diff --git a/group_vars/docker/vars.yml b/group_vars/docker/vars.yml index 7d81f55..b83b3ec 100644 --- a/group_vars/docker/vars.yml +++ b/group_vars/docker/vars.yml @@ -12,68 +12,494 @@ services: - name: syncthing vm: - docker-host00 - port: 8384 + container_name: syncthing + image: syncthing/syncthing + restart: unless-stopped + volumes: + - name: "Data" + internal: /var/syncthing/ + external: /media/docker/data/syncthing/ + ports: + - name: "http" + internal: 8384 + external: 8384 + - name: "" + internal: 22000 + external: 22000 + - name: "" + internal: 22000 + external: 22000 + - name: "" + internal: 21027 + external: 21027 + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/Berlin - name: status vm: - docker-host00 - port: 3001 + container_name: kuma + image: louislam/uptime-kuma:1 + restart: unless-stopped + volumes: + - name: "Data" + internal: /app/data + external: /opt/local/kuma/ + ports: + - name: "http" + internal: 3001 + external: 3001 + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/Berlin - name: plex vm: - docker-host00 - port: 32400 + container_name: plex + image: lscr.io/linuxserver/plex:latest + restart: unless-stopped + volumes: + - name: "Configuration" + internal: /config + external: /opt/local/plex/config/ + - name: "TV Series" + internal: /tv:ro + external: /media/series + - name: "Movies" + internal: /movies:ro + external: /media/movies + - name: "Music" + internal: /music:ro + external: /media/songs + devices: + - name: "Graphics Card" + internal: /dev/dri + external: /dev/dri + ports: + - name: "http" + internal: 32400 + external: 32400 + - name: "" + internal: 1900 + external: 1900 + - name: "" + internal: 3005 + external: 3005 + - name: "" + internal: 5353 + external: 5353 + - name: "" + internal: 32410 + external: 32410 + - name: "" + internal: 8324 + external: 8324 + - name: "" + internal: 32412 + external: 32412 + - name: "" + internal: 32469 + external: 32469 + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/Berlin + - VERSION=docker - name: jellyfin vm: - docker-host02 - port: 8096 + container_name: jellyfin + image: jellyfin/jellyfin + restart: "unless-stopped" + volumes: + - name: "Configuration" + internal: /config + external: /opt/local/jellyfin/config + - name: "Cache" + internal: /cache + external: /opt/docker/config/jellyfin/cache + - name: "Tv Series" + internal: /tv:ro + external: /media/series + - name: "Music" + internal: /movies:ro + external: /media/movies + - name: "Music" + internal: /music:ro + external: /media/songs + devices: + - name: "Graphics Card" + internal: /dev/dri + external: /dev/dri + ports: + - name: "http" + internal: 8096 + external: 8096 + environment: - name: hass vm: - docker-host02 - port: 8123 + container_name: homeassistant + image: "ghcr.io/home-assistant/home-assistant:stable" + restart: unless-stopped + privileged: true + volumes: + - name: "Configuration" + internal: /config/ + external: /opt/local/home-assistant/config/ + - name: "Local Time" + internal: /etc/localtime:ro + external: /etc/localtime + ports: + - name: "http" + internal: 8123 + external: 8123 + - name: "" + internal: 4357 + external: 4357 + - name: "" + internal: 5683 + external: 5683 + - name: "" + internal: 5683 + external: 5683 - name: ddns vm: - docker-host00 - port: 8123 + container_name: ddns-updater + image: ghcr.io/qdm12/ddns-updater + restart: unless-stopped + volumes: + - name: "Configuration" + internal: /updater/data/" + external: /opt/docker/config/ddns-updater/data/ + ports: + - name: "http" + internal: 8000 + external: 8000 - name: sonarr vm: - docker-host00 - port: 8989 + container_name: sonarr + image: lscr.io/linuxserver/sonarr:latest + restart: unless-stopped + volumes: + - name: "Configuration" + internal: /config + external: /opt/local/sonarr/config + - name: "Tv Series" + internal: /tv + external: /media/series + - name: "Torrent Downloads" + internal: /downloads + external: /media/docker/data/arr_downloads/sonarr + ports: + - name: "http" + internal: 8989 + external: 8989 + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/Berlin - name: radarr vm: - docker-host00 - port: 7878 + container_name: radarr + image: lscr.io/linuxserver/radarr:latest + restart: unless-stopped + volumes: + - name: "Configuration" + internal: /config + external: /opt/local/radarr/config + - name: "Movies" + internal: /movies + external: /media/movies + - name: "Torrent Downloads" + internal: /downloads + external: /media/docker/data/arr_downloads/radarr + ports: + - name: "http" + internal: 7878 + external: 7878 + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/Berlin - name: lidarr vm: - docker-host00 - port: 8686 + container_name: lidarr + image: lscr.io/linuxserver/lidarr:latest + restart: unless-stopped + volumes: + - name: "Configuration" + internal: /config + external: /opt/local/lidarr/config + - name: "Music" + internal: /music + external: /media/songs + - name: "Torrent Downloads" + internal: /downloads + external: /media/docker/data/arr_downloads/lidarr + ports: + - name: "http" + internal: 8686 + external: 8686 + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/Berlin - name: prowlarr vm: - docker-host00 - port: 9696 - - name: qbit - vm: - - docker-host00 - port: 9696 - - name: tl - vm: - - docker-host00 - port: 9696 + container_name: prowlarr + image: lscr.io/linuxserver/prowlarr:latest + restart: unless-stopped + volumes: + - name: "Configuration" + internal: /config + external: /opt/local/prowlarr/config + ports: + - name: "http" + internal: 9696 + external: 9696 + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/Berlin - name: paperless vm: - docker-host00 - port: 8000 + container_name: paperless + image: ghcr.io/paperless-ngx/paperless-ngx:latest + restart: unless-stopped + depends_on: + - paperless-postgres + - paperless-broker + volumes: + - name: "Configuration" + internal: /usr/src/paperless/data + external: /opt/local/paperless/data/data + - name: "Media" + internal: /usr/src/paperless/media + external: /opt/local/paperless/data/media + - name: "Document Export" + internal: /usr/src/paperless/export + external: /opt/local/paperless/data/export + - name: "Document Consume" + internal: /usr/src/paperless/consume + external: /opt/local/paperless/data/consume + environment: + - "PAPERLESS_REDIS=redis://paperless-broker:6379" + - "PAPERLESS_DBHOST=paperless-postgres" + - "PAPERLESS_DBUSER=paperless" + - "PAPERLESS_DBPASS=5fnhn%u2YWY3paNvMAjdoufYPQ2Hf3Yi" + - "USERMAP_UID=1000" + - "USERMAP_GID=1000" + - "PAPERLESS_URL=https://paperless.seyshiro.de" + - "PAPERLESS_TIME_ZONE=Europe/Berlin" + - "PAPERLESS_OCR_LANGUAGE=deu" + ports: + - name: "http" + internal: 8000 + external: 8000 - name: pdf vm: - docker-host00 - port: 8080 + container_name: stirling + image: frooodle/s-pdf:latest + restart: unless-stopped + ports: + - name: "http" + internal: 8080 + external: 8080 - name: git vm: - docker-host02 - port: 3000 + container_name: gitea + image: gitea/gitea:1.20.5-rootless + restart: unless-stopped + volumes: + - name: "Configuration" + internal: /etc/gitea + external: /opt/local/gitea/config + - name: "Data" + internal: /var/lib/gitea + external: /opt/local/gitea/data + - name: "Time Zone" + internal: /etc/timezone:ro + external: /etc/timezone + - name: "Local Time" + internal: /etc/localtime:ro + external: /etc/localtime + ports: + - name: "http" + internal: 3000 + external: 3000 + - name: "ssh" + internal: 2222 + external: 2222 + environment: + - USER_UID=1000 + - USER_GID=1000 - name: changedetection vm: - docker-host00 - port: 5000 - - name: calibre + container_name: changedetection + image: dgtlmoon/changedetection.io + restart: unless-stopped + volumes: + - name: "Data" + internal: /datastore + external: /opt/docker/config/changedetection/data/ + ports: + - name: "http" + internal: 5000 + external: 5000 + - name: gluetun vm: - docker-host00 - port: 5000 + container_name: gluetun + image: qmcgaw/gluetun + restart: unless-stopped + cap_add: + - NET_ADMIN + devices: + - name: "Tunnel" + internal: /dev/net/tun + external: /dev/net/tun + volumes: + - name: "Configuration" + internal: /gluetun + external: /opt/docker/config/gluetun/config + ports: + - name: "Qbit Client" + internal: 8082 + external: 8082 + - name: "Torrentleech Client" + internal: 8083 + external: 8083 + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/Berlin + - VPN_SERVICE_PROVIDER=protonvpn + - UPDATER_VPN_SERVICE_PROVIDERS=protonvpn + - UPDATER_PERIOD=24h + - SERVER_COUNTRIES=Hungary + - OPENVPN_USER=MfCOtzTIEsmu1wY-q2lAZ3X1+pmp + - OPENVPN_PASSWORD=knCl1Zl5PHz4HMWVCGR77dYa + - name: torrentleech + vm: + - docker-host00 + container_name: torrentleech + image: qbittorrentofficial/qbittorrent-nox + restart: unless-stopped + depends_on: + - gluetun + network_mode: "container:gluetun" + volumes: + - name: "Configuration" + internal: /config + external: /opt/docker/config/torrentleech/config + - name: "Downloads" + internal: /downloads + external: /media/docker/data/arr_downloads + ports: + - name: "http" + internal: proxy_only + external: 8082 + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/Berlin + - QBT_EULA="accept" + - QBT_WEBUI_PORT="8083" + - name: qbit + vm: + - docker-host00 + container_name: qbit + image: qbittorrentofficial/qbittorrent-nox + restart: unless-stopped + depends_on: + - gluetun + network_mode: "container:gluetun" + volumes: + - name: "Configuration" + internal: /config + external: /opt/docker/config/qbit/config + - name: "Downloads" + internal: /downloads + external: /media/docker/data/arr_downloads + ports: + - name: "http" + internal: proxy_only + external: 8082 + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/Berlin + - QBT_EULA="accept" + - QBT_WEBUI_PORT="8082" + # - name: calibre + # vm: + # - docker-host00 + # container_name: calibre + # image: lscr.io/linuxserver/calibre-web:latest + # restart: unless-stopped + # volumes: + # - name: "Configuration" + # internal: /config" + # external: /opt/local/calibre/ + # - name: "Books" + # internal: /books" + # external: /media/docker/data/calibre/ + # ports: + # - name: "http" + # internal: 5000 + # external: 5000 + # environment: + # - PUID=1000 + # - PGID=1000 + # - TZ=Europe/Berlin + # - DOCKER_MODS=linuxserver/mods:universal-calibre + # - name: grafana + # vm: + # container_name: grafana + # image: grafana/grafana-oss + # restart: unless-stopped + # volumes: + # - name: "Configuration" + # internal: /etc/grafana/ + # external: /opt/docker/config/grafana/config/ + # - name: "Data" + # internal: /var/lib/grafana/ + # external: /media/docker/data/grafana/ + # ports: + # environment: + # - PUID=472 + # - PGID=472 + # - TZ=Europe/Berlin + # - name: prometheus + # vm: + # - docker-host00 + # container_name: prometheus + # image: prom/prometheus + # restart: unless-stopped + # volumes: + # - name: "Configuration" + # internal: /etc/prometheus/ + # external: /opt/docker/config/prometheus/ + # - name: "Data" + # internal: /prometheus/ + # external: prometheus_data + # ports: + # - name: "http" + # internal: 5000 + # external: 5000 + # environment: + # - PUID=65534 + # - PGID=65534 + # - TZ=Europe/Berlin diff --git a/roles/docker_host/handlers/main.yml b/roles/docker_host/handlers/main.yml index 3e359b0..a982c20 100644 --- a/roles/docker_host/handlers/main.yml +++ b/roles/docker_host/handlers/main.yml @@ -4,3 +4,4 @@ name: docker state: restarted become: true +# TODO also do docker compose restart diff --git a/roles/docker_host/tasks/deploy_compose.yml b/roles/docker_host/tasks/deploy_compose.yml index dbe7297..b5620ea 100644 --- a/roles/docker_host/tasks/deploy_compose.yml +++ b/roles/docker_host/tasks/deploy_compose.yml @@ -1,14 +1,12 @@ --- - name: Copy docker compose file to target ansible.builtin.template: - src: "templates/{{ item }}.j2" - dest: "/opt/docker/compose/{{ item }}" + src: "templates/compose.yaml.j2" + dest: "/opt/docker/compose/compose.yaml" owner: "{{ user }}" group: "{{ user }}" mode: "644" backup: true - loop: - - compose.yaml notify: - Restart docker become: true diff --git a/roles/docker_host/tasks/directory_setup.yml b/roles/docker_host/tasks/directory_setup.yml index 18e7dab..800031d 100644 --- a/roles/docker_host/tasks/directory_setup.yml +++ b/roles/docker_host/tasks/directory_setup.yml @@ -34,6 +34,13 @@ mode: "0755" become: true +- name: Create /opt/docker/compose directory + ansible.builtin.file: + path: /opt/docker/compose + state: directory + mode: "0755" + become: true + - name: Create /opt/local directory ansible.builtin.file: path: /opt/local diff --git a/roles/docker_host/templates/compose.yaml.j2 b/roles/docker_host/templates/compose.yaml.j2 index 16a1b9c..bf2ff98 100644 --- a/roles/docker_host/templates/compose.yaml.j2 +++ b/roles/docker_host/templates/compose.yaml.j2 @@ -1,355 +1,71 @@ services: {% for service in services %} -{% if service.name == 'nginx' and inventory_hostname in service.vm %} - nginx: - container_name: "nginx" - image: "jc21/nginx-proxy-manager:latest" - restart: unless-stopped +{% if inventory_hostname in service.vm %} + {{service.name}}: + hostname: {{service.name}} + container_name: {{ service.container_name }} + image: {{ service.image }} + restart: {{ service.restart }} networks: - net +{% if service.ports is iterable%} ports: - - "80:80" - - "443:443" - - "8080:81" - volumes: - - "/opt/docker/config/nginx/data:/data" - - "/opt/docker/config/nginx/letsencrypt:/etc/letsencrypt" - - "/var/run/docker.sock:/var/run/docker.sock" +{% for port in service.ports %} +{% if port.internal != 'proxy_only' %} + - {{port.external}}:{{port.internal}} {% endif %} - -{% if service.name == 'syncthing' and inventory_hostname in service.vm %} - syncthing: - image: syncthing/syncthing - container_name: syncthing - restart: unless-stopped - depends_on: - - nginx - networks: - - net - ports: - - 22000:22000/tcp # TCP file transfers - - 22000:22000/udp # QUIC file transfers - - 21027:21027/udp # Receive local discovery broadcasts - volumes: - - "/media/docker/data/syncthing/:/var/syncthing" - environment: - - PUID=1000 - - PGID=1000 - - TZ=Europe/Berlin - hostname: syncthing -{% endif %} - -{% if service.name == 'status' and inventory_hostname in service.vm %} - kuma: - container_name: kuma - image: louislam/uptime-kuma:1 - restart: unless-stopped - depends_on: - - nginx - networks: - - net - environment: - - PUID=1000 - - PGID=1000 - - TZ=Europe/Berlin - ports: - - "3001:3001" - volumes: - - "/opt/local/kuma/:/app/data" -{% endif %} - -{% if service.name == 'plex' and inventory_hostname in service.vm %} - plex: - image: lscr.io/linuxserver/plex:latest - container_name: plex - restart: unless-stopped - depends_on: - - nginx - networks: - - net - devices: - - /dev/dri:/dev/dri - ports: - - "32400:32400" - - "1900:1900" - - "3005:3005" - - "5353:5353" - - "32410:32410" - - "8324:8324" - - "32412:32412" - - "32469:32469" - environment: - - PUID=1000 - - PGID=1000 - - TZ=Europe/Berlin - - VERSION=docker - volumes: - - "/opt/local/plex/config/:/config" - - "/media/series:/tv:ro" - - "/media/movies:/movies:ro" - - "/media/songs:/music:ro" -{% endif %} - -{% if service.name == 'sonarr' and inventory_hostname in service.vm %} - sonarr: - image: lscr.io/linuxserver/sonarr:latest - container_name: sonarr - restart: unless-stopped - depends_on: - - prowlarr - networks: - - net - environment: - - PUID=1000 - - PGID=1000 - - TZ=Europe/Berlin - volumes: - - /opt/local/sonarr/config:/config - - /media/series:/tv #optional - - /media/docker/data/arr_downloads/sonarr:/downloads #optional -{% endif %} - -{% if service.name == 'radarr' and inventory_hostname in service.vm %} - radarr: - image: lscr.io/linuxserver/radarr:latest - container_name: radarr - restart: unless-stopped - depends_on: - - prowlarr - networks: - - net - environment: - - PUID=1000 - - PGID=1000 - - TZ=Europe/Berlin - volumes: - - /opt/local/radarr/config:/config - - /media/movies:/movies #optional - - /media/docker/data/arr_downloads/radarr:/downloads #optional -{% endif %} - -{% if service.name == 'lidarr' and inventory_hostname in service.vm %} - lidarr: - image: lscr.io/linuxserver/lidarr:latest - container_name: lidarr - restart: unless-stopped - depends_on: - - prowlarr - networks: - - net - environment: - - PUID=1000 - - PGID=1000 - - TZ=Europe/Berlin - volumes: - - /opt/local/lidarr/config:/config - - /media/songs:/music #optional - - /media/docker/data/arr_downloads/lidarr:/downloads #optional -{% endif %} - -{% if service.name == 'prowlarr' and inventory_hostname in service.vm %} - prowlarr: - image: lscr.io/linuxserver/prowlarr:latest - container_name: prowlarr - restart: unless-stopped - depends_on: - - torrentleech - networks: - - net - environment: - - PUID=1000 - - PGID=1000 - - TZ=Europe/Berlin - volumes: - - /opt/local/prowlarr/config:/config -{% endif %} - -{% if service.name == 'tl' and inventory_hostname in service.vm %} - gluetun: - image: qmcgaw/gluetun - container_name: gluetun - restart: unless-stopped - networks: - - net +{% endfor %} +{% if service.cap_add is defined and service.cap_add is iterable %} cap_add: - - NET_ADMIN +{% for cap in service.cap_add %} + - {{ cap }} +{% endfor %} +{% endif %} +{% if service.depends_on is defined and service.depends_on is iterable %} + depends_on: +{% for dependency in service.depends_on %} + - {{ dependency }} +{% endfor %} +{% endif %} +{% if service.network_mode is defined %} + network_mode: {{ service.network_mode }} +{% endif %} +{% if service.privileged is defined %} + privileged: {{ service.privileged }} +{% endif %} +{% if service.volumes is defined and service.volumes is iterable %} + volumes: +{% for volume in service.volumes %} + - {{volume.external}}:{{volume.internal}} +{% endfor %} +{% endif %} +{% if service.environment is defined and service.environment is iterable %} + environment: +{% for env in service.environment %} + - {{env}} +{% endfor %} +{% endif %} +{% if service.devices is defined and service.devices is iterable %} devices: - - /dev/net/tun:/dev/net/tun - volumes: - - /opt/docker/config/gluetun/config:/gluetun - ports: - - 8082:8082 - - 8083:8083 - environment: - - PUID=1000 - - PGID=1000 - - TZ=Europe/Berlin - - VPN_SERVICE_PROVIDER=protonvpn - - UPDATER_VPN_SERVICE_PROVIDERS=protonvpn - - UPDATER_PERIOD=24h - - SERVER_COUNTRIES=Hungary - - OPENVPN_USER=MfCOtzTIEsmu1wY-q2lAZ3X1+pmp - - OPENVPN_PASSWORD=knCl1Zl5PHz4HMWVCGR77dYa +{% for device in service.devices %} + - {{device.external}}:{{device.internal}} +{% endfor %} {% endif %} -{% if service.name == 'tl' and inventory_hostname in service.vm %} - torrentleech: - image: qbittorrentofficial/qbittorrent-nox - container_name: torrentleech - restart: unless-stopped - depends_on: - - gluetun - network_mode: "container:gluetun" - environment: - - PUID=1000 - - PGID=1000 - - TZ=Europe/Berlin - - QBT_EULA="accept" - - QBT_WEBUI_PORT="8083" - volumes: - - /opt/docker/config/torrentleech/config:/config - - /media/docker/data/arr_downloads:/downloads -{% endif %} - -{% if service.name == 'qbit' and inventory_hostname in service.vm %} - qbit: - image: qbittorrentofficial/qbittorrent-nox - container_name: qbit - restart: unless-stopped - depends_on: - - gluetun - network_mode: "container:gluetun" - environment: - - PUID=1000 - - PGID=1000 - - TZ=Europe/Berlin - - QBT_EULA="accept" - - QBT_WEBUI_PORT="8082" - volumes: - - /opt/docker/config/qbit/config:/config - - /media/docker/data/arr_downloads:/downloads -{% endif %} - -{% if service.name == 'prometheus' and inventory_hostname in service.vm %} - prometheus: - image: prom/prometheus - container_name: prometheus - restart: unless-stopped - depends_on: - - nginx - networks: - - net - environment: - - PUID=65534 - - PGID=65534 - - TZ=Europe/Berlin - volumes: - - /opt/docker/config/prometheus/:/etc/prometheus/ - - prometheus_data:/prometheus/ -{% endif %} - -{% if service.name == 'grafana' and inventory_hostname in service.vm %} - grafana: - image: grafana/grafana-oss - container_name: grafana - restart: unless-stopped - user: "0:0" - depends_on: - - prometheus - networks: - - net - environment: - - PUID=472 - - PGID=472 - - TZ=Europe/Berlin - volumes: - - /media/docker/data/grafana/:/var/lib/grafana/ - - /opt/docker/config/grafana/config/:/etc/grafana/ -{% endif %} - -{% if service.name == 'ddns' and inventory_hostname in service.vm %} - ddns-updater: - container_name: ddns-updater - image: "ghcr.io/qdm12/ddns-updater" - restart: unless-stopped - depends_on: - - nginx - networks: - net: {} - volumes: - - "/opt/docker/config/ddns-updater/data/:/updater/data/" -{% endif %} - -{% if service.name == 'hass' and inventory_hostname in service.vm %} - homeassistant: - container_name: homeassistant - image: "ghcr.io/home-assistant/home-assistant:stable" - restart: unless-stopped - depends_on: - - nginx - networks: - net: {} - volumes: - - "/etc/localtime:/etc/localtime:ro" - - "/opt/local/home-assistant/config/:/config/" - privileged: true - ports: - - "8123:8123" - - 4357:4357 - - 5683:5683 - - 5683:5683/udp -{% endif %} - -{% if service.name == 'pdf' and inventory_hostname in service.vm %} - stirling: - container_name: stirling - image: frooodle/s-pdf:latest - restart: unless-stopped - depends_on: - - nginx - networks: - net: {} -{% endif %} - -{% if service.name == 'jellyfin' and inventory_hostname in service.vm %} - jellyfin: - container_name: jellyfin - image: jellyfin/jellyfin - restart: "unless-stopped" - depends_on: - - nginx - networks: - net: {} - devices: - - /dev/dri:/dev/dri - volumes: - - /opt/local/jellyfin/config:/config - - /opt/docker/config/jellyfin/cache:/cache - - /media/series:/tv:ro - - /media/movies:/movies:ro - - /media/songs:/music:ro - ports: - - "8096:8096" -{% endif %} - -{% if service.name == 'paperless' and inventory_hostname in service.vm %} - paperless-broker: +{% if service.name == 'paperless' %} + {{service.name}}-broker: container_name: paperless-broker image: docker.io/library/redis:7 restart: unless-stopped - depends_on: - - nginx networks: - net volumes: - /opt/local/paperless/redis/data:/data - paperless-postgres: + {{service.name}}-postgres: container_name: paperless-postgres image: docker.io/library/postgres:15 restart: unless-stopped - depends_on: - - nginx networks: - net volumes: @@ -358,92 +74,11 @@ services: POSTGRES_DB: paperless POSTGRES_USER: paperless POSTGRES_PASSWORD: 5fnhn%u2YWY3paNvMAjdoufYPQ2Hf3Yi + {% endif %} + - paperless: - container_name: paperless - image: ghcr.io/paperless-ngx/paperless-ngx:latest - restart: unless-stopped - depends_on: - - paperless-postgres - - paperless-broker - networks: - - net - healthcheck: - test: - ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8000"] - interval: 30s - timeout: 10s - retries: 5 - volumes: - - /opt/local/paperless/data/data:/usr/src/paperless/data - - /opt/local/paperless/data/media:/usr/src/paperless/media - - /opt/local/paperless/data/export:/usr/src/paperless/export - - /opt/local/paperless/data/consume:/usr/src/paperless/consume - environment: - - "PAPERLESS_REDIS=redis://paperless-broker:6379" - - "PAPERLESS_DBHOST=paperless-postgres" - - "PAPERLESS_DBUSER=paperless" - - "PAPERLESS_DBPASS=5fnhn%u2YWY3paNvMAjdoufYPQ2Hf3Yi" - - "USERMAP_UID=1000" - - "USERMAP_GID=1000" - - "PAPERLESS_URL=https://paperless.docker-host00.lulu.seyshiro.de" - - "PAPERLESS_TIME_ZONE=Europe/Berlin" - - "PAPERLESS_OCR_LANGUAGE=deu" {% endif %} -{% if service.name == 'git' and inventory_hostname in service.vm %} - git: - container_name: git - image: gitea/gitea:1.20.5-rootless - restart: unless-stopped - depends_on: - - nginx - networks: - - net - volumes: - - /opt/local/gitea/data:/var/lib/gitea - - /opt/local/gitea/config:/etc/gitea - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro - ports: - - "3000:3000" - - "2222:2222" - environment: - - USER_UID=1000 - - USER_GID=1000 -{% endif %} - -{% if service.name == 'changedetection' and inventory_hostname in service.vm %} - changedetection: - container_name: changedetection - image: dgtlmoon/changedetection.io - restart: unless-stopped - depends_on: - - nginx - networks: - - net - volumes: - - "/opt/docker/config/changedetection/data/:/datastore" -{% endif %} - -{% if service.name == 'calibre' and inventory_hostname in service.vm %} - calibre: - container_name: calibre - image: lscr.io/linuxserver/calibre-web:latest - restart: unless-stopped - depends_on: - - nginx - networks: - - net - environment: - - PUID=1000 - - PGID=1000 - - TZ=Europe/Berlin - - DOCKER_MODS=linuxserver/mods:universal-calibre #optional - volumes: - - "/opt/local/calibre/:/config" - - "/media/docker/data/calibre/:/books" -{% endif %} {% endfor %} networks: diff --git a/roles/reverse_proxy/tasks/configure.yml b/roles/reverse_proxy/tasks/configure.yml index 3ab93d4..328c78f 100644 --- a/roles/reverse_proxy/tasks/configure.yml +++ b/roles/reverse_proxy/tasks/configure.yml @@ -11,5 +11,6 @@ src: Caddyfile.j2 dest: "{{ caddy_config_path }}" mode: "0644" + backup: true become: true notify: Restart Caddy diff --git a/roles/reverse_proxy/templates/Caddyfile.j2 b/roles/reverse_proxy/templates/Caddyfile.j2 index d98c4cf..66b78a5 100644 --- a/roles/reverse_proxy/templates/Caddyfile.j2 +++ b/roles/reverse_proxy/templates/Caddyfile.j2 @@ -4,9 +4,10 @@ } {% for service in services %} +{% if service.ports is iterable %} {{ service.name }}.{{ domain }} { {% for vm in service.vm %} - reverse_proxy {{ hostvars[vm].ansible_host }}:{{ service.port }} + reverse_proxy {{ hostvars[vm].ansible_host }}:{{ service.ports | selectattr('name', 'equalto', 'http') | map(attribute='external') | first }} {% endfor %} log { output file /var/log/caddy/{{ service.name }}.log @@ -23,4 +24,5 @@ resolvers 1.1.1.1 } } +{% endif %} {% endfor %}