sgratias/semaphore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

POUSH

Browse Source
This commit is contained in:
sgratias
2023-11-11 18:10:13 +01:00
parent 8182f0e15c
commit 35361172e1
2 changed files with 49 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
dockerapps.yml
View File

@@ -49,6 +49,7 @@
- "{{ dockerapp_tree_base_dir | last }}"
- "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}"
- "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}/logs"
- "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}/logs/homeserver"
tags:
- docker-compose
- bootstrap_dockerapp_create_base_dir

79
host_vars/scaleway_fr.yml
View File

@@ -98,7 +98,7 @@ logrotate_scripts:
- name: backup
paths:
- /opt/dockerapps/backup/*.zip
- /opt/dockerapps/appdata/vaultwarden/backup/*.tar.xz.gpg
- /opt/dockerapps/vaultwarden/backup/*.tar.xz.gpg
options:
- daily
- rotate 4
@@ -153,8 +153,8 @@ logrotate_scripts:
- name: dockerapps-backup
paths:
- /opt/dockerapps/backup/gitea-dump-*.zip
- /opt/dockerapps/appdata/vaultwarden/backup/*.gpg
- /opt/dockerapps/appdata/vaultwarden/backup/*gpg.1.gz
- /opt/dockerapps/vaultwarden/backup/*.gpg
- /opt/dockerapps/vaultwarden/backup/*gpg.1.gz
options:
- rotate 6
- monthly
@@ -207,20 +207,37 @@ chisel_proxychains_conf:
##################
dockerapp_tree_volumes:
# ALERT
- alertmanager
- alertmanager/cache
- alertmanager/config
#ARA
- ara
#BLACKBOX
- blackbox
#GIT
- gitea
#GRAF
- grafana
#HOMARR
- homarr
#HOME
- homepage
#MEALIE
- mealie
#PORT
- portainer
#PROM
- prometheus
#REGISTRY
- registry
#SEMA
- semaphore
#TRAF
- traefik2
#VAULT
- vaultwarden
#WIRE
- wireguard
dockerapp_tree_base_dir:
@@ -320,7 +337,7 @@ dockerapp_compose:
#### LETSENCRYPT CHALLENGE ######
# https://doc.traefik.io/traefik/user-guides/docker-compose/acme-http/
# Add new https services/fqdn
# uncomment acme.caserver line and remove appdata/traefik2/acme/letsencrypt/acme.json file
# uncomment acme.caserver line and remove/traefik2/acme/letsencrypt/acme.json file
# Down all containers and up all (docker-compose down/up -d), wait for news cert/key on acme.json
# At this moment, cert/key are staging, you need to comment acme.caserver line and remove acme.json file then restart traefik
traefik:
@@ -383,9 +400,9 @@ dockerapp_compose:
protocol: udp
mode: host
volumes:
- ./appdata/traefik2/rules/homeserver:/rules # file provider directory
- ./appdata/traefik2/acme/letsencrypt:/letsencrypt
#- ./appdata/traefik2/acme/acme.json:/acme.json # cert location - you must touch this file and change permissions to 600
- ./traefik2/rules/homeserver:/rules # file provider directory
- ./traefik2/acme/letsencrypt:/letsencrypt
#- ./traefik2/acme/acme.json:/acme.json # cert location - you must touch this file and change permissions to 600
- ./logs/homeserver/traefik.log:/traefik.log # for fail2ban - make sure to touch file before starting container
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
@@ -508,7 +525,7 @@ dockerapp_compose:
## TLS
- "traefik.http.routers.dozzle-rtr.tls.certresolver=letsencrypt-resolver"
# conf file in appdata/gitea/gitea/gitea/conf/app.ini
# conf file in/gitea/gitea/gitea/conf/app.ini
# [metrics]
# [log]
gitea:
@@ -539,7 +556,7 @@ dockerapp_compose:
GITEA__database__PASSWD: uu~Y8aic
volumes:
- ./logs/homeserver/gitea.log:/data/gitea/log/gitea.log
- ./appdata/gitea/gitea:/data
- ./gitea/gitea:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
labels:
@@ -583,7 +600,7 @@ dockerapp_compose:
POSTGRES_PASSWORD: uu~Y8aic
POSTGRES_DB: gitea
volumes:
- ./appdata/gitea/gitea-db:/var/lib/postgresql/data
- ./gitea/gitea-db:/var/lib/postgresql/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
labels:
@@ -614,8 +631,8 @@ dockerapp_compose:
t2_proxy:
ipv4_address: 192.168.90.173
volumes:
- ./appdata/wireguard/config:/config
- ./appdata/wireguard/lib/modules:/lib/modules
- ./wireguard/config:/config
- ./wireguard/lib/modules:/lib/modules
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
sysctls:
@@ -644,7 +661,7 @@ dockerapp_compose:
# - "$GRAFANA_PORT:3000"
user: root
volumes:
- ./appdata/grafana/lib:/var/lib/grafana
- ./grafana/lib:/var/lib/grafana
- ./logs/homeserver/grafana.log:/var/log/grafana/grafana.log
environment:
TZ: Europe/Paris
@@ -682,8 +699,8 @@ dockerapp_compose:
t2_proxy:
ipv4_address: 192.168.90.176
volumes:
- ./appdata/prometheus/prometheus:/etc/prometheus/
- ./appdata/prometheus/prometheus_data:/prometheus
- ./prometheus/prometheus:/etc/prometheus/
- ./prometheus/prometheus_data:/prometheus
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus'
@@ -730,7 +747,7 @@ dockerapp_compose:
t2_proxy:
ipv4_address: 192.168.90.177
volumes:
- ./appdata/vaultwarden:/data
- ./vaultwarden:/data
- ./logs/homeserver/vaultwarden.log:/var/log/vaultwarden.log
labels:
- traefik.enable=true
@@ -763,8 +780,8 @@ dockerapp_compose:
t2_proxy:
ipv4_address: 192.168.90.178
volumes:
- ./appdata/homepage/homepage:/app/config
- ./appdata/homepage/icons:/app/public/icons
- ./homepage/homepage:/app/config
- ./homepage/icons:/app/public/icons
- "/var/run/docker.sock:/var/run/docker.sock"
labels:
- traefik.enable=true
@@ -794,7 +811,7 @@ dockerapp_compose:
environment:
REGISTRY_STORAGE_DELETE_ENABLED: 'true'
volumes:
- ./appdata/registry/data:/var/lib/registry
- ./registry/data:/var/lib/registry
registry-ui:
restart: always
@@ -843,8 +860,8 @@ dockerapp_compose:
t2_proxy:
ipv4_address: 192.168.90.181
volumes:
- ./appdata/alertmanager/config/alertmanager.yml:/etc/ntfy/server.yml
- ./appdata/alertmanager/cache/:/var/cache/ntfy/
- ./alertmanager/config/alertmanager.yml:/etc/ntfy/server.yml
- ./alertmanager/cache/:/var/cache/ntfy/
command: serve
expose:
- 80
@@ -957,7 +974,7 @@ dockerapp_compose:
POSTGRES_PASSWORD: ara
POSTGRES_DB: ara
volumes:
- ./appdata/ara:/var/lib/postgresql/data
- ./ara:/var/lib/postgresql/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
labels:
@@ -976,7 +993,7 @@ dockerapp_compose:
t2_proxy:
ipv4_address: 192.168.90.186
volumes:
- ./appdata/semaphore/semaphore-db:/var/lib/postgresql/data
- ./semaphore/semaphore-db:/var/lib/postgresql/data
environment:
POSTGRES_USER: semaphore
POSTGRES_PASSWORD: uu~Y8aic
@@ -1011,9 +1028,9 @@ dockerapp_compose:
- SEMAPHORE_ACCESS_KEY_ENCRYPTION=ShbKLtVWr5yB/G1WO3DOEU5Il0JBlcN//4mpErpSwpQ= # add to your access key encryption !
- ANSIBLE_HOST_KEY_CHECKING=false # (optional) change to true if you want to enable host key checking
volumes:
- ./appdata/semaphore/inventory/:/inventory:ro
- ./appdata/semaphore/authorized-keys/:/authorized-keys:ro
- ./appdata/semaphore/config/:/etc/semaphore:rw
- ./semaphore/inventory/:/inventory:ro
- ./semaphore/authorized-keys/:/authorized-keys:ro
- ./semaphore/config/:/etc/semaphore:rw
depends_on:
- semaphore-db
labels:
@@ -1051,7 +1068,7 @@ dockerapp_compose:
# t2_proxy:
# ipv4_address: 192.168.90.174
# volumes:
# - ./appdata/qbittorrent:/config
# - ./qbittorrent:/config
# - ./downloads:/downloads
# environment:
# # TZ: Europe/Paris
@@ -1088,7 +1105,7 @@ dockerapp_compose:
t2_proxy:
ipv4_address: 192.168.90.188
volumes:
- ./appdata/mealie/:/app/data/
- ./mealie/:/app/data/
restart: always
security_opt:
- no-new-privileges:true # See EXTENSION FIELDS at the top
@@ -1112,8 +1129,8 @@ dockerapp_compose:
# t2_proxy:
# ipv4_address: 192.168.90.189
# volumes:
# - ./appdata/homarr/configs:/app/data/configs
# - ./appdata/homarr/icons:/app/public/icons
# - ./homarr/configs:/app/data/configs
# - ./homarr/icons:/app/public/icons
# labels:
# - traefik.enable=true
# ## HTTPS Routers
@@ -1141,7 +1158,7 @@ dockerapp_compose:
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./appdata/portainer/:/data/
- ./portainer/:/data/
labels:
- traefik.enable=true
## HTTPS Routers