add syncthing stack
This commit is contained in:
parent
679a877a39
commit
77a7b20751
7 changed files with 380 additions and 0 deletions
|
@ -18,3 +18,4 @@
|
|||
# - {role: jitsi, tags: jitsi}
|
||||
- {role: pihole, tags: pihole}
|
||||
- {role: nextcloud, tags: nextcloud}
|
||||
- {role: syncthing, tags: syncthing}
|
||||
|
|
45
ansible/roles/syncthing/cert.pem
Normal file
45
ansible/roles/syncthing/cert.pem
Normal file
|
@ -0,0 +1,45 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
37326262373466303939623263623234616338316165316466656131326339306233303834396263
|
||||
3139663539356264323038306635363934363364653437350a666438396563643339353765306131
|
||||
39653434373966346166323938666364323562313334323262643666373463623536363635643163
|
||||
3430353230326634320a643532663765663632623031313463653765643134313538633131613663
|
||||
64393533636138323833343630363639656539376163353239313231646662316532666631623734
|
||||
31343364393363623164336339303631366162376131613736636131396165663835653433303134
|
||||
62323265633039633865326366613366653435653261633662613737353463633663383635303562
|
||||
39303933343139363132393035336332363438656333646136333330326533623763393263663563
|
||||
36343038393264383639346436316134386531383338386461363538613135663863363434623339
|
||||
31373236353337653838396333643638343232653066313662393165343062396137326630646430
|
||||
31646566356565386532626433383163643635643930326164353766323263616665636435323339
|
||||
38373837393035343737356134373831303831316464666637333231343434316632316464356564
|
||||
31613464633761306330303637386230333430396665383262333530336137336236623838326333
|
||||
30393861666439623536336231616563303764646563393065353432313965343330633463313564
|
||||
66373539373265353765636438393633613839393830366135323139666533393165653736666335
|
||||
35303736623534653635343636383662316134376332393239633262363939396263363264616637
|
||||
35396261346264373930396462393638316335363833333132393061633337626331323439363131
|
||||
39306264386133316137633039366638356130616438373433333635666231366136613363626133
|
||||
31316230336534616430633232623430666234643836636338613730356335623434373433643935
|
||||
62623266313834353163623439616533623135396134346164373363643364373939396163363837
|
||||
36313432393965653664633231393564323936323933313565323337346333313233396666626361
|
||||
65383031326630313263343862653063613839373131643265656237623232663761383665333939
|
||||
33376531623665653037333563333034363363333435343439663761633734616461353961323434
|
||||
66643833353539623265616262383265396237636631346433386638643436383230333438653462
|
||||
37383235316634353262316436653163316164356261353663663565396630613434396231353538
|
||||
38633330326266303838346365663839646163623264633934363938666234393131356138656439
|
||||
31333161643136633836343262326136393964393635623634316532393837376162383835303435
|
||||
30643339356434386264643163316165396534373064346334636132316230346437363665636563
|
||||
38333835306666626637386562306433373031366136616635623765393630383939353335393930
|
||||
61663832383239643363626137343661366436653864643339316537383738323335333866633537
|
||||
39316339383239323131653232633833363536313431643364313937633037336564386339383433
|
||||
38303939303835386263633430383061336436383062663462353762376666613530313663623261
|
||||
66616266373136326433363338303365653230663763636630353034383832633239383932616365
|
||||
37373236396631623866656330623632313538326330626363316262653566383633666531383738
|
||||
34353830373137343236343765393665356534356238353861326165303939363236626130626363
|
||||
64623164383866393630656232373164343163363433643835396236363132346235356134613564
|
||||
66383364623962316564373564363631356234386535653465633864313365396438356235313163
|
||||
35633366663836666337653537336334353935323364306635383238373664613530353365323366
|
||||
31373831383336336237633064313938393637636231356165656631386132313734333439643733
|
||||
62666435363535303530323866623139653138643831623838316432366539316236306133393764
|
||||
63386133333832356365396137623332643539633236343762353138386434303632373932336139
|
||||
39396364653864316435356434383761306238633164643939363864356362633135623438363861
|
||||
64626339663931383133383862313031383638653266306539643061316238616266656136656530
|
||||
63666239303034396133
|
189
ansible/roles/syncthing/config.xml.j2
Normal file
189
ansible/roles/syncthing/config.xml.j2
Normal file
|
@ -0,0 +1,189 @@
|
|||
<configuration version="37">
|
||||
{% for folder in st.folders %}
|
||||
<folder id="{{ folder.id }}" label="{{ folder.label }}" path="{{ folder.path }}" type="sendreceive" rescanIntervalS="3600" fsWatcherEnabled="true" fsWatcherDelayS="10" ignorePerms="false" autoNormalize="true">
|
||||
<filesystemType>basic</filesystemType>
|
||||
{% for device in folder.devices %}
|
||||
<device id="{{ device }}" introducedBy="">
|
||||
<encryptionPassword></encryptionPassword>
|
||||
</device>
|
||||
{% endfor %}
|
||||
<device id="{{ st.server.id }}" introducedBy="">
|
||||
<encryptionPassword></encryptionPassword>
|
||||
</device>
|
||||
<minDiskFree unit="%">1</minDiskFree>
|
||||
<versioning>
|
||||
<cleanupIntervalS>3600</cleanupIntervalS>
|
||||
<fsPath></fsPath>
|
||||
<fsType>basic</fsType>
|
||||
</versioning>
|
||||
<copiers>0</copiers>
|
||||
<pullerMaxPendingKiB>0</pullerMaxPendingKiB>
|
||||
<hashers>0</hashers>
|
||||
<order>random</order>
|
||||
<ignoreDelete>false</ignoreDelete>
|
||||
<scanProgressIntervalS>0</scanProgressIntervalS>
|
||||
<pullerPauseS>0</pullerPauseS>
|
||||
<maxConflicts>10</maxConflicts>
|
||||
<disableSparseFiles>false</disableSparseFiles>
|
||||
<disableTempIndexes>false</disableTempIndexes>
|
||||
<paused>false</paused>
|
||||
<weakHashThresholdPct>25</weakHashThresholdPct>
|
||||
<markerName>.stfolder</markerName>
|
||||
<copyOwnershipFromParent>false</copyOwnershipFromParent>
|
||||
<modTimeWindowS>0</modTimeWindowS>
|
||||
<maxConcurrentWrites>2</maxConcurrentWrites>
|
||||
<disableFsync>false</disableFsync>
|
||||
<blockPullOrder>standard</blockPullOrder>
|
||||
<copyRangeMethod>standard</copyRangeMethod>
|
||||
<caseSensitiveFS>false</caseSensitiveFS>
|
||||
<junctionsAsDirs>false</junctionsAsDirs>
|
||||
<syncOwnership>false</syncOwnership>
|
||||
<sendOwnership>false</sendOwnership>
|
||||
<syncXattrs>false</syncXattrs>
|
||||
<sendXattrs>false</sendXattrs>
|
||||
<xattrFilter>
|
||||
<maxSingleEntrySize>1024</maxSingleEntrySize>
|
||||
<maxTotalSize>4096</maxTotalSize>
|
||||
</xattrFilter>
|
||||
</folder>
|
||||
{% endfor %}
|
||||
{% for peer in st.peers %}
|
||||
<device id="{{ peer.id }}" name="{{ peer.name }}" compression="metadata" introducer="false" skipIntroductionRemovals="false" introducedBy="">
|
||||
<address>dynamic</address>
|
||||
<paused>false</paused>
|
||||
<autoAcceptFolders>false</autoAcceptFolders>
|
||||
<maxSendKbps>0</maxSendKbps>
|
||||
<maxRecvKbps>0</maxRecvKbps>
|
||||
<maxRequestKiB>0</maxRequestKiB>
|
||||
<untrusted>false</untrusted>
|
||||
<remoteGUIPort>0</remoteGUIPort>
|
||||
</device>
|
||||
{% endfor %}
|
||||
<device id="{{ st.server.id }}" name="{{ st.server.name }}" compression="metadata" introducer="false" skipIntroductionRemovals="false" introducedBy="">
|
||||
<address>dynamic</address>
|
||||
<paused>false</paused>
|
||||
<autoAcceptFolders>false</autoAcceptFolders>
|
||||
<maxSendKbps>0</maxSendKbps>
|
||||
<maxRecvKbps>0</maxRecvKbps>
|
||||
<maxRequestKiB>0</maxRequestKiB>
|
||||
<untrusted>false</untrusted>
|
||||
<remoteGUIPort>0</remoteGUIPort>
|
||||
</device>
|
||||
<gui enabled="true" tls="false" debugging="false">
|
||||
<address>{{ st.gui.address }}</address>
|
||||
<user>{{ st.gui.user }}</user>
|
||||
<password>{{ st.gui.password }}</password>
|
||||
<apikey>{{ st.gui.apikey }}</apikey>
|
||||
<theme>{{ st.gui.theme }}</theme>
|
||||
</gui>
|
||||
<ldap></ldap>
|
||||
<options>
|
||||
<listenAddress>default</listenAddress>
|
||||
<globalAnnounceServer>default</globalAnnounceServer>
|
||||
<globalAnnounceEnabled>true</globalAnnounceEnabled>
|
||||
<localAnnounceEnabled>true</localAnnounceEnabled>
|
||||
<localAnnouncePort>21027</localAnnouncePort>
|
||||
<localAnnounceMCAddr>[ff12::8384]:21027</localAnnounceMCAddr>
|
||||
<maxSendKbps>0</maxSendKbps>
|
||||
<maxRecvKbps>0</maxRecvKbps>
|
||||
<reconnectionIntervalS>60</reconnectionIntervalS>
|
||||
<relaysEnabled>true</relaysEnabled>
|
||||
<relayReconnectIntervalM>10</relayReconnectIntervalM>
|
||||
<startBrowser>true</startBrowser>
|
||||
<natEnabled>true</natEnabled>
|
||||
<natLeaseMinutes>60</natLeaseMinutes>
|
||||
<natRenewalMinutes>30</natRenewalMinutes>
|
||||
<natTimeoutSeconds>10</natTimeoutSeconds>
|
||||
<urAccepted>3</urAccepted>
|
||||
<urSeen>3</urSeen>
|
||||
<urUniqueID></urUniqueID>
|
||||
<urURL>https://data.syncthing.net/newdata</urURL>
|
||||
<urPostInsecurely>false</urPostInsecurely>
|
||||
<urInitialDelayS>1800</urInitialDelayS>
|
||||
<autoUpgradeIntervalH>12</autoUpgradeIntervalH>
|
||||
<upgradeToPreReleases>false</upgradeToPreReleases>
|
||||
<keepTemporariesH>24</keepTemporariesH>
|
||||
<cacheIgnoredFiles>false</cacheIgnoredFiles>
|
||||
<progressUpdateIntervalS>5</progressUpdateIntervalS>
|
||||
<limitBandwidthInLan>false</limitBandwidthInLan>
|
||||
<minHomeDiskFree unit="%">1</minHomeDiskFree>
|
||||
<releasesURL>https://upgrades.syncthing.net/meta.json</releasesURL>
|
||||
<overwriteRemoteDeviceNamesOnConnect>false</overwriteRemoteDeviceNamesOnConnect>
|
||||
<tempIndexMinBlocks>10</tempIndexMinBlocks>
|
||||
<trafficClass>0</trafficClass>
|
||||
<setLowPriority>true</setLowPriority>
|
||||
<maxFolderConcurrency>0</maxFolderConcurrency>
|
||||
<crashReportingURL>https://crash.syncthing.net/newcrash</crashReportingURL>
|
||||
<crashReportingEnabled>true</crashReportingEnabled>
|
||||
<stunKeepaliveStartS>180</stunKeepaliveStartS>
|
||||
<stunKeepaliveMinS>20</stunKeepaliveMinS>
|
||||
<stunServer>default</stunServer>
|
||||
<databaseTuning>auto</databaseTuning>
|
||||
<maxConcurrentIncomingRequestKiB>0</maxConcurrentIncomingRequestKiB>
|
||||
<announceLANAddresses>true</announceLANAddresses>
|
||||
<sendFullIndexOnUpgrade>false</sendFullIndexOnUpgrade>
|
||||
<connectionLimitEnough>0</connectionLimitEnough>
|
||||
<connectionLimitMax>0</connectionLimitMax>
|
||||
<insecureAllowOldTLSVersions>false</insecureAllowOldTLSVersions>
|
||||
<connectionPriorityTcpLan>10</connectionPriorityTcpLan>
|
||||
<connectionPriorityQuicLan>20</connectionPriorityQuicLan>
|
||||
<connectionPriorityTcpWan>30</connectionPriorityTcpWan>
|
||||
<connectionPriorityQuicWan>40</connectionPriorityQuicWan>
|
||||
<connectionPriorityRelay>50</connectionPriorityRelay>
|
||||
<connectionPriorityUpgradeThreshold>0</connectionPriorityUpgradeThreshold>
|
||||
</options>
|
||||
<defaults>
|
||||
<folder id="" label="" path="~" type="sendreceive" rescanIntervalS="3600" fsWatcherEnabled="true" fsWatcherDelayS="10" ignorePerms="false" autoNormalize="true">
|
||||
<filesystemType>basic</filesystemType>
|
||||
<device id="{{ st.server.id }}" introducedBy="">
|
||||
<encryptionPassword></encryptionPassword>
|
||||
</device>
|
||||
<minDiskFree unit="%">1</minDiskFree>
|
||||
<versioning>
|
||||
<cleanupIntervalS>3600</cleanupIntervalS>
|
||||
<fsPath></fsPath>
|
||||
<fsType>basic</fsType>
|
||||
</versioning>
|
||||
<copiers>0</copiers>
|
||||
<pullerMaxPendingKiB>0</pullerMaxPendingKiB>
|
||||
<hashers>0</hashers>
|
||||
<order>random</order>
|
||||
<ignoreDelete>false</ignoreDelete>
|
||||
<scanProgressIntervalS>0</scanProgressIntervalS>
|
||||
<pullerPauseS>0</pullerPauseS>
|
||||
<maxConflicts>10</maxConflicts>
|
||||
<disableSparseFiles>false</disableSparseFiles>
|
||||
<disableTempIndexes>false</disableTempIndexes>
|
||||
<paused>false</paused>
|
||||
<weakHashThresholdPct>25</weakHashThresholdPct>
|
||||
<markerName>.stfolder</markerName>
|
||||
<copyOwnershipFromParent>false</copyOwnershipFromParent>
|
||||
<modTimeWindowS>0</modTimeWindowS>
|
||||
<maxConcurrentWrites>2</maxConcurrentWrites>
|
||||
<disableFsync>false</disableFsync>
|
||||
<blockPullOrder>standard</blockPullOrder>
|
||||
<copyRangeMethod>standard</copyRangeMethod>
|
||||
<caseSensitiveFS>false</caseSensitiveFS>
|
||||
<junctionsAsDirs>false</junctionsAsDirs>
|
||||
<syncOwnership>false</syncOwnership>
|
||||
<sendOwnership>false</sendOwnership>
|
||||
<syncXattrs>false</syncXattrs>
|
||||
<sendXattrs>false</sendXattrs>
|
||||
<xattrFilter>
|
||||
<maxSingleEntrySize>1024</maxSingleEntrySize>
|
||||
<maxTotalSize>4096</maxTotalSize>
|
||||
</xattrFilter>
|
||||
</folder>
|
||||
<device id="" compression="metadata" introducer="false" skipIntroductionRemovals="false" introducedBy="">
|
||||
<address>dynamic</address>
|
||||
<paused>false</paused>
|
||||
<autoAcceptFolders>false</autoAcceptFolders>
|
||||
<maxSendKbps>0</maxSendKbps>
|
||||
<maxRecvKbps>0</maxRecvKbps>
|
||||
<maxRequestKiB>0</maxRequestKiB>
|
||||
<untrusted>false</untrusted>
|
||||
<remoteGUIPort>0</remoteGUIPort>
|
||||
</device>
|
||||
<ignores></ignores>
|
||||
</defaults>
|
||||
</configuration>
|
62
ansible/roles/syncthing/docker-stack.yml.j2
Normal file
62
ansible/roles/syncthing/docker-stack.yml.j2
Normal file
|
@ -0,0 +1,62 @@
|
|||
# vi: ft=yaml
|
||||
version: "3"
|
||||
|
||||
networks:
|
||||
traefik:
|
||||
external: true
|
||||
|
||||
configs:
|
||||
config:
|
||||
external: true
|
||||
name: "{{ config.config_name }}"
|
||||
private_key:
|
||||
external: true
|
||||
name: "{{ key.config_name }}"
|
||||
certificate:
|
||||
external: true
|
||||
name: "{{ cert.config_name }}"
|
||||
|
||||
volumes:
|
||||
nextcloud_data:
|
||||
driver_opts:
|
||||
type: "nfs"
|
||||
o: "addr=192.168.30.10,nolock,soft,rw"
|
||||
device: ":/mnt/data/nextcloud/data"
|
||||
|
||||
services:
|
||||
syncthing:
|
||||
image: lscr.io/linuxserver/syncthing:1.23.6
|
||||
networks:
|
||||
- traefik
|
||||
deploy:
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.docker.network=traefik
|
||||
|
||||
- traefik.http.routers.syncthing.entrypoints=localsecure
|
||||
- traefik.http.routers.syncthing.rule=Host(`sync.kun.is`)
|
||||
- traefik.http.routers.syncthing.service=syncthing
|
||||
- traefik.http.routers.syncthing.tls=true
|
||||
- traefik.http.routers.syncthing.tls.certresolver=letsencrypt
|
||||
- traefik.http.services.syncthing.loadbalancer.server.port=8384
|
||||
environment:
|
||||
- PUID=33
|
||||
- PGID=33
|
||||
- TZ=Europe/Amsterdam
|
||||
volumes:
|
||||
- type: volume
|
||||
source: nextcloud_data
|
||||
target: /data
|
||||
volume:
|
||||
nocopy: true
|
||||
configs:
|
||||
- source: config
|
||||
target: /config/config.xml
|
||||
- source: private_key
|
||||
target: /config/key.pem
|
||||
uid: '33'
|
||||
gid: '33'
|
||||
- source: certificate
|
||||
target: /config/cert.pem
|
||||
uid: '33'
|
||||
gid: '33'
|
20
ansible/roles/syncthing/key.pem
Normal file
20
ansible/roles/syncthing/key.pem
Normal file
|
@ -0,0 +1,20 @@
|
|||
$ANSIBLE_VAULT;1.1;AES256
|
||||
31373963666334633437386361353532396162653439373964333935643065383836383537336238
|
||||
3065306235363835343330393366326630383163633664300a653635653932663566376165623030
|
||||
33666262643032383764343134326439363536353439363134353432373263316164373139633838
|
||||
6336363735333862360a386235366434656336333762343330633030613437626262353934636163
|
||||
38376431343934373637343631373962653262613766393561383631303563383935616630663833
|
||||
62363533616235303834376233663033373531666632313237303661653265613061373131646266
|
||||
31643839386134383934623632336538386462626261613039306432366564616162366435363331
|
||||
34663464386630373134346264386334376334336363623137363831326338323234373662653932
|
||||
33373331663065336230313731303139653036646261643535393662633165356632306536393530
|
||||
30363066373064353936313461663235386465323734636263323063333365633066633736336436
|
||||
38623966353634356636343833653131646131633536383339663433306130386461303735323632
|
||||
64646465373533306266353932653561623363396137383532373734653462346239646562353136
|
||||
64313539383566663939663734333565643637376239383337363066373639613934303633343762
|
||||
37646565666635363231396139326536356533343065333731656363613731333136636561376430
|
||||
35356432373537363034653231636465303135363534323766333530353433663462653837643162
|
||||
39616664636464343435643039646362336634333561356438386262653231323033343662383138
|
||||
66633534336232663438666632373966613335396639383836666333656235376339343538313838
|
||||
39356165323361386535306664643537363764393365363639366637343332306537653962396339
|
||||
323030323036393662646636303330666561
|
29
ansible/roles/syncthing/tasks/main.yml
Normal file
29
ansible/roles/syncthing/tasks/main.yml
Normal file
|
@ -0,0 +1,29 @@
|
|||
- name: Create cert.pem config
|
||||
docker_config:
|
||||
name: syncthing_cert
|
||||
data: "{{ lookup('file', '{{ role_path }}/cert.pem') }}"
|
||||
use_ssh_client: true
|
||||
rolling_versions: true
|
||||
register: cert
|
||||
|
||||
- name: Create key.pem config
|
||||
docker_config:
|
||||
name: syncthing_key
|
||||
data: "{{ lookup('file', '{{ role_path }}/key.pem') }}"
|
||||
use_ssh_client: true
|
||||
rolling_versions: true
|
||||
register: key
|
||||
|
||||
- name: Create config.xml config
|
||||
docker_config:
|
||||
name: syncthing_config
|
||||
data: "{{ lookup('template', '{{ role_path }}/config.xml.j2') }}"
|
||||
use_ssh_client: true
|
||||
rolling_versions: true
|
||||
register: config
|
||||
|
||||
- name: Deploy Docker stack
|
||||
docker_stack:
|
||||
name: syncthing
|
||||
compose:
|
||||
- "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
|
34
ansible/roles/syncthing/vars/main.yml
Normal file
34
ansible/roles/syncthing/vars/main.yml
Normal file
|
@ -0,0 +1,34 @@
|
|||
st:
|
||||
server:
|
||||
id: "IGS4TYV-TQ6X2CG-OE3M2RE-DKZWKQZ-HEKIGHT-C6EIGHL-CBP2ULE-M3WZ7QC"
|
||||
name: "dd219859eab5"
|
||||
gui:
|
||||
address: "127.0.0.1:8384"
|
||||
user: pim
|
||||
password: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
66383234373561373935313863393338623331393233626635653637383734623539376633326561
|
||||
3464633966383864306131383334633633356363636163300a393562383730613934613439663431
|
||||
63653465316130626232663132626466643164313830613933363535336634313164386162643839
|
||||
6235303662633931390a313230363636656639653531636131333862356363663535313133663138
|
||||
38356566656161646636313766353937373433663631636265303464633437303464396537663264
|
||||
66326530313661636264336634613633316462343034386134636365383736636436613065323236
|
||||
323933363666353232393635376136363239
|
||||
apikey: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
31633162323338303133353838613336623961626635623165626335353263336130393166666535
|
||||
3763336662326336333436333635656230393838366163660a393737303132373466633265306433
|
||||
66336636666132373235646638653130633263343532353831653533656538663038326463306232
|
||||
3132646634376166620a663339346239643561616362333036633363396263323761663134373630
|
||||
30613730373131636262636266623363663561363863323938613832393864396633656664356534
|
||||
3563626633643766643339316132383434303538636666623934
|
||||
theme: default
|
||||
peers:
|
||||
- id: "B4Y7T5D-PHHDOFH-ZZ4VGOK-YNJINJG-VCYC272-PIE24XA-XJ5HSOD-DF3T6AJ"
|
||||
name: "Pixel 4a"
|
||||
folders:
|
||||
- id: "rthas-wdjsw"
|
||||
label: "pim"
|
||||
path: "/data/data/pim/files"
|
||||
devices:
|
||||
- "B4Y7T5D-PHHDOFH-ZZ4VGOK-YNJINJG-VCYC272-PIE24XA-XJ5HSOD-DF3T6AJ"
|
Reference in a new issue