vars/genesis.yml
@@ -0,0 +1,9 @@
+ansible_user: "{{ user }}"
+ansible_host: 192.168.20.12
+ansible_port: 22
+ansible_ssh_private_key_file: "{{ pk_path }}"
+ansible_become_pass: "{{ vault.aya01.sudo }}"
+
+host:
+ hostname: "k3s.server"
+ ip: "{{ ansible_host }}"
diff --git a/host_vars/inko.yml b/host_vars/inko.yml
deleted file mode 100644
index c98d838..0000000
--- a/host_vars/inko.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-ansible_user: "{{ user }}"
-ansible_host: 192.168.20.14
-ansible_port: 22
-ansible_ssh_private_key_file: '{{ pk_path }}'
-ansible_become_pass: '{{ vault.inko.sudo }}'
-
-host:
- ip: "{{ ansible_host }}"
- fstab:
- mergerfs:
diff --git a/host_vars/k3s.server.yml b/host_vars/k3s.server.yml
new file mode 100644
index 0000000..f3d22d1
--- /dev/null
+++ b/host_vars/k3s.server.yml
@@ -0,0 +1,9 @@
+ansible_user: "{{ user }}"
+ansible_host: 192.168.20.21
+ansible_port: 22
+ansible_ssh_private_key_file: "{{ pk_path }}"
+ansible_become_pass: "{{ vault.k3s-server.sudo }}"
+
+host:
+ hostname: "k3s.server"
+ ip: "{{ ansible_host }}"
diff --git a/host_vars/mii.yml b/host_vars/mii.yml
deleted file mode 100644
index 980ff27..0000000
--- a/host_vars/mii.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-ansible_user: "{{ user }}"
-ansible_host: 202.61.207.139
-ansible_port: 22
-ansible_ssh_private_key_file: '{{ pk_path }}'
-ansible_become_pass: '{{ vault.mii.sudo }}'
-
-host:
- hostname: "mii"
- ip: "192.168.200.2"
- backblaze:
- account: "{{ vault.mii.backblaze.account }}"
- key: "{{ vault.mii.backblaze.key }}"
- remote: "remote:mii-tudattr-dev"
- password: "{{ vault.mii.rclone.password }}"
- password2: "{{ vault.mii.rclone.password2 }}"
- paths:
- - "{{ docker_compose_dir }}"
- - "{{ docker_dir }}"
- fstab:
- mergerfs:
diff --git a/host_vars/naruto.yml b/host_vars/naruto.yml
deleted file mode 100644
index 45a7740..0000000
--- a/host_vars/naruto.yml
+++ /dev/null
@@ -1,23 +0,0 @@
-ansible_user: "{{ user }}"
-ansible_host: 192.168.20.13
-ansible_port: 22
-ansible_ssh_private_key_file: '{{ pk_path }}'
-ansible_become_pass: '{{ vault.naruto.sudo }}'
-
-host:
- hostname: "naruto"
- ip: "{{ ansible_host }}"
- backblaze:
- account: "{{ vault.naruto.backblaze.account }}"
- key: "{{ vault.naruto.backblaze.key }}"
- remote: "remote:naruto-tudattr-dev"
- password: "{{ vault.naruto.rclone.password }}"
- password2: "{{ vault.naruto.rclone.password2 }}"
- paths:
- - "{{ docker_compose_dir }}"
- - "{{ docker_dir }}"
- fstab:
- mergerfs:
- gitea:
- runner:
- token: "{{ vault.naruto.gitea.runner.token }}"
diff --git a/host_vars/pi.yml b/host_vars/pi.yml
deleted file mode 100644
index 1fa6010..0000000
--- a/host_vars/pi.yml
+++ /dev/null
@@ -1,23 +0,0 @@
-ansible_user: "{{ user }}"
-ansible_host: 192.168.20.11
-ansible_port: 22
-ansible_ssh_private_key_file: '{{ pk_path }}'
-ansible_become_pass: '{{ vault.pi.sudo }}'
-
-host:
- hostname: "pi"
- ip: "{{ ansible_host }}"
- backblaze:
- account: "{{ vault.pi.backblaze.account }}"
- key: "{{ vault.pi.backblaze.key }}"
- remote: "remote:pi-tudattr-dev"
- password: "{{ vault.pi.rclone.password }}"
- password2: "{{ vault.pi.rclone.password2 }}"
- paths:
- - "{{ docker_compose_dir }}"
- - "{{ docker_dir }}"
- fstab:
- mergerfs:
- gitea:
- runner:
- token: "{{ vault.pi.gitea.runner.token }}"
diff --git a/inko.yml b/k3s.server.yml
similarity index 71%
rename from inko.yml
rename to k3s.server.yml
index b45da19..eb293c6 100644
--- a/inko.yml
+++ b/k3s.server.yml
@@ -1,14 +1,14 @@
---
- name: Set up Servers
- hosts: inko
+ hosts: aya01
gather_facts: yes
roles:
- role: common
tags:
- common
- - role: power_management
+ - role: k3s-server
tags:
- - power_management
+ - k3s-server
- role: node_exporter
tags:
- node_exporter
diff --git a/mii.yml b/mii.yml
deleted file mode 100644
index 120f012..0000000
--- a/mii.yml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-- name: Set up Servers
- hosts: mii
- gather_facts: yes
- roles:
- - role: common
- tags:
- - common
- - role: backblaze
- tags:
- - backblaze
- - role: node_exporter
- tags:
- - node_exporter
- - role: docker
- tags:
- - docker
- - role: wireguard
- tags:
- - wireguard
diff --git a/naruto.yml b/naruto.yml
deleted file mode 100644
index 766ff49..0000000
--- a/naruto.yml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-- name: Set up Servers
- hosts: naruto
- gather_facts: yes
- roles:
- - role: common
- tags:
- - common
- - role: samba
- tags:
- - samba
- - role: node_exporter
- tags:
- - node_exporter
- - role: smart_exporter
- tags:
- - smart_exporter
diff --git a/pi.yml b/pi.yml
deleted file mode 100644
index 5e6f9d6..0000000
--- a/pi.yml
+++ /dev/null
@@ -1,17 +0,0 @@
----
-- name: Set up Raspberry Pis
- hosts: pi
- gather_facts: yes
- roles:
- - role: common
- tags:
- - common
- - role: backblaze
- tags:
- - backblaze
- - role: node_exporter
- tags:
- - node_exporter
- - role: docker
- tags:
- - docker
diff --git a/production b/production
index cebafff..292ccd9 100644
--- a/production
+++ b/production
@@ -1,9 +1,11 @@
-[server]
-aya01
-
-[raspberry]
-pi
-naruto
-
[vps]
mii
+
+[k3s]
+k3s.server
+
+[vm]
+k3s.server
+
+[controller]
+genesis
diff --git a/roles/backblaze/tasks/backup.yml b/roles/backblaze/tasks/backup.yml
deleted file mode 100644
index 595492b..0000000
--- a/roles/backblaze/tasks/backup.yml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-- name: Shut down docker
- systemd:
- name: docker
- state: stopped
- become: true
-
- # - name: Backing up for "{{ inventory_hostname }}"
- # shell:
- # cmd: "rclone sync {{ item }} secret:{{ item }} --transfers 16"
- # loop: "{{ host.backblaze.paths }}"
- # become: true
-
-- name: Backing up for "{{ inventory_hostname }}"
- shell:
- cmd: "rclone sync {{ item }} secret:{{ item }} --skip-links"
- loop: "{{ host.backblaze.paths }}"
- become: true
-
-- name: Restart docker
- systemd:
- name: docker
- state: started
- become: true
diff --git a/roles/backblaze/tasks/config.yml b/roles/backblaze/tasks/config.yml
deleted file mode 100644
index 4021211..0000000
--- a/roles/backblaze/tasks/config.yml
+++ /dev/null
@@ -1,18 +0,0 @@
----
-- name: Create rclone config folder
- file:
- path: "{{ rclone_config }}"
- owner: '0'
- group: '0'
- mode: '700'
- state: directory
- become: true
-
-- name: Copy "rclone.conf"
- template:
- src: "rclone.conf.j2"
- dest: "{{ rclone_config }}/rclone.conf"
- owner: '0'
- group: '0'
- mode: '400'
- become: true
diff --git a/roles/backblaze/tasks/install.yml b/roles/backblaze/tasks/install.yml
deleted file mode 100644
index e47bb27..0000000
--- a/roles/backblaze/tasks/install.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-- name: Update and upgrade packages
- apt:
- update_cache: true
- upgrade: true
- autoremove: true
- become: true
-
-- name: Install rclone
- apt:
- name: "rclone"
- state: present
- become: true
diff --git a/roles/backblaze/tasks/main.yml b/roles/backblaze/tasks/main.yml
deleted file mode 100644
index 9e7df93..0000000
--- a/roles/backblaze/tasks/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-
-- include_tasks: install.yml
-- include_tasks: config.yml
-- include_tasks: backup.yml
diff --git a/roles/backblaze/templates/rclone.conf.j2 b/roles/backblaze/templates/rclone.conf.j2
deleted file mode 100644
index 4c535f0..0000000
--- a/roles/backblaze/templates/rclone.conf.j2
+++ /dev/null
@@ -1,10 +0,0 @@
-[remote]
-type = b2
-account = {{ host.backblaze.account }}
-key = {{ host.backblaze.key }}
-
-[secret]
-type = crypt
-remote = {{ host.backblaze.remote }}
-password = {{ host.backblaze.password }}
-password2 = {{ host.backblaze.password2 }}
diff --git a/roles/common/tasks/fstab.yml b/roles/common/tasks/fstab.yml
deleted file mode 100644
index fee2997..0000000
--- a/roles/common/tasks/fstab.yml
+++ /dev/null
@@ -1,42 +0,0 @@
----
-- name: Install dependencies
- apt:
- name: "mergerfs"
- state: present
- become: yes
-
-- name: Create mount folders
- file:
- path: "{{ item.path }}"
- state: directory
- loop: "{{ host.fstab if host.fstab is iterable else []}}"
- become: true
-
-- name: Create fstab entries
- mount:
- src: "UUID={{ item.uuid }}"
- path: "{{ item.path }}"
- fstype: "{{ item.type }}"
- state: present
- backup: true
- loop: "{{ host.fstab if host.fstab is iterable else []}}"
- become: true
- register: fstab
-
-- name: Create/mount mergerfs
- mount:
- src: "{{ item.branches | join(':') }}"
- path: "{{ item.path }}"
- fstype: "{{ item.type }}"
- opts: "{{ item.opts | join(',') }}"
- state: present
- backup: true
- become: true
- loop: "{{ host.mergerfs if host.mergerfs is iterable else []}}"
- register: fstab
-
-- name: Mount all disks
- command: mount -a
- become: true
- when: fstab.changed
-
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 3ae9583..f8f1218 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -3,4 +3,3 @@
- include_tasks: essential.yml
- include_tasks: bash.yml
- include_tasks: sshd.yml
-- include_tasks: fstab.yml
diff --git a/roles/docker/tasks/aya01_compose.yml b/roles/docker/tasks/aya01_compose.yml
deleted file mode 100644
index 8da47e5..0000000
--- a/roles/docker/tasks/aya01_compose.yml
+++ /dev/null
@@ -1,96 +0,0 @@
----
-
-# - include_tasks: zoneminder.yml
-# tags:
-# - zoneminder
-
-- include_tasks: pihole.yml
- tags:
- - pihole
-
-- include_tasks: syncthing.yml
- tags:
- - syncthing
-
-# - include_tasks: softserve.yml
-# tags:
-# - softserve
-
-- include_tasks: cupsd.yml
- tags:
- - cupsd
-
-- include_tasks: kuma.yml
- tags:
- - kuma
-
-# - include_tasks: traefik.yml
-# tags:
-# - traefik
-
-- include_tasks: plex.yml
- tags:
- - plex
-- include_tasks: ddns.yml
- tags:
- - ddns
-
-- include_tasks: homeassistant.yml
- tags:
- - homeassistant
-
-- include_tasks: tautulli.yml
- tags:
- - tautulli
-
-- include_tasks: sonarr.yml
- tags:
- - sonarr
-
-- include_tasks: radarr.yml
- tags:
- - radarr
-
-- include_tasks: lidarr.yml
- tags:
- - lidarr
-
-- include_tasks: prowlarr.yml
- tags:
- - prowlarr
-
-- include_tasks: bin.yml
- tags:
- - bin
-
-- include_tasks: gluetun.yml
- tags:
- - gluetun
-
-- include_tasks: qbit.yml
- tags:
- - qbit
-
-- include_tasks: qbit_private.yml
- tags:
- - qbit_priv
-
-- include_tasks: prometheus.yml
- tags:
- - prometheus
-
-- include_tasks: grafana.yml
- tags:
- - grafana
-
-- include_tasks: jellyfin.yml
- tags:
- - jellyfin
-
-- include_tasks: gitea.yml
- tags:
- - gitea
-
-- include_tasks: gitea-runner.yml
- tags:
- - gitea-runner
diff --git a/roles/docker/tasks/bin.yml b/roles/docker/tasks/bin.yml
deleted file mode 100644
index 17cf85a..0000000
--- a/roles/docker/tasks/bin.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-- name: Create bin-config directory
- file:
- path: "{{ bin_upload }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- become: yes
diff --git a/roles/docker/tasks/cupsd.yml b/roles/docker/tasks/cupsd.yml
deleted file mode 100644
index 07dc746..0000000
--- a/roles/docker/tasks/cupsd.yml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-- name: Create cupsd-config directory
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- loop:
- - "{{ cupsd_config }}"
- become: true
-
-- name: Copy cupsd config
- template:
- owner: "{{ puid }}"
- src: "templates/aya01/cupsd/cupsd.conf"
- dest: "{{ cupsd_config }}/cupsd.conf"
- mode: '660'
- become: true
diff --git a/roles/docker/tasks/ddns.yml b/roles/docker/tasks/ddns.yml
deleted file mode 100644
index af16be3..0000000
--- a/roles/docker/tasks/ddns.yml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-- name: Create ddns-config directory
- file:
- path: "{{ docker_dir }}/ddns-updater/data/"
- owner: 1000
- group: 1000
- mode: '700'
- state: directory
-
-- name: Copy ddns-config
- template:
- owner: 1000
- src: "templates/{{host.hostname}}/ddns-updater/data/config.json"
- dest: "{{ docker_dir }}/ddns-updater/data/config.json"
- mode: '400'
-
diff --git a/roles/docker/tasks/gitea-runner.yml b/roles/docker/tasks/gitea-runner.yml
deleted file mode 100644
index 93e2349..0000000
--- a/roles/docker/tasks/gitea-runner.yml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-- name: Create gitea-runner directories
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- become: yes
- loop:
- - "{{ gitea.runner.volumes.data }}"
diff --git a/roles/docker/tasks/gitea.yml b/roles/docker/tasks/gitea.yml
deleted file mode 100644
index 8aa2c06..0000000
--- a/roles/docker/tasks/gitea.yml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-- name: Create gitea directories
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- become: yes
- loop:
- - "{{ gitea.volumes.data }}"
- - "{{ gitea.volumes.config }}"
diff --git a/roles/docker/tasks/gitlab-runner.yml b/roles/docker/tasks/gitlab-runner.yml
deleted file mode 100644
index 3d73190..0000000
--- a/roles/docker/tasks/gitlab-runner.yml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-- name: Create gitlab-runner directories
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- become: yes
- loop:
- - "{{ gitlab.runner.volumes.config }}"
diff --git a/roles/docker/tasks/gitlab.yml b/roles/docker/tasks/gitlab.yml
deleted file mode 100644
index 0351ed8..0000000
--- a/roles/docker/tasks/gitlab.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-
-- name: Create gitlab-config
- file:
- path: "{{ item }}"
- owner: "{{ gitlab.puid }}"
- group: "{{ gitlab.pgid }}"
- mode: '755'
- state: directory
- become: yes
- loop:
- - "{{ gitlab.paths.config }}"
- - "{{ gitlab.paths.logs }}"
- - "{{ gitlab.paths.data }}"
diff --git a/roles/docker/tasks/gluetun.yml b/roles/docker/tasks/gluetun.yml
deleted file mode 100644
index a56704b..0000000
--- a/roles/docker/tasks/gluetun.yml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-- name: Create gluetun-config directory
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '775'
- state: directory
- loop:
- - "{{ gluetun_config}}"
- become: true
diff --git a/roles/docker/tasks/grafana.yml b/roles/docker/tasks/grafana.yml
deleted file mode 100644
index 260e0f3..0000000
--- a/roles/docker/tasks/grafana.yml
+++ /dev/null
@@ -1,22 +0,0 @@
----
-- name: Create grafana data directory
- file:
- path: "{{ item }}"
- owner: "{{ grafana_puid }}"
- group: "{{ grafana_pgid }}"
- mode: '755'
- state: directory
- loop:
- - "{{ grafana_data }}"
- - "{{ grafana_config }}"
- become: true
-
-- name: Copy grafana config
- template:
- owner: "{{ grafana_puid }}"
- group: "{{ grafana_pgid }}"
- src: "templates/aya01/grafana/etc-grafana/grafana.ini.j2"
- dest: "{{ grafana_config }}/grafana.ini"
- mode: '644'
- become: true
-
diff --git a/roles/docker/tasks/homeassistant.yml b/roles/docker/tasks/homeassistant.yml
deleted file mode 100644
index 766d37d..0000000
--- a/roles/docker/tasks/homeassistant.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-
-- name: Create homeassistant-config directory
- file:
- path: "{{ ha_config }}"
- mode: '755'
- state: directory
- become: true
diff --git a/roles/docker/tasks/hugo.yml b/roles/docker/tasks/hugo.yml
deleted file mode 100644
index 84ca038..0000000
--- a/roles/docker/tasks/hugo.yml
+++ /dev/null
@@ -1,30 +0,0 @@
----
-- name: Create zoneminder user
- user:
- name: zm
- uid: 911
- shell: /bin/false
- become: true
-
-- name: Create Zoneminder config directory
- file:
- path: "{{ item }}"
- owner: 911
- group: 911
- mode: '700'
- state: directory
- loop:
- - "{{ zoneminder_config }}"
- become: true
-
-- name: Create Zoneminder data directory
- file:
- path: "{{ item }}"
- owner: 911
- group: 911
- mode: '755'
- state: directory
- loop:
- - "{{ zoneminder_data }}"
- become: true
-
diff --git a/roles/docker/tasks/install.yml b/roles/docker/tasks/install.yml
deleted file mode 100644
index e0d2504..0000000
--- a/roles/docker/tasks/install.yml
+++ /dev/null
@@ -1,67 +0,0 @@
----
-- name: Uninstall old versions
- apt:
- name: "{{ item }}"
- state: absent
- purge: true
- loop:
- - docker
- - docker-engine
- - docker.io
- - containerd
- - runc
- become: true
-
-- name: Update cache
- apt:
- update_cache: true
- become: true
-
-- name: Install dependencies for apt to use repositories over HTTPS
- apt:
- name: "{{ item }}"
- state: present
- loop:
- - ca-certificates
- - curl
- - gnupg
- - lsb-release
- become: true
-
-- name: Create keyrings direcoty
- ansible.builtin.file:
- path: /etc/apt/keyrings
- state: directory
- mode: '0755'
- become: true
-
-- name: Add Docker apt key.
- ansible.builtin.get_url:
- url: "{{ docker_apt_gpg_key }}"
- dest: /etc/apt/trusted.gpg.d/docker.asc
- mode: '0664'
- force: true
- become: true
-
-- name: Add Docker repository.
- apt_repository:
- repo: "{{ docker_apt_repository }}"
- state: present
- become: true
-
-- name: Update cache
- apt:
- update_cache: true
- become: true
-
-- name: Install Docker Engine, containerd, and Docker Compose.
- apt:
- name: "{{ item }}"
- state: present
- loop:
- - docker-ce
- - docker-ce-cli
- - docker-compose-plugin
- - containerd.io
- become: true
-
diff --git a/roles/docker/tasks/jellyfin.yml b/roles/docker/tasks/jellyfin.yml
deleted file mode 100644
index 8399c84..0000000
--- a/roles/docker/tasks/jellyfin.yml
+++ /dev/null
@@ -1,31 +0,0 @@
----
-- name: Create jellyfin-config directory
- file:
- path: "{{ jellyfin.config }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- become: yes
-
-- name: Create jellyfin-cache directory
- file:
- path: "{{ jellyfin.cache }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- become: yes
-
-- name: Create jellyfin media directories
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- become: yes
- loop:
- - "{{ jellyfin.media.tv }}"
- - "{{ jellyfin.media.movies }}"
- - "{{ jellyfin.media.music }}"
diff --git a/roles/docker/tasks/kuma.yml b/roles/docker/tasks/kuma.yml
deleted file mode 100644
index 6b24c06..0000000
--- a/roles/docker/tasks/kuma.yml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-- name: Create kuma-config directory
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- loop:
- - "{{ kuma_config }}"
- become: true
diff --git a/roles/docker/tasks/lidarr.yml b/roles/docker/tasks/lidarr.yml
deleted file mode 100644
index 58c0afa..0000000
--- a/roles/docker/tasks/lidarr.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-- name: Create lidarr directories
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- become: yes
- loop:
- - "{{ lidarr_config }}"
- - "{{ lidarr_media }}"
- - "{{ lidarr_downloads }}"
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
deleted file mode 100644
index 0600542..0000000
--- a/roles/docker/tasks/main.yml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-- include_tasks: install.yml
-
-- include_tasks: user_group_setup.yml
-
-- name: Copy the compose file
- template:
- src: templates/{{ inventory_hostname }}/compose.yaml
- dest: "{{ docker_compose_dir }}/compose.yaml"
- register: compose
-
-- include_tasks: "{{ inventory_hostname }}_compose.yml"
- tags:
- - reload_compose
-
-- name: Update docker Images
- shell:
- cmd: "docker compose pull"
- chdir: "{{ docker_compose_dir }}"
-
-- name: Rebuilding docker images
- shell:
- cmd: "docker compose up -d --build"
- chdir: "{{ docker_compose_dir }}"
diff --git a/roles/docker/tasks/mii_compose.yml b/roles/docker/tasks/mii_compose.yml
deleted file mode 100644
index bb640a9..0000000
--- a/roles/docker/tasks/mii_compose.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-
-- include_tasks: nginx-proxy-manager.yml
- tags:
- - nginx
diff --git a/roles/docker/tasks/naruto_compose.yml b/roles/docker/tasks/naruto_compose.yml
deleted file mode 100644
index 8ead74f..0000000
--- a/roles/docker/tasks/naruto_compose.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-
-- include_tasks: nginx-proxy-manager.yml
- tags:
- - nginx
-
-- include_tasks: pihole.yml
- tags:
- - pihole
-
-- include_tasks: gitea-runner.yml
- tags:
- - gitea-runner
diff --git a/roles/docker/tasks/netdata.yaml b/roles/docker/tasks/netdata.yaml
deleted file mode 100644
index 3e9da3f..0000000
--- a/roles/docker/tasks/netdata.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-
-- name: Create netdata dirs
- file:
- path: "{{ item }}"
- owner: 1000
- group: 1000
- mode: '777'
- state: directory
- loop:
- - "{{ netdata_config }}"
- - "{{ netdata_cache }}"
- - "{{ netdata_lib }}"
- become: true
diff --git a/roles/docker/tasks/nginx-proxy-manager.yml b/roles/docker/tasks/nginx-proxy-manager.yml
deleted file mode 100644
index c6a7328..0000000
--- a/roles/docker/tasks/nginx-proxy-manager.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-
-- name: Create nginx-data directory
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- loop:
- - "{{ nginx.paths.letsencrypt }}"
- - "{{ nginx.paths.data }}"
- become: yes
diff --git a/roles/docker/tasks/pi_compose.yml b/roles/docker/tasks/pi_compose.yml
deleted file mode 100644
index a70772e..0000000
--- a/roles/docker/tasks/pi_compose.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-
-- include_tasks: nginx-proxy-manager.yml
- tags:
- - nginx
-
-- include_tasks: pihole.yml
- tags:
- - pihole
-
-- include_tasks: gitea-runner.yml
- tags:
- - gitea-runner
-
diff --git a/roles/docker/tasks/pihole.yml b/roles/docker/tasks/pihole.yml
deleted file mode 100644
index a7ca11a..0000000
--- a/roles/docker/tasks/pihole.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-- name: Create pihole-config directory
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- loop:
- - "{{ docker_dir }}/pihole/etc-pihole/"
- - "{{ docker_dir }}/pihole/etc-dnsmasq.d/"
- become: true
-
-
diff --git a/roles/docker/tasks/plex.yml b/roles/docker/tasks/plex.yml
deleted file mode 100644
index 8ce9ad5..0000000
--- a/roles/docker/tasks/plex.yml
+++ /dev/null
@@ -1,22 +0,0 @@
----
-- name: Create plex-config directory
- file:
- path: "{{ plex_config }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- become: yes
-
-- name: Create plex media directories
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- become: yes
- loop:
- - "{{ plex_tv }}"
- - "{{ plex_movies }}"
- - "{{ plex_music }}"
diff --git a/roles/docker/tasks/prometheus.yml b/roles/docker/tasks/prometheus.yml
deleted file mode 100644
index 0545ab3..0000000
--- a/roles/docker/tasks/prometheus.yml
+++ /dev/null
@@ -1,21 +0,0 @@
----
-- name: Create prometheus dirs
- file:
- path: "{{ item }}"
- owner: "{{ prometheus_puid }}"
- group: "{{ prometheus_pgid }}"
- mode: '755'
- state: directory
- loop:
- - "{{ prometheus_config }}"
- - "{{ prometheus_data }}"
- become: true
-
-- name: Place prometheus config
- template:
- owner: "{{ prometheus_puid }}"
- group: "{{ prometheus_pgid}}"
- src: "templates/aya01/prometheus/prometheus.yml.j2"
- dest: "{{ prometheus_config }}/prometheus.yml"
- mode: '644'
- become: true
diff --git a/roles/docker/tasks/prowlarr.yml b/roles/docker/tasks/prowlarr.yml
deleted file mode 100644
index 01a2daa..0000000
--- a/roles/docker/tasks/prowlarr.yml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-- name: Create prowlarr directories
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- become: yes
- loop:
- - "{{ prowlarr_config }}"
diff --git a/roles/docker/tasks/qbit.yml b/roles/docker/tasks/qbit.yml
deleted file mode 100644
index be331c0..0000000
--- a/roles/docker/tasks/qbit.yml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-- name: Create qbit-config directory
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '775'
- state: directory
- loop:
- - "{{ qbit_remote_config }}"
- - "{{ qbit_downloads }}"
- become: true
diff --git a/roles/docker/tasks/qbit_private.yml b/roles/docker/tasks/qbit_private.yml
deleted file mode 100644
index f0c617a..0000000
--- a/roles/docker/tasks/qbit_private.yml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-- name: Create qbit_torrentleech-config directory
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '775'
- state: directory
- loop:
- - "{{ torrentleech_remote_config }}"
- - "{{ qbit_downloads }}"
- become: true
diff --git a/roles/docker/tasks/radarr.yml b/roles/docker/tasks/radarr.yml
deleted file mode 100644
index 812e3a6..0000000
--- a/roles/docker/tasks/radarr.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-- name: Create radarr directories
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- become: yes
- loop:
- - "{{ radarr_config }}"
- - "{{ radarr_media }}"
- - "{{ radarr_downloads }}"
diff --git a/roles/docker/tasks/softserve.yml b/roles/docker/tasks/softserve.yml
deleted file mode 100644
index c8483d6..0000000
--- a/roles/docker/tasks/softserve.yml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-
-- name: Create soft-serve directory
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- loop:
- - "{{ softserve_data }}"
- become: true
diff --git a/roles/docker/tasks/sonarr.yml b/roles/docker/tasks/sonarr.yml
deleted file mode 100644
index 6eeaaee..0000000
--- a/roles/docker/tasks/sonarr.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-- name: Create sonarr directories
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- become: yes
- loop:
- - "{{ sonarr_config }}"
- - "{{ sonarr_media }}"
- - "{{ sonarr_downloads }}"
diff --git a/roles/docker/tasks/swag.yml b/roles/docker/tasks/swag.yml
deleted file mode 100644
index b43efb4..0000000
--- a/roles/docker/tasks/swag.yml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-
-- name: Create swag-config directory
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- state: directory
- loop:
- - "{{ swag_config }}"
-
-- name: Copy site-confs
- template:
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- src: "{{ item }}"
- dest: "{{ swag_remote_site_confs }}"
- mode: '664'
- loop: "{{ swag_site_confs }}"
- become: true
diff --git a/roles/docker/tasks/syncthing.yml b/roles/docker/tasks/syncthing.yml
deleted file mode 100644
index 9a897b8..0000000
--- a/roles/docker/tasks/syncthing.yml
+++ /dev/null
@@ -1,18 +0,0 @@
----
-- name: Create syncthing directory
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- loop:
- - "{{ syncthing_data }}"
- become: true
-
-- name: Resolve inotify error for syncthing
- template:
- src: "templates/aya01/syncthing/syncthing.conf"
- dest: "/etc/sysctl.d/syncthing.conf"
- mode: "660"
- become: true
diff --git a/roles/docker/tasks/tautulli.yml b/roles/docker/tasks/tautulli.yml
deleted file mode 100644
index 48fa4d0..0000000
--- a/roles/docker/tasks/tautulli.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-- name: Create tautulli-config directory
- file:
- path: "{{ tautulli_config }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- mode: '755'
- state: directory
- become: yes
diff --git a/roles/docker/tasks/traefik.yml b/roles/docker/tasks/traefik.yml
deleted file mode 100644
index d69ceaa..0000000
--- a/roles/docker/tasks/traefik.yml
+++ /dev/null
@@ -1,18 +0,0 @@
----
-
-- name: Create traefik-config directory
- file:
- path: "{{ item }}"
- owner: "{{ puid }}"
- group: "{{ pgid }}"
- state: directory
- loop:
- - "{{ docker_dir }}/traefik/etc-traefik/"
- - "{{ docker_dir }}/traefik/var-log/"
-
-- name: Copy traefik-config
- template:
- owner: 1000
- src: "templates/common/traefik/etc-traefik/traefik.yml"
- dest: "{{ traefik.config }}"
- mode: '400'
diff --git a/roles/docker/tasks/user_group_setup.yml b/roles/docker/tasks/user_group_setup.yml
deleted file mode 100644
index e0cab68..0000000
--- a/roles/docker/tasks/user_group_setup.yml
+++ /dev/null
@@ -1,25 +0,0 @@
----
-- name: Ensure group "docker" exists
- group:
- name: docker
- state: present
- become: yes
-
-- name: Append the group "docker" to "{{ user }}" groups
- ansible.builtin.user:
- name: "{{ user }}"
- shell: /bin/bash
- groups: docker
- append: yes
- become: yes
-
-- name: Make sure that the docker folders exists
- ansible.builtin.file:
- path: "{{ item }}"
- owner: "{{ user }}"
- group: "{{ user }}"
- state: directory
- loop:
- - "{{docker_compose_dir}}"
- - "{{docker_dir}}"
- become: yes
diff --git a/roles/docker/tasks/zoneminder.yml b/roles/docker/tasks/zoneminder.yml
deleted file mode 100644
index f15e0d3..0000000
--- a/roles/docker/tasks/zoneminder.yml
+++ /dev/null
@@ -1,30 +0,0 @@
----
-- name: Create zoneminder user
- user:
- name: zm
- uid: '911'
- shell: /bin/false
- become: true
-
-- name: Create Zoneminder config directory
- file:
- path: "{{ item }}"
- owner: '911'
- group: '911'
- mode: '755'
- state: directory
- loop:
- - "{{ zoneminder_config }}"
- become: true
-
-- name: Create Zoneminder data directory
- file:
- path: "{{ item }}"
- owner: '911'
- group: '911'
- mode: '755'
- state: directory
- loop:
- - "{{ zoneminder_data }}"
- become: true
-
diff --git a/roles/docker/templates/aya01/compose.yaml b/roles/docker/templates/aya01/compose.yaml
deleted file mode 100644
index dae8d37..0000000
--- a/roles/docker/templates/aya01/compose.yaml
+++ /dev/null
@@ -1,518 +0,0 @@
-version: '3'
-services:
- nginx:
- container_name: "{{nginx.host}}"
- image: 'jc21/nginx-proxy-manager:latest'
- restart: unless-stopped
- networks:
- net: {}
- ports:
- - '{{nginx.endpoints.http}}:80'
- - '{{nginx.endpoints.https}}:443'
- - '{{nginx.endpoints.admin}}:81'
- volumes:
- - "{{nginx.paths.data}}:/data"
- - "{{nginx.paths.letsencrypt}}:/etc/letsencrypt"
- - '/var/run/docker.sock:/var/run/docker.sock'
-
- pihole:
- container_name: pihole
- image: pihole/pihole:latest
- restart: unless-stopped
- depends_on:
- - nginx
- networks:
- - net
- ports:
- - "53:53/tcp"
- - "53:53/udp"
- volumes:
- - "/etc/localtime:/etc/localtime:ro"
- - "{{ pihole_config }}:/etc/pihole/"
- - "{{ pihole_dnsmasq }}:/etc/dnsmasq.d/"
- environment:
- - PUID={{puid}}
- - PGID={{pgid}}
- - TZ={{timezone}}
- - "WEBPASSWORD={{ vault_aya01_pihole_password }}"
- - "ServerIP={{ host.ip }}"
- - "INTERFACE=eth0"
- - "DNS1=1.1.1.1"
- - "DNS1=1.0.0.1"
- dns:
- - 127.0.0.1
- - 1.1.1.1
- cap_add:
- - NET_ADMIN
-
- syncthing:
- image: syncthing/syncthing
- container_name: syncthing
- restart: unless-stopped
- depends_on:
- - pihole
- networks:
- - net
- ports:
- - 22000:22000/tcp # TCP file transfers
- - 22000:22000/udp # QUIC file transfers
- - 21027:21027/udp # Receive local discovery broadcasts
- volumes:
- - "{{syncthing_data}}:/var/syncthing"
- environment:
- - PUID={{puid}}
- - PGID={{pgid}}
- - TZ={{timezone}}
- hostname: syncthing
-
- cupsd:
- container_name: cupsd
- image: olbat/cupsd
- restart: unless-stopped
- depends_on:
- - pihole
- networks:
- - net
- environment:
- - PUID={{puid}}
- - PGID={{pgid}}
- - TZ={{timezone}}
- volumes:
- - /var/run/dbus:/var/run/dbus
- - "{{cupsd_config}}:/etc/cups"
-
- kuma:
- container_name: kuma
- image: louislam/uptime-kuma:1
- restart: unless-stopped
- depends_on:
- - pihole
- networks:
- - net
- environment:
- - PUID={{puid}}
- - PGID={{pgid}}
- - TZ={{timezone}}
- ports:
- - "{{kuma_port}}:3001"
- volumes:
- - "{{ kuma_config }}:/app/data"
-
- plex:
- image: lscr.io/linuxserver/plex:latest
- container_name: plex
- restart: unless-stopped
- depends_on:
- - pihole
- networks:
- - net
- devices:
- - /dev/dri:/dev/dri
- ports:
- - "{{ plex_port }}:32400"
- - "1900:1900"
- - "3005:3005"
- - "5353:5353"
- - "32410:32410"
- - "8324:8324"
- - "32412:32412"
- - "32469:32469"
- environment:
- - PUID={{puid}}
- - PGID={{pgid}}
- - TZ={{timezone}}
- - VERSION=docker
- volumes:
- - "{{ plex_config }}:/config"
- - "{{ plex_tv }}:/tv:ro"
- - "{{ plex_movies }}:/movies:ro"
- - "{{ plex_music }}:/music:ro"
-
- sonarr:
- image: lscr.io/linuxserver/sonarr:latest
- container_name: sonarr
- restart: unless-stopped
- depends_on:
- - prowlarr
- networks:
- - net
- environment:
- - PUID={{ puid }}
- - PGID={{ pgid }}
- - TZ={{ timezone }}
- volumes:
- - {{ sonarr_config }}:/config
- - {{ sonarr_media }}:/tv #optional
- - {{ sonarr_downloads }}:/downloads #optional
-
- radarr:
- image: lscr.io/linuxserver/radarr:latest
- container_name: radarr
- restart: unless-stopped
- depends_on:
- - prowlarr
- networks:
- - net
- environment:
- - PUID={{ puid }}
- - PGID={{ pgid }}
- - TZ={{ timezone }}
- volumes:
- - {{ radarr_config }}:/config
- - {{ radarr_media }}:/movies #optional
- - {{ radarr_downloads }}:/downloads #optional
-
- lidarr:
- image: lscr.io/linuxserver/lidarr:latest
- container_name: lidarr
- restart: unless-stopped
- depends_on:
- - prowlarr
- networks:
- - net
- environment:
- - PUID={{ puid }}
- - PGID={{ pgid }}
- - TZ={{ timezone }}
- volumes:
- - {{ lidarr_config }}:/config
- - {{ lidarr_media }}:/music #optional
- - {{ lidarr_downloads }}:/downloads #optional
-
- prowlarr:
- image: lscr.io/linuxserver/prowlarr:latest
- container_name: prowlarr
- restart: unless-stopped
- depends_on:
- - pihole
- networks:
- - net
- environment:
- - PUID={{ puid }}
- - PGID={{ pgid }}
- - TZ={{ timezone }}
- volumes:
- - {{ prowlarr_config }}:/config
-
- pastebin:
- image: wantguns/bin
- container_name: pastebin
- restart: unless-stopped
- depends_on:
- - pihole
- networks:
- - net
- environment:
- - PUID={{ puid }}
- - PGID={{ pgid }}
- - TZ={{ timezone }}
- - ROCKET_PORT={{ bin_port }}
- - HOST_URL={{ bin_host }}.{{ aya01_host }}.{{ local_domain }}
- volumes:
- - {{ bin_upload }}:/app/upload
-
- tautulli:
- image: lscr.io/linuxserver/tautulli:latest
- container_name: tautulli
- restart: unless-stopped
- depends_on:
- - plex
- networks:
- - net
- environment:
- - PUID={{ puid }}
- - PGID={{ pgid}}
- - TZ={{ timezone }}
- ports:
- - "{{ tautulli_port }}:8181"
- volumes:
- - {{ tautulli_config}}:/config
-
- {{ gluetun_host }}:
- image: qmcgaw/gluetun
- container_name: {{ gluetun_host }}
- restart: unless-stopped
- networks:
- - net
- cap_add:
- - NET_ADMIN
- devices:
- - /dev/net/tun:/dev/net/tun
- volumes:
- - {{ gluetun_config }}:/gluetun
- environment:
- - PUID={{puid}}
- - PGID={{pgid}}
- - TZ={{ timezone }}
- - VPN_SERVICE_PROVIDER=protonvpn
- - UPDATER_VPN_SERVICE_PROVIDERS=protonvpn
- - UPDATER_PERIOD=24h
- - SERVER_COUNTRIES={{ gluetun_country }}
- - OPENVPN_USER={{ vault_qbit_vpn_user }}+pmp
- - OPENVPN_PASSWORD={{ vault_qbit_vpn_password }}
-
- {{ torrentleech_host }}:
- image: qbittorrentofficial/qbittorrent-nox
- container_name: {{ torrentleech_host }}
- restart: unless-stopped
- depends_on:
- - gluetun
- - sonarr
- - radarr
- - lidarr
- network_mode: "container:{{ gluetun_host }}"
- environment:
- - PUID={{ puid }}
- - PGID={{ pgid }}
- - TZ={{ timezone }}
- - QBT_EULA="accept"
- - QBT_WEBUI_PORT="{{ torrentleech_port }}"
- volumes:
- - {{ torrentleech_remote_config }}:/config
- - {{ qbit_downloads }}:/downloads
-
- {{qbit_host}}:
- image: qbittorrentofficial/qbittorrent-nox
- container_name: {{ qbit_host }}
- restart: unless-stopped
- depends_on:
- - gluetun
- - sonarr
- - radarr
- - lidarr
- network_mode: "container:{{ gluetun_host }}"
- environment:
- - PUID={{ puid }}
- - PGID={{ pgid }}
- - TZ={{ timezone }}
- - QBT_EULA="accept"
- - QBT_WEBUI_PORT="{{ qbit_port }}"
- volumes:
- - {{ qbit_remote_config }}:/config
- - {{ qbit_downloads }}:/downloads
-
- {{ prometheus_host }}:
- image: prom/prometheus
- container_name: {{ prometheus_host }}
- restart: unless-stopped
- depends_on:
- - pihole
- networks:
- - net
- environment:
- - PUID={{ prometheus_puid }}
- - PGID={{ prometheus_pgid}}
- - TZ={{ timezone }}
- volumes:
- - {{ prometheus_config }}:/etc/prometheus/
- - prometheus_data:/prometheus/
-
- {{ grafana_host }}:
- image: grafana/grafana-oss
- container_name: {{ grafana_host }}
- restart: unless-stopped
- user: "0:0"
- depends_on:
- - {{ prometheus_host }}
- networks:
- - net
- environment:
- - PUID={{ grafana_puid }}
- - PGID={{ grafana_pgid }}
- - TZ={{ timezone }}
- volumes:
- - {{ grafana_data }}:/var/lib/grafana/
- - {{ grafana_config }}:/etc/grafana/
-
- ddns-updater:
- container_name: ddns-updater
- image: "ghcr.io/qdm12/ddns-updater"
- restart: unless-stopped
- depends_on:
- - pihole
- networks:
- net: {}
- volumes:
- - "{{ ddns_data }}:/updater/data/"
-
- homeassistant:
- container_name: homeassistant
- image: "ghcr.io/home-assistant/home-assistant:stable"
- restart: unless-stopped
- depends_on:
- - pihole
- networks:
- net: {}
- volumes:
- - "/etc/localtime:/etc/localtime:ro"
- - "{{ ha_config }}:/config/"
- privileged: true
- ports:
- - "{{ ha_port }}:8123"
- - 4357:4357
- - 5683:5683
- - 5683:5683/udp
-
- {{stirling.host}}:
- container_name: {{stirling.host}}
- image: frooodle/s-pdf:latest
- restart: unless-stopped
- depends_on:
- - pihole
- networks:
- net: {}
-
- {{ jellyfin.host }}:
- container_name: {{ jellyfin.host }}
- image: jellyfin/jellyfin
- restart: 'unless-stopped'
- depends_on:
- - pihole
- networks:
- net: {}
- devices:
- - /dev/dri:/dev/dri
- volumes:
- - {{ jellyfin.config }}:/config
- - {{ jellyfin.cache }}:/cache
- - {{ jellyfin.media.tv }}:/tv:ro
- - {{ jellyfin.media.movies }}:/movies:ro
- - {{ jellyfin.media.music }}:/music:ro
- ports:
- - "{{ jellyfin.port }}:{{ jellyfin.port }}"
-
- broker:
- container_name: {{ paperless.redis.host }}
- image: docker.io/library/redis:7
- restart: unless-stopped
- depends_on:
- - pihole
- networks:
- - net
- volumes:
- - {{paperless.redis.data}}:/data
-
- db:
- container_name: {{ paperless.db.host }}
- image: docker.io/library/postgres:15
- restart: unless-stopped
- depends_on:
- - pihole
- networks:
- - net
- volumes:
- - {{paperless.db.data}}:/var/lib/postgresql/data
- environment:
- POSTGRES_DB: {{ paperless.db.db }}
- POSTGRES_USER: {{ paperless.db.user }}
- POSTGRES_PASSWORD: {{ paperless.db.password }}
-
- paperless:
- container_name: {{ paperless.host }}
- image: ghcr.io/paperless-ngx/paperless-ngx:latest
- restart: unless-stopped
- depends_on:
- - db
- - broker
- networks:
- - net
- healthcheck:
- test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:{{ paperless.port }}"]
- interval: 30s
- timeout: 10s
- retries: 5
- volumes:
- - {{ paperless.data.data }}:/usr/src/paperless/data
- - {{ paperless.data.media }}:/usr/src/paperless/media
- - {{ paperless.data.export }}:/usr/src/paperless/export
- - {{ paperless.data.consume }}:/usr/src/paperless/consume
- environment:
- - "PAPERLESS_REDIS=redis://broker:6379"
- - "PAPERLESS_DBHOST=db"
- - "PAPERLESS_DBUSER={{paperless.db.user}}"
- - "PAPERLESS_DBPASS={{paperless.db.password}}"
- - "USERMAP_UID={{ puid }}"
- - "USERMAP_GID={{ pgid}}"
- - "PAPERLESS_URL=https://{{paperless.host}}.{{ host.hostname }}.{{ backup_domain }}"
- - "PAPERLESS_TIME_ZONE={{ timezone }}"
- - "PAPERLESS_OCR_LANGUAGE=deu"
-
- {{ homarr.host }}:
- container_name: {{ homarr.host }}
- image: ghcr.io/ajnart/homarr:latest
- restart: unless-stopped
- depends_on:
- - pihole
- networks:
- - net
- volumes:
- - {{ homarr.volumes.configs }}:/app/data/configs
- - {{ homarr.volumes.data }}:/data
- - {{ homarr.volumes.icons }}:/app/public/icons
-
-
- {{ gitea.host }}:
- container_name: {{ gitea.host }}
- image: gitea/gitea:1.20.5-rootless
- restart: unless-stopped
- depends_on:
- - pihole
- networks:
- - net
- volumes:
- - {{ gitea.volumes.data }}:/var/lib/gitea
- - {{ gitea.volumes.config }}:/etc/gitea
- - /etc/timezone:/etc/timezone:ro
- - /etc/localtime:/etc/localtime:ro
- ports:
- - "{{ gitea.ports.http }}:3000"
- - "{{ gitea.ports.ssh }}:2222"
-
-
- {{ gitea.runner.host }}:
- container_name: {{ gitea.runner.host }}
- image: gitea/act_runner:nightly
- restart: unless-stopped
- depends_on:
- - {{ gitea.host }}
- networks:
- - net
- volumes:
- - "{{ gitea.runner.config_file }}:/config.yaml"
- - "{{ gitea.runner.volumes.data }}:/data"
- - "/var/run/docker.sock:/var/run/docker.sock"
- environment:
- - "GITEA_INSTANCE_URL={{ gitea.url }}"
- - "GITEA_RUNNER_REGISTRATION_TOKEN={{ gitea.runner.token }}"
- - "GITEA_RUNNER_NAME: {{ gitea.runner.name }}"
- - "CONFIG_FILE: /config.yaml"
-
- {{ jellyseer.host }}:
- container_name: {{ jellyseer.host }}
- image: fallenbagel/jellyseerr:latest
- restart: unless-stopped
- environment:
- - LOG_LEVEL=info
- - TZ={{ timezone }}
- depends_on:
- - {{ jellyfin.host }}
- networks:
- - net
- volumes:
- - {{ jellyseer.volumes.config }}:/app/config
-
-networks:
- zoneminder:
- driver: bridge
- ipam:
- driver: default
- config:
- - subnet: {{ zoneminder_network }}
- net:
- driver: bridge
- ipam:
- driver: default
- config:
- - subnet: {{ docker_network }}
-volumes:
- prometheus_data: {}
diff --git a/roles/docker/templates/aya01/cupsd/cupsd.conf b/roles/docker/templates/aya01/cupsd/cupsd.conf
deleted file mode 100644
index eee1089..0000000
--- a/roles/docker/templates/aya01/cupsd/cupsd.conf
+++ /dev/null
@@ -1,196 +0,0 @@
-#
-# Configuration file for the CUPS scheduler. See "man cupsd.conf" for a
-# complete description of this file.
-#
-
-# Log general information in error_log - change "warn" to "debug"
-# for troubleshooting...
-LogLevel warn
-PageLogFormat
-ServerAlias *
-
-# Specifies the maximum size of the log files before they are rotated. The value "0" disables log rotation.
-MaxLogSize 0
-
-# Default error policy for printers
-ErrorPolicy retry-job
-
-# Allow remote access
-Listen *:631
-
-# Show shared printers on the local network.
-Browsing Yes
-BrowseLocalProtocols dnssd
-
-# Default authentication type, when authentication is required...
-DefaultAuthType Basic
-DefaultEncryption IfRequested
-
-# Web interface setting...
-WebInterface Yes
-
-# Timeout after cupsd exits if idle (applied only if cupsd runs on-demand - with -l)
-IdleExitTimeout 60
-
-# Restrict access to the server...
-
- Order allow,deny
- Allow all
-
-
-# Restrict access to the admin pages...
-
- Order allow,deny
- Allow all
-
-
-# Restrict access to configuration files...
-
- AuthType Default
- Require user @SYSTEM
- Order allow,deny
- Allow all
-
-
-# Restrict access to log files...
-
- AuthType Default
- Require user @SYSTEM
- Order allow,deny
- Allow all
-
-
-# Set the default printer/job policies...
-
- # Job/subscription privacy...
- JobPrivateAccess default
- JobPrivateValues default
- SubscriptionPrivateAccess default
- SubscriptionPrivateValues default
-
- # Job-related operations must be done by the owner or an administrator...
-
- Order deny,allow
-
-
-
- Require user @OWNER @SYSTEM
- Order deny,allow
-
-
- # All administration operations require an administrator to authenticate...
-
- AuthType Default
- Require user @SYSTEM
- Order deny,allow
-
-
- # All printer operations require a printer operator to authenticate...
-
- AuthType Default
- Require user @SYSTEM
- Order deny,allow
-
-
- # Only the owner or an administrator can cancel or authenticate a job...
-
- Require user @OWNER @SYSTEM
- Order deny,allow
-
-
-
- Order deny,allow
-
-
-
-# Set the authenticated printer/job policies...
-
- # Job/subscription privacy...
- JobPrivateAccess default
- JobPrivateValues default
- SubscriptionPrivateAccess default
- SubscriptionPrivateValues default
-
- # Job-related operations must be done by the owner or an administrator...
-
- AuthType Default
- Order deny,allow
-
-
-
- AuthType Default
- Require user @OWNER @SYSTEM
- Order deny,allow
-
-
- # All administration operations require an administrator to authenticate...
-
- AuthType Default
- Require user @SYSTEM
- Order deny,allow
-
-
- # All printer operations require a printer operator to authenticate...
-
- AuthType Default
- Require user @SYSTEM
- Order deny,allow
-
-
- # Only the owner or an administrator can cancel or authenticate a job...
-
- AuthType Default
- Require user @OWNER @SYSTEM
- Order deny,allow
-
-
-
- Order deny,allow
-
-
-
-# Set the kerberized printer/job policies...
-
- # Job/subscription privacy...
- JobPrivateAccess default
- JobPrivateValues default
- SubscriptionPrivateAccess default
- SubscriptionPrivateValues default
-
- # Job-related operations must be done by the owner or an administrator...
-
- AuthType Negotiate
- Order deny,allow
-
-
-
- AuthType Negotiate
- Require user @OWNER @SYSTEM
- Order deny,allow
-
-
- # All administration operations require an administrator to authenticate...
-
- AuthType Default
- Require user @SYSTEM
- Order deny,allow
-
-
- # All printer operations require a printer operator to authenticate...
-
- AuthType Default
- Require user @SYSTEM
- Order deny,allow
-
-
- # Only the owner or an administrator can cancel or authenticate a job...
-
- AuthType Negotiate
- Require user @OWNER @SYSTEM
- Order deny,allow
-
-
-
- Order deny,allow
-
-
diff --git a/roles/docker/templates/aya01/ddns-updater/data/config.json b/roles/docker/templates/aya01/ddns-updater/data/config.json
deleted file mode 100644
index ec03c69..0000000
--- a/roles/docker/templates/aya01/ddns-updater/data/config.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
- "settings": [
- {
- "provider": "namecheap",
- "domain": "{{ local_domain }}",
- "host": "{{ local_subdomains }}",
- "password": "{{ vault_ddns_local_password }}",
- "provider_ip": true
- }
- ]
-}
diff --git a/roles/docker/templates/aya01/grafana/etc-grafana/grafana.ini.j2 b/roles/docker/templates/aya01/grafana/etc-grafana/grafana.ini.j2
deleted file mode 100644
index dc1b7a0..0000000
--- a/roles/docker/templates/aya01/grafana/etc-grafana/grafana.ini.j2
+++ /dev/null
@@ -1,1464 +0,0 @@
-##################### Grafana Configuration Example #####################
-#
-# Everything has defaults so you only need to uncomment things you want to
-# change
-
-# possible values : production, development
-;app_mode = production
-
-# instance name, defaults to HOSTNAME environment variable value or hostname if HOSTNAME var is empty
-;instance_name = ${HOSTNAME}
-
-# force migration will run migrations that might cause dataloss
-;force_migration = false
-
-#################################### Paths ####################################
-[paths]
-# Path to where grafana can store temp files, sessions, and the sqlite3 db (if that is used)
-;data = /var/lib/grafana
-
-# Temporary files in `data` directory older than given duration will be removed
-;temp_data_lifetime = 24h
-
-# Directory where grafana can store logs
-;logs = /var/log/grafana
-
-# Directory where grafana will automatically scan and look for plugins
-;plugins = /var/lib/grafana/plugins
-
-# folder that contains provisioning config files that grafana will apply on startup and while running.
-;provisioning = conf/provisioning
-
-#################################### Server ####################################
-[server]
-# Protocol (http, https, h2, socket)
-;protocol = http
-
-# This is the minimum TLS version allowed. By default, this value is empty. Accepted values are: TLS1.2, TLS1.3. If nothing is set TLS1.2 would be taken
-;min_tls_version = ""
-
-# The ip address to bind to, empty will bind to all interfaces
-;http_addr =
-
-# The http port to use
-;http_port = 3000
-
-# The public facing domain name used to access grafana from a browser
-;domain = localhost
-
-# Redirect to correct domain if host header does not match domain
-# Prevents DNS rebinding attacks
-;enforce_domain = false
-
-# The full public facing url you use in browser, used for redirects and emails
-# If you use reverse proxy and sub path specify full url (with sub path)
-;root_url = %(protocol)s://%(domain)s:%(http_port)s/
-
-# Serve Grafana from subpath specified in `root_url` setting. By default it is set to `false` for compatibility reasons.
-;serve_from_sub_path = false
-
-# Log web requests
-;router_logging = false
-
-# the path relative working path
-;static_root_path = public
-
-# enable gzip
-;enable_gzip = false
-
-# https certs & key file
-;cert_file =
-;cert_key =
-
-# Unix socket gid
-# Changing the gid of a file without privileges requires that the target group is in the group of the process and that the process is the file owner
-# It is recommended to set the gid as http server user gid
-# Not set when the value is -1
-;socket_gid =
-
-# Unix socket mode
-;socket_mode =
-
-# Unix socket path
-;socket =
-
-# CDN Url
-;cdn_url =
-
-# Sets the maximum time using a duration format (5s/5m/5ms) before timing out read of an incoming request and closing idle connections.
-# `0` means there is no timeout for reading the request.
-;read_timeout = 0
-
-# This setting enables you to specify additional headers that the server adds to HTTP(S) responses.
-[server.custom_response_headers]
-#exampleHeader1 = exampleValue1
-#exampleHeader2 = exampleValue2
-
-#################################### GRPC Server #########################
-;[grpc_server]
-;network = "tcp"
-;address = "127.0.0.1:10000"
-;use_tls = false
-;cert_file =
-;key_file =
-
-#################################### Database ####################################
-[database]
-# You can configure the database connection by specifying type, host, name, user and password
-# as separate properties or as on string using the url properties.
-
-# Either "mysql", "postgres" or "sqlite3", it's your choice
-;type = sqlite3
-;host = 127.0.0.1:3306
-;name = grafana
-;user = root
-# If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;"""
-;password =
-
-# Use either URL or the previous fields to configure the database
-# Example: mysql://user:secret@host:port/database
-;url =
-
-# For "postgres", use either "disable", "require" or "verify-full"
-# For "mysql", use either "true", "false", or "skip-verify".
-;ssl_mode = disable
-
-# Database drivers may support different transaction isolation levels.
-# Currently, only "mysql" driver supports isolation levels.
-# If the value is empty - driver's default isolation level is applied.
-# For "mysql" use "READ-UNCOMMITTED", "READ-COMMITTED", "REPEATABLE-READ" or "SERIALIZABLE".
-;isolation_level =
-
-;ca_cert_path =
-;client_key_path =
-;client_cert_path =
-;server_cert_name =
-
-# For "sqlite3" only, path relative to data_path setting
-;path = grafana.db
-
-# Max idle conn setting default is 2
-;max_idle_conn = 2
-
-# Max conn setting default is 0 (mean not set)
-;max_open_conn =
-
-# Connection Max Lifetime default is 14400 (means 14400 seconds or 4 hours)
-;conn_max_lifetime = 14400
-
-# Set to true to log the sql calls and execution times.
-;log_queries =
-
-# For "sqlite3" only. cache mode setting used for connecting to the database. (private, shared)
-;cache_mode = private
-
-# For "sqlite3" only. Enable/disable Write-Ahead Logging, https://sqlite.org/wal.html. Default is false.
-;wal = false
-
-# For "mysql" only if migrationLocking feature toggle is set. How many seconds to wait before failing to lock the database for the migrations, default is 0.
-;locking_attempt_timeout_sec = 0
-
-# For "sqlite" only. How many times to retry query in case of database is locked failures. Default is 0 (disabled).
-;query_retries = 0
-
-# For "sqlite" only. How many times to retry transaction in case of database is locked failures. Default is 5.
-;transaction_retries = 5
-
-# Set to true to add metrics and tracing for database queries.
-;instrument_queries = false
-
-################################### Data sources #########################
-[datasources]
-# Upper limit of data sources that Grafana will return. This limit is a temporary configuration and it will be deprecated when pagination will be introduced on the list data sources API.
-;datasource_limit = 5000
-
-#################################### Cache server #############################
-[remote_cache]
-# Either "redis", "memcached" or "database" default is "database"
-;type = database
-
-# cache connectionstring options
-# database: will use Grafana primary database.
-# redis: config like redis server e.g. `addr=127.0.0.1:6379,pool_size=100,db=0,ssl=false`. Only addr is required. ssl may be 'true', 'false', or 'insecure'.
-# memcache: 127.0.0.1:11211
-;connstr =
-
-# prefix prepended to all the keys in the remote cache
-; prefix =
-
-# This enables encryption of values stored in the remote cache
-;encryption =
-
-#################################### Data proxy ###########################
-[dataproxy]
-
-# This enables data proxy logging, default is false
-;logging = false
-
-# How long the data proxy waits to read the headers of the response before timing out, default is 30 seconds.
-# This setting also applies to core backend HTTP data sources where query requests use an HTTP client with timeout set.
-;timeout = 30
-
-# How long the data proxy waits to establish a TCP connection before timing out, default is 10 seconds.
-;dialTimeout = 10
-
-# How many seconds the data proxy waits before sending a keepalive probe request.
-;keep_alive_seconds = 30
-
-# How many seconds the data proxy waits for a successful TLS Handshake before timing out.
-;tls_handshake_timeout_seconds = 10
-
-# How many seconds the data proxy will wait for a server's first response headers after
-# fully writing the request headers if the request has an "Expect: 100-continue"
-# header. A value of 0 will result in the body being sent immediately, without
-# waiting for the server to approve.
-;expect_continue_timeout_seconds = 1
-
-# Optionally limits the total number of connections per host, including connections in the dialing,
-# active, and idle states. On limit violation, dials will block.
-# A value of zero (0) means no limit.
-;max_conns_per_host = 0
-
-# The maximum number of idle connections that Grafana will keep alive.
-;max_idle_connections = 100
-
-# How many seconds the data proxy keeps an idle connection open before timing out.
-;idle_conn_timeout_seconds = 90
-
-# If enabled and user is not anonymous, data proxy will add X-Grafana-User header with username into the request, default is false.
-;send_user_header = false
-
-# Limit the amount of bytes that will be read/accepted from responses of outgoing HTTP requests.
-;response_limit = 0
-
-# Limits the number of rows that Grafana will process from SQL data sources.
-;row_limit = 1000000
-
-# Sets a custom value for the `User-Agent` header for outgoing data proxy requests. If empty, the default value is `Grafana/` (for example `Grafana/9.0.0`).
-;user_agent =
-
-#################################### Analytics ####################################
-[analytics]
-# Server reporting, sends usage counters to stats.grafana.org every 24 hours.
-# No ip addresses are being tracked, only simple counters to track
-# running instances, dashboard and error counts. It is very helpful to us.
-# Change this option to false to disable reporting.
-;reporting_enabled = true
-
-# The name of the distributor of the Grafana instance. Ex hosted-grafana, grafana-labs
-;reporting_distributor = grafana-labs
-
-# Set to false to disable all checks to https://grafana.com
-# for new versions of grafana. The check is used
-# in some UI views to notify that a grafana update exists.
-# This option does not cause any auto updates, nor send any information
-# only a GET request to https://raw.githubusercontent.com/grafana/grafana/main/latest.json to get the latest version.
-;check_for_updates = true
-
-# Set to false to disable all checks to https://grafana.com
-# for new versions of plugins. The check is used
-# in some UI views to notify that a plugin update exists.
-# This option does not cause any auto updates, nor send any information
-# only a GET request to https://grafana.com to get the latest versions.
-;check_for_plugin_updates = true
-
-# Google Analytics universal tracking code, only enabled if you specify an id here
-;google_analytics_ua_id =
-
-# Google Analytics 4 tracking code, only enabled if you specify an id here
-;google_analytics_4_id =
-
-# When Google Analytics 4 Enhanced event measurement is enabled, we will try to avoid sending duplicate events and let Google Analytics 4 detect navigation changes, etc.
-;google_analytics_4_send_manual_page_views = false
-
-# Google Tag Manager ID, only enabled if you specify an id here
-;google_tag_manager_id =
-
-# Rudderstack write key, enabled only if rudderstack_data_plane_url is also set
-;rudderstack_write_key =
-
-# Rudderstack data plane url, enabled only if rudderstack_write_key is also set
-;rudderstack_data_plane_url =
-
-# Rudderstack SDK url, optional, only valid if rudderstack_write_key and rudderstack_data_plane_url is also set
-;rudderstack_sdk_url =
-
-# Rudderstack Config url, optional, used by Rudderstack SDK to fetch source config
-;rudderstack_config_url =
-
-# Intercom secret, optional, used to hash user_id before passing to Intercom via Rudderstack
-;intercom_secret =
-
-# Controls if the UI contains any links to user feedback forms
-;feedback_links_enabled = true
-
-#################################### Security ####################################
-[security]
-# disable creation of admin user on first start of grafana
-;disable_initial_admin_creation = false
-
-# default admin user, created on startup
-;admin_user = admin
-
-# default admin password, can be changed before first start of grafana, or in profile settings
-;admin_password = admin
-
-# default admin email, created on startup
-;admin_email = admin@localhost
-
-# used for signing
-;secret_key = SW2YcwTIb9zpOOhoPsMm
-
-# current key provider used for envelope encryption, default to static value specified by secret_key
-;encryption_provider = secretKey.v1
-
-# list of configured key providers, space separated (Enterprise only): e.g., awskms.v1 azurekv.v1
-;available_encryption_providers =
-
-# disable gravatar profile images
-;disable_gravatar = false
-
-# data source proxy whitelist (ip_or_domain:port separated by spaces)
-;data_source_proxy_whitelist =
-
-# disable protection against brute force login attempts
-;disable_brute_force_login_protection = false
-
-# set to true if you host Grafana behind HTTPS. default is false.
-;cookie_secure = false
-
-# set cookie SameSite attribute. defaults to `lax`. can be set to "lax", "strict", "none" and "disabled"
-;cookie_samesite = lax
-
-# set to true if you want to allow browsers to render Grafana in a ,