sgratias/semaphore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

POUSH

Browse Source
This commit is contained in:
sgratias
2023-11-11 18:10:13 +01:00
parent 8182f0e15c
commit 35361172e1
2 changed files with 49 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
dockerapps.yml
View File

@@ -49,6 +49,7 @@
- "{{ dockerapp_tree_base_dir | last }}" - "{{ dockerapp_tree_base_dir | last }}"
- "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}" - "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}"
- "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}/logs" - "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}/logs"
- "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}/logs/homeserver"
tags: tags:
- docker-compose - docker-compose
- bootstrap_dockerapp_create_base_dir - bootstrap_dockerapp_create_base_dir

79
host_vars/scaleway_fr.yml
View File

@@ -98,7 +98,7 @@ logrotate_scripts:
- name: backup - name: backup
paths: paths:
- /opt/dockerapps/backup/*.zip - /opt/dockerapps/backup/*.zip
- /opt/dockerapps/appdata/vaultwarden/backup/*.tar.xz.gpg - /opt/dockerapps/vaultwarden/backup/*.tar.xz.gpg
options: options:
- daily - daily
- rotate 4 - rotate 4
@@ -153,8 +153,8 @@ logrotate_scripts:
- name: dockerapps-backup - name: dockerapps-backup
paths: paths:
- /opt/dockerapps/backup/gitea-dump-*.zip - /opt/dockerapps/backup/gitea-dump-*.zip
- /opt/dockerapps/appdata/vaultwarden/backup/*.gpg - /opt/dockerapps/vaultwarden/backup/*.gpg
- /opt/dockerapps/appdata/vaultwarden/backup/*gpg.1.gz - /opt/dockerapps/vaultwarden/backup/*gpg.1.gz
options: options:
- rotate 6 - rotate 6
- monthly - monthly
@@ -207,20 +207,37 @@ chisel_proxychains_conf:
################## ##################
dockerapp_tree_volumes: dockerapp_tree_volumes:
# ALERT
- alertmanager - alertmanager
- alertmanager/cache
- alertmanager/config
#ARA
- ara - ara
#BLACKBOX
- blackbox - blackbox
#GIT
- gitea - gitea
#GRAF
- grafana - grafana
#HOMARR
- homarr - homarr
#HOME
- homepage - homepage
#MEALIE
- mealie - mealie
#PORT
- portainer - portainer
#PROM
- prometheus - prometheus
#REGISTRY
- registry - registry
#SEMA
- semaphore - semaphore
#TRAF
- traefik2 - traefik2
#VAULT
- vaultwarden - vaultwarden
#WIRE
- wireguard - wireguard
dockerapp_tree_base_dir: dockerapp_tree_base_dir:
@@ -320,7 +337,7 @@ dockerapp_compose:
#### LETSENCRYPT CHALLENGE ###### #### LETSENCRYPT CHALLENGE ######
# https://doc.traefik.io/traefik/user-guides/docker-compose/acme-http/ # https://doc.traefik.io/traefik/user-guides/docker-compose/acme-http/
# Add new https services/fqdn # Add new https services/fqdn
# uncomment acme.caserver line and remove appdata/traefik2/acme/letsencrypt/acme.json file # uncomment acme.caserver line and remove/traefik2/acme/letsencrypt/acme.json file
# Down all containers and up all (docker-compose down/up -d), wait for news cert/key on acme.json # Down all containers and up all (docker-compose down/up -d), wait for news cert/key on acme.json
# At this moment, cert/key are staging, you need to comment acme.caserver line and remove acme.json file then restart traefik # At this moment, cert/key are staging, you need to comment acme.caserver line and remove acme.json file then restart traefik
traefik: traefik:
@@ -383,9 +400,9 @@ dockerapp_compose:
protocol: udp protocol: udp
mode: host mode: host
volumes: volumes:
- ./appdata/traefik2/rules/homeserver:/rules # file provider directory - ./traefik2/rules/homeserver:/rules # file provider directory
- ./appdata/traefik2/acme/letsencrypt:/letsencrypt - ./traefik2/acme/letsencrypt:/letsencrypt
#- ./appdata/traefik2/acme/acme.json:/acme.json # cert location - you must touch this file and change permissions to 600 #- ./traefik2/acme/acme.json:/acme.json # cert location - you must touch this file and change permissions to 600
- ./logs/homeserver/traefik.log:/traefik.log # for fail2ban - make sure to touch file before starting container - ./logs/homeserver/traefik.log:/traefik.log # for fail2ban - make sure to touch file before starting container
- /etc/timezone:/etc/timezone:ro - /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
@@ -508,7 +525,7 @@ dockerapp_compose:
## TLS ## TLS
- "traefik.http.routers.dozzle-rtr.tls.certresolver=letsencrypt-resolver" - "traefik.http.routers.dozzle-rtr.tls.certresolver=letsencrypt-resolver"
# conf file in appdata/gitea/gitea/gitea/conf/app.ini # conf file in/gitea/gitea/gitea/conf/app.ini
# [metrics] # [metrics]
# [log] # [log]
gitea: gitea:
@@ -539,7 +556,7 @@ dockerapp_compose:
GITEA__database__PASSWD: uu~Y8aic GITEA__database__PASSWD: uu~Y8aic
volumes: volumes:
- ./logs/homeserver/gitea.log:/data/gitea/log/gitea.log - ./logs/homeserver/gitea.log:/data/gitea/log/gitea.log
- ./appdata/gitea/gitea:/data - ./gitea/gitea:/data
- /etc/timezone:/etc/timezone:ro - /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
labels: labels:
@@ -583,7 +600,7 @@ dockerapp_compose:
POSTGRES_PASSWORD: uu~Y8aic POSTGRES_PASSWORD: uu~Y8aic
POSTGRES_DB: gitea POSTGRES_DB: gitea
volumes: volumes:
- ./appdata/gitea/gitea-db:/var/lib/postgresql/data - ./gitea/gitea-db:/var/lib/postgresql/data
- /etc/timezone:/etc/timezone:ro - /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
labels: labels:
@@ -614,8 +631,8 @@ dockerapp_compose:
t2_proxy: t2_proxy:
ipv4_address: 192.168.90.173 ipv4_address: 192.168.90.173
volumes: volumes:
- ./appdata/wireguard/config:/config - ./wireguard/config:/config
- ./appdata/wireguard/lib/modules:/lib/modules - ./wireguard/lib/modules:/lib/modules
- /etc/timezone:/etc/timezone:ro - /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
sysctls: sysctls:
@@ -644,7 +661,7 @@ dockerapp_compose:
# - "$GRAFANA_PORT:3000" # - "$GRAFANA_PORT:3000"
user: root user: root
volumes: volumes:
- ./appdata/grafana/lib:/var/lib/grafana - ./grafana/lib:/var/lib/grafana
- ./logs/homeserver/grafana.log:/var/log/grafana/grafana.log - ./logs/homeserver/grafana.log:/var/log/grafana/grafana.log
environment: environment:
TZ: Europe/Paris TZ: Europe/Paris
@@ -682,8 +699,8 @@ dockerapp_compose:
t2_proxy: t2_proxy:
ipv4_address: 192.168.90.176 ipv4_address: 192.168.90.176
volumes: volumes:
- ./appdata/prometheus/prometheus:/etc/prometheus/ - ./prometheus/prometheus:/etc/prometheus/
- ./appdata/prometheus/prometheus_data:/prometheus - ./prometheus/prometheus_data:/prometheus
command: command:
- '--config.file=/etc/prometheus/prometheus.yml' - '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus' - '--storage.tsdb.path=/prometheus'
@@ -730,7 +747,7 @@ dockerapp_compose:
t2_proxy: t2_proxy:
ipv4_address: 192.168.90.177 ipv4_address: 192.168.90.177
volumes: volumes:
- ./appdata/vaultwarden:/data - ./vaultwarden:/data
- ./logs/homeserver/vaultwarden.log:/var/log/vaultwarden.log - ./logs/homeserver/vaultwarden.log:/var/log/vaultwarden.log
labels: labels:
- traefik.enable=true - traefik.enable=true
@@ -763,8 +780,8 @@ dockerapp_compose:
t2_proxy: t2_proxy:
ipv4_address: 192.168.90.178 ipv4_address: 192.168.90.178
volumes: volumes:
- ./appdata/homepage/homepage:/app/config - ./homepage/homepage:/app/config
- ./appdata/homepage/icons:/app/public/icons - ./homepage/icons:/app/public/icons
- "/var/run/docker.sock:/var/run/docker.sock" - "/var/run/docker.sock:/var/run/docker.sock"
labels: labels:
- traefik.enable=true - traefik.enable=true
@@ -794,7 +811,7 @@ dockerapp_compose:
environment: environment:
REGISTRY_STORAGE_DELETE_ENABLED: 'true' REGISTRY_STORAGE_DELETE_ENABLED: 'true'
volumes: volumes:
- ./appdata/registry/data:/var/lib/registry - ./registry/data:/var/lib/registry
registry-ui: registry-ui:
restart: always restart: always
@@ -843,8 +860,8 @@ dockerapp_compose:
t2_proxy: t2_proxy:
ipv4_address: 192.168.90.181 ipv4_address: 192.168.90.181
volumes: volumes:
- ./appdata/alertmanager/config/alertmanager.yml:/etc/ntfy/server.yml - ./alertmanager/config/alertmanager.yml:/etc/ntfy/server.yml
- ./appdata/alertmanager/cache/:/var/cache/ntfy/ - ./alertmanager/cache/:/var/cache/ntfy/
command: serve command: serve
expose: expose:
- 80 - 80
@@ -957,7 +974,7 @@ dockerapp_compose:
POSTGRES_PASSWORD: ara POSTGRES_PASSWORD: ara
POSTGRES_DB: ara POSTGRES_DB: ara
volumes: volumes:
- ./appdata/ara:/var/lib/postgresql/data - ./ara:/var/lib/postgresql/data
- /etc/timezone:/etc/timezone:ro - /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
labels: labels:
@@ -976,7 +993,7 @@ dockerapp_compose:
t2_proxy: t2_proxy:
ipv4_address: 192.168.90.186 ipv4_address: 192.168.90.186
volumes: volumes:
- ./appdata/semaphore/semaphore-db:/var/lib/postgresql/data - ./semaphore/semaphore-db:/var/lib/postgresql/data
environment: environment:
POSTGRES_USER: semaphore POSTGRES_USER: semaphore
POSTGRES_PASSWORD: uu~Y8aic POSTGRES_PASSWORD: uu~Y8aic
@@ -1011,9 +1028,9 @@ dockerapp_compose:
- SEMAPHORE_ACCESS_KEY_ENCRYPTION=ShbKLtVWr5yB/G1WO3DOEU5Il0JBlcN//4mpErpSwpQ= # add to your access key encryption ! - SEMAPHORE_ACCESS_KEY_ENCRYPTION=ShbKLtVWr5yB/G1WO3DOEU5Il0JBlcN//4mpErpSwpQ= # add to your access key encryption !
- ANSIBLE_HOST_KEY_CHECKING=false # (optional) change to true if you want to enable host key checking - ANSIBLE_HOST_KEY_CHECKING=false # (optional) change to true if you want to enable host key checking
volumes: volumes:
- ./appdata/semaphore/inventory/:/inventory:ro - ./semaphore/inventory/:/inventory:ro
- ./appdata/semaphore/authorized-keys/:/authorized-keys:ro - ./semaphore/authorized-keys/:/authorized-keys:ro
- ./appdata/semaphore/config/:/etc/semaphore:rw - ./semaphore/config/:/etc/semaphore:rw
depends_on: depends_on:
- semaphore-db - semaphore-db
labels: labels:
@@ -1051,7 +1068,7 @@ dockerapp_compose:
# t2_proxy: # t2_proxy:
# ipv4_address: 192.168.90.174 # ipv4_address: 192.168.90.174
# volumes: # volumes:
# - ./appdata/qbittorrent:/config # - ./qbittorrent:/config
# - ./downloads:/downloads # - ./downloads:/downloads
# environment: # environment:
# # TZ: Europe/Paris # # TZ: Europe/Paris
@@ -1088,7 +1105,7 @@ dockerapp_compose:
t2_proxy: t2_proxy:
ipv4_address: 192.168.90.188 ipv4_address: 192.168.90.188
volumes: volumes:
- ./appdata/mealie/:/app/data/ - ./mealie/:/app/data/
restart: always restart: always
security_opt: security_opt:
- no-new-privileges:true # See EXTENSION FIELDS at the top - no-new-privileges:true # See EXTENSION FIELDS at the top
@@ -1112,8 +1129,8 @@ dockerapp_compose:
# t2_proxy: # t2_proxy:
# ipv4_address: 192.168.90.189 # ipv4_address: 192.168.90.189
# volumes: # volumes:
# - ./appdata/homarr/configs:/app/data/configs # - ./homarr/configs:/app/data/configs
# - ./appdata/homarr/icons:/app/public/icons # - ./homarr/icons:/app/public/icons
# labels: # labels:
# - traefik.enable=true # - traefik.enable=true
# ## HTTPS Routers # ## HTTPS Routers
@@ -1141,7 +1158,7 @@ dockerapp_compose:
volumes: volumes:
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro - /var/run/docker.sock:/var/run/docker.sock:ro
- ./appdata/portainer/:/data/ - ./portainer/:/data/
labels: labels:
- traefik.enable=true - traefik.enable=true
## HTTPS Routers ## HTTPS Routers