move apt-cacher-ng to docker (#507)
Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: #507
This commit is contained in:
parent
817a40564b
commit
60a954a705
|
|
@ -12,7 +12,7 @@ steps:
|
|||
- name: lint
|
||||
image: pipelinecomponents/ansible-lint
|
||||
environment:
|
||||
http_proxy: http://acng2.grote.lan:9999
|
||||
http_proxy: http://docker10.grote.lan:9999
|
||||
DEBIAN_FRONTEND: noninteractive
|
||||
commands:
|
||||
- ansible-lint --show-relpath .
|
||||
|
|
|
|||
|
|
@ -0,0 +1,20 @@
|
|||
version: '3'
|
||||
services:
|
||||
apt-cacher-ng:
|
||||
container_name: apt-cacher-ng
|
||||
restart: always
|
||||
image: quotengrote/apt-cacher-ng:master
|
||||
ports:
|
||||
- "9999:9999"
|
||||
volumes:
|
||||
- cache:/var/cache/apt-cacher-ng
|
||||
environment:
|
||||
USER: acng-admin
|
||||
PASS: {{ lookup('keepass', 'acng_webinterface', 'password') }}
|
||||
VERBOSE: 1 # 0/1
|
||||
THRESHOLD: 60 # package housekeeping threshold
|
||||
labels:
|
||||
- com.centurylinklabs.watchtower.enable=true
|
||||
|
||||
volumes:
|
||||
cache:
|
||||
|
|
@ -12,5 +12,7 @@ services:
|
|||
volumes:
|
||||
# config file
|
||||
- ./config.yml:/app/config.yml
|
||||
labels:
|
||||
- com.centurylinklabs.watchtower.enable=true
|
||||
|
||||
# kann mit dig @192.168.2.43 -p 54 alternate.de getestet werden
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ services:
|
|||
items:
|
||||
- name: "Apt-Cacher-NG"
|
||||
logo: "assets/icons/acng.jpg"
|
||||
url: "http://acng2.grote.lan:9999/acng-report.html"
|
||||
url: "http://docker10.grote.lan:9999/acng-report.html"
|
||||
target: "_blank"
|
||||
subtitle: "apt"
|
||||
- name: "gitea"
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ services:
|
|||
- ./ssh:/ssh/
|
||||
- oxidized:/var/lib/oxidized
|
||||
labels:
|
||||
- com.centurylinklabs.watchtower.enable=true
|
||||
- com.centurylinklabs.watchtower.enable=false
|
||||
|
||||
######## Volumes ########
|
||||
volumes:
|
||||
|
|
|
|||
|
|
@ -1,60 +0,0 @@
|
|||
---
|
||||
### PROXMOX
|
||||
# acng2 ist ein LXC-Container; der Container ist "privileged" damit der Bind-Mount die richtigen Rechte bekommt
|
||||
|
||||
### mgrote.apt_manage_sources
|
||||
manage_sources_apt_proxy: "" # weil der Apt-Cacher-NG sich nicht selbst als Quelle nehmen kann
|
||||
|
||||
### oefenweb.ufw
|
||||
ufw_rules:
|
||||
- rule: allow
|
||||
to_port: 22
|
||||
protocol: tcp
|
||||
comment: 'ssh'
|
||||
from_ip: 0.0.0.0/0
|
||||
- rule: allow
|
||||
to_port: 4949
|
||||
protocol: tcp
|
||||
comment: 'munin'
|
||||
from_ip: 192.168.2.144/24
|
||||
- rule: allow
|
||||
to_port: "{{ acng_server_port }}"
|
||||
comment: 'acng'
|
||||
from_ip: 0.0.0.0/0
|
||||
### mgrote.acng
|
||||
acng_server_port: 9999
|
||||
acng_server_exthreshold: "60" #hebt Pakete 60 Tage auf
|
||||
acng_server_auth_user: acngadmin
|
||||
acng_server_auth_pass: "{{ lookup('keepass', 'acng_webinterface', 'password') }}"
|
||||
### mgrote.munin-node
|
||||
munin_node_plugins:
|
||||
- name: timesync
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/timesync_status
|
||||
- name: systemd_status
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_status
|
||||
- name: systemd_mem
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_mem
|
||||
config: |
|
||||
[systemd_mem]
|
||||
env.all_services true
|
||||
- name: fail2ban
|
||||
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban
|
||||
config: |
|
||||
[fail2ban]
|
||||
env.client /usr/bin/fail2ban-client
|
||||
env.config_dir /etc/fail2ban
|
||||
user root
|
||||
- name: acng
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/apt/acng
|
||||
config: |
|
||||
env.logfile /var/log/apt-cacher-ng/apt-cacher.log
|
||||
- name: http_response
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/http/http_response
|
||||
config: |
|
||||
[http_response]
|
||||
env.sites http://acng2.grote.lan:9999/acng-report.html
|
||||
env.max_time 20
|
||||
env.short_label true
|
||||
env.follow_redirect true
|
||||
munin_node_disabled_plugins:
|
||||
- name: lvm_
|
||||
|
|
@ -114,7 +114,7 @@
|
|||
postfix_smtp_server_port: 587
|
||||
postfix_smtp_use_tls: "yes"
|
||||
### mgrote.apt_manage_sources
|
||||
manage_sources_apt_proxy: "acng2.grote.lan:9999"
|
||||
manage_sources_apt_proxy: "docker10.grote.lan:9999"
|
||||
### mgrote.tmux
|
||||
tmux_conf_destination: "/home/mg/.tmux.conf"
|
||||
tmux_bashrc_destination: "/home/mg/.bashrc"
|
||||
|
|
|
|||
|
|
@ -54,7 +54,6 @@
|
|||
- https://github.com/rclone/rclone/releases/download/v1.59.2/rclone-v1.59.2-linux-amd64.deb
|
||||
- http://docker10.grote.lan:3344/bash-helper-scripts-mgrote-latest.deb
|
||||
|
||||
---
|
||||
### mgrote.youtubedl
|
||||
ytdl_dl_url: "https://github.com/yt-dlp/yt-dlp/releases/latest/download/yt-dlp"
|
||||
ytdl_timer: "Tue,Sat 03:00"
|
||||
|
|
|
|||
|
|
@ -53,7 +53,8 @@
|
|||
state: present
|
||||
- name: blocky
|
||||
state: present
|
||||
|
||||
- name: acng
|
||||
state: present
|
||||
### oefenweb.ufw
|
||||
ufw_rules:
|
||||
- rule: allow
|
||||
|
|
@ -131,7 +132,7 @@
|
|||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/http/http_response
|
||||
config: |
|
||||
[http_response]
|
||||
env.sites http://docker10.grote.lan:333 http://docker10.grote.lan:8888/nodes http://docker10.grote.lan:1234 https://nextcloud.mgrote.net http://docker10.grote.lan:2342 http://docker10.grote.lan:8000/login http://docker10.grote.lan:3344 http://docker10.grote.lan:5000 https://miniflux.mgrote.net/ http://docker10.grote.lan:3001 http://docker10.grote.lan:8081
|
||||
env.sites http://docker10.grote.lan:333 http://docker10.grote.lan:8888/nodes http://docker10.grote.lan:1234 https://nextcloud.mgrote.net http://docker10.grote.lan:2342 http://docker10.grote.lan:8000/login http://docker10.grote.lan:3344 http://docker10.grote.lan:5000 https://miniflux.mgrote.net/ http://docker10.grote.lan:3001 http://docker10.grote.lan:8081 http://docker10.grote.lan:9999/acng-report.html
|
||||
env.max_time 20
|
||||
env.short_label true
|
||||
env.follow_redirect true
|
||||
|
|
|
|||
|
|
@ -6,9 +6,6 @@ all:
|
|||
fileserver:
|
||||
hosts:
|
||||
fileserver3.grote.lan:
|
||||
acng:
|
||||
hosts:
|
||||
acng2.grote.lan:
|
||||
ansible:
|
||||
hosts:
|
||||
ansible2.grote.lan:
|
||||
|
|
@ -33,7 +30,6 @@ all:
|
|||
hosts:
|
||||
dokuwiki2.grote.lan:
|
||||
fileserver3.grote.lan:
|
||||
acng2.grote.lan:
|
||||
ansible2.grote.lan:
|
||||
pve5.grote.lan:
|
||||
gitea.grote.lan:
|
||||
|
|
|
|||
|
|
@ -3,4 +3,3 @@
|
|||
roles:
|
||||
- role: mgrote.apt_manage_sources
|
||||
tags: "apt_sources"
|
||||
when: "not 'acng2.grote.lan' in inventory_hostname"
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
manage_sources_apt_repo_key_url: http://download.proxmox.com/debian/proxmox-ve-release-6.x.gpg # url zum key für no-subscription-repo
|
||||
manage_sources_apt_repo_key_path: /etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg # pfad lokal zum key für no-subscription-repo
|
||||
manage_sources_apt_repo_no_subscription: deb http://download.proxmox.com/debian/pve bullseye pve-no-subscription # url zum für no-subscription-repo, manage_sources_apt_proxy_url wird aus der variable entnommen
|
||||
manage_sources_apt_proxy: acng2.grote.lan:9999 # url+Port vom proxy
|
||||
manage_sources_apt_proxy: docker10.grote.lan:9999 # url+Port vom proxy
|
||||
# manage_sources_extra_repos: # Extra Repositories
|
||||
# - name: vivaldi # optional
|
||||
# url: deb [arch=amd64] https://repo.vivaldi.com/stable/deb/ stable main
|
||||
|
|
|
|||
Loading…
Reference in New Issue