Umbau docker (#337)
Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: mg/ansible#337 Co-authored-by: mg <michael.grote@posteo.de> Co-committed-by: mg <michael.grote@posteo.de>
This commit is contained in:
parent
111f6613e7
commit
8a4e47ad75
12 changed files with 251 additions and 203 deletions
|
@ -34,4 +34,4 @@ always = true
|
|||
|
||||
[ara]
|
||||
api_client = http
|
||||
api_server = http://docker4.grote.lan:2233
|
||||
api_server = http://docker7.grote.lan:2233
|
||||
|
|
|
@ -130,7 +130,7 @@
|
|||
to_port: 4949
|
||||
protocol: tcp
|
||||
comment: 'munin'
|
||||
from_ip: 192.168.2.144/24
|
||||
from_ip: 192.168.2.0/24
|
||||
ufw_default_incoming_policy: deny
|
||||
ufw_default_outgoing_policy: allow
|
||||
### mgrote.apt_manage_packages
|
||||
|
|
|
@ -9,6 +9,14 @@
|
|||
public_ssh_key: "{{ ssh_public_key_mg }}"
|
||||
allow_sudo: true
|
||||
allow_passwordless_sudo: true
|
||||
- username: docker-user
|
||||
password: "{{ lookup('keepass', 'docker-user_linux_password_hash', 'password') }}"
|
||||
update_password: on_create
|
||||
groups: ssh, sudo, docker
|
||||
state: present
|
||||
allow_sudo: true
|
||||
allow_passwordless_sudo: true
|
||||
uid: "5000"
|
||||
- username: ansible-user
|
||||
password: "{{ lookup('keepass', 'ansible_user_linux_password_hash', 'password') }}"
|
||||
update_password: on_create
|
||||
|
@ -20,9 +28,54 @@
|
|||
### geerlingguy.docker
|
||||
docker_users:
|
||||
- mg
|
||||
- docker-user
|
||||
### geerlingguy.pip
|
||||
pip_package: python3-pip
|
||||
pip_install_packages:
|
||||
- name: docker # für munin-plugin docker_
|
||||
### mgrote.docker-compose-deploy
|
||||
docker_compose_base_dir: /home/mg/docker
|
||||
docker_compose_base_dir: /home/docker-user
|
||||
### geerlingguy.munin-node
|
||||
munin_node_bind_host: "0.0.0.0"
|
||||
munin_node_bind_port: "4949"
|
||||
munin_node_allowed_cidrs: [192.168.2.0/24]
|
||||
munin_node_disabled_plugins:
|
||||
- name: meminfo # zu hohe last
|
||||
- name: hddtemp2 # ersetzt durch hddtemp_smartctl
|
||||
- name: ntp # verursacht zu viele dns ptr request
|
||||
- name: hddtempd # ersetzt durch hddtemp_smartctl
|
||||
- name: ipmi_power # für pve2, leeres diagramm
|
||||
- name: docker_images
|
||||
- name: docker_status
|
||||
- name: chrony
|
||||
munin_node_plugins:
|
||||
- name: timesync
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/timesync_status
|
||||
- name: systemd_status
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_status
|
||||
- name: lvm_
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/disk/lvm_
|
||||
config: |
|
||||
[lvm_*]
|
||||
user root
|
||||
- name: fail2ban
|
||||
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban
|
||||
config: |
|
||||
[fail2ban]
|
||||
env.client /usr/bin/fail2ban-client
|
||||
env.config_dir /etc/fail2ban
|
||||
user root
|
||||
- name: docker_containers
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
config: |
|
||||
[docker_*]
|
||||
user root
|
||||
env.DOCKER_HOST unix://run/docker.sock
|
||||
- name: docker_cpu
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: docker_memory
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: docker_network
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: docker_volumes
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
|
|
|
@ -20,12 +20,6 @@
|
|||
repository_url: git.mgrote.net/mg/docker-munin-master_test
|
||||
state: present
|
||||
os_username: mg
|
||||
### geerlingguy.munin-node
|
||||
munin_node_allowed_cidrs: [0.0.0.0/0] # weil der munin-server aus einem anderen subnet zugreift
|
||||
munin_node_allowed_ips: # weil der munin-server aus einem anderen subnet zugreift
|
||||
- '^127\.0\.0\.1$'
|
||||
- '^::1$'
|
||||
- ^0\.0\.0\.0$
|
||||
### oefenweb.ufw
|
||||
ufw_rules: # ist extra weil bei munin kein subnet angegeben ist
|
||||
- rule: allow
|
||||
|
@ -38,3 +32,53 @@
|
|||
protocol: tcp
|
||||
comment: 'munin'
|
||||
from_ip: 0.0.0.0/0
|
||||
### geerlingguy.munin-node
|
||||
munin_node_allowed_cidrs: [0.0.0.0/0] # weil der munin-server aus einem anderen subnet zugreift
|
||||
munin_node_disabled_plugins:
|
||||
- name: meminfo # zu hohe last
|
||||
- name: hddtemp2 # ersetzt durch hddtemp_smartctl
|
||||
- name: ntp # verursacht zu viele dns ptr request
|
||||
- name: hddtempd # ersetzt durch hddtemp_smartctl
|
||||
- name: ipmi_power # für pve2, leeres diagramm
|
||||
- name: docker_images
|
||||
- name: docker_status
|
||||
- name: chrony
|
||||
munin_node_plugins:
|
||||
- name: timesync
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/timesync_status
|
||||
- name: systemd_status
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_status
|
||||
- name: lvm_
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/disk/lvm_
|
||||
config: |
|
||||
[lvm_*]
|
||||
user root
|
||||
- name: fail2ban
|
||||
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban
|
||||
config: |
|
||||
[fail2ban]
|
||||
env.client /usr/bin/fail2ban-client
|
||||
env.config_dir /etc/fail2ban
|
||||
user root
|
||||
- name: docker_containers
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
config: |
|
||||
[docker_*]
|
||||
user root
|
||||
env.DOCKER_HOST unix://run/docker.sock
|
||||
- name: docker_cpu
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: docker_memory
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: docker_network
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: docker_volumes
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: http_response
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/http/http_response
|
||||
config: |
|
||||
[http_response]
|
||||
env.sites http://docker-test.grote.lan:333 http://docker-test.grote.lan:1234
|
||||
env.max_time 20
|
||||
env.short_label true
|
||||
env.follow_redirect true
|
||||
|
|
|
@ -1,77 +0,0 @@
|
|||
---
|
||||
### mgrote.docker-compose-deploy
|
||||
docker_compose_projects:
|
||||
- name: miniflux
|
||||
dir_name: docker-miniflux
|
||||
repository_url: git.mgrote.net/mg/docker-miniflux
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
state: present
|
||||
os_username: mg
|
||||
- name: navidrome-mg
|
||||
dir_name: docker-navidrome-mg
|
||||
repository_url: git.mgrote.net/mg/docker-navidrome-mg
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
state: present
|
||||
os_username: mg
|
||||
- name: nightscout
|
||||
dir_name: docker-nightscout
|
||||
repository_url: git.mgrote.net/mg/docker-nightscout
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
state: present
|
||||
os_username: mg
|
||||
- name: traefik
|
||||
dir_name: docker-traefik
|
||||
repository_url: git.mgrote.net/mg/docker-traefik
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
network_name: nw_proxy_traefik
|
||||
state: present
|
||||
os_username: mg
|
||||
- name: watchtower
|
||||
dir_name: docker-watchtower
|
||||
repository_url: git.mgrote.net/mg/docker-watchtower
|
||||
state: present
|
||||
os_username: mg
|
||||
### geerlingguy.munin-node
|
||||
munin_node_plugins:
|
||||
- name: timesync
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/timesync_status
|
||||
- name: systemd_status
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_status
|
||||
- name: lvm_
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/disk/lvm_
|
||||
config: |
|
||||
[lvm_*]
|
||||
user root
|
||||
- name: docker_containers
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
config: |
|
||||
[docker_*]
|
||||
user root
|
||||
env.DOCKER_HOST unix://run/docker.sock
|
||||
- name: docker_cpu
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: docker_memory
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: docker_network
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: docker_volumes
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: fail2ban
|
||||
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban
|
||||
config: |
|
||||
[fail2ban]
|
||||
env.client /usr/bin/fail2ban-client
|
||||
env.config_dir /etc/fail2ban
|
||||
user root
|
||||
- name: http_response
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/http/http_response
|
||||
config: |
|
||||
[http_response]
|
||||
env.sites http://docker3.grote.lan:8081/ https://miniflux.mgrote.net/ http://docker3.grote.lan:3001 https://nightscout.mgrote.net https://audio.mgrote.net/mg
|
||||
env.max_time 20
|
||||
env.short_label true
|
||||
env.follow_redirect true
|
|
@ -1,61 +0,0 @@
|
|||
---
|
||||
### mgrote.docker-compose-deploy
|
||||
docker_compose_projects:
|
||||
- name: watchtower
|
||||
dir_name: docker-watchtower
|
||||
repository_url: git.mgrote.net/mg/docker-watchtower
|
||||
state: present
|
||||
os_username: mg
|
||||
- name: ansible-ara
|
||||
dir_name: docker-ansible-ara
|
||||
repository_url: git.mgrote.net/mg/docker-ansible-ara
|
||||
state: present
|
||||
os_username: mg
|
||||
- name: photoprism # wird der container woanders hin verschoben restic ausnahmen wieder eintragen, oder /var/lib/docker aus restic entfernen
|
||||
dir_name: docker-photoprism
|
||||
repository_url: git.mgrote.net/mg/docker-photoprism
|
||||
state: present
|
||||
os_username: mg
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
|
||||
### geerlingguy.munin-node
|
||||
munin_node_plugins:
|
||||
- name: timesync
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/timesync_status
|
||||
- name: systemd_status
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/systemd_status
|
||||
- name: lvm_
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/disk/lvm_
|
||||
config: |
|
||||
[lvm_*]
|
||||
user root
|
||||
- name: docker_containers
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
config: |
|
||||
[docker_*]
|
||||
user root
|
||||
env.DOCKER_HOST unix://run/docker.sock
|
||||
- name: docker_cpu
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: docker_memory
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: docker_network
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: docker_volumes
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: fail2ban
|
||||
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban
|
||||
config: |
|
||||
[fail2ban]
|
||||
env.client /usr/bin/fail2ban-client
|
||||
env.config_dir /etc/fail2ban
|
||||
user root
|
||||
- name: http_response
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/http/http_response
|
||||
config: |
|
||||
[http_response]
|
||||
env.sites http://docker4.grote.lan:2233 http://docker4.grote.lan:2342
|
||||
env.max_time 20
|
||||
env.short_label true
|
||||
env.follow_redirect true
|
|
@ -1,53 +1,103 @@
|
|||
---
|
||||
### mgrote.apt_manage_packages
|
||||
apt_packages_extra:
|
||||
- libwww-curl-perl # für munin-plugin: unifi
|
||||
- libjson-perl # für munin-plugin: unifi
|
||||
- sshpass # fur munin mt_system_*
|
||||
### mgrote.docker-compose-deploy
|
||||
docker_compose_projects:
|
||||
- name: changedetection
|
||||
dir_name: docker-changedetection
|
||||
repository_url: git.mgrote.net/mg/docker-changedetection.io
|
||||
state: present
|
||||
os_username: mg
|
||||
- name: munin-master
|
||||
dir_name: docker-munin-master
|
||||
repository_url: git.mgrote.net/mg/docker-munin-master_production
|
||||
state: present
|
||||
os_username: mg
|
||||
- name: watchtower
|
||||
dir_name: docker-watchtower
|
||||
repository_url: git.mgrote.net/mg/docker-watchtower
|
||||
state: present
|
||||
os_username: mg
|
||||
os_username: docker-user
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
- name: ansible-ara
|
||||
dir_name: docker-ansible-ara
|
||||
repository_url: git.mgrote.net/mg/docker-ansible-ara
|
||||
state: present
|
||||
os_username: docker-user
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
- name: homer
|
||||
dir_name: docker-homer
|
||||
repository_url: git.mgrote.net/mg/docker-homer
|
||||
state: present
|
||||
os_username: mg
|
||||
- name: unifi-controller
|
||||
dir_name: docker-unifi-controller
|
||||
repository_url: git.mgrote.net/mg/docker-unifi-controller
|
||||
os_username: docker-user
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
- name: changedetection
|
||||
dir_name: docker-changedetection
|
||||
repository_url: git.mgrote.net/mg/docker-changedetection.io
|
||||
state: present
|
||||
os_username: mg
|
||||
os_username: docker-user
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
- name: photoprism
|
||||
dir_name: docker-photoprism
|
||||
repository_url: git.mgrote.net/mg/docker-photoprism
|
||||
state: present
|
||||
os_username: docker-user
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
- name: nightscout
|
||||
dir_name: docker-nightscout
|
||||
repository_url: git.mgrote.net/mg/docker-nightscout
|
||||
state: present
|
||||
os_username: docker-user
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
- name: miniflux
|
||||
dir_name: docker-miniflux
|
||||
repository_url: git.mgrote.net/mg/docker-miniflux
|
||||
state: present
|
||||
os_username: docker-user
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
- name: traefik
|
||||
dir_name: docker-traefik
|
||||
repository_url: git.mgrote.net/mg/docker-traefik
|
||||
state: present
|
||||
os_username: docker-user
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
network_name: nw_proxy_traefik
|
||||
- name: munin-master
|
||||
dir_name: docker-munin-master
|
||||
repository_url: git.mgrote.net/mg/docker-munin-master_production
|
||||
state: present
|
||||
os_username: docker-user
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
- name: oxidized
|
||||
dir_name: docker-oxidized
|
||||
repository_url: git.mgrote.net/mg/docker-oxidized
|
||||
state: present
|
||||
os_username: docker-user
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
state: present
|
||||
os_username: mg
|
||||
- name: librenms
|
||||
dir_name: docker-librenms
|
||||
repository_url: git.mgrote.net/mg/docker-librenms
|
||||
state: present
|
||||
os_username: docker-user
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
- name: unifi-controller
|
||||
dir_name: docker-unifi-controller
|
||||
repository_url: git.mgrote.net/mg/docker-unifi-controller
|
||||
state: present
|
||||
os_username: mg
|
||||
### geerlingguy.munin-node
|
||||
munin_node_allowed_cidrs: [0.0.0.0/0] # weil der munin-server aus einem anderen subnet zugreift
|
||||
munin_node_allowed_ips: # weil der munin-server aus einem anderen subnet zugreift
|
||||
- '^127\.0\.0\.1$'
|
||||
- '^::1$'
|
||||
- ^0\.0\.0\.0$
|
||||
os_username: docker-user
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
- name: navidrome-mg
|
||||
dir_name: docker-navidrome-mg
|
||||
repository_url: git.mgrote.net/mg/docker-navidrome-mg
|
||||
state: present
|
||||
os_username: docker-user
|
||||
repository_user: mg
|
||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||
### oefenweb.ufw
|
||||
ufw_rules: # ist extra weil bei munin kein subnet angegeben ist
|
||||
- rule: allow
|
||||
|
@ -60,10 +110,6 @@
|
|||
protocol: tcp
|
||||
comment: 'munin'
|
||||
from_ip: 0.0.0.0/0
|
||||
### mgrote.apt_manage_packages
|
||||
apt_packages_extra:
|
||||
- libwww-curl-perl # für munin-plugin: unifi
|
||||
- libjson-perl # für munin-plugin: unifi
|
||||
### geerlingguy.pip
|
||||
pip_package: python3-pip
|
||||
pip_install_packages:
|
||||
|
@ -71,7 +117,17 @@
|
|||
- name: fritzconnection # für munin fritzbox*
|
||||
- name: lxml # für munin fritzbox*
|
||||
- name: requests # für munin fritzbox*
|
||||
### mgrote.munin-node
|
||||
### geerlingguy.munin-node
|
||||
munin_node_allowed_cidrs: [0.0.0.0/0] # weil der munin-server aus einem anderen subnet zugreift
|
||||
munin_node_disabled_plugins:
|
||||
- name: meminfo # zu hohe last
|
||||
- name: hddtemp2 # ersetzt durch hddtemp_smartctl
|
||||
- name: ntp # verursacht zu viele dns ptr request
|
||||
- name: hddtempd # ersetzt durch hddtemp_smartctl
|
||||
- name: ipmi_power # für pve2, leeres diagramm
|
||||
- name: docker_images
|
||||
- name: docker_status
|
||||
- name: chrony
|
||||
munin_node_plugins:
|
||||
- name: timesync
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/timesync_status
|
||||
|
@ -82,20 +138,19 @@
|
|||
config: |
|
||||
[lvm_*]
|
||||
user root
|
||||
- name: fail2ban
|
||||
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban
|
||||
config: |
|
||||
[fail2ban]
|
||||
env.client /usr/bin/fail2ban-client
|
||||
env.config_dir /etc/fail2ban
|
||||
user root
|
||||
- name: docker_containers
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
config: |
|
||||
[docker_*]
|
||||
user root
|
||||
env.DOCKER_HOST unix://run/docker.sock
|
||||
- name: nextcloud_mgrote.next-cloud.org
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/nextcloud/nextcloud_
|
||||
config: |
|
||||
[nextcloud_mgrote.next-cloud.org]
|
||||
env.username munin
|
||||
env.password {{ lookup('keepass', 'nextcloud_munin_user', 'password') }}
|
||||
env.api_path /ocs/v2.php/apps/serverinfo/api/v1/info
|
||||
env.scheme https
|
||||
- name: docker_cpu
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: docker_memory
|
||||
|
@ -104,6 +159,22 @@
|
|||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: docker_volumes
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/docker/docker_
|
||||
- name: http_response
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/http/http_response
|
||||
config: |
|
||||
[http_response]
|
||||
env.sites http://docker7.grote.lan:8888/nodes http://docker7.grote.lan:1234 http://docker7.grote.lan:5000 http://docker7.grote.lan:333 http://docker7.grote.lan:2233 http://docker7.grote.lan:2342 http://docker7.grote.lan:8081/ https://miniflux.mgrote.net/ http://docker7.grote.lan:3001 https://nightscout.mgrote.net https://audio.mgrote.net/mg
|
||||
env.max_time 20
|
||||
env.short_label true
|
||||
env.follow_redirect true
|
||||
- name: nextcloud_mgrote.next-cloud.org
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/nextcloud/nextcloud_
|
||||
config: |
|
||||
[nextcloud_mgrote.next-cloud.org]
|
||||
env.username munin
|
||||
env.password {{ lookup('keepass', 'nextcloud_munin_user', 'password') }}
|
||||
env.api_path /ocs/v2.php/apps/serverinfo/api/v1/info
|
||||
env.scheme https
|
||||
- name: mt_system_crs309
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/router/mikrotik_system
|
||||
config: |
|
||||
|
@ -138,7 +209,7 @@
|
|||
# Password to login to unifi controller API. Default is "ubnt"
|
||||
env.pass {{ lookup('keepass', 'unifi_munin_user', 'password') }}
|
||||
# URL of the API, with port if needed. No trailing slash.
|
||||
env.api_url https://docker2.grote.lan:8443
|
||||
env.api_url https://docker7.grote.lan:8443
|
||||
# Verify SSL certificate name against host.
|
||||
# Note: if using a default cloudkey certificate, this will fail unless you manually add it
|
||||
# to the local keystore.
|
||||
|
@ -212,11 +283,3 @@
|
|||
env.fritzbox_username munin
|
||||
env.fritzbox_password {{ lookup('keepass', 'fritzbox_munin_user', 'password') }}
|
||||
env.traffic_remove_max true # if you do not want the possible max values
|
||||
- name: http_response
|
||||
src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/http/http_response
|
||||
config: |
|
||||
[http_response]
|
||||
env.sites http://docker2.grote.lan:8888/nodes http://docker2.grote.lan:1234 http://docker2.grote.lan:5000 http://docker2.grote.lan:333
|
||||
env.max_time 20
|
||||
env.short_label true
|
||||
env.follow_redirect true
|
|
@ -252,7 +252,6 @@
|
|||
snapshots: true
|
||||
template: '3tage'
|
||||
|
||||
|
||||
sanoid_templates:
|
||||
- name: '31tage'
|
||||
keep_hourly: '24' # Aufheben (Stunde)
|
||||
|
@ -294,7 +293,7 @@
|
|||
### mgrote.cv4pve-autosnap
|
||||
cv4pve_api_user: root@pam!cv4pve-autosnap
|
||||
cv4pve_api_token: "{{ lookup('keepass', 'cv4pve_api_token', 'password') }}"
|
||||
cv4pve_vmid: all,-127,-112,-100,-116
|
||||
cv4pve_vmid: all,-127,-112,-100,-116,-105
|
||||
cv4pve_keep_snapshots: 5
|
||||
cv4pve_dl_link: "https://github.com/Corsinvest/cv4pve-autosnap/releases/download/v1.10.0/cv4pve-autosnap-linux-x64.zip"
|
||||
|
||||
|
|
|
@ -26,9 +26,7 @@ all:
|
|||
ansible-test.grote.lan:
|
||||
docker:
|
||||
hosts:
|
||||
docker3.grote.lan:
|
||||
docker2.grote.lan:
|
||||
docker4.grote.lan:
|
||||
docker7.grote.lan:
|
||||
docker-test.grote.lan:
|
||||
vmtest:
|
||||
hosts:
|
||||
|
@ -63,9 +61,7 @@ all:
|
|||
gitea.grote.lan:
|
||||
dnsmasq.grote.lan:
|
||||
ntp-server.grote.lan:
|
||||
docker2.grote.lan:
|
||||
docker3.grote.lan:
|
||||
docker4.grote.lan:
|
||||
docker7.grote.lan:
|
||||
test:
|
||||
hosts:
|
||||
dokuwiki-test.grote.lan:
|
||||
|
|
BIN
keepass_db.kdbx
BIN
keepass_db.kdbx
Binary file not shown.
|
@ -1,5 +1,34 @@
|
|||
---
|
||||
- hosts: docker
|
||||
- hosts: docker7.grote.lan
|
||||
pre_tasks:
|
||||
- name: create pv + vg for docker
|
||||
become: true
|
||||
community.general.lvg:
|
||||
vg: vg_docker
|
||||
pvs: /dev/sdb
|
||||
state: present
|
||||
- name: create lv for docker
|
||||
become: true
|
||||
community.general.lvol:
|
||||
state: present
|
||||
vg: vg_docker
|
||||
lv: lv_docker
|
||||
size: +100%FREE
|
||||
- name: create fs on lv
|
||||
become: true
|
||||
community.general.filesystem:
|
||||
fstype: xfs
|
||||
dev: /dev/mapper/vg_docker-lv_docker
|
||||
- name: mount lv
|
||||
become: true
|
||||
ansible.posix.mount:
|
||||
path: /var/lib/docker
|
||||
src: /dev/mapper/vg_docker-lv_docker
|
||||
state: mounted
|
||||
fstype: xfs
|
||||
boot: yes
|
||||
|
||||
|
||||
roles:
|
||||
- { role: geerlingguy.pip, tags: "pip", become: true }
|
||||
- { role: geerlingguy.docker, tags: "docker", become: true }
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
loop: "{{ docker_compose_projects }}"
|
||||
when:
|
||||
- item.state == "present"
|
||||
- docker_compose_projects is defined
|
||||
no_log: true
|
||||
|
||||
- name: loop docker tasks - down
|
||||
|
@ -11,4 +12,5 @@
|
|||
loop: "{{ docker_compose_projects }}"
|
||||
when:
|
||||
- item.state == "absent"
|
||||
- docker_compose_projects is defined
|
||||
no_log: true
|
||||
|
|
Loading…
Reference in a new issue