refactor(infra): reorganize docker host VMs and service assignments
Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>
This commit is contained in:
Tuan-Dat Tran
@@ -9,7 +9,7 @@ docker:
|
|||||||
services:
|
services:
|
||||||
- name: syncthing
|
- name: syncthing
|
||||||
vm:
|
vm:
|
||||||
- docker-host00
|
- docker-host11
|
||||||
container_name: syncthing
|
container_name: syncthing
|
||||||
image: syncthing/syncthing:1.29
|
image: syncthing/syncthing:1.29
|
||||||
volumes:
|
volumes:
|
||||||
@@ -35,7 +35,7 @@ services:
|
|||||||
- TZ=Europe/Berlin
|
- TZ=Europe/Berlin
|
||||||
- name: status
|
- name: status
|
||||||
vm:
|
vm:
|
||||||
- docker-host00
|
- docker-host12
|
||||||
container_name: kuma
|
container_name: kuma
|
||||||
image: louislam/uptime-kuma:1.23.16
|
image: louislam/uptime-kuma:1.23.16
|
||||||
volumes:
|
volumes:
|
||||||
@@ -52,7 +52,7 @@ services:
|
|||||||
- TZ=Europe/Berlin
|
- TZ=Europe/Berlin
|
||||||
- name: plex
|
- name: plex
|
||||||
vm:
|
vm:
|
||||||
- docker-host00
|
- docker-host11
|
||||||
container_name: plex
|
container_name: plex
|
||||||
image: lscr.io/linuxserver/plex:1.41.5
|
image: lscr.io/linuxserver/plex:1.41.5
|
||||||
volumes:
|
volumes:
|
||||||
@@ -160,20 +160,20 @@ services:
|
|||||||
external: 5683
|
external: 5683
|
||||||
- name: ddns
|
- name: ddns
|
||||||
vm:
|
vm:
|
||||||
- docker-host00
|
- docker-host12
|
||||||
container_name: ddns-updater
|
container_name: ddns-updater
|
||||||
image: qmcgaw/ddns-updater:2
|
image: qmcgaw/ddns-updater:2
|
||||||
volumes:
|
volumes:
|
||||||
- name: "Configuration"
|
- name: "Configuration"
|
||||||
internal: /updater/data/"
|
internal: /updater/data/
|
||||||
external: "{{ docker.directories.config }}/ddns-updater/data/"
|
external: "{{ docker.directories.local }}/ddns-updater/data/"
|
||||||
ports:
|
ports:
|
||||||
- name: "http"
|
- name: "http"
|
||||||
internal: 8000
|
internal: 8000
|
||||||
external: "{{ services_external_http.ddns }}"
|
external: "{{ services_external_http.ddns }}"
|
||||||
- name: sonarr
|
- name: sonarr
|
||||||
vm:
|
vm:
|
||||||
- docker-host00
|
- docker-host12
|
||||||
container_name: sonarr
|
container_name: sonarr
|
||||||
image: linuxserver/sonarr:4.0.14
|
image: linuxserver/sonarr:4.0.14
|
||||||
volumes:
|
volumes:
|
||||||
@@ -196,7 +196,7 @@ services:
|
|||||||
- TZ=Europe/Berlin
|
- TZ=Europe/Berlin
|
||||||
- name: radarr
|
- name: radarr
|
||||||
vm:
|
vm:
|
||||||
- docker-host00
|
- docker-host12
|
||||||
container_name: radarr
|
container_name: radarr
|
||||||
image: linuxserver/radarr:5.21.1
|
image: linuxserver/radarr:5.21.1
|
||||||
volumes:
|
volumes:
|
||||||
@@ -219,7 +219,7 @@ services:
|
|||||||
- TZ=Europe/Berlin
|
- TZ=Europe/Berlin
|
||||||
- name: lidarr
|
- name: lidarr
|
||||||
vm:
|
vm:
|
||||||
- docker-host00
|
- docker-host12
|
||||||
container_name: lidarr
|
container_name: lidarr
|
||||||
image: linuxserver/lidarr:2.10.3
|
image: linuxserver/lidarr:2.10.3
|
||||||
volumes:
|
volumes:
|
||||||
@@ -242,7 +242,7 @@ services:
|
|||||||
- TZ=Europe/Berlin
|
- TZ=Europe/Berlin
|
||||||
- name: prowlarr
|
- name: prowlarr
|
||||||
vm:
|
vm:
|
||||||
- docker-host00
|
- docker-host12
|
||||||
container_name: prowlarr
|
container_name: prowlarr
|
||||||
image: linuxserver/prowlarr:1.32.2
|
image: linuxserver/prowlarr:1.32.2
|
||||||
volumes:
|
volumes:
|
||||||
@@ -259,7 +259,7 @@ services:
|
|||||||
- TZ=Europe/Berlin
|
- TZ=Europe/Berlin
|
||||||
- name: paperless
|
- name: paperless
|
||||||
vm:
|
vm:
|
||||||
- docker-host00
|
- docker-host12
|
||||||
container_name: paperless
|
container_name: paperless
|
||||||
image: ghcr.io/paperless-ngx/paperless-ngx:2.14
|
image: ghcr.io/paperless-ngx/paperless-ngx:2.14
|
||||||
depends_on:
|
depends_on:
|
||||||
@@ -301,7 +301,7 @@ services:
|
|||||||
version: 7
|
version: 7
|
||||||
- name: pdf
|
- name: pdf
|
||||||
vm:
|
vm:
|
||||||
- docker-host00
|
- docker-host12
|
||||||
container_name: stirling
|
container_name: stirling
|
||||||
image: frooodle/s-pdf:0.45.0
|
image: frooodle/s-pdf:0.45.0
|
||||||
ports:
|
ports:
|
||||||
@@ -338,21 +338,21 @@ services:
|
|||||||
- USER_GID=1000
|
- USER_GID=1000
|
||||||
- name: changedetection
|
- name: changedetection
|
||||||
vm:
|
vm:
|
||||||
- docker-host00
|
- docker-host12
|
||||||
container_name: changedetection
|
container_name: changedetection
|
||||||
image: dgtlmoon/changedetection.io:0.49
|
image: dgtlmoon/changedetection.io:0.49
|
||||||
healthcheck: curl
|
healthcheck: curl
|
||||||
volumes:
|
volumes:
|
||||||
- name: "Data"
|
- name: "Data"
|
||||||
internal: /datastore
|
internal: /datastore
|
||||||
external: "{{ docker.directories.config }}/changedetection/data/"
|
external: "{{ docker.directories.local }}/changedetection/data/"
|
||||||
ports:
|
ports:
|
||||||
- name: "http"
|
- name: "http"
|
||||||
internal: 5000
|
internal: 5000
|
||||||
external: "{{ services_external_http.changedetection }}"
|
external: "{{ services_external_http.changedetection }}"
|
||||||
- name: gluetun
|
- name: gluetun
|
||||||
vm:
|
vm:
|
||||||
- docker-host00
|
- docker-host12
|
||||||
container_name: gluetun
|
container_name: gluetun
|
||||||
image: qmcgaw/gluetun:v3.40
|
image: qmcgaw/gluetun:v3.40
|
||||||
cap_add:
|
cap_add:
|
||||||
@@ -364,7 +364,7 @@ services:
|
|||||||
volumes:
|
volumes:
|
||||||
- name: "Configuration"
|
- name: "Configuration"
|
||||||
internal: /gluetun
|
internal: /gluetun
|
||||||
external: "{{ docker.directories.config }}/gluetun/config"
|
external: "{{ docker.directories.local }}/gluetun/config"
|
||||||
ports:
|
ports:
|
||||||
- name: "Qbit Client"
|
- name: "Qbit Client"
|
||||||
internal: 8082
|
internal: 8082
|
||||||
@@ -384,7 +384,7 @@ services:
|
|||||||
- "OPENVPN_PASSWORD={{ vault.docker.proton.openvpn_password }}"
|
- "OPENVPN_PASSWORD={{ vault.docker.proton.openvpn_password }}"
|
||||||
- name: torrentleech
|
- name: torrentleech
|
||||||
vm:
|
vm:
|
||||||
- docker-host00
|
- docker-host12
|
||||||
container_name: torrentleech
|
container_name: torrentleech
|
||||||
image: qbittorrentofficial/qbittorrent-nox
|
image: qbittorrentofficial/qbittorrent-nox
|
||||||
depends_on:
|
depends_on:
|
||||||
@@ -393,7 +393,7 @@ services:
|
|||||||
volumes:
|
volumes:
|
||||||
- name: "Configuration"
|
- name: "Configuration"
|
||||||
internal: /config
|
internal: /config
|
||||||
external: "{{ docker.directories.config }}/torrentleech/config"
|
external: "{{ docker.directories.local }}/torrentleech/config"
|
||||||
- name: "Downloads"
|
- name: "Downloads"
|
||||||
internal: /downloads
|
internal: /downloads
|
||||||
external: /media/docker/data/arr_downloads
|
external: /media/docker/data/arr_downloads
|
||||||
@@ -409,7 +409,7 @@ services:
|
|||||||
- QBT_WEBUI_PORT="8083"
|
- QBT_WEBUI_PORT="8083"
|
||||||
- name: qbit
|
- name: qbit
|
||||||
vm:
|
vm:
|
||||||
- docker-host00
|
- docker-host12
|
||||||
container_name: qbit
|
container_name: qbit
|
||||||
image: qbittorrentofficial/qbittorrent-nox:5.0.4-1
|
image: qbittorrentofficial/qbittorrent-nox:5.0.4-1
|
||||||
depends_on:
|
depends_on:
|
||||||
@@ -418,7 +418,7 @@ services:
|
|||||||
volumes:
|
volumes:
|
||||||
- name: "Configuration"
|
- name: "Configuration"
|
||||||
internal: /config
|
internal: /config
|
||||||
external: "{{ docker.directories.config }}/qbit/config"
|
external: "{{ docker.directories.local }}/qbit/config"
|
||||||
- name: "Downloads"
|
- name: "Downloads"
|
||||||
internal: /downloads
|
internal: /downloads
|
||||||
external: /media/docker/data/arr_downloads
|
external: /media/docker/data/arr_downloads
|
||||||
@@ -434,7 +434,8 @@ services:
|
|||||||
- QBT_WEBUI_PORT="8082"
|
- QBT_WEBUI_PORT="8082"
|
||||||
- name: cadvisor
|
- name: cadvisor
|
||||||
vm:
|
vm:
|
||||||
- docker-host00
|
- docker-host12
|
||||||
|
- docker-host11
|
||||||
- docker-host01
|
- docker-host01
|
||||||
container_name: cadvisor
|
container_name: cadvisor
|
||||||
image: gcr.io/cadvisor/cadvisor:v0.52.1
|
image: gcr.io/cadvisor/cadvisor:v0.52.1
|
||||||
|
|||||||
@@ -1,11 +1,17 @@
|
|||||||
$ANSIBLE_VAULT;1.1;AES256
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
33366337663238336235656339393633373761396661346339366239353538636534656237363630
|
66386330343432366236303530313838613830376162613265346533336232393838323136306433
|
||||||
6538326333356531366139333439336164323136336162650a656161633533323339353066313862
|
6631643363643761313164376132386433623137386539360a333263393236616432616439613733
|
||||||
63653666656134633039386331376133333638643531383061303235393530343461626530613365
|
33653832333534333563623164616164663034303331373135633665636230333035373262656338
|
||||||
3435313536396130360a623063343263616166333562323063393935363034323132353330396139
|
3038383463366466640a666264653332616637616661376666303331353333383833323538633666
|
||||||
30353536383237656130663430663838383263613631373064326637353335616631363161313162
|
30656266353439366461636162336266356433336438393134326166343934353933633131343163
|
||||||
64613634303632343236666339393230353531333334646135376364383030336266613563366333
|
61643233616166316236636333633136353830626265343834333937353361363962656463656538
|
||||||
30333331333333613565666530646462656161613031633931666637656537303765623837303230
|
32336435643531613936343136663632386564373764306333323262306432626237323434336333
|
||||||
36653664393838663330633333326539636634666531343031383133333634376262366563336463
|
35323365326432616563663936623630386436336364323530613137636434653138383539623166
|
||||||
37306561323865316630636661623732626635323233363463613130363939306466316632643836
|
32326436643861366536393937343863653032336334333739653434346263393364666565316563
|
||||||
3763353161366531386565393032383763363334326530373762
|
63353634313033316265666235366339653366363031343230313035336535643361616233646535
|
||||||
|
65396162326230656162313535646539663830646637623939613365363534663434343532653465
|
||||||
|
31613066353565626137363232386263666134613335656333616565643339386231646664343134
|
||||||
|
36333765366632386133313835306332646565353238633233613237343330316564343437313963
|
||||||
|
61636662353936323237393831326138363263306130633461323437616430323234646666313935
|
||||||
|
32643466323064623630363962316438386232333238633839613035643933633263663161316563
|
||||||
|
63616638313534643632
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
vms:
|
vms:
|
||||||
- name: "docker-host11"
|
- name: "docker-host10"
|
||||||
node: "inko"
|
node: "inko"
|
||||||
vmid: 311
|
vmid: 410
|
||||||
cores: 2
|
cores: 2
|
||||||
memory: 4096 # in MiB
|
memory: 4096 # in MiB
|
||||||
net:
|
net:
|
||||||
@@ -10,9 +10,22 @@ vms:
|
|||||||
ciuser: "{{ user }}"
|
ciuser: "{{ user }}"
|
||||||
sshkeys: "{{ pubkey }}"
|
sshkeys: "{{ pubkey }}"
|
||||||
disk_size: 128 # in Gb
|
disk_size: 128 # in Gb
|
||||||
- name: "docker-host12"
|
- name: "docker-host11"
|
||||||
node: "lulu"
|
node: "lulu"
|
||||||
vmid: 312
|
vmid: 411
|
||||||
|
cores: 2
|
||||||
|
memory: 4096 # in MiB
|
||||||
|
net:
|
||||||
|
net0: "virtio,bridge=vmbr0,firewall=1"
|
||||||
|
boot_image: "{{ proxmox_cloud_init_images.ubuntu.name }}"
|
||||||
|
ciuser: "{{ user }}"
|
||||||
|
sshkeys: "{{ pubkey }}"
|
||||||
|
disk_size: 128 # in Gb
|
||||||
|
hostpci:
|
||||||
|
hostpci0: "0000:00:02.0"
|
||||||
|
- name: "docker-host12"
|
||||||
|
node: "naruto01"
|
||||||
|
vmid: 412
|
||||||
cores: 2
|
cores: 2
|
||||||
memory: 4096 # in MiB
|
memory: 4096 # in MiB
|
||||||
net:
|
net:
|
||||||
@@ -21,5 +34,3 @@ vms:
|
|||||||
ciuser: "{{ user }}"
|
ciuser: "{{ user }}"
|
||||||
sshkeys: "{{ pubkey }}"
|
sshkeys: "{{ pubkey }}"
|
||||||
disk_size: 128 # in Gb
|
disk_size: 128 # in Gb
|
||||||
# hostpci:
|
|
||||||
# hostpci0: "0000:00:02.0"
|
|
||||||
|
|||||||
@@ -32,7 +32,7 @@ k3s-longhorn[00:02]
|
|||||||
|
|
||||||
[docker]
|
[docker]
|
||||||
docker-host[00:01]
|
docker-host[00:01]
|
||||||
docker-host[11:12]
|
docker-host[10:12]
|
||||||
docker-lb
|
docker-lb
|
||||||
|
|
||||||
[vps]
|
[vps]
|
||||||
@@ -55,7 +55,7 @@ k3s-loadbalancer
|
|||||||
|
|
||||||
[docker_host]
|
[docker_host]
|
||||||
docker-host[00:01]
|
docker-host[00:01]
|
||||||
docker-host[11:12]
|
docker-host[10:12]
|
||||||
|
|
||||||
[docker_lb]
|
[docker_lb]
|
||||||
docker-lb
|
docker-lb
|
||||||
|
|||||||
@@ -11,6 +11,7 @@
|
|||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name: "{{ common_packages }}"
|
name: "{{ common_packages }}"
|
||||||
state: present
|
state: present
|
||||||
|
become: true
|
||||||
when: ansible_user_id != "root"
|
when: ansible_user_id != "root"
|
||||||
|
|
||||||
- name: Update and upgrade packages
|
- name: Update and upgrade packages
|
||||||
|
|||||||
@@ -2,3 +2,10 @@
|
|||||||
- name: Set timezone to "{{ timezone }}"
|
- name: Set timezone to "{{ timezone }}"
|
||||||
community.general.timezone:
|
community.general.timezone:
|
||||||
name: "{{ timezone }}"
|
name: "{{ timezone }}"
|
||||||
|
become: true
|
||||||
|
when: ansible_user_id != "root"
|
||||||
|
|
||||||
|
- name: Set timezone to "{{ timezone }}"
|
||||||
|
community.general.timezone:
|
||||||
|
name: "{{ timezone }}"
|
||||||
|
when: ansible_user_id == "root"
|
||||||
|
|||||||
@@ -11,3 +11,9 @@
|
|||||||
state: present
|
state: present
|
||||||
retries: 3
|
retries: 3
|
||||||
delay: 5
|
delay: 5
|
||||||
|
|
||||||
|
- name: Restart host
|
||||||
|
ansible.builtin.reboot:
|
||||||
|
connect_timeout: 5
|
||||||
|
reboot_timeout: 600
|
||||||
|
test_command: whoami
|
||||||
|
|||||||
@@ -12,3 +12,5 @@
|
|||||||
groups: docker
|
groups: docker
|
||||||
append: true
|
append: true
|
||||||
become: true
|
become: true
|
||||||
|
notify:
|
||||||
|
- Restart host
|
||||||
|
|||||||
@@ -1,3 +1,2 @@
|
|||||||
docker_host_package_common_dependencies:
|
docker_host_package_common_dependencies:
|
||||||
- nfs-common
|
- nfs-common
|
||||||
- firmware-misc-nonfree
|
|
||||||
|
|||||||
@@ -7,6 +7,14 @@
|
|||||||
backup: true
|
backup: true
|
||||||
register: iommu_result
|
register: iommu_result
|
||||||
|
|
||||||
|
- name: Set GRUB_CMDLINE_LINUX_DEFAULT for PCI passthrough
|
||||||
|
ansible.builtin.lineinfile:
|
||||||
|
path: /etc/default/grub
|
||||||
|
regexp: "^GRUB_CMDLINE_LINUX_DEFAULT="
|
||||||
|
line: 'GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on iommu=pt pcie_acs_override=downstream,multifunction initcall_blacklist=sysfb_init video=simplefb:off video=vesafb:off video=efifb:off video=vesa:off disable_vga=1 vfio_iommu_type1.allow_unsafe_interrupts=1 kvm.ignore_msrs=1 modprobe.blacklist=radeon,nouveau,nvidia,nvidiafb,nvidia-gpu,snd_hda_intel,snd_hda_codec_hdmi,i915"'
|
||||||
|
backup: true
|
||||||
|
register: iommu_result
|
||||||
|
|
||||||
- name: Ensure VFIO modules are listed in /etc/modules
|
- name: Ensure VFIO modules are listed in /etc/modules
|
||||||
ansible.builtin.blockinfile:
|
ansible.builtin.blockinfile:
|
||||||
path: /etc/modules
|
path: /etc/modules
|
||||||
@@ -22,16 +30,12 @@
|
|||||||
|
|
||||||
- name: Update initramfs
|
- name: Update initramfs
|
||||||
ansible.builtin.command: update-initramfs -u -k all
|
ansible.builtin.command: update-initramfs -u -k all
|
||||||
args:
|
|
||||||
warn: false
|
|
||||||
when: iommu_result.changed or vfio_result.changed
|
when: iommu_result.changed or vfio_result.changed
|
||||||
# notify:
|
# notify:
|
||||||
# - Reboot Node
|
# - Reboot Node
|
||||||
|
|
||||||
- name: update grub configuration
|
- name: update grub configuration
|
||||||
ansible.builtin.command: update-grub
|
ansible.builtin.command: update-grub
|
||||||
args:
|
|
||||||
warn: false
|
|
||||||
when: iommu_result.changed or vfio_result.changed
|
when: iommu_result.changed or vfio_result.changed
|
||||||
# notify:
|
# notify:
|
||||||
# - Reboot Node
|
# - Reboot Node
|
||||||
|
|||||||
@@ -4,11 +4,11 @@
|
|||||||
file: "{{ proxmox_vault_file }}"
|
file: "{{ proxmox_vault_file }}"
|
||||||
name: vm_secrets
|
name: vm_secrets
|
||||||
|
|
||||||
- name: Destroy vms (Only during rapid testing)
|
# - name: Destroy vms (Only during rapid testing)
|
||||||
ansible.builtin.include_tasks: 54_destroy_vm.yml
|
# ansible.builtin.include_tasks: 54_destroy_vm.yml
|
||||||
loop: "{{ vms }}"
|
# loop: "{{ vms }}"
|
||||||
loop_control:
|
# loop_control:
|
||||||
loop_var: "vm"
|
# loop_var: "vm"
|
||||||
|
|
||||||
- name: Create vms
|
- name: Create vms
|
||||||
ansible.builtin.include_tasks: 55_create_vm.yml
|
ansible.builtin.include_tasks: 55_create_vm.yml
|
||||||
|
|||||||
Reference in New Issue
Block a user