tudattr/ansible
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Moved qbitclients to gluetun network

Browse Source 
Added grafana, prometheus and snmp exporter for madrigal and node exporter for aya01

Signed-off-by: TuDatTr <tuan-dat.tran@tudattr.dev>
This commit is contained in:
TuDatTr
2023-05-11 15:09:52 +02:00
parent 76a5ef1781
commit b3ae5efdaa
28 changed files with 62348 additions and 198 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
roles/docker/tasks/aya01_compose.yml
View File

@@ -56,13 +56,25 @@
tags:
- bin
- include_tasks: gluetun.yml
tags:
- gluetun
- include_tasks: qbit.yml
tags:
- qbit
- include_tasks: qbit_private.yml
tags:
- qbit_private
- qbit_priv
- include_tasks: prometheus.yml
tags:
- prometheus
- include_tasks: grafana.yml
tags:
- grafana
- name: Copy the compose file
template:

11
roles/docker/tasks/gluetun.yml Normal file
View File

@@ -0,0 +1,11 @@
---
- name: Create gluetun-config directory
file:
path: "{{ item }}"
owner: "{{ puid }}"
group: "{{ pgid }}"
mode: '775'
state: directory
loop:
- "{{ gluetun_config}}"
become: true

12
roles/docker/tasks/grafana.yml
View File

@@ -2,21 +2,21 @@
- name: Create grafana data directory
file:
path: "{{ item }}"
owner: "{{ puid }}"
group: "{{ pgid }}"
owner: "{{ grafana_puid }}"
group: "{{ grafana_pgid }}"
mode: '755'
state: directory
loop:
- "{{ grafana_data }}"
- "{{ grafana_log }}"
- "{{ grafana_config }}"
become: true
- name: Copy grafana config
template:
owner: "{{ puid }}"
src: "templates/aya01/grafana/etc-grafana/grafana.ini"
owner: "{{ grafana_puid }}"
group: "{{ grafana_pgid }}"
src: "templates/aya01/grafana/etc-grafana/grafana.ini.j2"
dest: "{{ grafana_config }}/grafana.ini"
mode: '660'
mode: '644'
become: true

2
roles/docker/tasks/install.yml
View File

@@ -39,7 +39,7 @@
ansible.builtin.get_url:
url: "{{ docker_apt_gpg_key }}"
dest: /etc/apt/trusted.gpg.d/docker.asc
mode: '0644'
mode: '0664'
force: true
become: true

43
roles/docker/tasks/prometheus.yml
View File

@@ -1,42 +1,19 @@
---
- name: Create prometheus dirs
file:
path: "{{ item }}"
owner: 1000
group: 1000
mode: '777'
owner: "{{ puid }}"
group: "{{ pgid}}"
mode: '775'
state: directory
loop:
- "{{ prm_config }}"
- "{{ prm_data}}"
- "{{ prometheus_config }}"
- "{{ prometheus_data }}"
- name: Place prometheus config
template:
owner: 1000
mode: '777'
src: "templates/aya01/prometheus/prometheus.yml"
dest: "{{ prm_config }}/prometheus.yml"
- name: Create prometheus exporter dir
file:
path: "{{ exporter_dir }}"
owner: 1000
group: 1000
mode: '755'
state: directory
- name: Create mikrotik exporters config dir
file:
path: "{{ e_mikrotik_config }}"
owner: 1000
group: 1000
mode: '755'
state: directory
- name: Place mikrotik exporter config
template:
owner: 1000
mode: '400'
src: "templates/aya01/prometheus/exporter/mikrotik/config/config.yml"
dest: "{{ e_mikrotik_config }}/config.yml"
owner: "{{ puid }}"
group: "{{ pgid}}"
mode: '644'
src: "templates/aya01/prometheus/prometheus.yml.j2"
dest: "{{ prometheus_config }}/prometheus.yml"

10
roles/docker/tasks/qbit.yml
View File

@@ -8,15 +8,5 @@
state: directory
loop:
- "{{ qbit_remote_config }}"
- "{{ qbit_remote_config }}/openvpn"
- "{{ qbit_downloads }}"
become: true
- name: Copy ovpn-config
template:
owner: "{{ puid }}"
group: "{{ pgid }}"
src: "{{ qbit_config }}/{{ qbit_ovpn_config }}"
dest: "{{ qbit_remote_config }}/{{ qbit_ovpn_config }}"
mode: '664'
become: true

12
roles/docker/tasks/qbit_private.yml Normal file
View File

@@ -0,0 +1,12 @@
---
- name: Create qbit_torrentleech-config directory
file:
path: "{{ item }}"
owner: "{{ puid }}"
group: "{{ pgid }}"
mode: '775'
state: directory
loop:
- "{{ torrentleech_remote_config }}"
- "{{ qbit_downloads }}"
become: true

2
roles/docker/tasks/swag.yml
View File

@@ -15,6 +15,6 @@
group: "{{ pgid }}"
src: "{{ item }}"
dest: "{{ swag_remote_site_confs }}"
mode: '644'
mode: '664'
loop: "{{ swag_site_confs }}"
become: true

182
roles/docker/templates/aya01/compose.yaml
View File

@@ -103,7 +103,6 @@ services:
- "traefik.http.routers.{{ zoneminder_host }}.rule=Host(`{{ zoneminder_host}}.{{ aya01_host }}.{{ local_domain }}`)"
- "traefik.http.services.{{ zoneminder_host }}.loadbalancer.server.port=80"
syncthing:
image: syncthing/syncthing
container_name: syncthing
@@ -334,68 +333,6 @@ services:
- "traefik.http.routers.{{ bin_host }}.rule=Host(`{{ bin_host }}.{{ aya01_host }}.{{ local_domain }}`)"
- "traefik.http.services.{{ bin_host }}.loadbalancer.server.port={{ bin_port }}"
qbittorrentvpn:
image: dyonr/qbittorrentvpn
container_name: {{ qbit_host }}
restart: unless-stopped
privileged: true
depends_on:
- sonarr
- radarr
- lidarr
networks:
- net
ports:
- "{{ qbit_port }}:8080"
environment:
- PUID={{ puid }}
- PGID={{ pgid }}
- TZ={{ timezone }}
- VPN_TYPE={{ qbit_type }}
- LAN_NETWORK={{ qbit_lan }}
- NAME_SERVERS={{ qbit_dns }}
- ENABLE_SSL={{ qbit_ssl }}
- VPN_USERNAME={{ vault_qbit_vpn_user }}
- VPN_PASSWORD={{ vault_qbit_vpn_password }}
volumes:
- {{ qbit_remote_config }}:/config
- {{ qbit_downloads }}:/downloads
labels:
- "traefik.enable=true"
- "traefik.http.routers.{{ qbit_host }}.rule=Host(`{{ qbit_host }}.{{ aya01_host }}.{{ local_domain }}`)"
- "traefik.http.services.{{ qbit_host }}.loadbalancer.server.port=8080"
qbittorrentvpnprivate:
image: dyonr/qbittorrentvpn
container_name: {{ qbit_private_host }}
restart: unless-stopped
privileged: true
depends_on:
- sonarr
- radarr
- lidarr
networks:
- net
ports:
- "{{ qbit_private_port }}:8080"
environment:
- PUID={{ puid }}
- PGID={{ pgid }}
- TZ={{ timezone }}
- VPN_TYPE={{ qbit_type }}
- LAN_NETWORK={{ qbit_lan }}
- NAME_SERVERS={{ qbit_dns }}
- ENABLE_SSL={{ qbit_ssl }}
- VPN_USERNAME={{ vault_qbit_vpn_user }}
- VPN_PASSWORD={{ vault_qbit_vpn_password }}
volumes:
- {{ qbit_private_remote_config }}:/config
- {{ qbit_downloads }}:/downloads
labels:
- "traefik.enable=true"
- "traefik.http.routers.{{ qbit_private_host }}.rule=Host(`{{ qbit_private_host }}.{{ aya01_host }}.{{ local_domain }}`)"
- "traefik.http.services.{{ qbit_private_host }}.loadbalancer.server.port=8080"
tautulli:
image: lscr.io/linuxserver/tautulli:latest
container_name: tautulli
@@ -417,6 +354,125 @@ services:
- "traefik.http.routers.{{ tautulli_host }}.rule=Host(`{{ tautulli_host }}.{{ aya01_host }}.{{ local_domain }}`)"
- "traefik.http.services.{{ tautulli_host }}.loadbalancer.server.port={{ tautulli_port }}"
{{ gluetun_host }}:
image: qmcgaw/gluetun
container_name: {{ gluetun_host }}
restart: unless-stopped
networks:
- net
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
ports:
- {{ torrentleech_port }}:{{ torrentleech_port }}
- {{ qbit_port }}:{{ qbit_port }}
volumes:
- {{ gluetun_config }}:/gluetun
environment:
- PUID={{puid}}
- PGID={{pgid}}
- TZ={{ timezone }}
- VPN_SERVICE_PROVIDER=protonvpn
- UPDATER_VPN_SERVICE_PROVIDERS=protonvpn
- UPDATER_PERIOD=24h
- SERVER_COUNTRIES={{ gluetun_country }}
- OPENVPN_USER={{ vault_qbit_vpn_user }}+pmp
- OPENVPN_PASSWORD={{ vault_qbit_vpn_password }}
labels:
- "traefik.enable=true"
- "traefik.http.routers.{{ gluetun_host }}.rule=Host(`{{ gluetun_host }}.{{ aya01_host }}.{{ local_domain }}`)"
- "traefik.http.services.{{ gluetun_host }}.loadbalancer.server.port={{ gluetun_port }}"
- "traefik.http.routers.{{ torrentleech_host }}.service={{ torrentleech_host }}"
- "traefik.http.routers.{{ torrentleech_host }}.rule=Host(`{{ torrentleech_host }}.{{ aya01_host }}.{{ local_domain }}`)"
- "traefik.http.services.{{ torrentleech_host }}.loadbalancer.server.port={{ torrentleech_port }}"
- "traefik.http.routers.{{ qbit_host }}.service={{ qbit_host }}"
- "traefik.http.routers.{{ qbit_host }}.rule=Host(`{{ qbit_host }}.{{ aya01_host }}.{{ local_domain }}`)"
- "traefik.http.services.{{ qbit_host }}.loadbalancer.server.port={{ qbit_port }}"
{{ torrentleech_host }}:
image: qbittorrentofficial/qbittorrent-nox
container_name: {{ torrentleech_host }}
restart: unless-stopped
depends_on:
- gluetun
- sonarr
- radarr
- lidarr
network_mode: "container:{{ gluetun_host }}"
environment:
- PUID={{ puid }}
- PGID={{ pgid }}
- TZ={{ timezone }}
- QBT_EULA="accept"
- QBT_WEBUI_PORT="{{ torrentleech_port }}"
volumes:
- {{ torrentleech_remote_config }}:/config
- {{ qbit_downloads }}:/downloads
{{qbit_host}}:
image: qbittorrentofficial/qbittorrent-nox
container_name: {{ qbit_host }}
restart: unless-stopped
depends_on:
- gluetun
- sonarr
- radarr
- lidarr
network_mode: "container:{{ gluetun_host }}"
environment:
- PUID={{ puid }}
- PGID={{ pgid }}
- TZ={{ timezone }}
- QBT_EULA="accept"
- QBT_WEBUI_PORT="{{ qbit_port }}"
volumes:
- {{ qbit_remote_config }}:/config
- {{ qbit_downloads }}:/downloads
{{ prometheus_host }}:
image: prom/prometheus
container_name: {{ prometheus_host }}
restart: unless-stopped
depends_on:
- pihole
networks:
- net
environment:
- PUID={{ puid }}
- PGID={{ pgid}}
- TZ={{ timezone }}
volumes:
- {{ prometheus_config }}:/etc/prometheus/
ports:
- {{ prometheus_port }}:9090
labels:
- "traefik.enable=true"
- "traefik.http.routers.{{ prometheus_host }}.rule=Host(`{{ prometheus_host }}.{{ aya01_host }}.{{ local_domain }}`)"
- "traefik.http.services.{{ prometheus_host }}.loadbalancer.server.port={{ prometheus_port }}"
{{ grafana_host }}:
image: grafana/grafana-oss
container_name: {{ grafana_host }}
restart: unless-stopped
depends_on:
- {{ prometheus_host }}
networks:
- net
environment:
- PUID={{ grafana_puid }}
- PGID={{ grafana_pgid }}
- TZ={{ timezone }}
volumes:
- {{ grafana_data }}:/var/lib/grafana/
- {{ grafana_config }}:/etc/grafana/
ports:
- {{ grafana_port }}:3000
labels:
- "traefik.enable=true"
- "traefik.http.routers.{{ grafana_host }}.rule=Host(`{{ grafana_host }}.{{ aya01_host }}.{{ local_domain }}`)"
- "traefik.http.services.{{ grafana_host }}.loadbalancer.server.port={{ grafana_port }}"
networks:
zoneminder:
driver: bridge

0
roles/docker/templates/aya01/grafana/etc-grafana/grafana.ini
View File

1464
roles/docker/templates/aya01/grafana/etc-grafana/grafana.ini.j2 Normal file
View File

File diff suppressed because it is too large Load Diff

37
roles/docker/templates/aya01/prometheus/prometheus.yml → roles/docker/templates/aya01/prometheus/prometheus.yml.j2
View File

@@ -8,37 +8,32 @@ global:
# Attach these labels to any time series or alerts when communicating with
# external systems (federation, remote storage, Alertmanager).
external_labels:
monitor: 'tudattr'
# Alertmanager configuration
alerting:
alertmanagers:
- static_configs:
- targets: ['localhost:9093']
monitor: '{{ user }}'
# Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
rule_files:
# - "first_rules.yml"
# - "second_rules.yml"
# A scrape configuration containing exactly one endpoint to scrape:
# Here it's Prometheus itself.
scrape_configs:
# The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
- job_name: 'prometheus'
# Override the global default and scrape targets from this job every 5 seconds.
- job_name: 'node'
scrape_interval: 10s
scrape_timeout: 10s
tls_config:
insecure_skip_verify: true
# metrics_path defaults to '/metrics'
# scheme defaults to 'http'.
#static_configs:
#- targets: ['localhost:9090']
- job_name: 'mikrotik'
static_configs:
- targets: ['{{ aya01_ip }}:{{node_exporter_port}}']
- job_name: Mikrotik
static_configs:
- targets:
- "{{aya01_ip}}:{{ e_mikrotik_port }}"
- {{ snmp_exporter_target }}
metrics_path: /snmp
params:
module: [mikrotik]
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
- source_labels: [__param_target]
target_label: instance
- target_label: __address__
replacement: {{ aya01_ip }}:{{ snmp_exporter_port }} # The SNMP exporter's real hostname:port.

22
roles/docker/templates/mii/swag/site-confs/code-server.subdomain.conf Normal file
View File

@@ -0,0 +1,22 @@
## Version 2023/02/05
# make sure that your code-server container is named code-server
# make sure that your dns has a cname set for code-server
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name {{ code_host }}.{{ remote_domain }};
include /config/nginx/ssl.conf;
client_max_body_size 0;
location / {
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
proxy_pass http://{{aya01_ip}}:{{ code_port }};
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}