2022-05-22 21:12:36 +02:00
---
### mrlesmithjr.ansible-manage-lvm
lvm_groups :
- vgname : vg_nextcloud
disks :
2022-06-10 22:28:59 +02:00
- /dev/sdc
2022-05-22 21:12:36 +02:00
create : true
lvnames :
- lvname : lv_nextcloud
size : +100%FREE
create : true
filesystem : xfs
mount : true
mntp : /mnt/nextcloud
2022-06-08 19:14:07 +02:00
- vgname : vg_docker
disks :
2022-06-10 22:28:59 +02:00
- /dev/sdb
2022-06-08 19:14:07 +02:00
create : true
lvnames :
- lvname : lv_docker
size : +100%FREE
create : true
filesystem : xfs
mount : true
mntp : /var/lib/docker
2022-05-22 21:12:36 +02:00
manage_lvm : true
pvresize_to_max : true
### mgrote.restic
restic_folders_to_backup : "/ /mnt/nextcloud /var/lib/docker" # --one-file-system ist gesetzt, also werden weitere Dateisysteme nicht eingeschlossen, es sei denn sie werden hier explizit angegeben; https://restic.readthedocs.io/en/latest/040_backup.html#excluding-files
restic_schedule : "0/2:00" # alle 2 Stunden
restic_exclude : |
._*
.Trash-*
# https://github.com/restic/restic/issues/1005
# https://forum.restic.net/t/exclude-syntax-confusion/1531/12
### geerlingguy.munin-node
munin_node_plugins :
- name : timesync
src : https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/timesync_status
- name : systemd_status
src : https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_status
- name : lvm_
src : https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/disk/lvm_
config : |
[ lvm_*]
user root
- name : fail2ban
src : https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban
config : |
[ fail2ban]
env.client /usr/bin/fail2ban-client
env.config_dir /etc/fail2ban
user root
- name : nextcloud_nextcloud.mgrote.net
src : https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/nextcloud/nextcloud_
config : |
[ nextcloud_nextcloud.mgrote.net]
env.username munin
env.password {{ lookup('keepass', 'nextcloud_munin_user', 'password') }}
env.api_path /ocs/v2.php/apps/serverinfo/api/v1/info
env.scheme https
- name : http_response
src : https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/http/http_response
config : |
[ http_response]
env.sites https://nextcloud.mgrote.net
env.max_time 20
env.short_label true
env.follow_redirect true
- name : timesync
src : https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/timesync_status
- name : systemd_status
src : https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_status
- name : lvm_
src : https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/disk/lvm_
config : |
[ lvm_*]
user root
- name : fail2ban
src : https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban
config : |
[ fail2ban]
env.client /usr/bin/fail2ban-client
env.config_dir /etc/fail2ban
user root
- name : docker_containers
src : https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
config : |
[ docker_*]
user root
env.DOCKER_HOST unix://run/docker.sock
- name : docker_cpu
src : https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
- name : docker_memory
src : https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
- name : docker_network
src : https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
- name : docker_volumes
src : https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
### mgrote.docker-compose-deploy
docker_compose_projects :
- name : nextcloud
dir_name : docker-nextcloud
repository_url : git.mgrote.net/mg/docker-nextcloud
state : present
os_username : docker-user
repository_user : mg
repository_user_password : "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
- name : watchtower
dir_name : docker-watchtower
repository_url : git.mgrote.net/mg/docker-watchtower
state : present
os_username : docker-user
repository_user : mg
repository_user_password : "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"