tudattr/ansible
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(docker): Move compose content to ansible group vars

Browse Source 
Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>
This commit is contained in:
Tuan-Dat Tran
2025-01-17 01:31:10 +01:00
parent 1a1b8cb69c
commit e68d534e4f
7 changed files with 513 additions and 443 deletions
Download Patch File Download Diff File Expand all files Collapse all files

474
group_vars/docker/vars.yml
View File

@@ -12,68 +12,494 @@ services:
- name: syncthing - name: syncthing
vm: vm:
- docker-host00 - docker-host00
port: 8384 container_name: syncthing
image: syncthing/syncthing
restart: unless-stopped
volumes:
- name: "Data"
internal: /var/syncthing/
external: /media/docker/data/syncthing/
ports:
- name: "http"
internal: 8384
external: 8384
- name: ""
internal: 22000
external: 22000
- name: ""
internal: 22000
external: 22000
- name: ""
internal: 21027
external: 21027
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- name: status - name: status
vm: vm:
- docker-host00 - docker-host00
port: 3001 container_name: kuma
image: louislam/uptime-kuma:1
restart: unless-stopped
volumes:
- name: "Data"
internal: /app/data
external: /opt/local/kuma/
ports:
- name: "http"
internal: 3001
external: 3001
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- name: plex - name: plex
vm: vm:
- docker-host00 - docker-host00
port: 32400 container_name: plex
image: lscr.io/linuxserver/plex:latest
restart: unless-stopped
volumes:
- name: "Configuration"
internal: /config
external: /opt/local/plex/config/
- name: "TV Series"
internal: /tv:ro
external: /media/series
- name: "Movies"
internal: /movies:ro
external: /media/movies
- name: "Music"
internal: /music:ro
external: /media/songs
devices:
- name: "Graphics Card"
internal: /dev/dri
external: /dev/dri
ports:
- name: "http"
internal: 32400
external: 32400
- name: ""
internal: 1900
external: 1900
- name: ""
internal: 3005
external: 3005
- name: ""
internal: 5353
external: 5353
- name: ""
internal: 32410
external: 32410
- name: ""
internal: 8324
external: 8324
- name: ""
internal: 32412
external: 32412
- name: ""
internal: 32469
external: 32469
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- VERSION=docker
- name: jellyfin - name: jellyfin
vm: vm:
- docker-host02 - docker-host02
port: 8096 container_name: jellyfin
image: jellyfin/jellyfin
restart: "unless-stopped"
volumes:
- name: "Configuration"
internal: /config
external: /opt/local/jellyfin/config
- name: "Cache"
internal: /cache
external: /opt/docker/config/jellyfin/cache
- name: "Tv Series"
internal: /tv:ro
external: /media/series
- name: "Music"
internal: /movies:ro
external: /media/movies
- name: "Music"
internal: /music:ro
external: /media/songs
devices:
- name: "Graphics Card"
internal: /dev/dri
external: /dev/dri
ports:
- name: "http"
internal: 8096
external: 8096
environment:
- name: hass - name: hass
vm: vm:
- docker-host02 - docker-host02
port: 8123 container_name: homeassistant
image: "ghcr.io/home-assistant/home-assistant:stable"
restart: unless-stopped
privileged: true
volumes:
- name: "Configuration"
internal: /config/
external: /opt/local/home-assistant/config/
- name: "Local Time"
internal: /etc/localtime:ro
external: /etc/localtime
ports:
- name: "http"
internal: 8123
external: 8123
- name: ""
internal: 4357
external: 4357
- name: ""
internal: 5683
external: 5683
- name: ""
internal: 5683
external: 5683
- name: ddns - name: ddns
vm: vm:
- docker-host00 - docker-host00
port: 8123 container_name: ddns-updater
image: ghcr.io/qdm12/ddns-updater
restart: unless-stopped
volumes:
- name: "Configuration"
internal: /updater/data/"
external: /opt/docker/config/ddns-updater/data/
ports:
- name: "http"
internal: 8000
external: 8000
- name: sonarr - name: sonarr
vm: vm:
- docker-host00 - docker-host00
port: 8989 container_name: sonarr
image: lscr.io/linuxserver/sonarr:latest
restart: unless-stopped
volumes:
- name: "Configuration"
internal: /config
external: /opt/local/sonarr/config
- name: "Tv Series"
internal: /tv
external: /media/series
- name: "Torrent Downloads"
internal: /downloads
external: /media/docker/data/arr_downloads/sonarr
ports:
- name: "http"
internal: 8989
external: 8989
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- name: radarr - name: radarr
vm: vm:
- docker-host00 - docker-host00
port: 7878 container_name: radarr
image: lscr.io/linuxserver/radarr:latest
restart: unless-stopped
volumes:
- name: "Configuration"
internal: /config
external: /opt/local/radarr/config
- name: "Movies"
internal: /movies
external: /media/movies
- name: "Torrent Downloads"
internal: /downloads
external: /media/docker/data/arr_downloads/radarr
ports:
- name: "http"
internal: 7878
external: 7878
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- name: lidarr - name: lidarr
vm: vm:
- docker-host00 - docker-host00
port: 8686 container_name: lidarr
image: lscr.io/linuxserver/lidarr:latest
restart: unless-stopped
volumes:
- name: "Configuration"
internal: /config
external: /opt/local/lidarr/config
- name: "Music"
internal: /music
external: /media/songs
- name: "Torrent Downloads"
internal: /downloads
external: /media/docker/data/arr_downloads/lidarr
ports:
- name: "http"
internal: 8686
external: 8686
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- name: prowlarr - name: prowlarr
vm: vm:
- docker-host00 - docker-host00
port: 9696 container_name: prowlarr
- name: qbit image: lscr.io/linuxserver/prowlarr:latest
vm: restart: unless-stopped
- docker-host00 volumes:
port: 9696 - name: "Configuration"
- name: tl internal: /config
vm: external: /opt/local/prowlarr/config
- docker-host00 ports:
port: 9696 - name: "http"
internal: 9696
external: 9696
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- name: paperless - name: paperless
vm: vm:
- docker-host00 - docker-host00
port: 8000 container_name: paperless
image: ghcr.io/paperless-ngx/paperless-ngx:latest
restart: unless-stopped
depends_on:
- paperless-postgres
- paperless-broker
volumes:
- name: "Configuration"
internal: /usr/src/paperless/data
external: /opt/local/paperless/data/data
- name: "Media"
internal: /usr/src/paperless/media
external: /opt/local/paperless/data/media
- name: "Document Export"
internal: /usr/src/paperless/export
external: /opt/local/paperless/data/export
- name: "Document Consume"
internal: /usr/src/paperless/consume
external: /opt/local/paperless/data/consume
environment:
- "PAPERLESS_REDIS=redis://paperless-broker:6379"
- "PAPERLESS_DBHOST=paperless-postgres"
- "PAPERLESS_DBUSER=paperless"
- "PAPERLESS_DBPASS=5fnhn%u2YWY3paNvMAjdoufYPQ2Hf3Yi"
- "USERMAP_UID=1000"
- "USERMAP_GID=1000"
- "PAPERLESS_URL=https://paperless.seyshiro.de"
- "PAPERLESS_TIME_ZONE=Europe/Berlin"
- "PAPERLESS_OCR_LANGUAGE=deu"
ports:
- name: "http"
internal: 8000
external: 8000
- name: pdf - name: pdf
vm: vm:
- docker-host00 - docker-host00
port: 8080 container_name: stirling
image: frooodle/s-pdf:latest
restart: unless-stopped
ports:
- name: "http"
internal: 8080
external: 8080
- name: git - name: git
vm: vm:
- docker-host02 - docker-host02
port: 3000 container_name: gitea
image: gitea/gitea:1.20.5-rootless
restart: unless-stopped
volumes:
- name: "Configuration"
internal: /etc/gitea
external: /opt/local/gitea/config
- name: "Data"
internal: /var/lib/gitea
external: /opt/local/gitea/data
- name: "Time Zone"
internal: /etc/timezone:ro
external: /etc/timezone
- name: "Local Time"
internal: /etc/localtime:ro
external: /etc/localtime
ports:
- name: "http"
internal: 3000
external: 3000
- name: "ssh"
internal: 2222
external: 2222
environment:
- USER_UID=1000
- USER_GID=1000
- name: changedetection - name: changedetection
vm: vm:
- docker-host00 - docker-host00
port: 5000 container_name: changedetection
- name: calibre image: dgtlmoon/changedetection.io
restart: unless-stopped
volumes:
- name: "Data"
internal: /datastore
external: /opt/docker/config/changedetection/data/
ports:
- name: "http"
internal: 5000
external: 5000
- name: gluetun
vm: vm:
- docker-host00 - docker-host00
port: 5000 container_name: gluetun
image: qmcgaw/gluetun
restart: unless-stopped
cap_add:
- NET_ADMIN
devices:
- name: "Tunnel"
internal: /dev/net/tun
external: /dev/net/tun
volumes:
- name: "Configuration"
internal: /gluetun
external: /opt/docker/config/gluetun/config
ports:
- name: "Qbit Client"
internal: 8082
external: 8082
- name: "Torrentleech Client"
internal: 8083
external: 8083
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- VPN_SERVICE_PROVIDER=protonvpn
- UPDATER_VPN_SERVICE_PROVIDERS=protonvpn
- UPDATER_PERIOD=24h
- SERVER_COUNTRIES=Hungary
- OPENVPN_USER=MfCOtzTIEsmu1wY-q2lAZ3X1+pmp
- OPENVPN_PASSWORD=knCl1Zl5PHz4HMWVCGR77dYa
- name: torrentleech
vm:
- docker-host00
container_name: torrentleech
image: qbittorrentofficial/qbittorrent-nox
restart: unless-stopped
depends_on:
- gluetun
network_mode: "container:gluetun"
volumes:
- name: "Configuration"
internal: /config
external: /opt/docker/config/torrentleech/config
- name: "Downloads"
internal: /downloads
external: /media/docker/data/arr_downloads
ports:
- name: "http"
internal: proxy_only
external: 8082
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- QBT_EULA="accept"
- QBT_WEBUI_PORT="8083"
- name: qbit
vm:
- docker-host00
container_name: qbit
image: qbittorrentofficial/qbittorrent-nox
restart: unless-stopped
depends_on:
- gluetun
network_mode: "container:gluetun"
volumes:
- name: "Configuration"
internal: /config
external: /opt/docker/config/qbit/config
- name: "Downloads"
internal: /downloads
external: /media/docker/data/arr_downloads
ports:
- name: "http"
internal: proxy_only
external: 8082
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- QBT_EULA="accept"
- QBT_WEBUI_PORT="8082"
# - name: calibre
# vm:
# - docker-host00
# container_name: calibre
# image: lscr.io/linuxserver/calibre-web:latest
# restart: unless-stopped
# volumes:
# - name: "Configuration"
# internal: /config"
# external: /opt/local/calibre/
# - name: "Books"
# internal: /books"
# external: /media/docker/data/calibre/
# ports:
# - name: "http"
# internal: 5000
# external: 5000
# environment:
# - PUID=1000
# - PGID=1000
# - TZ=Europe/Berlin
# - DOCKER_MODS=linuxserver/mods:universal-calibre
# - name: grafana
# vm:
# container_name: grafana
# image: grafana/grafana-oss
# restart: unless-stopped
# volumes:
# - name: "Configuration"
# internal: /etc/grafana/
# external: /opt/docker/config/grafana/config/
# - name: "Data"
# internal: /var/lib/grafana/
# external: /media/docker/data/grafana/
# ports:
# environment:
# - PUID=472
# - PGID=472
# - TZ=Europe/Berlin
# - name: prometheus
# vm:
# - docker-host00
# container_name: prometheus
# image: prom/prometheus
# restart: unless-stopped
# volumes:
# - name: "Configuration"
# internal: /etc/prometheus/
# external: /opt/docker/config/prometheus/
# - name: "Data"
# internal: /prometheus/
# external: prometheus_data
# ports:
# - name: "http"
# internal: 5000
# external: 5000
# environment:
# - PUID=65534
# - PGID=65534
# - TZ=Europe/Berlin

1
roles/docker_host/handlers/main.yml
View File

@@ -4,3 +4,4 @@
name: docker name: docker
state: restarted state: restarted
become: true become: true
# TODO also do docker compose restart

6
roles/docker_host/tasks/deploy_compose.yml
View File

@@ -1,14 +1,12 @@
--- ---
- name: Copy docker compose file to target - name: Copy docker compose file to target
ansible.builtin.template: ansible.builtin.template:
src: "templates/{{ item }}.j2" src: "templates/compose.yaml.j2"
dest: "/opt/docker/compose/{{ item }}" dest: "/opt/docker/compose/compose.yaml"
owner: "{{ user }}" owner: "{{ user }}"
group: "{{ user }}" group: "{{ user }}"
mode: "644" mode: "644"
backup: true backup: true
loop:
- compose.yaml
notify: notify:
- Restart docker - Restart docker
become: true become: true

7
roles/docker_host/tasks/directory_setup.yml
View File

@@ -34,6 +34,13 @@
mode: "0755" mode: "0755"
become: true become: true
- name: Create /opt/docker/compose directory
ansible.builtin.file:
path: /opt/docker/compose
state: directory
mode: "0755"
become: true
- name: Create /opt/local directory - name: Create /opt/local directory
ansible.builtin.file: ansible.builtin.file:
path: /opt/local path: /opt/local

463
roles/docker_host/templates/compose.yaml.j2
View File

@@ -1,355 +1,71 @@
services: services:
{% for service in services %} {% for service in services %}
{% if service.name == 'nginx' and inventory_hostname in service.vm %} {% if inventory_hostname in service.vm %}
nginx: {{service.name}}:
container_name: "nginx" hostname: {{service.name}}
image: "jc21/nginx-proxy-manager:latest" container_name: {{ service.container_name }}
restart: unless-stopped image: {{ service.image }}
restart: {{ service.restart }}
networks: networks:
- net - net
{% if service.ports is iterable%}
ports: ports:
- "80:80" {% for port in service.ports %}
- "443:443" {% if port.internal != 'proxy_only' %}
- "8080:81" - {{port.external}}:{{port.internal}}
volumes:
- "/opt/docker/config/nginx/data:/data"
- "/opt/docker/config/nginx/letsencrypt:/etc/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock"
{% endif %} {% endif %}
{% endfor %}
{% if service.name == 'syncthing' and inventory_hostname in service.vm %} {% if service.cap_add is defined and service.cap_add is iterable %}
syncthing:
image: syncthing/syncthing
container_name: syncthing
restart: unless-stopped
depends_on:
- nginx
networks:
- net
ports:
- 22000:22000/tcp # TCP file transfers
- 22000:22000/udp # QUIC file transfers
- 21027:21027/udp # Receive local discovery broadcasts
volumes:
- "/media/docker/data/syncthing/:/var/syncthing"
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
hostname: syncthing
{% endif %}
{% if service.name == 'status' and inventory_hostname in service.vm %}
kuma:
container_name: kuma
image: louislam/uptime-kuma:1
restart: unless-stopped
depends_on:
- nginx
networks:
- net
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
ports:
- "3001:3001"
volumes:
- "/opt/local/kuma/:/app/data"
{% endif %}
{% if service.name == 'plex' and inventory_hostname in service.vm %}
plex:
image: lscr.io/linuxserver/plex:latest
container_name: plex
restart: unless-stopped
depends_on:
- nginx
networks:
- net
devices:
- /dev/dri:/dev/dri
ports:
- "32400:32400"
- "1900:1900"
- "3005:3005"
- "5353:5353"
- "32410:32410"
- "8324:8324"
- "32412:32412"
- "32469:32469"
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- VERSION=docker
volumes:
- "/opt/local/plex/config/:/config"
- "/media/series:/tv:ro"
- "/media/movies:/movies:ro"
- "/media/songs:/music:ro"
{% endif %}
{% if service.name == 'sonarr' and inventory_hostname in service.vm %}
sonarr:
image: lscr.io/linuxserver/sonarr:latest
container_name: sonarr
restart: unless-stopped
depends_on:
- prowlarr
networks:
- net
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
volumes:
- /opt/local/sonarr/config:/config
- /media/series:/tv #optional
- /media/docker/data/arr_downloads/sonarr:/downloads #optional
{% endif %}
{% if service.name == 'radarr' and inventory_hostname in service.vm %}
radarr:
image: lscr.io/linuxserver/radarr:latest
container_name: radarr
restart: unless-stopped
depends_on:
- prowlarr
networks:
- net
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
volumes:
- /opt/local/radarr/config:/config
- /media/movies:/movies #optional
- /media/docker/data/arr_downloads/radarr:/downloads #optional
{% endif %}
{% if service.name == 'lidarr' and inventory_hostname in service.vm %}
lidarr:
image: lscr.io/linuxserver/lidarr:latest
container_name: lidarr
restart: unless-stopped
depends_on:
- prowlarr
networks:
- net
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
volumes:
- /opt/local/lidarr/config:/config
- /media/songs:/music #optional
- /media/docker/data/arr_downloads/lidarr:/downloads #optional
{% endif %}
{% if service.name == 'prowlarr' and inventory_hostname in service.vm %}
prowlarr:
image: lscr.io/linuxserver/prowlarr:latest
container_name: prowlarr
restart: unless-stopped
depends_on:
- torrentleech
networks:
- net
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
volumes:
- /opt/local/prowlarr/config:/config
{% endif %}
{% if service.name == 'tl' and inventory_hostname in service.vm %}
gluetun:
image: qmcgaw/gluetun
container_name: gluetun
restart: unless-stopped
networks:
- net
cap_add: cap_add:
- NET_ADMIN {% for cap in service.cap_add %}
- {{ cap }}
{% endfor %}
{% endif %}
{% if service.depends_on is defined and service.depends_on is iterable %}
depends_on:
{% for dependency in service.depends_on %}
- {{ dependency }}
{% endfor %}
{% endif %}
{% if service.network_mode is defined %}
network_mode: {{ service.network_mode }}
{% endif %}
{% if service.privileged is defined %}
privileged: {{ service.privileged }}
{% endif %}
{% if service.volumes is defined and service.volumes is iterable %}
volumes:
{% for volume in service.volumes %}
- {{volume.external}}:{{volume.internal}}
{% endfor %}
{% endif %}
{% if service.environment is defined and service.environment is iterable %}
environment:
{% for env in service.environment %}
- {{env}}
{% endfor %}
{% endif %}
{% if service.devices is defined and service.devices is iterable %}
devices: devices:
- /dev/net/tun:/dev/net/tun {% for device in service.devices %}
volumes: - {{device.external}}:{{device.internal}}
- /opt/docker/config/gluetun/config:/gluetun {% endfor %}
ports:
- 8082:8082
- 8083:8083
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- VPN_SERVICE_PROVIDER=protonvpn
- UPDATER_VPN_SERVICE_PROVIDERS=protonvpn
- UPDATER_PERIOD=24h
- SERVER_COUNTRIES=Hungary
- OPENVPN_USER=MfCOtzTIEsmu1wY-q2lAZ3X1+pmp
- OPENVPN_PASSWORD=knCl1Zl5PHz4HMWVCGR77dYa
{% endif %} {% endif %}
{% if service.name == 'tl' and inventory_hostname in service.vm %} {% if service.name == 'paperless' %}
torrentleech: {{service.name}}-broker:
image: qbittorrentofficial/qbittorrent-nox
container_name: torrentleech
restart: unless-stopped
depends_on:
- gluetun
network_mode: "container:gluetun"
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- QBT_EULA="accept"
- QBT_WEBUI_PORT="8083"
volumes:
- /opt/docker/config/torrentleech/config:/config
- /media/docker/data/arr_downloads:/downloads
{% endif %}
{% if service.name == 'qbit' and inventory_hostname in service.vm %}
qbit:
image: qbittorrentofficial/qbittorrent-nox
container_name: qbit
restart: unless-stopped
depends_on:
- gluetun
network_mode: "container:gluetun"
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- QBT_EULA="accept"
- QBT_WEBUI_PORT="8082"
volumes:
- /opt/docker/config/qbit/config:/config
- /media/docker/data/arr_downloads:/downloads
{% endif %}
{% if service.name == 'prometheus' and inventory_hostname in service.vm %}
prometheus:
image: prom/prometheus
container_name: prometheus
restart: unless-stopped
depends_on:
- nginx
networks:
- net
environment:
- PUID=65534
- PGID=65534
- TZ=Europe/Berlin
volumes:
- /opt/docker/config/prometheus/:/etc/prometheus/
- prometheus_data:/prometheus/
{% endif %}
{% if service.name == 'grafana' and inventory_hostname in service.vm %}
grafana:
image: grafana/grafana-oss
container_name: grafana
restart: unless-stopped
user: "0:0"
depends_on:
- prometheus
networks:
- net
environment:
- PUID=472
- PGID=472
- TZ=Europe/Berlin
volumes:
- /media/docker/data/grafana/:/var/lib/grafana/
- /opt/docker/config/grafana/config/:/etc/grafana/
{% endif %}
{% if service.name == 'ddns' and inventory_hostname in service.vm %}
ddns-updater:
container_name: ddns-updater
image: "ghcr.io/qdm12/ddns-updater"
restart: unless-stopped
depends_on:
- nginx
networks:
net: {}
volumes:
- "/opt/docker/config/ddns-updater/data/:/updater/data/"
{% endif %}
{% if service.name == 'hass' and inventory_hostname in service.vm %}
homeassistant:
container_name: homeassistant
image: "ghcr.io/home-assistant/home-assistant:stable"
restart: unless-stopped
depends_on:
- nginx
networks:
net: {}
volumes:
- "/etc/localtime:/etc/localtime:ro"
- "/opt/local/home-assistant/config/:/config/"
privileged: true
ports:
- "8123:8123"
- 4357:4357
- 5683:5683
- 5683:5683/udp
{% endif %}
{% if service.name == 'pdf' and inventory_hostname in service.vm %}
stirling:
container_name: stirling
image: frooodle/s-pdf:latest
restart: unless-stopped
depends_on:
- nginx
networks:
net: {}
{% endif %}
{% if service.name == 'jellyfin' and inventory_hostname in service.vm %}
jellyfin:
container_name: jellyfin
image: jellyfin/jellyfin
restart: "unless-stopped"
depends_on:
- nginx
networks:
net: {}
devices:
- /dev/dri:/dev/dri
volumes:
- /opt/local/jellyfin/config:/config
- /opt/docker/config/jellyfin/cache:/cache
- /media/series:/tv:ro
- /media/movies:/movies:ro
- /media/songs:/music:ro
ports:
- "8096:8096"
{% endif %}
{% if service.name == 'paperless' and inventory_hostname in service.vm %}
paperless-broker:
container_name: paperless-broker container_name: paperless-broker
image: docker.io/library/redis:7 image: docker.io/library/redis:7
restart: unless-stopped restart: unless-stopped
depends_on:
- nginx
networks: networks:
- net - net
volumes: volumes:
- /opt/local/paperless/redis/data:/data - /opt/local/paperless/redis/data:/data
paperless-postgres: {{service.name}}-postgres:
container_name: paperless-postgres container_name: paperless-postgres
image: docker.io/library/postgres:15 image: docker.io/library/postgres:15
restart: unless-stopped restart: unless-stopped
depends_on:
- nginx
networks: networks:
- net - net
volumes: volumes:
@@ -358,92 +74,11 @@ services:
POSTGRES_DB: paperless POSTGRES_DB: paperless
POSTGRES_USER: paperless POSTGRES_USER: paperless
POSTGRES_PASSWORD: 5fnhn%u2YWY3paNvMAjdoufYPQ2Hf3Yi POSTGRES_PASSWORD: 5fnhn%u2YWY3paNvMAjdoufYPQ2Hf3Yi
{% endif %}
paperless:
container_name: paperless
image: ghcr.io/paperless-ngx/paperless-ngx:latest
restart: unless-stopped
depends_on:
- paperless-postgres
- paperless-broker
networks:
- net
healthcheck:
test:
["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8000"]
interval: 30s
timeout: 10s
retries: 5
volumes:
- /opt/local/paperless/data/data:/usr/src/paperless/data
- /opt/local/paperless/data/media:/usr/src/paperless/media
- /opt/local/paperless/data/export:/usr/src/paperless/export
- /opt/local/paperless/data/consume:/usr/src/paperless/consume
environment:
- "PAPERLESS_REDIS=redis://paperless-broker:6379"
- "PAPERLESS_DBHOST=paperless-postgres"
- "PAPERLESS_DBUSER=paperless"
- "PAPERLESS_DBPASS=5fnhn%u2YWY3paNvMAjdoufYPQ2Hf3Yi"
- "USERMAP_UID=1000"
- "USERMAP_GID=1000"
- "PAPERLESS_URL=https://paperless.docker-host00.lulu.seyshiro.de"
- "PAPERLESS_TIME_ZONE=Europe/Berlin"
- "PAPERLESS_OCR_LANGUAGE=deu"
{% endif %} {% endif %}
{% if service.name == 'git' and inventory_hostname in service.vm %}
git:
container_name: git
image: gitea/gitea:1.20.5-rootless
restart: unless-stopped
depends_on:
- nginx
networks:
- net
volumes:
- /opt/local/gitea/data:/var/lib/gitea
- /opt/local/gitea/config:/etc/gitea
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "2222:2222"
environment:
- USER_UID=1000
- USER_GID=1000
{% endif %}
{% if service.name == 'changedetection' and inventory_hostname in service.vm %}
changedetection:
container_name: changedetection
image: dgtlmoon/changedetection.io
restart: unless-stopped
depends_on:
- nginx
networks:
- net
volumes:
- "/opt/docker/config/changedetection/data/:/datastore"
{% endif %}
{% if service.name == 'calibre' and inventory_hostname in service.vm %}
calibre:
container_name: calibre
image: lscr.io/linuxserver/calibre-web:latest
restart: unless-stopped
depends_on:
- nginx
networks:
- net
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- DOCKER_MODS=linuxserver/mods:universal-calibre #optional
volumes:
- "/opt/local/calibre/:/config"
- "/media/docker/data/calibre/:/books"
{% endif %}
{% endfor %} {% endfor %}
networks: networks:

1
roles/reverse_proxy/tasks/configure.yml
View File

@@ -11,5 +11,6 @@
src: Caddyfile.j2 src: Caddyfile.j2
dest: "{{ caddy_config_path }}" dest: "{{ caddy_config_path }}"
mode: "0644" mode: "0644"
backup: true
become: true become: true
notify: Restart Caddy notify: Restart Caddy

4
roles/reverse_proxy/templates/Caddyfile.j2
View File

@@ -4,9 +4,10 @@
} }
{% for service in services %} {% for service in services %}
{% if service.ports is iterable %}
{{ service.name }}.{{ domain }} { {{ service.name }}.{{ domain }} {
{% for vm in service.vm %} {% for vm in service.vm %}
reverse_proxy {{ hostvars[vm].ansible_host }}:{{ service.port }} reverse_proxy {{ hostvars[vm].ansible_host }}:{{ service.ports | selectattr('name', 'equalto', 'http') | map(attribute='external') | first }}
{% endfor %} {% endfor %}
log { log {
output file /var/log/caddy/{{ service.name }}.log output file /var/log/caddy/{{ service.name }}.log
@@ -23,4 +24,5 @@
resolvers 1.1.1.1 resolvers 1.1.1.1
} }
} }
{% endif %}
{% endfor %} {% endfor %}