From a12ced1e7cc91127ada771e943bbe4eb90258fee Mon Sep 17 00:00:00 2001
From: mg <mg@noreply.git.mgrote.net>
Date: Tue, 20 Jul 2021 10:42:30 +0200
Subject: [PATCH] docker4: photoprism (#167)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Firewall angepasst für munin

docker4: photoprism eingebaut

Co-authored-by: Michael Grote <michael.grote@posteo.de>
Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/167
Co-Authored-By: mg <mg@noreply.git.mgrote.net>
Co-Committed-By: mg <mg@noreply.git.mgrote.net>
---
 group_vars/docker.yml           | 11 -----------
 host_vars/docker2.grote.lan.yml | 11 +++++++++++
 host_vars/docker4.grote.lan.yml |  6 ++++++
 3 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/group_vars/docker.yml b/group_vars/docker.yml
index 83449f8a..98bdac50 100644
--- a/group_vars/docker.yml
+++ b/group_vars/docker.yml
@@ -17,14 +17,3 @@
         /var/lib/docker/volumes/docker-photoprism_pp_smb_bilder***/**
         # https://github.com/restic/restic/issues/1005
         # https://forum.restic.net/t/exclude-syntax-confusion/1531/12
-  ### oefenweb.ufw
-  ufw_rules:
-    - rule: allow
-      to_port: 22
-      protocol: tcp
-      comment: 'ssh'
-      from_ip: 192.168.2.0/24
-    - rule: allow
-      to_port: 4949
-      protocol: tcp
-      comment: 'munin'
diff --git a/host_vars/docker2.grote.lan.yml b/host_vars/docker2.grote.lan.yml
index 5a5828e5..25830f6a 100644
--- a/host_vars/docker2.grote.lan.yml
+++ b/host_vars/docker2.grote.lan.yml
@@ -28,3 +28,14 @@
     - '^127\.0\.0\.1$'
     - '^::1$'
     - ^0\.0\.0\.0$
+  ### oefenweb.ufw
+  ufw_rules: # ist extra weil bei munin kein subnet angegeben ist
+    - rule: allow
+      to_port: 22
+      protocol: tcp
+      comment: 'ssh'
+      from_ip: 192.168.2.0/24
+    - rule: allow
+      to_port: 4949
+      protocol: tcp
+      comment: 'munin'
diff --git a/host_vars/docker4.grote.lan.yml b/host_vars/docker4.grote.lan.yml
index 722ed72e..04868fd1 100644
--- a/host_vars/docker4.grote.lan.yml
+++ b/host_vars/docker4.grote.lan.yml
@@ -6,3 +6,9 @@
       dir_name: docker-watchtower
       repository_url: git.mgrote.net/mg/docker-watchtower
       state: present
+    - name: photoprism
+      dir_name: docker-photoprism
+      repository_url: git.mgrote.net/mg/docker-photoprism
+      state: present
+      repository_user: mg
+      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"