2021-07-17 19:57:50 +02:00
---
2023-10-25 22:26:17 +02:00
### mrlesmithjr.ansible-manage-lvm
lvm_groups :
- vgname : vg_docker
disks :
- /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1
create : true
lvnames :
- lvname : docker
size : +100%FREE
create : true
filesystem : xfs
mount : true
mntp : /var/lib/docker
manage_lvm : true
pvresize_to_max : true
2022-08-25 22:22:11 +02:00
2023-11-09 16:57:43 +01:00
### mgrote_mount_cifs
cifs_mounts :
- name : bilder
type : cifs
state : present
dest : /mnt/fileserver3_photoprism_bilder_ro
2023-11-25 19:08:24 +01:00
src : //fileserver3.mgrote.net/bilder
2023-11-09 16:57:43 +01:00
user : photoprism
password : "{{ lookup('keepass', 'fileserver_smb_user_photoprism', 'password') }}"
2023-11-25 19:08:24 +01:00
domain : mgrote.net
2023-11-09 16:57:43 +01:00
uid : 5000
gid : 5000
extra_opts : ",ro" # komma am Anfang ist notwendig weil die Option hinten angehangen wird
2023-11-29 21:15:50 +01:00
### mgrote_restic
2023-10-25 22:26:17 +02:00
restic_folders_to_backup : "/ /var/lib/docker /mnt/oci-registry" # --one-file-system ist gesetzt, also werden weitere Dateisysteme nicht eingeschlossen, es sei denn sie werden hier explizit angegeben
2023-11-29 21:15:50 +01:00
### mgrote_docker-compose-inline
2023-10-25 22:26:17 +02:00
compose_owner : "docker-user"
compose_group : "docker-user"
compose_file_permissions : "644"
compose_dir_permissions : "755"
compose_dest_basedir : "/docker"
compose_src_basedir : "{{ inventory_dir }}/docker-compose"
compose_files :
2023-10-31 20:37:15 +01:00
- name : registry
state : present
network : traefik
2023-10-25 22:26:17 +02:00
- name : nextcloud
state : present
network : traefik
- name : httpd
state : present
2023-10-31 20:37:15 +01:00
- name : unifi-network-application
2023-10-25 22:26:17 +02:00
state : present
- name : miniflux
state : present
network : traefik
- name : traefik
state : present
network : traefik
- name : navidrome
state : present
network : traefik
- name : watchtower
state : present
- name : routeros-config-export
state : present
2023-10-31 11:37:50 +01:00
- name : mail-relay
state : present
network : mail-relay
2023-11-07 16:35:27 +01:00
- name : woodpecker
state : present
2023-11-08 13:20:55 +01:00
network : traefik
2023-11-16 20:09:14 +01:00
- name : wiki
state : present
network : traefik
2023-11-21 17:45:57 +01:00
- name : statping-ng
state : present
2023-10-31 20:37:15 +01:00
2023-10-25 22:26:17 +02:00
### oefenweb.ufw
ufw_rules :
- rule : allow
to_port : 22
protocol : tcp
comment : 'ssh'
from_ip : 0.0 .0 .0 /0
# docker network inspect $(docker network ls -q)|grep -E "IPv(4|6)A" | grep -v \"\" | sort -h
- rule : allow
from_ip : 192.168 .0 .0 /16
comment : 'docker networks'
- rule : allow
from_ip : 172.0 .0 .0 /8
comment : 'docker networks'