2021-07-17 19:57:50 +02:00
---
2023-10-25 22:26:17 +02:00
### mrlesmithjr.ansible-manage-lvm
lvm_groups :
- vgname : vg_docker
disks :
- /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1
create : true
lvnames :
- lvname : docker
size : +100%FREE
create : true
filesystem : xfs
mount : true
mntp : /var/lib/docker
manage_lvm : true
pvresize_to_max : true
2022-08-25 22:22:11 +02:00
2023-10-25 22:26:17 +02:00
### mgrote.restic
restic_folders_to_backup : "/ /var/lib/docker /mnt/oci-registry" # --one-file-system ist gesetzt, also werden weitere Dateisysteme nicht eingeschlossen, es sei denn sie werden hier explizit angegeben
### mgrote.docker-compose-inline
compose_owner : "docker-user"
compose_group : "docker-user"
compose_file_permissions : "644"
compose_dir_permissions : "755"
compose_dest_basedir : "/docker"
compose_src_basedir : "{{ inventory_dir }}/docker-compose"
compose_files :
2023-10-31 20:37:15 +01:00
- name : registry
state : present
network : traefik
2023-10-25 22:26:17 +02:00
- name : homer
state : present
- name : drone
state : present
- name : nextcloud
state : present
network : traefik
- name : httpd
state : present
2023-10-31 20:37:15 +01:00
- name : unifi-network-application
2023-10-25 22:26:17 +02:00
state : present
- name : miniflux
state : present
network : traefik
- name : traefik
state : present
network : traefik
- name : navidrome
state : present
network : traefik
- name : watchtower
state : present
- name : routeros-config-export
state : present
2023-10-31 11:37:50 +01:00
- name : mail-relay
state : present
network : mail-relay
2023-10-31 20:37:15 +01:00
2023-10-25 22:26:17 +02:00
### oefenweb.ufw
ufw_rules :
- rule : allow
to_port : 22
protocol : tcp
comment : 'ssh'
from_ip : 0.0 .0 .0 /0
# docker network inspect $(docker network ls -q)|grep -E "IPv(4|6)A" | grep -v \"\" | sort -h
- rule : allow
from_ip : 192.168 .0 .0 /16
comment : 'docker networks'
- rule : allow
from_ip : 172.0 .0 .0 /8
comment : 'docker networks'
