Commit 77c66d5f authored by Nick Busey's avatar Nick Busey

Adding openldap, homedash, vagrant fix, jackett fix

parent 69ea5738
Pipeline #39815971 passed with stages
in 42 seconds
......@@ -2,6 +2,7 @@
* Improved deployment - Each service is now fully independent from each other.
* Added Inventario - Home Inventory Management Software
* Added Mashio - Home Brewery Management Software
* Added Homedash - Home Server Dashboard Software
* Fixed various bugs
# 0.4
......
......@@ -29,6 +29,7 @@ To make it easy for anyone to own all their data in an easy and secure way, with
* Automated Tor Onion Service access
* Automated HTTPS via LetsEncrypt
* OpenVPN
* OpenLDAP
* Cloud Bastion Server with Tinc VPN
### [Planned Features](https://gitlab.com/NickBusey/HomelabOS/issues?label_name%5B%5D=enhancement)
......@@ -41,7 +42,7 @@ To make it easy for anyone to own all their data in an easy and secure way, with
If you have the latest version of Vagrant and Virtual Box setup you can demo things locally by running `make develop`. This will spin up a temporary developer copy on your local computer without needing an actual server to point things at. Note no data will actually be saved from inside the VM, so this is for testing only.
## Included Software
## Available Software
* [Bitwarden](https://bitwarden.com/) - Password and secrets manager via [bitwarden-rs](https://github.com/dani-garcia/bitwarden_rs)
* [BulletNotes](https://gitlab.com/NickBusey/BulletNotes.git) - Note taking application
......@@ -53,6 +54,7 @@ If you have the latest version of Vagrant and Virtual Box setup you can demo thi
* [Gitea](https://gitea.io/en-US/) - Git hosting
* [Grafana](https://grafana.com/) - Pretty graphs
* [Home Assistant](https://www.home-assistant.io/) - Home Automation
* [Homedash](https://lamarios.github.io/Homedash2/) - Dashboard
* [InfluxDB](https://www.influxdata.com/time-series-platform/influxdb/) - Time series data storage
* [Inventario](https://gitlab.com/NickBusey/inventario) - Home inventory management
* [Jackett](https://github.com/Jackett/Jackett) - API Support for your favorite torrent trackers (helps Sonarr and Radarr)
......@@ -65,6 +67,7 @@ If you have the latest version of Vagrant and Virtual Box setup you can demo thi
* [NextCloud](https://nextcloud.com/) - Private Cloud Storage, Calendar, Contacts, etc.
* [Organizr](https://github.com/causefx/Organizr) - Access all your HomelabOS services in one easy place.
* [Paperless](https://github.com/danielquinn/paperless) - Document management
* [phpLDAPadmin](https://github.com/osixia/docker-phpLDAPadmin) - LDAP management interface
* [Pi-hole](https://pi-hole.net/) - Ad blocking
* [Plex](https://www.plex.tv/) - Personal Media Server
* [Portainer](https://www.portainer.io/) - Easy Docker management
......
......@@ -9,6 +9,7 @@ Vagrant.configure(2) do |config|
config.vm.provision "ansible" do |ansible|
ansible.playbook = "homelabos.yml"
ansible.groups = { "homelabos" => ["default"] }
ansible.extra_vars = { ansible_ssh_user: 'vagrant',
ansible_python_interpreter:"/usr/bin/python3",
ansible_connection: 'ssh',
......
......@@ -10,7 +10,7 @@ From inside the HomelabOS folder execute the terminal command `make config` to c
Once that is done, you can run `make` to have HomelabOS install itself.
To change any setting, edit your `config.yml` file, then run `make config` again.
To change any setting, edit your `config.yml` file, then run `make update`.
To reset your settings, run `make config_reset`, then run `make config` again.
......
......@@ -4,7 +4,7 @@ common_timezone: Etc/UTC
enable_tinc: False
enable_tor: False
enable_apple_health_influx: False
enable_bitwarden: False
enable_bulletnotes: False
enable_darksky_influx: False
......@@ -15,6 +15,7 @@ enable_firefly_iii: False
enable_gitea: False
enable_grafana: False
enable_homeassistant: False
enable_homedash: False
enable_inventario: False
enable_jackett: False
enable_kibitzr: False
......@@ -25,6 +26,7 @@ enable_minio: False
enable_monicahq: False
enable_nextcloud: False
enable_nzbget: False
enable_openldap: False
enable_openvpn: False
enable_organizr: False
enable_paperless: False
......@@ -81,6 +83,8 @@ vpn_subnet_cidr_netmask: 32
s3_path: s3:http://minio:9000/restic-backups/
s3_backup_cron: 0 4 * * *
ldap_org_name: My Family
# Service List
services:
- bitwarden
......@@ -91,16 +95,20 @@ services:
- gitea
- grafana
- homeassistant
- homedash
- inventario
- jackett
- mashio
- matomo
- miniflux
- minio
- monicahq
- nextcloud
- openldap
- organizr
- paperless
- pihole
- plex
- portainer
- sonarr
- radarr
......
---
- name: Make homedash directory.
file:
path: "/var/homelabos/homedash"
state: directory
- name: Copy homedash docker-compose.yml file into place.
template:
src: docker-compose.homedash.yml.j2
dest: /var/homelabos/homedash/docker-compose.homedash.yml
vars:
tor_domain: "{{ tor_http_domain_file.stdout if tor_http_domain is defined else '' }}"
- name: Configure homedash systemd service.
template: src=homedash.service dest=/etc/systemd/system/homedash.service
- name: Start homedash
systemd:
name: homedash
enabled: "yes"
daemon-reload: "yes"
state: started
...
---
version: '3'
networks:
traefik_network:
external:
name: homelabos_traefik
services:
homedash:
image: gonzague/homedash
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/homelabos/homedash:/data
environment:
- SALT=ivPWITRH5KPJE5oQQAgxuiCgIxBez6MF6idGmasWTUjZzhEx3iAtnI9TSAo6HAevApRoujC5
restart: unless-stopped
networks:
- traefik_network
labels:
- "traefik.enable=true"
- "traefik.docker.network=homelabos_traefik"
- "traefik.http.frontend.rule=Host:homedash.{{ domain }}"
- "traefik.http.protocol=http"
- "traefik.http.port=4567"
- "traefik.http.frontend.headers.customFrameOptionsValue=ALLOW-FROM http://{{ domain }}"
- "traefik.http.frontend.headers.customFrameOptionsValue=ALLOW-FROM https://{{ domain }}"
- "traefik.tor.frontend.rule=Host:homedash.{{ tor_domain }}"
- "traefik.tor.protocol=http"
- "traefik.tor.port=4567"
[Unit]
Description=HomelabOS homedash Service
After=docker.service
Requires=docker.service
[Service]
TimeoutSec=infinity
Restart=always
RestartSec=3
ExecStartPre=/usr/bin/docker-compose -f /var/homelabos/homedash/docker-compose.homedash.yml -p homedash down
ExecStart=/usr/bin/docker-compose -f /var/homelabos/homedash/docker-compose.homedash.yml -p homedash up
ExecStop=/usr/bin/docker-compose -f /var/homelabos/homedash/docker-compose.homedash.yml -p homedash stop
[Install]
WantedBy=multi-user.target
\ No newline at end of file
......@@ -50,6 +50,7 @@ enable_firefly_iii: {{enable_firefly_iii}}
enable_gitea: {{enable_gitea}}
enable_grafana: {{enable_grafana}}
enable_homeassistant: {{enable_homeassistant}}
enable_homedash: {{enable_homedash}}
enable_inventario: {{enable_inventario}}
enable_jackett: {{enable_jackett}}
enable_kibitzr: {{enable_kibitzr}}
......@@ -60,6 +61,7 @@ enable_minio: {{enable_minio}}
enable_monicahq: {{enable_monicahq}}
enable_nextcloud: {{enable_nextcloud}}
enable_nzbget: {{enable_nzbget}}
enable_openldap: {{enable_openldap}}
enable_openvpn: {{enable_openvpn}}
enable_organizr: {{enable_organizr}}
enable_paperless: {{enable_paperless}}
......@@ -126,3 +128,6 @@ smtp_user: {{smtp_user}}
smtp_pass: {{smtp_pass}}
smtp_from_email: {{smtp_from_email}}
smtp_from_name: {{smtp_from_name}}
# LDAP Settings
ldap_org_name: {{ldap_org_name}}
\ No newline at end of file
......@@ -18,4 +18,17 @@ services:
environment:
- TZ={{ common_timezone }}
ports:
- 9117:9117
\ No newline at end of file
- 9117:9117
networks:
- traefik_network
labels:
- "traefik.enable=true"
- "traefik.docker.network=homelabos_traefik"
- "traefik.http.frontend.rule=Host:jackett.{{ domain }}"
- "traefik.http.protocol=http"
- "traefik.http.port=9117"
- "traefik.http.frontend.headers.customFrameOptionsValue=ALLOW-FROM http://{{ domain }}"
- "traefik.http.frontend.headers.customFrameOptionsValue=ALLOW-FROM https://{{ domain }}"
- "traefik.tor.frontend.rule=Host:jackett.{{ tor_domain }}"
- "traefik.tor.protocol=http"
- "traefik.tor.port=9117"
---
- name: Make openldap directory.
file:
path: "/var/homelabos/openldap"
state: directory
- name: Copy openldap docker-compose.yml file into place.
template:
src: docker-compose.openldap.yml.j2
dest: /var/homelabos/openldap/docker-compose.openldap.yml
vars:
tor_domain: "{{ tor_http_domain_file.stdout if tor_http_domain is defined else '' }}"
- name: Configure openldap systemd service.
template: src=openldap.service dest=/etc/systemd/system/openldap.service
- name: Start openldap
systemd:
name: openldap
enabled: "yes"
daemon-reload: "yes"
state: started
...
---
version: '3'
networks:
traefik_network:
external:
name: homelabos_traefik
services:
openldap:
image: osixia/openldap:1.2.2
restart: unless-stopped
networks:
- traefik_network
ports:
- 389:389
- 689:689
volumes:
- /var/homelabos/openldap/data:/var/lib/data
- /var/homelabos/openldap/config:/etc/ldap/slapd.d
environment:
- LDAP_ORGANISATION="{{ ldap_org_name }}"
- LDAP_DOMAIN="{{ domain }}"
- LDAP_ADMIN_PASSWORD="{{ default_password }}"
phpldapadmin:
image: osixia/phpldapadmin:0.7.2
restart: unless-stopped
networks:
- traefik_network
environment:
- PHPLDAPADMIN_LDAP_HOSTS=openldap
labels:
- "traefik.enable=true"
- "traefik.docker.network=homelabos_traefik"
- "traefik.http.frontend.rule=Host:phpldapadmin.{{ domain }}"
- "traefik.http.protocol=http"
- "traefik.http.port=80"
- "traefik.http.frontend.headers.customFrameOptionsValue=ALLOW-FROM http://{{ domain }}"
- "traefik.http.frontend.headers.customFrameOptionsValue=ALLOW-FROM https://{{ domain }}"
- "traefik.tor.frontend.rule=Host:phpldapadmin.{{ tor_domain }}"
- "traefik.tor.protocol=http"
- "traefik.tor.port=80"
[Unit]
Description=HomelabOS openldap Service
After=docker.service
Requires=docker.service
[Service]
TimeoutSec=infinity
Restart=always
RestartSec=3
ExecStartPre=/usr/bin/docker-compose -f /var/homelabos/openldap/docker-compose.openldap.yml -p openldap down
ExecStart=/usr/bin/docker-compose -f /var/homelabos/openldap/docker-compose.openldap.yml -p openldap up
ExecStop=/usr/bin/docker-compose -f /var/homelabos/openldap/docker-compose.openldap.yml -p openldap stop
[Install]
WantedBy=multi-user.target
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment