remove migrated docker stacks
This commit is contained in:
parent
6361b06a5a
commit
babb7ff5b7
30 changed files with 0 additions and 796 deletions
|
@ -1,21 +0,0 @@
|
|||
# vi: ft=yaml
|
||||
version: "3.7"
|
||||
|
||||
networks:
|
||||
traefik:
|
||||
external: true
|
||||
|
||||
services:
|
||||
cyberchef:
|
||||
image: mpepping/cyberchef
|
||||
networks:
|
||||
- traefik
|
||||
deploy:
|
||||
replicas: 3
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.cyberchef.entrypoints=websecure
|
||||
- traefik.http.services.cyberchef.loadbalancer.server.port=8000
|
||||
- traefik.http.routers.cyberchef.rule=Host(`cyberchef.kun.is`)
|
||||
- traefik.http.routers.cyberchef.tls=true
|
||||
- traefik.http.routers.cyberchef.tls.certresolver=letsencrypt
|
|
@ -1,5 +0,0 @@
|
|||
- name: Deploy Docker stack
|
||||
docker_stack:
|
||||
name: cyberchef
|
||||
compose:
|
||||
- "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
|
|
@ -1,109 +0,0 @@
|
|||
APP_NAME = Forgejo: Beyond coding. We forge.
|
||||
RUN_MODE = prod
|
||||
RUN_USER = git
|
||||
WORK_PATH=/data/gitea
|
||||
|
||||
[repository]
|
||||
ROOT = /data/git/repositories
|
||||
DEFAULT_BRANCH = master
|
||||
|
||||
[repository.local]
|
||||
LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
|
||||
|
||||
[repository.upload]
|
||||
TEMP_PATH = /data/gitea/uploads
|
||||
|
||||
[server]
|
||||
APP_DATA_PATH = /data/gitea
|
||||
DOMAIN = {{ git_domain }}
|
||||
SSH_DOMAIN = {{ git_domain }}
|
||||
HTTP_PORT = 3000
|
||||
ROOT_URL = {{ root_url }}
|
||||
DISABLE_SSH = false
|
||||
SSH_PORT = {{ git_ssh_port }}
|
||||
SSH_LISTEN_PORT = 22
|
||||
LFS_START_SERVER = true
|
||||
LFS_JWT_SECRET = {{ lfs_jwt_secret }}
|
||||
OFFLINE_MODE = false
|
||||
|
||||
[database]
|
||||
PATH = /data/gitea/gitea.db
|
||||
DB_TYPE = sqlite3
|
||||
HOST = localhost:3306
|
||||
NAME = gitea
|
||||
USER = root
|
||||
PASSWD =
|
||||
LOG_SQL = false
|
||||
SCHEMA =
|
||||
SSL_MODE = disable
|
||||
CHARSET = utf8
|
||||
|
||||
[indexer]
|
||||
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
|
||||
ISSUE_INDEXER_TYPE = db
|
||||
|
||||
[session]
|
||||
PROVIDER_CONFIG = /data/gitea/sessions
|
||||
PROVIDER = file
|
||||
|
||||
[picture]
|
||||
AVATAR_UPLOAD_PATH = /data/gitea/avatars
|
||||
REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
|
||||
ENABLE_FEDERATED_AVATAR = false
|
||||
|
||||
[attachment]
|
||||
PATH = /data/gitea/attachments
|
||||
|
||||
[log]
|
||||
MODE = console
|
||||
LEVEL = info
|
||||
logger.router.MODE = console
|
||||
ROOT_PATH = /data/gitea/log
|
||||
logger.access.MODE=console
|
||||
|
||||
[security]
|
||||
INSTALL_LOCK = true
|
||||
SECRET_KEY =
|
||||
REVERSE_PROXY_LIMIT = 1
|
||||
REVERSE_PROXY_TRUSTED_PROXIES = *
|
||||
INTERNAL_TOKEN = {{ internal_token }}
|
||||
PASSWORD_HASH_ALGO = pbkdf2
|
||||
|
||||
[service]
|
||||
DISABLE_REGISTRATION = true
|
||||
REQUIRE_SIGNIN_VIEW = false
|
||||
REGISTER_EMAIL_CONFIRM = false
|
||||
ENABLE_NOTIFY_MAIL = false
|
||||
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
|
||||
ENABLE_CAPTCHA = false
|
||||
DEFAULT_KEEP_EMAIL_PRIVATE = true
|
||||
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
|
||||
DEFAULT_ENABLE_TIMETRACKING = true
|
||||
NO_REPLY_ADDRESS = noreply.localhost
|
||||
|
||||
[lfs]
|
||||
PATH = /data/git/lfs
|
||||
|
||||
[mailer]
|
||||
ENABLED = true
|
||||
SMTP_ADDR = {{ mailer_host }}
|
||||
SMTP_PORT = 587
|
||||
FROM = {{ mailer_from }}
|
||||
USER =
|
||||
PASSWD =
|
||||
|
||||
[openid]
|
||||
ENABLE_OPENID_SIGNIN = true
|
||||
ENABLE_OPENID_SIGNUP = false
|
||||
|
||||
[repository.pull-request]
|
||||
DEFAULT_MERGE_STYLE = merge
|
||||
|
||||
[repository.signing]
|
||||
DEFAULT_TRUST_MODEL = committer
|
||||
|
||||
[ui]
|
||||
DEFAULT_THEME = forgejo-light
|
||||
|
||||
[oauth2]
|
||||
ENABLE=false
|
|
@ -1,57 +0,0 @@
|
|||
# vi: ft=yaml
|
||||
version: "3"
|
||||
|
||||
networks:
|
||||
traefik:
|
||||
external: true
|
||||
|
||||
configs:
|
||||
config:
|
||||
external: true
|
||||
name: "{{ config.config_name }}"
|
||||
|
||||
volumes:
|
||||
forgejo:
|
||||
driver_opts:
|
||||
type: "nfs"
|
||||
o: "addr=lewis.dmz,nolock,soft,rw"
|
||||
device: ":/mnt/data/nfs/forgejo"
|
||||
|
||||
services:
|
||||
forgejo:
|
||||
image: codeberg.org/forgejo/forgejo:1.20
|
||||
environment:
|
||||
- USER_UID=1000
|
||||
- USER_GID=1000
|
||||
networks:
|
||||
- traefik
|
||||
ports:
|
||||
- "{{ git_ssh_port }}:22"
|
||||
volumes:
|
||||
- type: volume
|
||||
source: forgejo
|
||||
target: /data
|
||||
volume:
|
||||
nocopy: true
|
||||
# TODO: fix this
|
||||
# - /etc/timezone:/etc/timezone:ro
|
||||
# - /etc/localtime:/etc/localtime:ro
|
||||
deploy:
|
||||
placement:
|
||||
constraints:
|
||||
- node.role == manager
|
||||
labels:
|
||||
- traefik.port=443
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.forgejo.entrypoints=websecure
|
||||
- traefik.http.routers.forgejo.rule=Host(`{{ git_domain }}`)
|
||||
- traefik.http.routers.forgejo.tls=true
|
||||
- traefik.http.routers.forgejo.tls.certresolver=letsencrypt
|
||||
- traefik.http.routers.forgejo.service=forgejo
|
||||
- traefik.http.services.forgejo.loadbalancer.server.port=3000
|
||||
- traefik.docker.network=traefik
|
||||
- traefik.http.middlewares.set-forwarded-for.headers.hostsProxyHeaders=X-Forwarded-For
|
||||
- traefik.http.routers.forgejo.middlewares=set-forwarded-for
|
||||
configs:
|
||||
- source: config
|
||||
target: /data/gitea/conf/app.ini
|
|
@ -1,13 +0,0 @@
|
|||
- name: Create Docker config
|
||||
docker_config:
|
||||
name: forgejo_config
|
||||
data: "{{ lookup('template', '{{ role_path }}/app.ini.j2') }}"
|
||||
use_ssh_client: true
|
||||
rolling_versions: true
|
||||
register: config
|
||||
|
||||
- name: Deploy Docker stack
|
||||
docker_stack:
|
||||
name: forgejo
|
||||
compose:
|
||||
- "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
|
|
@ -1,23 +0,0 @@
|
|||
git_domain: "git.kun.is"
|
||||
root_url: "https://{{ git_domain }}"
|
||||
mailer_host: "smtp.tweak.nl"
|
||||
mailer_from: "git@kunis.nl"
|
||||
lfs_jwt_secret: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
66613032363837346461326131303839646332646233633736623865346135623739343233396165
|
||||
6530326162323466623939393133623336366466343837620a613532616365646137326138383235
|
||||
32313264653262656564336531646662323039623865393366616536633531306430336137313862
|
||||
3361373539373561390a653236306433393737616561306236343362396438366134313032656233
|
||||
35626364373961613361366138383566353463626136393861383934326263383336393766623063
|
||||
3434656437663165376635326139383065383861386133623765
|
||||
internal_token: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
62633334656235613035343830326237633637626639363465313861323734393766636464303862
|
||||
3936306561343863316630616164616537323537333262650a336337303232623832636666353038
|
||||
64313134383330646537356432383332386238373835656663313431373939373630373566396339
|
||||
6561643037383666340a643464326531623731303564646464376239613263643761643766623930
|
||||
37623362326561346262306331376663313661633635323435333339396138383134303364306532
|
||||
37353264363737643965643932356336633734316534303262336461313038626538396536333964
|
||||
36353635323731353061393430656166363263366437313434336139616666326335633037663336
|
||||
37353665613938613731316330396461343632643039643864343164303937613263343262623964
|
||||
33366364636339623633653035313736653563363064646233383437373431373232
|
|
@ -1,42 +0,0 @@
|
|||
# vi: ft=yaml
|
||||
version: "3"
|
||||
|
||||
networks:
|
||||
traefik:
|
||||
external: true
|
||||
|
||||
volumes:
|
||||
data:
|
||||
driver_opts:
|
||||
type: "nfs"
|
||||
o: "addr=lewis.dmz,nolock,soft,rw"
|
||||
device: ":/mnt/data/nfs/freshrss/data"
|
||||
|
||||
services:
|
||||
freshrss:
|
||||
image: freshrss/freshrss:edge
|
||||
networks:
|
||||
- traefik
|
||||
volumes:
|
||||
- type: volume
|
||||
source: data
|
||||
target: /var/www/FreshRSS/data
|
||||
volume:
|
||||
nocopy: true
|
||||
environment:
|
||||
TZ: Europe/Amsterdam
|
||||
CRON_MIN: '2,32'
|
||||
ADMIN_EMAIL: pim@kunis.nl
|
||||
ADMIN_PASSWORD: {{ admin_password }}
|
||||
ADMIN_API_PASSWORD: {{ admin_password }}
|
||||
PUBLISHED_PORT: 443
|
||||
deploy:
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.freshrss.entrypoints=websecure
|
||||
- traefik.http.routers.freshrss.rule=Host(`rss.kun.is`)
|
||||
- traefik.http.routers.freshrss.tls=true
|
||||
- traefik.http.routers.freshrss.tls.certresolver=letsencrypt
|
||||
- traefik.http.routers.freshrss.service=freshrss
|
||||
- traefik.http.services.freshrss.loadbalancer.server.port=80
|
||||
- traefik.docker.network=traefik
|
|
@ -1,5 +0,0 @@
|
|||
- name: Deploy Docker stack
|
||||
docker_stack:
|
||||
name: freshrss
|
||||
compose:
|
||||
- "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
|
|
@ -1,8 +0,0 @@
|
|||
admin_password: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
38363734333534376665616439306566613632303739373661333338356533653334323366326130
|
||||
3031316133383432366639613565656134666338326639360a633263363066613964643665316334
|
||||
63373830663239393137653131326630326465343333346430376536393162383836333130353562
|
||||
3336306561636134650a646433633063316431643466326161303666313765323034343233646566
|
||||
66613330616463346561343561616438643763643465373839303861356133313831303338356430
|
||||
6634653635383833303265316662663631376163636134666565
|
|
@ -1,24 +0,0 @@
|
|||
# vi: ft=yaml
|
||||
version: "3.7"
|
||||
|
||||
networks:
|
||||
traefik:
|
||||
external: true
|
||||
|
||||
services:
|
||||
inbucket:
|
||||
image: inbucket/inbucket:edge
|
||||
networks:
|
||||
- traefik
|
||||
ports:
|
||||
- 2500:2500
|
||||
deploy:
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.inbucket.entrypoints=localsecure
|
||||
- traefik.http.routers.inbucket.rule=Host(`inbucket.kun.is`)
|
||||
- traefik.http.routers.inbucket.service=inbucket
|
||||
- traefik.http.routers.inbucket.tls=true
|
||||
- traefik.http.routers.inbucket.tls.certresolver=letsencrypt
|
||||
- traefik.docker.network=traefik
|
||||
- traefik.http.services.inbucket.loadbalancer.server.port=9000
|
|
@ -1,5 +0,0 @@
|
|||
- name: Deploy Docker stack
|
||||
docker_stack:
|
||||
name: inbucket
|
||||
compose:
|
||||
- "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
|
|
@ -1,50 +0,0 @@
|
|||
# vi: ft=yaml
|
||||
version: '3.7'
|
||||
|
||||
networks:
|
||||
traefik:
|
||||
external: true
|
||||
kitchenowl:
|
||||
|
||||
volumes:
|
||||
data:
|
||||
driver_opts:
|
||||
type: "nfs"
|
||||
o: "addr=lewis.dmz,nolock,soft,rw"
|
||||
device: ":/mnt/data/nfs/kitchenowl/data"
|
||||
|
||||
services:
|
||||
kitchenowl-front:
|
||||
image: tombursch/kitchenowl-web:v0.4.20
|
||||
depends_on:
|
||||
- kitchenowl
|
||||
networks:
|
||||
- traefik
|
||||
- kitchenowl
|
||||
deploy:
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.kitchenowl.entrypoints=websecure
|
||||
- traefik.http.routers.kitchenowl.rule=Host(`boodschappen.kun.is`)
|
||||
- traefik.http.routers.kitchenowl.tls=true
|
||||
- traefik.http.routers.kitchenowl.tls.certresolver=letsencrypt
|
||||
- traefik.http.routers.kitchenowl.service=kitchenowl
|
||||
- traefik.http.services.kitchenowl.loadbalancer.server.port=80
|
||||
- traefik.docker.network=traefik
|
||||
environment:
|
||||
BACK_URL: 'kitchenowl:5000'
|
||||
kitchenowl:
|
||||
image: tombursch/kitchenowl:v92
|
||||
networks:
|
||||
kitchenowl:
|
||||
aliases:
|
||||
- kitchenowl
|
||||
environment:
|
||||
- JWT_SECRET_KEY={{ jwt_secret_key }}
|
||||
volumes:
|
||||
- type: volume
|
||||
source: data
|
||||
target: /data
|
||||
volume:
|
||||
nocopy: true
|
||||
hostname: kitchenowl
|
|
@ -1,5 +0,0 @@
|
|||
- name: Deploy Docker stack
|
||||
docker_stack:
|
||||
name: kitchenowl
|
||||
compose:
|
||||
- "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
|
|
@ -1,7 +0,0 @@
|
|||
jwt_secret_key: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
37376338663532376135613331303737626633666138643132316336306164393134633639303865
|
||||
3134613830323335663466373262316262353464323535300a636163633439323035643033623363
|
||||
36316361656133663235333834343233363134313938656664356538366166653336656562623664
|
||||
3332393330616636630a646139393937313932373963623764346134323635336539346562346635
|
||||
36613637396133383664323561666464346336386233363434653765356334633831
|
|
@ -1,8 +0,0 @@
|
|||
# vi: ft=yaml
|
||||
version: '3.7'
|
||||
|
||||
services:
|
||||
kms:
|
||||
image: teddysun/kms
|
||||
ports:
|
||||
- 1688:1688
|
|
@ -1,5 +0,0 @@
|
|||
- name: Deploy Docker stack
|
||||
docker_stack:
|
||||
name: kms
|
||||
compose:
|
||||
- "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
|
|
@ -1,40 +0,0 @@
|
|||
# vi: ft=yaml
|
||||
version: '3.8'
|
||||
|
||||
networks:
|
||||
traefik:
|
||||
external: true
|
||||
|
||||
volumes:
|
||||
data:
|
||||
driver_opts:
|
||||
type: "nfs"
|
||||
o: "addr=lewis.dmz,nolock,soft,rw"
|
||||
device: ":/mnt/data/nfs/nextcloud/data"
|
||||
|
||||
services:
|
||||
nextcloud:
|
||||
image: nextcloud:27
|
||||
volumes:
|
||||
- type: volume
|
||||
source: data
|
||||
target: /var/www/html
|
||||
volume:
|
||||
nocopy: true
|
||||
environment:
|
||||
- POSTGRES_USER=nextcloud
|
||||
- POSTGRES_DB=nextcloud
|
||||
- POSTGRES_PASSWORD={{ database_passwords.nextcloud }}
|
||||
- POSTGRES_HOST=lewis.dmz
|
||||
networks:
|
||||
- traefik
|
||||
deploy:
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.nextcloud.entrypoints=websecure
|
||||
- traefik.http.routers.nextcloud.rule=Host(`cloud.kun.is`)
|
||||
- traefik.http.routers.nextcloud.tls=true
|
||||
- traefik.http.routers.nextcloud.tls.certresolver=letsencrypt
|
||||
- traefik.http.routers.nextcloud.service=nextcloud
|
||||
- traefik.http.services.nextcloud.loadbalancer.server.port=80
|
||||
- traefik.docker.network=traefik
|
|
@ -1,5 +0,0 @@
|
|||
- name: Deploy Docker stack
|
||||
docker_stack:
|
||||
name: nextcloud
|
||||
compose:
|
||||
- "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
|
|
@ -1,113 +0,0 @@
|
|||
# vi: ft=yaml
|
||||
# Docker Compose file for running paperless from the Docker Hub.
|
||||
# This file contains everything paperless needs to run.
|
||||
# Paperless supports amd64, arm and arm64 hardware.
|
||||
#
|
||||
# All compose files of paperless configure paperless in the following way:
|
||||
#
|
||||
# - Paperless is (re)started on system boot, if it was running before shutdown.
|
||||
# - Docker volumes for storing data are managed by Docker.
|
||||
# - Folders for importing and exporting files are created in the same directory
|
||||
# as this file and mounted to the correct folders inside the container.
|
||||
# - Paperless listens on port 8000.
|
||||
#
|
||||
# In addition to that, this Docker Compose file adds the following optional
|
||||
# configurations:
|
||||
#
|
||||
# - Instead of SQLite (default), PostgreSQL is used as the database server.
|
||||
#
|
||||
# To install and update paperless with this file, do the following:
|
||||
#
|
||||
# - Copy this file as 'docker-compose.yml' and the files 'docker-compose.env'
|
||||
# and '.env' into a folder.
|
||||
# - Run 'docker compose pull'.
|
||||
# - Run 'docker compose run --rm webserver createsuperuser' to create a user.
|
||||
# - Run 'docker compose up -d'.
|
||||
#
|
||||
# For more extensive installation and update instructions, refer to the
|
||||
# documentation.
|
||||
|
||||
version: "3.7"
|
||||
|
||||
networks:
|
||||
traefik:
|
||||
external: true
|
||||
paperless-ngx:
|
||||
|
||||
volumes:
|
||||
data:
|
||||
driver_opts:
|
||||
type: "nfs"
|
||||
o: "addr=lewis.dmz,nolock,soft,rw"
|
||||
device: ":/mnt/data/nfs/paperless-ngx/data"
|
||||
redisdata:
|
||||
driver_opts:
|
||||
type: "nfs"
|
||||
o: "addr=lewis.dmz,nolock,soft,rw"
|
||||
device: ":/mnt/data/nfs/paperless-ngx/redisdata"
|
||||
nextcloud:
|
||||
driver_opts:
|
||||
type: "nfs"
|
||||
o: "addr=lewis.dmz,nolock,soft,rw"
|
||||
device: ":/mnt/data/nfs/nextcloud/data"
|
||||
|
||||
services:
|
||||
broker:
|
||||
image: docker.io/library/redis:7
|
||||
volumes:
|
||||
- type: volume
|
||||
source: redisdata
|
||||
target: /data
|
||||
volume:
|
||||
nocopy: true
|
||||
networks:
|
||||
- paperless-ngx
|
||||
|
||||
webserver:
|
||||
image: ghcr.io/paperless-ngx/paperless-ngx:2.3
|
||||
depends_on:
|
||||
- broker
|
||||
volumes:
|
||||
- type: volume
|
||||
source: data
|
||||
target: /data
|
||||
volume:
|
||||
nocopy: true
|
||||
# TODO: what does this directory even do?
|
||||
# - ./export:/usr/src/paperless/export
|
||||
- type: volume
|
||||
source: nextcloud
|
||||
target: /nextcloud
|
||||
volume:
|
||||
nocopy: true
|
||||
environment:
|
||||
PAPERLESS_REDIS: redis://broker:6379
|
||||
PAPERLESS_DBENGINE: postgresql
|
||||
PAPERLESS_DBHOST: lewis.dmz
|
||||
PAPERLESS_DBNAME: paperless
|
||||
PAPERLESS_DBUSER: paperless
|
||||
PAPERLESS_DBPASS: "{{ paperless_db_password }}"
|
||||
PAPERLESS_CONSUMPTION_DIR: /nextcloud/data/pim/files/paperless-ngx/consumption/
|
||||
PAPERLESS_DATA_DIR: /data/
|
||||
PAPERLESS_MEDIA_ROOT: /data/
|
||||
PAPERLESS_CONSUMER_POLLING: 10
|
||||
PAPERLESS_OCR_LANGUAGES: nld eng
|
||||
PAPERLESS_URL: https://paperless.kun.is
|
||||
PAPERLESS_TIME_ZONE: Europe/Amsterdam
|
||||
PAPERLESS_OCR_LANGUAGE: nld
|
||||
PAPERLESS_SECRET_KEY: "{{ paperless_secret_key }}"
|
||||
USERMAP_UID: "33"
|
||||
USERMAP_GID: "33"
|
||||
deploy:
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.paperless-ngx.entrypoints=websecure
|
||||
- traefik.http.routers.paperless-ngx.rule=Host(`paperless.kun.is`)
|
||||
- traefik.http.routers.paperless-ngx.tls=true
|
||||
- traefik.http.routers.paperless-ngx.tls.certresolver=letsencrypt
|
||||
- traefik.http.routers.paperless-ngx.service=paperless-ngx
|
||||
- traefik.http.services.paperless-ngx.loadbalancer.server.port=8000
|
||||
- traefik.docker.network=traefik
|
||||
networks:
|
||||
- traefik
|
||||
- paperless-ngx
|
|
@ -1,5 +0,0 @@
|
|||
- name: Deploy Docker stack
|
||||
docker_stack:
|
||||
name: paperless-ngx
|
||||
compose:
|
||||
- "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
|
|
@ -1,14 +0,0 @@
|
|||
paperless_secret_key: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
63306337643736303137376130613866353330633632633233376463626366316562623836613065
|
||||
6337353539323238643739323964613464666163333161350a323532333239303161383164616535
|
||||
38343534663664356131653838626139653838393437633461333035323933356262366232643635
|
||||
6165373765653132360a346132653262316232306237336337393861646466613831323837636138
|
||||
61373633653562363636373835656665643537313864313266626638343063643039
|
||||
paperless_db_password: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
66366431303231626232303861383735373733373035663864326235623731643561336333626536
|
||||
6135316437376361656636386337373637343237613139640a393232373136323466363465393562
|
||||
61383963353931353931306261366566656264303034373936336539346337316639626538616661
|
||||
6438383134366333360a616538373533373533326264666463396666353532333864343832333239
|
||||
62343237653431633030366230373137343564313334363736363232346238646361
|
|
@ -1,57 +0,0 @@
|
|||
# vi: ft=yaml
|
||||
version: "3.8"
|
||||
|
||||
networks:
|
||||
traefik:
|
||||
external: true
|
||||
pihole:
|
||||
|
||||
volumes:
|
||||
data:
|
||||
driver_opts:
|
||||
type: "nfs"
|
||||
o: "addr=lewis.dmz,nolock,soft,rw"
|
||||
device: ":/mnt/data/nfs/pihole/data"
|
||||
dnsmasq:
|
||||
driver_opts:
|
||||
type: "nfs"
|
||||
o: "addr=lewis.dmz,nolock,soft,rw"
|
||||
device: ":/mnt/data/nfs/pihole/dnsmasq"
|
||||
|
||||
services:
|
||||
pihole:
|
||||
image: pihole/pihole:latest
|
||||
ports:
|
||||
- "53:53/tcp"
|
||||
- "53:53/udp"
|
||||
network_mode: "host"
|
||||
environment:
|
||||
TZ: 'Europe/Amsterdam'
|
||||
WEBPASSWORD: {{ pihole_password }}
|
||||
PIHOLE_DNS_: '192.168.30.1'
|
||||
volumes:
|
||||
- type: volume
|
||||
source: data
|
||||
target: /etc/pihole
|
||||
volume:
|
||||
nocopy: true
|
||||
- type: volume
|
||||
source: dnsmasq
|
||||
target: /etc/dnsmasq.d
|
||||
volume:
|
||||
nocopy: true
|
||||
networks:
|
||||
- traefik
|
||||
deploy:
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.pihole.entrypoints=localsecure
|
||||
- traefik.http.routers.pihole.rule=Host(`pihole.kun.is`)
|
||||
- traefik.http.routers.pihole.tls=true
|
||||
- traefik.http.routers.pihole.tls.certresolver=letsencrypt
|
||||
- traefik.http.routers.pihole.service=pihole
|
||||
- traefik.http.services.pihole.loadbalancer.server.port=80
|
||||
- traefik.docker.network=traefik
|
||||
placement:
|
||||
constraints:
|
||||
- node.role == manager
|
|
@ -1,5 +0,0 @@
|
|||
- name: Deploy Docker stack
|
||||
docker_stack:
|
||||
name: pihole
|
||||
compose:
|
||||
- "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
|
|
@ -1,8 +0,0 @@
|
|||
pihole_password: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
38616134666661363535303137373633613063613731383766303633336533373233363736333263
|
||||
3461336138663861623134633031663631633666393939340a396561643132333665373430343466
|
||||
36626633366232376236383434336166353638653733666566336266373739663236636334373866
|
||||
3261303962613966610a643765613762396335643233383432613737316361386234663365656566
|
||||
30336535326437336437383336393838306161333662346165333262383735616137653766653165
|
||||
3361333436346130376261316133323963393338633838303031
|
|
@ -1,61 +0,0 @@
|
|||
# vi: ft=yaml
|
||||
version: '3.7'
|
||||
|
||||
networks:
|
||||
traefik:
|
||||
external: true
|
||||
|
||||
configs:
|
||||
config:
|
||||
external: true
|
||||
name: "{{ config.config_name }}"
|
||||
users:
|
||||
external: true
|
||||
name: "{{ users.config_name }}"
|
||||
|
||||
volumes:
|
||||
data:
|
||||
driver_opts:
|
||||
type: "nfs"
|
||||
o: "addr=lewis.dmz,nolock,soft,rw"
|
||||
device: ":/mnt/data/nfs/radicale"
|
||||
|
||||
services:
|
||||
radicale:
|
||||
image: tomsquest/docker-radicale
|
||||
init: true
|
||||
read_only: true
|
||||
cap_drop:
|
||||
- ALL
|
||||
cap_add:
|
||||
- SETUID
|
||||
- SETGID
|
||||
- CHOWN
|
||||
- KILL
|
||||
healthcheck:
|
||||
test: curl -f http://127.0.0.1:5232 || exit 1
|
||||
interval: 30s
|
||||
retries: 3
|
||||
volumes:
|
||||
- type: volume
|
||||
source: data
|
||||
target: /data
|
||||
volume:
|
||||
nocopy: true
|
||||
networks:
|
||||
- traefik
|
||||
deploy:
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.radicale.entrypoints=websecure
|
||||
- traefik.http.routers.radicale.rule=Host(`dav.kun.is`)
|
||||
- traefik.http.routers.radicale.tls=true
|
||||
- traefik.http.routers.radicale.tls.certresolver=letsencrypt
|
||||
- traefik.http.routers.radicale.service=radicale
|
||||
- traefik.http.services.radicale.loadbalancer.server.port=5232
|
||||
- traefik.docker.network=traefik
|
||||
configs:
|
||||
- source: config
|
||||
target: /config/config
|
||||
- source: users
|
||||
target: /config/users
|
|
@ -1,24 +0,0 @@
|
|||
[server]
|
||||
hosts = 0.0.0.0:5232, [::]:5232
|
||||
ssl = False
|
||||
|
||||
[encoding]
|
||||
request = utf-8
|
||||
stock = utf-8
|
||||
|
||||
[auth]
|
||||
realm = Radicale - Password Required
|
||||
type = htpasswd
|
||||
htpasswd_filename = /config/users
|
||||
htpasswd_encryption = md5
|
||||
|
||||
[rights]
|
||||
type = owner_only
|
||||
|
||||
[storage]
|
||||
type = multifilesystem
|
||||
filesystem_folder = /data
|
||||
|
||||
[logging]
|
||||
|
||||
[headers]
|
|
@ -1,21 +0,0 @@
|
|||
- name: Create radicale config
|
||||
docker_config:
|
||||
name: radicale_config
|
||||
data: "{{ lookup('file', '{{ role_path }}/radicale.conf') }}"
|
||||
use_ssh_client: true
|
||||
rolling_versions: true
|
||||
register: config
|
||||
|
||||
- name: Create radicale users
|
||||
docker_config:
|
||||
name: radicale_users
|
||||
data: "{{ lookup('file', '{{ role_path }}/users') }}"
|
||||
use_ssh_client: true
|
||||
rolling_versions: true
|
||||
register: users
|
||||
|
||||
- name: Deploy Docker stack
|
||||
docker_stack:
|
||||
name: radicale
|
||||
compose:
|
||||
- "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
|
|
@ -1 +0,0 @@
|
|||
pim:$apr1$GUiTihkS$dDCkaUxFx/O86m6NCy/yQ.
|
|
@ -1,50 +0,0 @@
|
|||
# vi: ft=yaml
|
||||
version: "3"
|
||||
|
||||
networks:
|
||||
traefik:
|
||||
external: true
|
||||
|
||||
volumes:
|
||||
config:
|
||||
driver_opts:
|
||||
type: "nfs"
|
||||
o: "addr=lewis.dmz,nolock,soft,rw"
|
||||
device: ":/mnt/data/nfs/syncthing/config"
|
||||
nextcloud_data:
|
||||
driver_opts:
|
||||
type: "nfs"
|
||||
o: "addr=lewis.dmz,nolock,soft,rw"
|
||||
device: ":/mnt/data/nfs/nextcloud/data"
|
||||
|
||||
services:
|
||||
syncthing:
|
||||
image: lscr.io/linuxserver/syncthing:1.23.6
|
||||
networks:
|
||||
- traefik
|
||||
deploy:
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.docker.network=traefik
|
||||
|
||||
- traefik.http.routers.syncthing.entrypoints=localsecure
|
||||
- traefik.http.routers.syncthing.rule=Host(`sync.kun.is`)
|
||||
- traefik.http.routers.syncthing.service=syncthing
|
||||
- traefik.http.routers.syncthing.tls=true
|
||||
- traefik.http.routers.syncthing.tls.certresolver=letsencrypt
|
||||
- traefik.http.services.syncthing.loadbalancer.server.port=8384
|
||||
environment:
|
||||
- PUID=33
|
||||
- PGID=33
|
||||
- TZ=Europe/Amsterdam
|
||||
volumes:
|
||||
- type: volume
|
||||
source: nextcloud_data
|
||||
target: /data
|
||||
volume:
|
||||
nocopy: true
|
||||
- type: volume
|
||||
source: config
|
||||
target: /config
|
||||
volume:
|
||||
nocopy: true
|
|
@ -1,5 +0,0 @@
|
|||
- name: Deploy Docker stack
|
||||
docker_stack:
|
||||
name: syncthing
|
||||
compose:
|
||||
- "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
|
Loading…
Reference in a new issue