diff --git a/README.md b/README.md index f49cccc..6727b18 100644 --- a/README.md +++ b/README.md @@ -73,6 +73,8 @@ service_data: "{{ docker_data_dir }}/service/" # data folder or your dir (only w - "{{service_lib}}:/var/lib/service" - "{{service_cache}}:/var/cache/service" ``` +### Qbittorrent/Openvpn +You'll need to add a openvpn config to =./roles/docker/templates/aya01/qbittorrentvpn/config/= ## Server - Install Debian (debian-11.5.0-amd64-netinst.iso) on remote system diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index d1431e1..ccaa6d2 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -10,7 +10,7 @@ remote_subdomains: "www,plex,status," rclone_config: "/root/.config/rclone/" puid: 1000 pgid: 1000 -pk_path: "/mnt/veracrypt1/genesis" +pk_path: "/media/veracrypt1/genesis" # @@ -52,6 +52,7 @@ docker_apt_gpg_key: "{{ docker_repo_url }}/{{ ansible_distribution | lower }}/gp docker_apt_release_channel: stable docker_apt_arch: "{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}" docker_apt_repository: "deb [arch={{ docker_apt_arch }}] {{ docker_repo_url }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" +docker_network: "172.16.69.0/24" docker_compose_dir: /opt/docker/compose docker_dir: /opt/docker/config @@ -72,6 +73,7 @@ aya01_ip: "192.168.20.12" zoneminder_host: "zm" zoneminder_port: "8081" +zoneminder_network: "172.16.42.0/24" zoneminder_root: "{{ docker_dir }}/zm" zoneminder_config: "{{ zoneminder_root }}/config" @@ -230,7 +232,7 @@ swag_remote_site_confs: "{{swag_config}}/nginx/site-confs/" # plex_host: "plex" -plex_ip: "172.16.69.12" +# plex_ip: "172.16.69.12" plex_port: "32400" plex_config: "{{docker_data_dir}}/{{ plex_host }}/config" plex_tv: "/media/series" @@ -298,3 +300,19 @@ prowlarr_config: "{{ docker_dir }}/{{ prowlarr_host }}/config" bin_port: "6162" bin_host: "bin" bin_upload: "{{ docker_data_dir }}/{{bin_host}}/upload" + +# +# qbittorrentvpn +# + +qbit_port: "8082" +qbit_host: "qbit" +qbit_config: "templates/aya01/qbittorrentvpn/config" +qbit_ovpn_config: "openvpn/ae.protonvpn.net.udp.ovpn" + +qbit_remote_config: "{{ docker_dir }}/{{ qbit_host }}/config" +qbit_downloads: "{{ arr_downloads }}" +qbit_type: "openvpn" +qbit_ssl: "no" +qbit_lan: "192.168.20.0/24, 192.168.30.0/24, {{ docker_network }}" +qbit_dns: "{{ aya01_ip }}, {{ pi_ip }}, 1.1.1.1" diff --git a/roles/docker/tasks/aya01_compose.yml b/roles/docker/tasks/aya01_compose.yml index 1275fd1..8bebf6d 100644 --- a/roles/docker/tasks/aya01_compose.yml +++ b/roles/docker/tasks/aya01_compose.yml @@ -52,6 +52,10 @@ tags: - bin +- include_tasks: qbit.yml + tags: + - qbit + - name: Copy the compose file template: src: templates/aya01/compose.yaml diff --git a/roles/docker/tasks/qbit.yml b/roles/docker/tasks/qbit.yml new file mode 100644 index 0000000..a28653b --- /dev/null +++ b/roles/docker/tasks/qbit.yml @@ -0,0 +1,21 @@ +--- +- name: Create qbit-config directory + file: + path: "{{ item }}" + owner: "{{ puid }}" + group: "{{ pgid }}" + mode: '775' + state: directory + loop: + - "{{ qbit_config }}" + - "{{ qbit_downloads }}" + become: true + +- name: Copy ovpn-config + template: + owner: "{{ puid }}" + group: "{{ pgid }}" + src: "{{ qbit_config }}/{{ qbit_ovpn_config }}" + dest: "{{ qbit_remote_config }}/{{ qbit_ovpn_config }}" + mode: '664' + become: true diff --git a/roles/docker/templates/aya01/compose.yaml b/roles/docker/templates/aya01/compose.yaml index 33fb284..e3ec67b 100644 --- a/roles/docker/templates/aya01/compose.yaml +++ b/roles/docker/templates/aya01/compose.yaml @@ -181,7 +181,6 @@ services: image: lscr.io/linuxserver/plex:latest container_name: plex restart: always - ip: {{ plex_ip }} networks: - net ports: @@ -311,16 +310,44 @@ services: - "traefik.http.routers.{{ bin_host }}.rule=Host(`{{ bin_host }}.{{ aya01_host }}.{{ local_domain }}`)" - "traefik.http.services.{{ bin_host }}.loadbalancer.server.port={{ bin_port }}" + qbittorrentvpn: + image: dyonr/qbittorrentvpn + container_name: {{ qbit_host }} + restart: always + privileged: true + networks: + - net + ports: + - "{{ qbit_port }}:8080" + environment: + - PUID={{ puid }} + - PGID={{ pgid }} + - TZ={{ timezone }} + - VPN_TYPE={{ qbit_type }} + - LAN_NETWORK={{ qbit_lan }} + - NAME_SERVERS={{ qbit_dns }} + - ENABLE_SSL={{ qbit_ssl }} + - VPN_USERNAME={{ vault_qbit_vpn_user }} + - VPN_PASSWORD={{ vault_qbit_vpn_password }} + volumes: + - {{ qbit_remote_config }}:/config + - {{ qbit_downloads }}:/downloads + labels: + - "traefik.enable=true" + - "traefik.http.routers.{{ qbit_host }}.rule=Host(`{{ qbit_host }}.{{ aya01_host }}.{{ local_domain }}`)" + - "traefik.http.services.{{ qbit_host }}.loadbalancer.server.port=8080" + + networks: zoneminder: driver: bridge ipam: driver: default config: - - subnet: 172.16.42.0/24 + - subnet: {{ zoneminder_network }} net: driver: bridge ipam: driver: default config: - - subnet: 172.16.69.0/24 + - subnet: {{ docker_network }} diff --git a/roles/docker/templates/mii/swag/site-confs/plex.subdomain.conf b/roles/docker/templates/mii/swag/site-confs/plex.subdomain.conf index a81b779..ca0e88a 100644 --- a/roles/docker/templates/mii/swag/site-confs/plex.subdomain.conf +++ b/roles/docker/templates/mii/swag/site-confs/plex.subdomain.conf @@ -12,7 +12,7 @@ server { location / { include /config/nginx/resolver.conf; - proxy_pass http://{{ plex_ip | replace('.','-') }}.{{ vault_plex_server_id }}.plex.direct:{{ plex_port }}/ + proxy_pass http://172-16-69-11.{{ vault_plex_server_id }}.plex.direct:{{ plex_port }}/ proxy_set_header X-Plex-Client-Identifier $http_x_plex_client_identifier; proxy_set_header X-Plex-Device $http_x_plex_device;