add syncthing stack

This commit is contained in:
Pim Kunis 2023-07-10 00:18:26 +02:00
parent 679a877a39
commit 77a7b20751
7 changed files with 380 additions and 0 deletions

View file

@ -18,3 +18,4 @@
# - {role: jitsi, tags: jitsi}
- {role: pihole, tags: pihole}
- {role: nextcloud, tags: nextcloud}
- {role: syncthing, tags: syncthing}

View file

@ -0,0 +1,45 @@
$ANSIBLE_VAULT;1.1;AES256
37326262373466303939623263623234616338316165316466656131326339306233303834396263
3139663539356264323038306635363934363364653437350a666438396563643339353765306131
39653434373966346166323938666364323562313334323262643666373463623536363635643163
3430353230326634320a643532663765663632623031313463653765643134313538633131613663
64393533636138323833343630363639656539376163353239313231646662316532666631623734
31343364393363623164336339303631366162376131613736636131396165663835653433303134
62323265633039633865326366613366653435653261633662613737353463633663383635303562
39303933343139363132393035336332363438656333646136333330326533623763393263663563
36343038393264383639346436316134386531383338386461363538613135663863363434623339
31373236353337653838396333643638343232653066313662393165343062396137326630646430
31646566356565386532626433383163643635643930326164353766323263616665636435323339
38373837393035343737356134373831303831316464666637333231343434316632316464356564
31613464633761306330303637386230333430396665383262333530336137336236623838326333
30393861666439623536336231616563303764646563393065353432313965343330633463313564
66373539373265353765636438393633613839393830366135323139666533393165653736666335
35303736623534653635343636383662316134376332393239633262363939396263363264616637
35396261346264373930396462393638316335363833333132393061633337626331323439363131
39306264386133316137633039366638356130616438373433333635666231366136613363626133
31316230336534616430633232623430666234643836636338613730356335623434373433643935
62623266313834353163623439616533623135396134346164373363643364373939396163363837
36313432393965653664633231393564323936323933313565323337346333313233396666626361
65383031326630313263343862653063613839373131643265656237623232663761383665333939
33376531623665653037333563333034363363333435343439663761633734616461353961323434
66643833353539623265616262383265396237636631346433386638643436383230333438653462
37383235316634353262316436653163316164356261353663663565396630613434396231353538
38633330326266303838346365663839646163623264633934363938666234393131356138656439
31333161643136633836343262326136393964393635623634316532393837376162383835303435
30643339356434386264643163316165396534373064346334636132316230346437363665636563
38333835306666626637386562306433373031366136616635623765393630383939353335393930
61663832383239643363626137343661366436653864643339316537383738323335333866633537
39316339383239323131653232633833363536313431643364313937633037336564386339383433
38303939303835386263633430383061336436383062663462353762376666613530313663623261
66616266373136326433363338303365653230663763636630353034383832633239383932616365
37373236396631623866656330623632313538326330626363316262653566383633666531383738
34353830373137343236343765393665356534356238353861326165303939363236626130626363
64623164383866393630656232373164343163363433643835396236363132346235356134613564
66383364623962316564373564363631356234386535653465633864313365396438356235313163
35633366663836666337653537336334353935323364306635383238373664613530353365323366
31373831383336336237633064313938393637636231356165656631386132313734333439643733
62666435363535303530323866623139653138643831623838316432366539316236306133393764
63386133333832356365396137623332643539633236343762353138386434303632373932336139
39396364653864316435356434383761306238633164643939363864356362633135623438363861
64626339663931383133383862313031383638653266306539643061316238616266656136656530
63666239303034396133

View file

@ -0,0 +1,189 @@
<configuration version="37">
{% for folder in st.folders %}
<folder id="{{ folder.id }}" label="{{ folder.label }}" path="{{ folder.path }}" type="sendreceive" rescanIntervalS="3600" fsWatcherEnabled="true" fsWatcherDelayS="10" ignorePerms="false" autoNormalize="true">
<filesystemType>basic</filesystemType>
{% for device in folder.devices %}
<device id="{{ device }}" introducedBy="">
<encryptionPassword></encryptionPassword>
</device>
{% endfor %}
<device id="{{ st.server.id }}" introducedBy="">
<encryptionPassword></encryptionPassword>
</device>
<minDiskFree unit="%">1</minDiskFree>
<versioning>
<cleanupIntervalS>3600</cleanupIntervalS>
<fsPath></fsPath>
<fsType>basic</fsType>
</versioning>
<copiers>0</copiers>
<pullerMaxPendingKiB>0</pullerMaxPendingKiB>
<hashers>0</hashers>
<order>random</order>
<ignoreDelete>false</ignoreDelete>
<scanProgressIntervalS>0</scanProgressIntervalS>
<pullerPauseS>0</pullerPauseS>
<maxConflicts>10</maxConflicts>
<disableSparseFiles>false</disableSparseFiles>
<disableTempIndexes>false</disableTempIndexes>
<paused>false</paused>
<weakHashThresholdPct>25</weakHashThresholdPct>
<markerName>.stfolder</markerName>
<copyOwnershipFromParent>false</copyOwnershipFromParent>
<modTimeWindowS>0</modTimeWindowS>
<maxConcurrentWrites>2</maxConcurrentWrites>
<disableFsync>false</disableFsync>
<blockPullOrder>standard</blockPullOrder>
<copyRangeMethod>standard</copyRangeMethod>
<caseSensitiveFS>false</caseSensitiveFS>
<junctionsAsDirs>false</junctionsAsDirs>
<syncOwnership>false</syncOwnership>
<sendOwnership>false</sendOwnership>
<syncXattrs>false</syncXattrs>
<sendXattrs>false</sendXattrs>
<xattrFilter>
<maxSingleEntrySize>1024</maxSingleEntrySize>
<maxTotalSize>4096</maxTotalSize>
</xattrFilter>
</folder>
{% endfor %}
{% for peer in st.peers %}
<device id="{{ peer.id }}" name="{{ peer.name }}" compression="metadata" introducer="false" skipIntroductionRemovals="false" introducedBy="">
<address>dynamic</address>
<paused>false</paused>
<autoAcceptFolders>false</autoAcceptFolders>
<maxSendKbps>0</maxSendKbps>
<maxRecvKbps>0</maxRecvKbps>
<maxRequestKiB>0</maxRequestKiB>
<untrusted>false</untrusted>
<remoteGUIPort>0</remoteGUIPort>
</device>
{% endfor %}
<device id="{{ st.server.id }}" name="{{ st.server.name }}" compression="metadata" introducer="false" skipIntroductionRemovals="false" introducedBy="">
<address>dynamic</address>
<paused>false</paused>
<autoAcceptFolders>false</autoAcceptFolders>
<maxSendKbps>0</maxSendKbps>
<maxRecvKbps>0</maxRecvKbps>
<maxRequestKiB>0</maxRequestKiB>
<untrusted>false</untrusted>
<remoteGUIPort>0</remoteGUIPort>
</device>
<gui enabled="true" tls="false" debugging="false">
<address>{{ st.gui.address }}</address>
<user>{{ st.gui.user }}</user>
<password>{{ st.gui.password }}</password>
<apikey>{{ st.gui.apikey }}</apikey>
<theme>{{ st.gui.theme }}</theme>
</gui>
<ldap></ldap>
<options>
<listenAddress>default</listenAddress>
<globalAnnounceServer>default</globalAnnounceServer>
<globalAnnounceEnabled>true</globalAnnounceEnabled>
<localAnnounceEnabled>true</localAnnounceEnabled>
<localAnnouncePort>21027</localAnnouncePort>
<localAnnounceMCAddr>[ff12::8384]:21027</localAnnounceMCAddr>
<maxSendKbps>0</maxSendKbps>
<maxRecvKbps>0</maxRecvKbps>
<reconnectionIntervalS>60</reconnectionIntervalS>
<relaysEnabled>true</relaysEnabled>
<relayReconnectIntervalM>10</relayReconnectIntervalM>
<startBrowser>true</startBrowser>
<natEnabled>true</natEnabled>
<natLeaseMinutes>60</natLeaseMinutes>
<natRenewalMinutes>30</natRenewalMinutes>
<natTimeoutSeconds>10</natTimeoutSeconds>
<urAccepted>3</urAccepted>
<urSeen>3</urSeen>
<urUniqueID></urUniqueID>
<urURL>https://data.syncthing.net/newdata</urURL>
<urPostInsecurely>false</urPostInsecurely>
<urInitialDelayS>1800</urInitialDelayS>
<autoUpgradeIntervalH>12</autoUpgradeIntervalH>
<upgradeToPreReleases>false</upgradeToPreReleases>
<keepTemporariesH>24</keepTemporariesH>
<cacheIgnoredFiles>false</cacheIgnoredFiles>
<progressUpdateIntervalS>5</progressUpdateIntervalS>
<limitBandwidthInLan>false</limitBandwidthInLan>
<minHomeDiskFree unit="%">1</minHomeDiskFree>
<releasesURL>https://upgrades.syncthing.net/meta.json</releasesURL>
<overwriteRemoteDeviceNamesOnConnect>false</overwriteRemoteDeviceNamesOnConnect>
<tempIndexMinBlocks>10</tempIndexMinBlocks>
<trafficClass>0</trafficClass>
<setLowPriority>true</setLowPriority>
<maxFolderConcurrency>0</maxFolderConcurrency>
<crashReportingURL>https://crash.syncthing.net/newcrash</crashReportingURL>
<crashReportingEnabled>true</crashReportingEnabled>
<stunKeepaliveStartS>180</stunKeepaliveStartS>
<stunKeepaliveMinS>20</stunKeepaliveMinS>
<stunServer>default</stunServer>
<databaseTuning>auto</databaseTuning>
<maxConcurrentIncomingRequestKiB>0</maxConcurrentIncomingRequestKiB>
<announceLANAddresses>true</announceLANAddresses>
<sendFullIndexOnUpgrade>false</sendFullIndexOnUpgrade>
<connectionLimitEnough>0</connectionLimitEnough>
<connectionLimitMax>0</connectionLimitMax>
<insecureAllowOldTLSVersions>false</insecureAllowOldTLSVersions>
<connectionPriorityTcpLan>10</connectionPriorityTcpLan>
<connectionPriorityQuicLan>20</connectionPriorityQuicLan>
<connectionPriorityTcpWan>30</connectionPriorityTcpWan>
<connectionPriorityQuicWan>40</connectionPriorityQuicWan>
<connectionPriorityRelay>50</connectionPriorityRelay>
<connectionPriorityUpgradeThreshold>0</connectionPriorityUpgradeThreshold>
</options>
<defaults>
<folder id="" label="" path="~" type="sendreceive" rescanIntervalS="3600" fsWatcherEnabled="true" fsWatcherDelayS="10" ignorePerms="false" autoNormalize="true">
<filesystemType>basic</filesystemType>
<device id="{{ st.server.id }}" introducedBy="">
<encryptionPassword></encryptionPassword>
</device>
<minDiskFree unit="%">1</minDiskFree>
<versioning>
<cleanupIntervalS>3600</cleanupIntervalS>
<fsPath></fsPath>
<fsType>basic</fsType>
</versioning>
<copiers>0</copiers>
<pullerMaxPendingKiB>0</pullerMaxPendingKiB>
<hashers>0</hashers>
<order>random</order>
<ignoreDelete>false</ignoreDelete>
<scanProgressIntervalS>0</scanProgressIntervalS>
<pullerPauseS>0</pullerPauseS>
<maxConflicts>10</maxConflicts>
<disableSparseFiles>false</disableSparseFiles>
<disableTempIndexes>false</disableTempIndexes>
<paused>false</paused>
<weakHashThresholdPct>25</weakHashThresholdPct>
<markerName>.stfolder</markerName>
<copyOwnershipFromParent>false</copyOwnershipFromParent>
<modTimeWindowS>0</modTimeWindowS>
<maxConcurrentWrites>2</maxConcurrentWrites>
<disableFsync>false</disableFsync>
<blockPullOrder>standard</blockPullOrder>
<copyRangeMethod>standard</copyRangeMethod>
<caseSensitiveFS>false</caseSensitiveFS>
<junctionsAsDirs>false</junctionsAsDirs>
<syncOwnership>false</syncOwnership>
<sendOwnership>false</sendOwnership>
<syncXattrs>false</syncXattrs>
<sendXattrs>false</sendXattrs>
<xattrFilter>
<maxSingleEntrySize>1024</maxSingleEntrySize>
<maxTotalSize>4096</maxTotalSize>
</xattrFilter>
</folder>
<device id="" compression="metadata" introducer="false" skipIntroductionRemovals="false" introducedBy="">
<address>dynamic</address>
<paused>false</paused>
<autoAcceptFolders>false</autoAcceptFolders>
<maxSendKbps>0</maxSendKbps>
<maxRecvKbps>0</maxRecvKbps>
<maxRequestKiB>0</maxRequestKiB>
<untrusted>false</untrusted>
<remoteGUIPort>0</remoteGUIPort>
</device>
<ignores></ignores>
</defaults>
</configuration>

View file

@ -0,0 +1,62 @@
# vi: ft=yaml
version: "3"
networks:
traefik:
external: true
configs:
config:
external: true
name: "{{ config.config_name }}"
private_key:
external: true
name: "{{ key.config_name }}"
certificate:
external: true
name: "{{ cert.config_name }}"
volumes:
nextcloud_data:
driver_opts:
type: "nfs"
o: "addr=192.168.30.10,nolock,soft,rw"
device: ":/mnt/data/nextcloud/data"
services:
syncthing:
image: lscr.io/linuxserver/syncthing:1.23.6
networks:
- traefik
deploy:
labels:
- traefik.enable=true
- traefik.docker.network=traefik
- traefik.http.routers.syncthing.entrypoints=localsecure
- traefik.http.routers.syncthing.rule=Host(`sync.kun.is`)
- traefik.http.routers.syncthing.service=syncthing
- traefik.http.routers.syncthing.tls=true
- traefik.http.routers.syncthing.tls.certresolver=letsencrypt
- traefik.http.services.syncthing.loadbalancer.server.port=8384
environment:
- PUID=33
- PGID=33
- TZ=Europe/Amsterdam
volumes:
- type: volume
source: nextcloud_data
target: /data
volume:
nocopy: true
configs:
- source: config
target: /config/config.xml
- source: private_key
target: /config/key.pem
uid: '33'
gid: '33'
- source: certificate
target: /config/cert.pem
uid: '33'
gid: '33'

View file

@ -0,0 +1,20 @@
$ANSIBLE_VAULT;1.1;AES256
31373963666334633437386361353532396162653439373964333935643065383836383537336238
3065306235363835343330393366326630383163633664300a653635653932663566376165623030
33666262643032383764343134326439363536353439363134353432373263316164373139633838
6336363735333862360a386235366434656336333762343330633030613437626262353934636163
38376431343934373637343631373962653262613766393561383631303563383935616630663833
62363533616235303834376233663033373531666632313237303661653265613061373131646266
31643839386134383934623632336538386462626261613039306432366564616162366435363331
34663464386630373134346264386334376334336363623137363831326338323234373662653932
33373331663065336230313731303139653036646261643535393662633165356632306536393530
30363066373064353936313461663235386465323734636263323063333365633066633736336436
38623966353634356636343833653131646131633536383339663433306130386461303735323632
64646465373533306266353932653561623363396137383532373734653462346239646562353136
64313539383566663939663734333565643637376239383337363066373639613934303633343762
37646565666635363231396139326536356533343065333731656363613731333136636561376430
35356432373537363034653231636465303135363534323766333530353433663462653837643162
39616664636464343435643039646362336634333561356438386262653231323033343662383138
66633534336232663438666632373966613335396639383836666333656235376339343538313838
39356165323361386535306664643537363764393365363639366637343332306537653962396339
323030323036393662646636303330666561

View file

@ -0,0 +1,29 @@
- name: Create cert.pem config
docker_config:
name: syncthing_cert
data: "{{ lookup('file', '{{ role_path }}/cert.pem') }}"
use_ssh_client: true
rolling_versions: true
register: cert
- name: Create key.pem config
docker_config:
name: syncthing_key
data: "{{ lookup('file', '{{ role_path }}/key.pem') }}"
use_ssh_client: true
rolling_versions: true
register: key
- name: Create config.xml config
docker_config:
name: syncthing_config
data: "{{ lookup('template', '{{ role_path }}/config.xml.j2') }}"
use_ssh_client: true
rolling_versions: true
register: config
- name: Deploy Docker stack
docker_stack:
name: syncthing
compose:
- "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"

View file

@ -0,0 +1,34 @@
st:
server:
id: "IGS4TYV-TQ6X2CG-OE3M2RE-DKZWKQZ-HEKIGHT-C6EIGHL-CBP2ULE-M3WZ7QC"
name: "dd219859eab5"
gui:
address: "127.0.0.1:8384"
user: pim
password: !vault |
$ANSIBLE_VAULT;1.1;AES256
66383234373561373935313863393338623331393233626635653637383734623539376633326561
3464633966383864306131383334633633356363636163300a393562383730613934613439663431
63653465316130626232663132626466643164313830613933363535336634313164386162643839
6235303662633931390a313230363636656639653531636131333862356363663535313133663138
38356566656161646636313766353937373433663631636265303464633437303464396537663264
66326530313661636264336634613633316462343034386134636365383736636436613065323236
323933363666353232393635376136363239
apikey: !vault |
$ANSIBLE_VAULT;1.1;AES256
31633162323338303133353838613336623961626635623165626335353263336130393166666535
3763336662326336333436333635656230393838366163660a393737303132373466633265306433
66336636666132373235646638653130633263343532353831653533656538663038326463306232
3132646634376166620a663339346239643561616362333036633363396263323761663134373630
30613730373131636262636266623363663561363863323938613832393864396633656664356534
3563626633643766643339316132383434303538636666623934
theme: default
peers:
- id: "B4Y7T5D-PHHDOFH-ZZ4VGOK-YNJINJG-VCYC272-PIE24XA-XJ5HSOD-DF3T6AJ"
name: "Pixel 4a"
folders:
- id: "rthas-wdjsw"
label: "pim"
path: "/data/data/pim/files"
devices:
- "B4Y7T5D-PHHDOFH-ZZ4VGOK-YNJINJG-VCYC272-PIE24XA-XJ5HSOD-DF3T6AJ"