systems/infrastructure
1
Fork 0
Code Issues 1 Pull Requests 13 Actions Activity

Move docker containers to new PVE container

Browse Source
This commit is contained in:
Jake Howard 2021-01-09 18:02:17 +00:00
parent a35f2f91ff
commit fef7f2c2b4
Signed by: jake
GPG Key ID: 57AFB45680EDD477
35 changed files with 30 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ansible/host_vars/pve-docker.yml
View File

@ -1,2 +1,4 @@
expose_ssh: true
traefik_private_ip: "{{ ansible_default_ipv4.address }}"
traefik_proxy_protocol_trusted_ips: "10.23.0.0/16"

1
ansible/hosts
View File

@ -1,5 +1,4 @@
casey
intersect
walker
grimes

9
ansible/main.yml
View File

@ -14,7 +14,6 @@
- gateway
- hosts:
- intersect
- walker
- grimes
- pve-docker
@ -32,7 +31,6 @@
# ZFS Hosts
- hosts:
- walker
- intersect
roles:
- zfs
@ -42,14 +40,11 @@
- plausible
- duplicati
- hosts: intersect
- hosts: pve-docker
roles:
- home_assistant
- intersect_docker
- duplicati
- pve_docker
- grafana
- gitlab
- scrutiny
- heimdall
- hosts: walker

6
ansible/roles/gitlab/files/docker-compose.yml
View File

@ -22,7 +22,7 @@ services:
- db
- redis
ports:
- "{{ wireguard.clients.intersect.ip }}:8022:22"
- "8022:22"
labels:
- traefik.enable=true
- traefik.http.routers.gitlab.rule=Host(`git.theorangeone.net`) || Host(`git.0rng.one`)
@ -34,7 +34,7 @@ services:
image: postgres:12-alpine
restart: unless-stopped
volumes:
- /mnt/tank/dbs/postgres/gitlab:/var/lib/postgresql/data
- ./postgres:/var/lib/postgresql/data
environment:
- POSTGRES_PASSWORD=gitlab
- POSTGRES_USER=gitlab
@ -44,7 +44,7 @@ services:
image: redis:6-alpine
restart: unless-stopped
volumes:
- /mnt/tank/dbs/redis/gitlab:/data
- ./redis:/data
lsyncd:
image: theorangeone/lsyncd:latest

2
ansible/roles/gitlab/files/lsyncd.lua
View File

@ -6,7 +6,7 @@ settings {
sync {
default.rsyncssh,
source = "/mnt/pages",
host = "user@{{ wireguard.clients.walker.ip }}",
host = "user@5.39.79.153",
targetdir = "/config/pages",
delay = 10,
rsync = {

4
ansible/roles/grafana/files/docker-compose.yml
View File

@ -9,7 +9,7 @@ services:
- GF_RENDERING_SERVER_URL=http://renderer:8081/render
- GF_RENDERING_CALLBACK_URL=http://grafana:3000/
volumes:
- "{{ app_data_dir }}/grafana:/var/lib/grafana"
- "./grafana:/var/lib/grafana"
restart: unless-stopped
depends_on:
- db
@ -27,7 +27,7 @@ services:
image: postgres:12-alpine
restart: unless-stopped
volumes:
- /mnt/tank/dbs/postgres/grafana:/var/lib/postgresql/data
- ./postgres:/var/lib/postgresql/data
environment:
- POSTGRES_PASSWORD=grafana
- POSTGRES_USER=grafana

2
ansible/roles/heimdall/files/docker-compose.yml
View File

@ -9,7 +9,7 @@ services:
- TZ=Europe/London
restart: unless-stopped
volumes:
- "{{ app_data_dir }}/heimdall/:/config"
- "./config:/config"
labels:
- traefik.enable=true
- traefik.http.routers.heimdall.rule=Host(`jakehoward.tech`)

2
ansible/roles/intersect_docker/files/calibre/docker-compose.yml → ansible/roles/pve_docker/files/calibre/docker-compose.yml
View File

@ -8,7 +8,7 @@ services:
- TZ=Europe/London
restart: unless-stopped
volumes:
- "{{ app_data_dir }}/calibre:/config"
- "./calibre:/config"
- /mnt/tank/files/ebooks:/books:ro
labels:
- traefik.enable=true

0
ansible/roles/intersect_docker/files/gotify/docker-compose.yml → ansible/roles/pve_docker/files/gotify/docker-compose.yml
View File

0
ansible/roles/intersect_docker/files/librespeed/docker-compose.yml → ansible/roles/pve_docker/files/librespeed/docker-compose.yml
View File

2
ansible/roles/intersect_docker/files/nextcloud/config.php → ansible/roles/pve_docker/files/nextcloud/config.php
View File

@ -39,4 +39,6 @@ $CONFIG = array (
'preview_max_x' => '2048',
'preview_max_y' => '2048',
'jpeg_quality' => '60',
'has_rebuilt_cache' => true,
'logfile' => '/config/log/nextcloud.log',
);

9
ansible/roles/intersect_docker/files/nextcloud/docker-compose.yml → ansible/roles/pve_docker/files/nextcloud/docker-compose.yml
View File

@ -9,10 +9,9 @@ services:
- TZ=Europe/London
- DOCKER_MODS=theorangeone/lsio-mod-more-processes:latest
volumes:
- "{{ app_data_dir }}/nextcloud/apps:/config/www/nextcloud/apps"
- "{{ app_data_dir }}/nextcloud/config.php:/config/www/nextcloud/config/config.php"
- "./nextcloud/apps:/config/www/nextcloud/apps"
- "./nextcloud/config.php:/config/www/nextcloud/config/config.php"
- /mnt/tank/files/nextcloud:/data
- /mnt/media:/content:ro
- /mnt/tank/files:/mnt/files
restart: unless-stopped
depends_on:
@ -34,7 +33,7 @@ services:
image: mariadb:10.5
restart: unless-stopped
volumes:
- /mnt/tank/dbs/mariadb/nextcloud:/var/lib/mysql
- ./mariadb:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=nextcloud
- MYSQL_DATABASE=nextcloud
@ -45,7 +44,7 @@ services:
image: redis:6-alpine
restart: unless-stopped
volumes:
- /mnt/tank/dbs/redis/nextcloud:/data
- ./redis:/data
collabora:
image: collabora/code:latest

2
ansible/roles/intersect_docker/files/quassel/docker-compose.yml → ansible/roles/pve_docker/files/quassel/docker-compose.yml
View File

@ -17,7 +17,7 @@ services:
depends_on:
- db
ports:
- "{{ wireguard.clients.intersect.ip }}:4242:4242"
- "4242:4242"
db:
image: postgres:12-alpine

0
ansible/roles/intersect_docker/files/synapse/docker-compose.yml → ansible/roles/pve_docker/files/synapse/docker-compose.yml
View File

0
ansible/roles/intersect_docker/files/synapse/homeserver.yml → ansible/roles/pve_docker/files/synapse/homeserver.yml
View File

0
ansible/roles/intersect_docker/files/tt-rss/config.php → ansible/roles/pve_docker/files/tt-rss/config.php
View File

6
ansible/roles/intersect_docker/files/tt-rss/docker-compose.yml → ansible/roles/pve_docker/files/tt-rss/docker-compose.yml
View File

@ -8,8 +8,8 @@ services:
- PGID={{ docker_user.id }}
- TZ=Europe/London
volumes:
- "{{ app_data_dir }}/tt-rss/config.php:/config/config.php:ro"
- "{{ app_data_dir }}/tt-rss/feed-icons:/config/feed-icons"
- "./tt-rss/config.php:/config/config.php:ro"
- "./tt-rss/feed-icons:/config/feed-icons"
- ./plugins:/config/plugins.local
restart: unless-stopped
labels:
@ -26,7 +26,7 @@ services:
image: postgres:12-alpine
restart: unless-stopped
volumes:
- /mnt/tank/dbs/postgres/tt-rss:/var/lib/postgresql/data
- ./postgres:/var/lib/postgresql/data
environment:
- POSTGRES_PASSWORD=tt-rss
- POSTGRES_USER=tt-rss

6
ansible/roles/intersect_docker/files/wallabag/docker-compose.yml → ansible/roles/pve_docker/files/wallabag/docker-compose.yml
View File

@ -8,8 +8,8 @@ services:
- SYMFONY__ENV__SECRET={{ wallabag_secret }}
- SYMFONY__ENV__DOMAIN_NAME=https://wallabag.jakehoward.tech
volumes:
- "{{ app_data_dir }}/wallabag/data:/var/www/wallabag/data"
- "{{ app_data_dir }}/wallabag/images:/var/www/wallabag/images"
- "./wallabag/data:/var/www/wallabag/data"
- "./wallabag/images:/var/www/wallabag/images"
labels:
- traefik.enable=true
- traefik.http.routers.wallabag.rule=Host(`wallabag.jakehoward.tech`)
@ -21,4 +21,4 @@ services:
image: redis:6-alpine
restart: unless-stopped
volumes:
- /mnt/tank/dbs/redis/wallabag:/data
- ./redis:/data

0
ansible/roles/intersect_docker/files/whoami/docker-compose.yml → ansible/roles/pve_docker/files/whoami/docker-compose.yml
View File

0
ansible/roles/intersect_docker/tasks/calibre.yml → ansible/roles/pve_docker/tasks/calibre.yml
View File

0
ansible/roles/intersect_docker/tasks/gotify.yml → ansible/roles/pve_docker/tasks/gotify.yml
View File

0
ansible/roles/intersect_docker/tasks/librespeed.yml → ansible/roles/pve_docker/tasks/librespeed.yml
View File

0
ansible/roles/intersect_docker/tasks/main.yml → ansible/roles/pve_docker/tasks/main.yml
View File

0
ansible/roles/intersect_docker/tasks/nextcloud.yml → ansible/roles/pve_docker/tasks/nextcloud.yml
View File

0
ansible/roles/intersect_docker/tasks/quassel.yml → ansible/roles/pve_docker/tasks/quassel.yml
View File

0
ansible/roles/intersect_docker/tasks/synapse.yml → ansible/roles/pve_docker/tasks/synapse.yml
View File

0
ansible/roles/intersect_docker/tasks/tt-rss.yml → ansible/roles/pve_docker/tasks/tt-rss.yml
View File

0
ansible/roles/intersect_docker/tasks/wallabag.yml → ansible/roles/pve_docker/tasks/wallabag.yml
View File

0
ansible/roles/intersect_docker/tasks/whoami.yml → ansible/roles/pve_docker/tasks/whoami.yml
View File

0
ansible/roles/intersect_docker/vars/librespeed.yml → ansible/roles/pve_docker/vars/librespeed.yml
View File

0
ansible/roles/intersect_docker/vars/nextcloud.yml → ansible/roles/pve_docker/vars/nextcloud.yml
View File

0
ansible/roles/intersect_docker/vars/synapse.yml → ansible/roles/pve_docker/vars/synapse.yml
View File

0
ansible/roles/intersect_docker/vars/wallabag.yml → ansible/roles/pve_docker/vars/wallabag.yml
View File

2
ansible/roles/traefik/defaults/main.yml
View File

@ -1,2 +1,4 @@
traefik_private_ip: "{{ wireguard.clients[ansible_fqdn].ip }}"
traefik_influx_db_dir: ./influxdb
traefik_proxy_protocol_trusted_ips: "{{ wireguard.cidr }}"

6
ansible/roles/traefik/files/traefik.yml
View File

@ -3,17 +3,17 @@ entryPoints:
address: :80
proxyProtocol:
trustedIPs:
- "{{ wireguard.cidr }}"
- "{{ traefik_proxy_protocol_trusted_ips }}"
web-secure:
address: :443
proxyProtocol:
trustedIPs:
- "{{ wireguard.cidr }}"
- "{{ traefik_proxy_protocol_trusted_ips }}"
matrix:
address: :8448
proxyProtocol:
trustedIPs:
- "{{ wireguard.cidr }}"
- "{{ traefik_proxy_protocol_trusted_ips }}"
traefik:
address: "{{ traefik_private_ip }}:8080"