Commit 16bc3660 authored by Nick Busey's avatar Nick Busey

Migrating more roles

parent b9465ca8
Pipeline #38938207 failed with stage
in 41 seconds
......@@ -4,6 +4,6 @@
## Access
It is available at [https://warden.{{ domain }}/](https://warden.{{ domain }}/) or [http://warden.{{ domain }}/](http://warden.{{ domain }}/)
It is available at [https://bitwarden.{{ domain }}/](https://bitwarden.{{ domain }}/) or [http://bitwarden.{{ domain }}/](http://bitwarden.{{ domain }}/)
It is also available via Tor at [http://warden.{{ tor_domain }}/](http://warden.{{ tor_domain }}/)
\ No newline at end of file
It is also available via Tor at [http://bitwarden.{{ tor_domain }}/](http://bitwarden.{{ tor_domain }}/)
\ No newline at end of file
......@@ -34,6 +34,7 @@ enable_radarr: False
enable_restic: False
enable_syncthing: False
enable_thelounge: False
enable_tick: False
enable_transmission: False
enable_xfinityusageinfluxdb: False
......@@ -80,24 +81,27 @@ s3_backup_cron: 0 4 * * *
# Service List
services:
- warden
- bitwarden
- bulletnotes
- docs
- emby
- money
- git
- firefly_iii
- gitea
- grafana
- homeassistant
- inventario
- matomo
- rss
- miniflux
- minio
- monica
- monicahq
- nextcloud
- paperless
- pihole
- docker
- portainer
- sonarr
- radarr
- sync
- syncthing
- thelounge
- torrent
\ No newline at end of file
- tick
- tinc
- transmission
......@@ -34,26 +34,6 @@
port: 80
source: 127.0.0.1:80
# Install and configure HomelabOS services
- hosts: homelabos
become: "True"
gather_facts: "True"
tags:
- homelabos
- deploy
roles:
- homelabos_base
# Install and configure HomelabOS documentation
- hosts: homelabos
become: "True"
gather_facts: "True"
tags:
- homelabos
- docs
roles:
- role: homelabos_docs
when: enable_docs
- name: "Setup tinc VPN"
tags: tinc
......@@ -63,7 +43,7 @@
roles:
- role: homelabos_tinc
when:
- "vpn_ip is defined"
- enable_tinc
- name: "Update Tinc NGINX Servers"
hosts: tinc
......@@ -72,27 +52,16 @@
tags: tinc-nginx
roles:
- role: homelabos_tinc-nginx
when:
- "vpn_ip is defined"
when: enable_tinc
- name: "Deploy enabled services"
hosts: homelabos
# Install and configure HomelabOS services
- hosts: homelabos
become: "True"
gather_facts: "True"
tags:
- homelabos
- deploy
roles:
- role: apple_health_influx
when: enable_apple_health_influx
- role: bitwarden
when: enable_bitwarden
- role: bulletnotes
when: enable_bulletnotes
- role: bitwarden
when: enable_bitwarden
- role: firefly_iii
when: enable_firefly_iii
- role: thelounge
when: enable_thelounge
- homelabos_base
...
......@@ -17,11 +17,12 @@ services:
- /var/homelabos/bitwarden:/data
labels:
- "traefik.enable=true"
- "traefik.http.frontend.rule=Host:warden.{{ domain }}"
- "traefik.docker.network=homelabos_traefik"
- "traefik.http.frontend.rule=Host:bitwarden.{{ domain }}"
- "traefik.http.protocol=http"
- "traefik.http.port=80"
- "traefik.http.frontend.headers.customFrameOptionsValue=ALLOW-FROM http://{{ domain }}"
- "traefik.http.frontend.headers.customFrameOptionsValue=ALLOW-FROM https://{{ domain }}"
- "traefik.tor.frontend.rule=Host:warden.{{ tor_domain }}"
- "traefik.tor.frontend.rule=Host:bitwarden.{{ tor_domain }}"
- "traefik.tor.protocol=http"
- "traefik.tor.port=80"
\ No newline at end of file
......@@ -31,6 +31,7 @@ services:
- ROOT_URL=http://bulletnotes.{{ domain }}
labels:
- "traefik.enable=true"
- "traefik.docker.network=homelabos_traefik"
- "traefik.http.frontend.rule=Host:bulletnotes.{{ domain }}"
- "traefik.http.protocol=http"
- "traefik.http.port=3000"
......
---
- name: Make emby directory.
file:
path: "/var/homelabos/emby"
state: directory
- name: Copy emby docker-compose.yml file into place.
template:
src: docker-compose.emby.yml.j2
dest: /var/homelabos/emby/docker-compose.emby.yml
vars:
tor_domain: "{{ tor_http_domain_file.stdout }}"
- name: Configure emby systemd service.
template: src=emby.service dest=/etc/systemd/system/emby.service
- name: Start emby
systemd:
name: emby
enabled: "yes"
daemon-reload: "yes"
state: started
...
---
version: '3'
networks:
traefik_network:
external:
name: homelabos_traefik
services:
# Media Server
emby:
image: emby/embyserver:latest
restart: unless-stopped
volumes:
- /var/homelabos/emby:/config
- /mnt/nas:/mnt/nas
- /mnt/nas/tmp:/config/transcoding-temp
labels:
- "traefik.enable=true"
- "traefik.docker.network=homelabos_traefik"
- "traefik.http.frontend.rule=Host:emby.{{ domain }}"
- "traefik.http.protocol=http"
- "traefik.http.port=8096"
- "traefik.tor.frontend.rule=Host:emby.{{ tor_domain }}"
- "traefik.tor.protocol=http"
- "traefik.tor.port=8096"
\ No newline at end of file
[Unit]
Description=HomelabOS emby Service
After=docker.service
Requires=docker.service
[Service]
TimeoutSec=infinity
Restart=always
RestartSec=3
ExecStartPre=/usr/bin/docker-compose -f /var/homelabos/emby/docker-compose.emby.yml -p emby down
ExecStart=/usr/bin/docker-compose -f /var/homelabos/emby/docker-compose.emby.yml -p emby up
ExecStop=/usr/bin/docker-compose -f /var/homelabos/emby/docker-compose.emby.yml -p emby stop
[Install]
WantedBy=multi-user.target
\ No newline at end of file
......@@ -28,6 +28,7 @@ services:
- /var/homelabos/firefly/upload:/var/www/firefly-iii/storage/upload
labels:
- "traefik.enable=true"
- "traefik.docker.network=homelabos_traefik"
- "traefik.http.frontend.rule=Host:money.{{ domain }}"
- "traefik.http.protocol=http"
- "traefik.http.port=80"
......
---
- name: Make grafana directory.
file:
path: "/var/homelabos/grafana"
state: directory
- name: Copy grafana docker-compose.yml file into place.
template:
src: docker-compose.grafana.yml.j2
dest: /var/homelabos/grafana/docker-compose.grafana.yml
vars:
tor_domain: "{{ tor_http_domain_file.stdout }}"
- name: Configure grafana systemd service.
template: src=grafana.service dest=/etc/systemd/system/grafana.service
- name: Start grafana
systemd:
name: grafana
enabled: "yes"
daemon-reload: "yes"
state: started
...
---
version: '3'
networks:
traefik_network:
external:
name: homelabos_traefik
services:
# Graphing
grafana:
image: grafana/grafana
restart: unless-stopped
networks:
- traefik_network
volumes:
- /var/homelabos/grafana/data/:/var/lib/grafana/
- /var/homelabos/grafana/dashboards/:/etc/grafana/provisioning/dashboards/
- /var/homelabos/grafana/datasources/:/etc/grafana/provisioning/datasources/
environment:
- GF_INSTALL_PLUGINS=grafana-clock-panel,natel-discrete-panel,petrslavotinek-carpetplot-panel,vonage-status-panel,raintank-worldping-app
{% if smtp_host %}
- GF_SMTP_ENABLED=true
- GF_SMTP_HOST={{ smtp_host }}:{{ smtp_port }}
- GF_SMTP_USER={{ smtp_user }}
- GF_SMTP_PASSWORD={{ smtp_pass }}
- GF_SMTP_FROM_ADDRESS={{ smtp_from_email }}
- GF_SMTP_FROM_NAME={{ smtp_from_name }}
{% endif %}
- GF_SECURITY_ADMIN_USER={{ default_username }}
- GF_SECURITY_ADMIN_PASSWORD={{ default_password }}
labels:
- "traefik.enable=true"
- "traefik.http.frontend.rule=Host:grafana.{{ domain }}"
- "traefik.http.protocol=http"
- "traefik.http.port=3000"
- "traefik.tor.frontend.rule=Host:grafana.{{ tor_domain }}"
- "traefik.tor.protocol=http"
- "traefik.tor.port=3000"
\ No newline at end of file
[Unit]
Description=HomelabOS grafana Service
After=docker.service
Requires=docker.service
[Service]
TimeoutSec=infinity
Restart=always
RestartSec=3
ExecStartPre=/usr/bin/docker-compose -f /var/homelabos/grafana/docker-compose.grafana.yml -p grafana down
ExecStart=/usr/bin/docker-compose -f /var/homelabos/grafana/docker-compose.grafana.yml -p grafana up
ExecStop=/usr/bin/docker-compose -f /var/homelabos/grafana/docker-compose.grafana.yml -p grafana stop
[Install]
WantedBy=multi-user.target
\ No newline at end of file
---
- name: Make homeassistant directory.
file:
path: "/var/homelabos/homeassistant"
state: directory
- name: Copy homeassistant docker-compose.yml file into place.
template:
src: docker-compose.homeassistant.yml.j2
dest: /var/homelabos/homeassistant/docker-compose.homeassistant.yml
vars:
tor_domain: "{{ tor_http_domain_file.stdout }}"
- name: Configure homeassistant systemd service.
template: src=homeassistant.service dest=/etc/systemd/system/homeassistant.service
- name: Start homeassistant
systemd:
name: homeassistant
enabled: "yes"
daemon-reload: "yes"
state: started
...
---
version: '3'
networks:
traefik_network:
external:
name: homelabos_traefik
services:
# Home Automation
homeassistant:
image: homeassistant/home-assistant
volumes:
- /var/homelabos/homeassistant:/config
- /etc/localtime:/etc/localtime:ro
- /etc/letsencrypt:/etc/letsencrypt
restart: unless-stopped
networks:
- traefik_network
ports:
- 8123:8123
- 1883:1883
# - 8080:8080
- 51827:51827
labels:
- "traefik.enable=true"
- "traefik.docker.network=homelabos_traefik"
- "traefik.http.frontend.rule=Host:homeassistant.{{ domain }}"
- "traefik.http.protocol=http"
- "traefik.http.port=8123"
- "traefik.tor.frontend.rule=Host:homeassistant.{{ tor_domain }}"
- "traefik.tor.protocol=http"
- "traefik.tor.port=8123"
\ No newline at end of file
[Unit]
Description=HomelabOS homeassistant Service
After=docker.service
Requires=docker.service
[Service]
TimeoutSec=infinity
Restart=always
RestartSec=3
ExecStartPre=/usr/bin/docker-compose -f /var/homelabos/homeassistant/docker-compose.homeassistant.yml -p homeassistant down
ExecStart=/usr/bin/docker-compose -f /var/homelabos/homeassistant/docker-compose.homeassistant.yml -p homeassistant up
ExecStop=/usr/bin/docker-compose -f /var/homelabos/homeassistant/docker-compose.homeassistant.yml -p homeassistant stop
[Install]
WantedBy=multi-user.target
\ No newline at end of file
......@@ -65,6 +65,22 @@
shell: cat /var/lib/tor/ssh-onion/hostname
register: tor_ssh_domain_file
- name: Deploy enabled services.
include_role:
name: "{{ item }}"
when: enable_{{ item }}
with_items:
- "{{ services }}"
- name: Ensure disabled services are not running
systemd:
name: "{{ item }}"
state: stopped
when: enable_{{ item }} == False
with_items:
- "{{ services }}"
ignore_errors: "yes"
- debug:
msg: "HomelabOS Installed successfully! Go to https://{{ domain }}/ to get started. You can also access your services via Tor at http://{{ tor_http_domain_file.stdout }}/ Finally you can SSH to {{ tor_ssh_domain_file.stdout }}"
......
......@@ -17,6 +17,7 @@ services:
- /var/homelabos/docs/site:/var/www
labels:
- "traefik.enable=true"
- "traefik.docker.network=homelabos_traefik"
- "traefik.http.frontend.rule=Host:docs.{{ domain }}"
- "traefik.http.protocol=http"
- "traefik.http.port=80"
......
......@@ -69,6 +69,7 @@ enable_radarr: {{enable_radarr}}
enable_restic: {{enable_restic}}
enable_syncthing: {{enable_syncthing}}
enable_thelounge: {{enable_thelounge}}
enable_tick: {{enable_tick}}
enable_transmission: {{enable_transmission}}
enable_xfinityusageinfluxdb: {{enable_xfinityusageinfluxdb}}
......
---
- name: Make inventario directory.
file:
path: "/var/homelabos/inventario"
state: directory
- name: Copy inventario docker-compose.yml file into place.
template:
src: docker-compose.inventario.yml.j2
dest: /var/homelabos/inventario/docker-compose.inventario.yml
vars:
tor_domain: "{{ tor_http_domain_file.stdout }}"
- name: Configure inventario systemd service.
template: src=inventario.service dest=/etc/systemd/system/inventario.service
- name: Start inventario
systemd:
name: inventario
enabled: "yes"
daemon-reload: "yes"
state: started
...
---
version: '3'
networks:
traefik_network:
external:
name: homelabos_traefik
services:
# Home Inventory Management
inventario:
image: nickbusey/inventario
restart: unless-stopped
networks:
- traefik_network
links:
- inventario_db
environment:
- MYSQL_DATABASE=inventario
- MYSQL_TEST_DATABASE=inventario_test
- MYSQL_USER=inventario
- MYSQL_PASSWORD=inventario
labels:
- "traefik.enable=true"
- "traefik.docker.network=homelabos_traefik"
- "traefik.http.frontend.rule=Host:inventario.{{ domain }}"
- "traefik.http.protocol=http"
- "traefik.http.port=80"
- "traefik.http.frontend.headers.customFrameOptionsValue=ALLOW-FROM http://{{ domain }}"
- "traefik.http.frontend.headers.customFrameOptionsValue=ALLOW-FROM https://{{ domain }}"
- "traefik.tor.frontend.rule=Host:inventario.{{ tor_domain }}"
- "traefik.tor.protocol=http"
- "traefik.tor.port=80"
inventario_db:
image: mariadb
restart: unless-stopped
networks:
- traefik_network
volumes:
- /var/homelabos/inventario_db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=inventario
- MYSQL_DATABASE=inventario
- MYSQL_TEST_DATABASE=inventario_test
- MYSQL_USER=inventario
- MYSQL_PASSWORD=inventario
\ No newline at end of file
[Unit]
Description=HomelabOS inventario Service
After=docker.service
Requires=docker.service
[Service]
TimeoutSec=infinity
Restart=always
RestartSec=3
ExecStartPre=/usr/bin/docker-compose -f /var/homelabos/inventario/docker-compose.inventario.yml -p inventario down
ExecStart=/usr/bin/docker-compose -f /var/homelabos/inventario/docker-compose.inventario.yml -p inventario up
ExecStop=/usr/bin/docker-compose -f /var/homelabos/inventario/docker-compose.inventario.yml -p inventario stop
[Install]
WantedBy=multi-user.target
\ No newline at end of file
---
- name: Make organizr directory.
file:
path: "/var/homelabos/organizr"
state: directory
- name: Copy organizr docker-compose.yml file into place.
template:
src: docker-compose.organizr.yml.j2
dest: /var/homelabos/organizr/docker-compose.organizr.yml
vars:
tor_domain: "{{ tor_http_domain_file.stdout }}"
- name: Configure organizr systemd service.
template: src=organizr.service dest=/etc/systemd/system/organizr.service
- name: Start organizr
systemd:
name: organizr
enabled: "yes"
daemon-reload: "yes"
state: started
...
---
version: '3'
networks:
traefik_network:
external:
name: homelabos_traefik
services:
# Dashboard
organizr:
image: organizrtools/organizr-v2
restart: unless-stopped
networks:
- traefik_network
volumes:
- /var/homelabos/organizr:/config
labels:
- "traefik.enable=true"
- "traefik.docker.network=homelabos_traefik"
- "traefik.http.frontend.rule=Host:{{ domain }}"
- "traefik.http.protocol=http"
- "traefik.http.port=80"
- "traefik.tor.frontend.rule=Host:{{ tor_domain }}"
- "traefik.tor.protocol=http"
- "traefik.tor.port=80"
\ No newline at end of file
[Unit]
Description=HomelabOS organizr Service
After=docker.service
Requires=docker.service
[Service]
TimeoutSec=infinity
Restart=always
RestartSec=3
ExecStartPre=/usr/bin/docker-compose -f /var/homelabos/organizr/docker-compose.organizr.yml -p organizr down
ExecStart=/usr/bin/docker-compose -f /var/homelabos/organizr/docker-compose.organizr.yml -p organizr up
ExecStop=/usr/bin/docker-compose -f /var/homelabos/organizr/docker-compose.organizr.yml -p organizr stop
[Install]
WantedBy=multi-user.target
\ No newline at end of file
---
- name: Make tick directory.
file:
path: "/var/homelabos/tick"
state: directory
- name: Copy tick docker-compose.yml file into place.
template:
src: docker-compose.tick.yml.j2
dest: /var/homelabos/tick/docker-compose.tick.yml
vars:
tor_domain: "{{ tor_http_domain_file.stdout }}"
- name: Configure tick systemd service.
template: src=tick.service dest=/etc/systemd/system/tick.service
- name: Start tick
systemd:
name: tick
enabled: "yes"
daemon-reload: "yes"
state: started
...
---
version: '3'
networks:
traefik_network:
external:
name: homelabos_traefik
services:
# System Statistics Logger
telegraf:
image: telegraf
restart: unless-stopped
networks:
- traefik_network
volumes:
- /var/homelabos/telegraf/telegraf.conf:/etc/telegraf/telegraf.conf
- /var/run/docker.sock:/var/run/docker.sock
- /sys:/rootfs/sys:ro
- /proc:/rootfs/proc:ro
- /etc:/rootfs/etc:ro
- /mnt/nas:/mnt/nas
# Time Series Data Store
influxdb:
image: influxdb
restart: unless-stopped
networks:
- traefik_network
volumes:
- /var/homelabos/influxdb:/var/lib/influxdb
ports:
- 8086:8086
\ No newline at end of file
[Unit]
Description=HomelabOS tick Service
After=docker.service
Requires=docker.service
[Service]
TimeoutSec=infinity
Restart=always
RestartSec=3
ExecStartPre=/usr/bin/docker-compose -f /var/homelabos/tick/docker-compose.tick.yml -p tick down
ExecStart=/usr/bin/docker-compose -f /var/homelabos/tick/docker-compose.tick.yml -p tick up
ExecStop=/usr/bin/docker-compose -f /var/homelabos/tick/docker-compose.tick.yml -p tick stop
[Install]
WantedBy=multi-user.target
\ No newline at end of file
......@@ -22,5 +22,5 @@
private: "False"
roles:
- setup
- homelabos_setup
...
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment