Changed file permissions for netdata and updated docker compose files for zoneminder, pihole, syncthing and grafana services with ports, volumes and environment variables.

Signed-off-by: TuDatTr <tuan-dat.tran@tudattr.dev>
2023-02-09 01:14:30 +01:00 · 2023-02-09 01:14:30 +01:00 · f3254d5b79
parent 350b3ec149
commit f3254d5b79
3 changed files with 50 additions and 45 deletions
--- a/roles/docker/tasks/netdata.yaml
+++ b/roles/docker/tasks/netdata.yaml
@ -5,9 +5,10 @@
    path: "{{ item }}"
    owner: 1000
    group: 1000
-    mode: '755'
+    mode: '777'
    state: directory   
  loop:
    - "{{ netdata_config }}"
    - "{{ netdata_cache }}"
    - "{{ netdata_lib }}"
+  become: true
--- a/roles/docker/templates/aya01/compose.yaml
+++ b/roles/docker/templates/aya01/compose.yaml
@ -24,11 +24,11 @@ services:
    stop_grace_period: 45s
    depends_on:
      - db
-    ports:
-      - 80:80
    networks:
      - zoneminder
      - net
+    ports:
+      - 80:80
    volumes:
      - "/etc/localtime:/etc/localtime:ro"
      - "{{ zoneminder_data }}:/data"
@ -58,108 +58,100 @@ services:
      - "53:53/udp"
      - "67:67/udp"
      - "8089:80/tcp"
+    volumes:
+      - "/etc/localtime:/etc/localtime:ro"
+      - "{{ pihole_pihole }}:/etc/pihole/"
+      - "{{ pihole_dnsmasq }}:/etc/dnsmasq.d/"
    environment:
      - "WEBPASSWORD={{ vault_aya01_pihole_password }}"
      - "ServerIP={{aya01_ip}}"
      - "INTERFACE=eth0"
      - "DNS1=1.1.1.1"
      - "DNS1=1.0.0.1"
-    volumes:
-      - "/etc/localtime:/etc/localtime:ro"
-      - "{{ pihole_pihole }}:/etc/pihole/"
-      - "{{ pihole_dnsmasq }}:/etc/dnsmasq.d/"
    dns:
      - 127.0.0.1
      - 1.1.1.1
    cap_add:
      - NET_ADMIN
-    labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.pihole.rule=Host(`pihole.{{local_domain}}`)"
-      - "traefik.http.routers.pihole.entrypoints=web"
-      - "traefik.http.services.pihole.loadbalancer.server.port=8089"

  syncthing:
-    image: syncthing/syncthing
    container_name: syncthing
-    hostname: syncthing
+    image: syncthing/syncthing
+    restart: unless-stopped
    networks:
      - net
-    environment:
-      - "PUID={{ puid }}"
-      - "PGID={{ pgid }}"
-    volumes:
-      - "{{syncthing_data}}:/var/syncthing"
    ports:
      - 8384:8384 # Web UI
      - 22000:22000/tcp # TCP file transfers
      - 22000:22000/udp # QUIC file transfers
      - 21027:21027/udp # Receive local discovery broadcasts
-    restart: unless-stopped
+    volumes:
+      - "{{syncthing_data}}:/var/syncthing"
+    environment:
+      - "PUID={{ puid }}"
+      - "PGID={{ pgid }}"
+    hostname: syncthing

  grafana:
-    image: grafana/grafana-oss
    container_name: grafana
-    hostname: grafana
+    image: grafana/grafana-oss
+    restart: unless-stopped
    user: "{{ puid }}:{{ pgid }}"
    networks:
      - net
-    environment:
-      - "GF_LOG_MODE=console file"
+    ports:
+      - 3000:3000
    volumes:
      - "{{ grafana_data }}:/var/lib/grafana/"
      - "{{ grafana_log }}:/var/log/grafana/"
-    ports:
-      - 3000:3000
+    environment:
+      - "GF_LOG_MODE=console file"
+    hostname: grafana

  soft-serve:
-    image: charmcli/soft-serve:latest
    container_name: soft-serve
+    image: charmcli/soft-serve:latest
+    restart: unless-stopped
    networks:
      - net
-    volumes:
-      - "{{ softserve_data }}:/soft-serve"
    ports:
      - 23231:23231
-    restart: unless-stopped
+    volumes:
+      - "{{ softserve_data }}:/soft-serve"

  prometheus:
-    image: prom/prometheus
    container_name: prometheus
+    image: prom/prometheus
+    restart: unless-stopped
    networks:
      - net
-    volumes:
-      - "{{ prm_config }}:/etc/prometheus"
    ports:
      - "{{ prm_port }}:9090"
+    volumes:
+      - "{{ prm_config }}:/etc/prometheus"

  exporter_mikrotik:
    container_name: exporter_mikrotik
-    user: "{{ puid }}:{{ pgid }}"
    image: "nshttpd/mikrotik-exporter:{{ e_mikrotik_version }}"
+    restart: unless-stopped
+    user: "{{ puid }}:{{ pgid }}"
    networks:
      - net
+    ports:
+      - "{{ e_mikrotik_port }}:9436"
    volumes:
      - "{{ e_mikrotik_config }}:/config"
    environment:
      - "CONFIG_FILE=/config/config.yml"
-    ports:
-      - "{{ e_mikrotik_port }}:9436"
-    restart: unless-stopped

  netdata:
-    image: netdata/netdata
    container_name: netdata
-    hostname: "{{ aya01_host }}"
+    image: netdata/netdata
+    restart: unless-stopped
    networks:
      - net
    ports:
      - "{{netdata_port}}:19999"
-    restart: unless-stopped
-    cap_add:
-      - SYS_PTRACE
-    security_opt:
-      - apparmor:unconfined
    volumes:
      - "{{netdata_config}}:/etc/netdata"
      - "{{netdata_lib}}:/var/lib/netdata"
@ -169,6 +161,13 @@ services:
      - /proc:/host/proc:ro
      - /sys:/host/sys:ro
      - /etc/os-release:/host/etc/os-release:ro
+    environment:
+      - "DO_NOT_TRACK=1"
+    cap_add:
+      - SYS_PTRACE
+    security_opt:
+      - apparmor:unconfined
+    hostname: "{{ aya01_host }}"


 networks:
--- a/roles/docker/templates/pi/compose.yaml
+++ b/roles/docker/templates/pi/compose.yaml
@ -31,11 +31,16 @@ services:
      - "{{ ddns_updater_data }}:/updater/data/"
    ports:
      - 8000:8000/tcp
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.homeassistant.rule=Host(`ddns.{{local_domain}}`)"

  homeassistant:
    container_name: homeassistant
    image: "ghcr.io/home-assistant/home-assistant:stable"
    restart: unless-stopped
+    networks:
+      net: {}
    volumes:
      - "/etc/localtime:/etc/localtime:ro"
      - "{{ ha_config }}:/config/"
@ -79,7 +84,7 @@ services:
      - NET_ADMIN
    labels:
      - "traefik.enable=true"
-      - "traefik.http.routers.pihole.rule=Host(`pihole.{{local_domain}}`)"
+      - "traefik.http.routers.pihole.rule=Host(`pipihole.{{local_domain}}`)"
 #      - "traefik.http.routers.pihole.entrypoints=web"
 #      - "traefik.http.services.pihole.loadbalancer.server.port=8089"