2021-07-17 19:57:50 +02:00
|
|
|
---
|
2023-10-25 22:26:17 +02:00
|
|
|
### mrlesmithjr.ansible-manage-lvm
|
|
|
|
lvm_groups:
|
|
|
|
- vgname: vg_docker
|
|
|
|
disks:
|
|
|
|
- /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1
|
|
|
|
create: true
|
|
|
|
lvnames:
|
|
|
|
- lvname: docker
|
|
|
|
size: +100%FREE
|
|
|
|
create: true
|
|
|
|
filesystem: xfs
|
|
|
|
mount: true
|
|
|
|
mntp: /var/lib/docker
|
|
|
|
manage_lvm: true
|
|
|
|
pvresize_to_max: true
|
2022-08-25 22:22:11 +02:00
|
|
|
|
2023-11-09 16:57:43 +01:00
|
|
|
### mgrote_mount_cifs
|
|
|
|
cifs_mounts:
|
|
|
|
- name: bilder
|
|
|
|
type: cifs
|
|
|
|
state: present
|
|
|
|
dest: /mnt/fileserver3_photoprism_bilder_ro
|
2023-11-25 19:08:24 +01:00
|
|
|
src: //fileserver3.mgrote.net/bilder
|
2023-11-09 16:57:43 +01:00
|
|
|
user: photoprism
|
|
|
|
password: "{{ lookup('keepass', 'fileserver_smb_user_photoprism', 'password') }}"
|
2023-11-25 19:08:24 +01:00
|
|
|
domain: mgrote.net
|
2023-11-09 16:57:43 +01:00
|
|
|
uid: 5000
|
|
|
|
gid: 5000
|
|
|
|
extra_opts: ",ro" # komma am Anfang ist notwendig weil die Option hinten angehangen wird
|
|
|
|
|
2023-11-29 21:15:50 +01:00
|
|
|
### mgrote_docker-compose-inline
|
2023-10-25 22:26:17 +02:00
|
|
|
compose_owner: "docker-user"
|
|
|
|
compose_group: "docker-user"
|
|
|
|
compose_file_permissions: "644"
|
|
|
|
compose_dir_permissions: "755"
|
|
|
|
compose_dest_basedir: "/docker"
|
|
|
|
compose_src_basedir: "{{ inventory_dir }}/docker-compose"
|
|
|
|
compose_files:
|
2023-10-31 20:37:15 +01:00
|
|
|
- name: registry
|
|
|
|
state: present
|
|
|
|
network: traefik
|
2023-10-25 22:26:17 +02:00
|
|
|
- name: nextcloud
|
|
|
|
state: present
|
|
|
|
network: traefik
|
|
|
|
- name: httpd
|
|
|
|
state: present
|
2023-10-31 20:37:15 +01:00
|
|
|
- name: unifi-network-application
|
2023-10-25 22:26:17 +02:00
|
|
|
state: present
|
|
|
|
- name: miniflux
|
|
|
|
state: present
|
|
|
|
network: traefik
|
|
|
|
- name: traefik
|
|
|
|
state: present
|
|
|
|
network: traefik
|
|
|
|
- name: navidrome
|
|
|
|
state: present
|
|
|
|
network: traefik
|
|
|
|
- name: watchtower
|
2024-02-06 19:05:06 +01:00
|
|
|
state: absent
|
2023-10-25 22:26:17 +02:00
|
|
|
- name: routeros-config-export
|
|
|
|
state: present
|
2023-10-31 11:37:50 +01:00
|
|
|
- name: mail-relay
|
|
|
|
state: present
|
|
|
|
network: mail-relay
|
2023-11-07 16:35:27 +01:00
|
|
|
- name: woodpecker
|
|
|
|
state: present
|
2023-11-08 13:20:55 +01:00
|
|
|
network: traefik
|
2023-11-16 20:09:14 +01:00
|
|
|
- name: wiki
|
|
|
|
state: present
|
|
|
|
network: traefik
|
2023-11-21 17:45:57 +01:00
|
|
|
- name: statping-ng
|
2024-02-07 12:13:40 +01:00
|
|
|
state: absent
|
2023-10-31 20:37:15 +01:00
|
|
|
|
2023-10-25 22:26:17 +02:00
|
|
|
### oefenweb.ufw
|
|
|
|
ufw_rules:
|
|
|
|
- rule: allow
|
|
|
|
to_port: 22
|
|
|
|
protocol: tcp
|
|
|
|
comment: 'ssh'
|
|
|
|
from_ip: 0.0.0.0/0
|
|
|
|
# docker network inspect $(docker network ls -q)|grep -E "IPv(4|6)A" | grep -v \"\" | sort -h
|
|
|
|
- rule: allow
|
|
|
|
from_ip: 192.168.0.0/16
|
|
|
|
comment: 'docker networks'
|
|
|
|
- rule: allow
|
|
|
|
from_ip: 172.0.0.0/8
|
|
|
|
comment: 'docker networks'
|