homeserver/host_vars/docker10.mgrote.net.yml
Michael Grote 2b48b9fe6f
All checks were successful
ansible-lint / gitleaks (pull_request) Successful in 5s
ansible-lint / Ansible Lint (pull_request) Successful in 49s
changed Files: friedhof/mgrote_minio_configure/defaults/main.yml
friedhof/mgrote_minio_configure/tasks/bucket.yml
friedhof/mgrote_minio_configure/tasks/client.yml
friedhof/mgrote_minio_configure/tasks/main.yml
friedhof/mgrote_minio_configure/tasks/policy.yml
friedhof/mgrote_minio_configure/templates/policy_ro.j2
friedhof/mgrote_minio_configure/templates/policy_rw.j2
group_vars/docker.yml
host_vars/docker10.mgrote.net.yml
playbooks/3_service/docker.yml

Signed-off-by: Michael Grote <michael.grote@posteo.de>
2024-11-24 21:04:36 +00:00

72 lines
1.6 KiB
YAML

---
### mrlesmithjr.ansible-manage-lvm
lvm_groups:
- vgname: vg_docker
disks:
- /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1
create: true
lvnames:
- lvname: docker
size: +100%FREE
create: true
filesystem: xfs
mount: true
mntp: /var/lib/docker
manage_lvm: true
pvresize_to_max: true
### mgrote_docker-compose-inline
compose_owner: "docker-user"
compose_group: "docker-user"
compose_dest_basedir: "/docker"
compose_src_basedir: "{{ inventory_dir }}/docker-compose"
compose_files:
- name: registry
state: present
network: traefik
- name: nextcloud
state: present
network: traefik
- name: unifi-network-application
state: present
- name: miniflux
state: present
network: traefik
- name: traefik
state: present
network: traefik
- name: navidrome
state: present
network: traefik
- name: routeros-config-export
state: present
- name: postfix
state: present
network: postfix
- name: wiki
state: present
network: traefik
- name: gramps
state: present
- name: act-runner
state: present
- name: lldap
state: present
network: traefik
- name: minio
state: absent
### oefenweb.ufw
ufw_rules:
- rule: allow
to_port: 22
protocol: tcp
comment: 'ssh'
from_ip: 0.0.0.0/0
# docker network inspect $(docker network ls -q)|grep -E "IPv(4|6)A" | grep -v \"\" | sort -h
- rule: allow
from_ip: 192.168.0.0/16
comment: 'docker networks'
- rule: allow
from_ip: 172.0.0.0/8
comment: 'docker networks'