skylab/skylab-ansible
Archived
2
0
Fork 0
Code Pull Requests Releases Activity

Port docker-compose resources and service details

Browse Source
This commit is contained in:
Ethan Paul 2021-11-15 01:31:39 -05:00
parent eb569c05c7
commit be9c658589
No known key found for this signature in database
GPG Key ID: 6A337337DF6B5B1A
11 changed files with 988 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
inventory.yaml
View File

@ -30,6 +30,7 @@ en1:
cluster: cluster:
vars: vars:
skylab_targets: [cluster, datastore] skylab_targets: [cluster, datastore]
skylab_compose_version: 3.8
skylab_roles: skylab_roles:
- server - server
- datastore - datastore

78
resources/docker-compose/_meta.yaml.j2 Normal file
View File

@ -0,0 +1,78 @@
---
version: "{{ skylab_compose_version }}"
networks:
meta:
name: meta
driver: overlay
ipam:
driver: default
config:
- subnet: {{ app.networks.ext }}
volumes:
{% for key, value in app.volumes.items() %}
meta-{{ key }}:
name: datastore{{ value }}
driver: glusterfs
{% endfor %}
services:
proxy:
image: nginx:{{ app.versions.proxy }}
hostname: proxy
networks:
- meta
extra_hosts:
- "dockerloopback:{{ app.settings.loopback_address }}"
ports:
- published: {{ app.ports.80 }}
target: 80
protocol: tcp
mode: ingress
- published: {{ app.ports.443 }}
target: 443
protocol: tcp
mode: ingress
volumes:
- type: volume
source: meta-nginx
target: /etc/nginx
read_only: true
- type: volume
source: meta-letsencrypt-config
target: /etc/letsencrypt
read_only: true
deploy:
replicas: 2
placement:
max_replicas_per_node: 1
certbot:
image: certbot/certbot:{{ app.versions.certbot }}
hostname: certbot
command: renew --standalone
networks:
- meta
ports:
- published: 8088 # This is hardcoded to avoid conflicts
target: 80
protocol: tcp
mode: ingress
volumes:
- type: volume
source: meta-letsencrypt-config
target: /etc/letsencrypt
read_only: false
- type: volume
source: meta-letsencrypt-data
target: /var/lib/letsencrypt
read_only: false
deploy:
replicas: 1
restart_policy:
condition: any
delay: 24h

53
resources/docker-compose/adguard.yaml.j2 Normal file
View File

@ -0,0 +1,53 @@
---
version: "{{ skylab_compose_version }}"
networks:
adguard:
name: adguard
driver: overlay
ipam:
driver: default
config:
- subnet: "{{ app.networks.ext }}"
volumes:
{% for key, value in app.volumes.items() %}
adguard-{{ key }}:
name: datastore{{ value }}
driver: glusterfs
{% endfor %}
services:
server:
image: adguard/adguardhome:{{ app.versions.server }}
hostname: adguard
networks:
- adguard
dns:
{% for server in app.settings.upstream %}
- {{ server }}
{% endfor %}
ports:
- published: {{ app.ports.53 }}
target: 53
protocol: udp
mode: ingress
- published: {{ app.ports.53 }}
target: 53
protocol: tcp
mode: ingress
- published: {{ app.ports.8064 }}
target: 8064
protocol: tcp
mode: ingress
volumes:
- type: volume
source: adguard-config
target: /opt/adguardhome/conf
read_only: false
- type: volume
source: adguard-data
target: /opt/adguardhome/work
read_only: false
deploy:
replicas: 1

214
resources/docker-compose/bitwarden.yaml.j2 Normal file
View File

@ -0,0 +1,214 @@
---
version: "{{ skylab_compose_version }}"
x-global-env: &globalenv
LOCAL_UID: "{{ _app_account.uid }}"
LOCAL_GID: "{{ _app_account.uid }}"
ASPNETCORE_ENVIRONMENT: Production
globalSettings__selfHosted: "true"
globalSettings__baseServiceUri__vault: https://{{ app.domain }}
globalSettings__baseServiceUri__api: https://{{ app.domain }}/api
globalSettings__baseServiceUri__identity: https://{{ app.domain }}/identity
globalSettings__baseServiceUri__admin: https://{{ app.domain }}/admin
globalSettings__baseServiceUri__notifications: https://{{ app.domain }}/notifications
globalSettings__baseServiceUri__internalNotifications: http://bitwarden_notifications:5000
globalSettings__baseServiceUri__internalAdmin: http://bitwarden_admin:5000
globalSettings__baseServiceUri__internalIdentity: http://bitwarden_identity:5000
globalSettings__baseServiceUri__internalApi: http://bitwarden_api:5000
globalSettings__baseServiceUri__internalVault: http://bitwarden_web:5000
globalSettings__pushRelayBaseUri: https://push.bitwarden.com
globalSettings__installation__identityUri: https://identity.bitwarden.com
globalSettings__sqlServer__connectionString: "Data Source=tcp:mssql,1433;Initial Catalog=vault;Persist Security Info=False;User ID=sa;Password=e934c0bb-3b5a-4e6b-b525-cd6d83004e1a;MultipleActiveResultSets=False;Connect Timeout=30;Encrypt=True;TrustServerCertificate=True"
globalSettings__identityServer__certificatePassword: {{ app.settings.certificatePassword }}
globalSettings__attachment__baseDirectory: /etc/bitwarden/core/attachments
globalSettings__attachment__baseUrl: https://{{ app.domain }}/attachments
globalSettings__dataProtection__directory: /etc/bitwarden/core/aspnet-dataprotection
globalSettings__logDirectory: /etc/bitwarden/logs
globalSettings__licenseDirectory: /etc/bitwarden/core/licenses
globalSettings__internalIdentityKey: {{ app.settings.internalIdentityKey }}
globalSettings__duo__aKey: {{ app.settings.duo__aKey }}
globalSettings__installation__id: {{ app.settings.installation__id }}
globalSettings__installation__key: {{ app.settings.installation__key }}
globalSettings__yubico__clientId: REPLACE
globalSettings__yubico__key: REPLACE
globalSettings__mail__replyToEmail: noreply@enp.one
globalSettings__mail__smtp__host: REPLACE
globalSettings__mail__smtp__port: "587"
globalSettings__mail__smtp__ssl: "false"
globalSettings__mail__smtp__username: REPLACE
globalSettings__mail__smtp__password: REPLACE
globalSettings__disableUserRegistration: "false"
globalSettings__hibpApiKey: REPLACE
adminSettings__admins: ""
volumes:
{% for key, value in app.volumes.items() %}
bitwarden-{{ key }}:
name: datastore{{ value }}
driver: glusterfs
{% endfor %}
networks:
bitwarden_internal:
internal: true
name: bitwarden_internal
driver: overlay
ipam:
driver: default
config:
- subnet: {{ app.networks.internal }}
bitwarden_external:
internal: false
name: bitwarden_external
driver: overlay
ipam:
driver: default
config:
- subnet: {{ app.networks.external }}
services:
mssql:
image: bitwarden/mssql:{{ app.versions.mssql }}
stop_grace_period: 60s
networks:
- bitwarden_internal
volumes:
- bitwarden-db-data:/var/opt/mssql/data
- bitwarden-db-backup:/etc/bitwarden/mssql/backups
- bitwarden-logs-db:/var/opt/mssql/log
environment:
LOCAL_UID: "{{ _app_account.uid }}"
LOCAL_GID: "{{ _app_account.uid }}"
ACCEPT_EULA: "Y"
MSSQL_PID: Express
SA_PASSWORD: {{ app.settings.SA_PASSWORD }}
deploy:
replicas: 1
web:
image: bitwarden/web:{{ app.versions.web }}
networks:
- bitwarden_internal
volumes:
- bitwarden-web:/etc/bitwarden/web
environment: *globalenv
deploy:
replicas: 1
attachments:
image: bitwarden/attachments:{{ app.versions.attachments }}
networks:
- bitwarden_internal
volumes:
- bitwarden-core:/etc/bitwarden/core
environment: *globalenv
deploy:
replicas: 1
api:
image: bitwarden/api:{{ app.versions.api }}
volumes:
- bitwarden-core:/etc/bitwarden/core
- bitwarden-ca-certs:/etc/bitwarden/ca-certificates
- bitwarden-logs-api:/etc/bitwarden/logs
environment: *globalenv
networks:
- bitwarden_external
- bitwarden_internal
deploy:
replicas: 1
identity:
image: bitwarden/identity:{{ app.versions.identity }}
volumes:
- bitwarden-identity:/etc/bitwarden/identity
- bitwarden-core:/etc/bitwarden/core
- bitwarden-ca-certs:/etc/bitwarden/ca-certificates
- bitwarden-logs-identity:/etc/bitwarden/logs
environment: *globalenv
networks:
- bitwarden_external
- bitwarden_internal
deploy:
replicas: 1
admin:
image: bitwarden/admin:{{ app.versions.admin }}
depends_on:
- mssql
volumes:
- bitwarden-core:/etc/bitwarden/core
- bitwarden-ca-certs:/etc/bitwarden/ca-certificates
- bitwarden-logs-admin:/etc/bitwarden/logs
environment: *globalenv
networks:
- bitwarden_external
- bitwarden_internal
deploy:
replicas: 1
icons:
image: bitwarden/icons:{{ app.versions.icons }}
volumes:
- bitwarden-ca-certs:/etc/bitwarden/ca-certificates
- bitwarden-logs-icons:/etc/bitwarden/logs
environment: *globalenv
networks:
- bitwarden_external
- bitwarden_internal
deploy:
replicas: 1
notifications:
image: bitwarden/notifications:1.40.0
volumes:
- bitwarden-ca-certs:/etc/bitwarden/ca-certificates
- bitwarden-logs-notifications:/etc/bitwarden/logs
environment: *globalenv
networks:
- bitwarden_external
- bitwarden_internal
deploy:
replicas: 1
events:
image: bitwarden/events:{{ app.versions.events }}
volumes:
- bitwarden-ca-certs:/etc/bitwarden/ca-certificates
- bitwarden-logs-events:/etc/bitwarden/logs
environment: *globalenv
networks:
- bitwarden_external
- bitwarden_internal
deploy:
replicas: 1
nginx:
image: bitwarden/nginx:{{ app.versions.nginx }}
depends_on:
- web
- admin
- api
- identity
ports:
- published: {{ app.ports.8080 }}
target: 8080
protocol: tcp
mode: ingress
- published: {{ app.ports.8443 }}
target: 8443
protocol: tcp
mode: ingress
volumes:
- bitwarden-nginx-data:/etc/bitwarden/nginx
- bitwarden-ssl:/etc/ssl
- bitwarden-logs-nginx:/var/log/nginx
environment: *globalenv
networks:
- bitwarden_external
- bitwarden_internal
deploy:
replicas: 1

52
resources/docker-compose/gitea.yaml.j2 Normal file
View File

@ -0,0 +1,52 @@
---
version: "{{ skylab_compose_version }}"
networks:
gitea:
name: gitea
driver: overlay
ipam:
driver: default
config:
- subnet: {{ app.networks.ext }}
volumes:
{% for key, value in app.volumes.items() %}
gitea-{{ key }}:
name: datastore{{ value }}
driver: glusterfs
{% endfor %}
services:
server:
image: gitea/gitea:{{ app.versions.server }}
hostname: gitea
networks:
- gitea
ports:
- published: {{ app.ports.3000 }}
target: 3000
protocol: tcp
mode: ingress
- published: {{ app.ports.22 }}
target: 22
protocol: tcp
mode: ingress
volumes:
- type: volume
source: gitea-data
target: /data
read_only: false
environment:
USER_UID: "{{ _app_account.uid }}"
USER_GID: "{{ _app_account.uid }}"
APP_NAME: ENP Version Control System
RUN_MODE: prod
ROOT_URL: https://{{ app.domain }}/
DB_TYPE: sqlite3
DISABLE_REGISTRATION: "true"
deploy:
replicas: 1

55
resources/docker-compose/minecraft.yaml.j2 Normal file
View File

@ -0,0 +1,55 @@
---
version: "{{ skylab_compose_version }}"
networks:
minecraft:
name: minecraft
driver: overlay
ipam:
driver: default
config:
- subnet: {{ app.networks.ext }}
volumes:
{% for key, value in app.volumes.items() %}
minecraft-{{ key }}:
name: datastore{{ value }}
driver: glusterfs
{% endfor %}
services:
server:
image: itzg/minecraft-server:latest
hostname: minecraft
networks:
- minecraft
ports:
- published: {{ app.ports.25565 }}
target: 25565
protocol: tcp
mode: ingress
volumes:
- type: volume
source: minecraft-data
target: /data
read_only: false
environment:
EULA: "TRUE"
TZ: Americas/New_York
VERSION: {{ app.versions.server }}
MAX_MEMORY: "8G"
MOTD: "A home for buttery companions"
MODE: survival
OPS: {{ app.settings.admins | default([]) | join(',') }}
WHITELIST: "{{ app.settings.users | default([]) | join(',') }}"
MAX_BUILD_HEIGHT: "512"
SNOOPER_ENABLED: "false"
ICON: https://cdn.enp.one/img/logos/e-w-sm.png
ENABLE_RCON: "false"
UID: "{{ _app_account.uid }}"
GID: "{{ _app_account.uid }}"
deploy:
replicas: 1

95
resources/docker-compose/plex.yaml.j2 Normal file
View File

@ -0,0 +1,95 @@
---
version: "{{ skylab_compose_version }}"
networks:
plex:
name: plex
driver: overlay
ipam:
driver: default
config:
- subnet: {{ app.networks.ext }}
volumes:
{% for key, value in app.volumes.items() %}
plex-{{ key }}:
name: datastore{{ value }}
driver: glusterfs
{% endfor %}
plex-data:
name: plex-data
driver: local
driver_opts:
type: nfs
o: "addr={{ app.settings.mediastore }},ro"
device: ":/nfs/plex"
services:
server:
image: plexinc/pms-docker:{{ app.versions.server }}
hostname: plex-media-server
networks:
- plex
ports:
- published: {{ app.ports.32400 }}
target: 32400
protocol: tcp
mode: ingress
- published: {{ app.ports.3005 }}
target: 3005
protocol: tcp
mode: ingress
- published: {{ app.ports.8324 }}
target: 8324
protocol: tcp
mode: ingress
- published: {{ app.ports.32469 }}
target: 32469
protocol: tcp
mode: ingress
- published: {{ app.ports.1900 }}
target: 1900
protocol: udp
mode: ingress
- published: {{ app.ports.32410 }}
target: 32410
protocol: udp
mode: ingress
- published: {{ app.ports.32413 }}
target: 32413
protocol: udp
mode: ingress
- published: {{ app.ports.32414 }}
target: 32414
protocol: udp
mode: ingress
volumes:
- type: volume
source: plex-config
target: /config
read_only: false
- type: volume
source: plex-data
target: /data
read_only: true
- type: volume
source: plex-personal
target: /personal
read_only: false
environment:
TZ: "Americas/New_York"
ALLOWED_NETWORKS: {{ app.settings.internal_subnets | join(',') }}
PLEX_UID: "{{ _app_account.uid }}"
PLEX_GID: "{{ _app_account.uid }}"
deploy:
replicas: 1
placement:
{% if app.settings.exclude_hosts is defined %}
constraints:
{% for host in app.settings.exclude_hosts %}
- node.hostname!={{ host }}
{% endfor %}
{% endif %}

70
resources/docker-compose/unifi.yaml.j2 Normal file
View File

@ -0,0 +1,70 @@
---
version: "{{ skylab_compose_version }}"
networks:
unifi:
name: unifi
driver: overlay
ipam:
driver: default
config:
- subnet: {{ app.networks.ext }}
volumes:
{% for key, value in app.volumes.items() %}
unifi-{{ key }}:
name: datastore{{ value }}
driver: glusterfs
{% endfor %}
services:
wlc:
image: jacobalberty/unifi:{{ app.versions.wlc }}
hostname: en1-unifi-wlc
init: true
networks:
- unifi
ports:
- published: {{ app.ports.8080 }}
target: 8080
protocol: tcp
mode: ingress
- published: {{ app.ports.8443 }}
target: 8443
protocol: tcp
mode: ingress
- published: {{ app.ports.8843 }}
target: 8843
protocol: tcp
mode: ingress
- published: {{ app.ports.8880 }}
target: 8880
protocol: tcp
mode: ingress
- published: {{ app.ports.3478 }}
target: 3478
protocol: udp
mode: ingress
- published: {{ app.ports.6789 }}
target: 6789
protocol: tcp
mode: ingress
- published: {{ app.ports.10001 }}
target: 10001
protocol: udp
mode: ingress
volumes:
- type: volume
source: unifi-data
target: /unifi
read_only: false
environment:
RUNAS_UID0: "false"
UNIFI_UID: "{{ _app_account.uid }}"
UNIFI_GID: "{{ _app_account.uid }}"
TZ: "Americas/New_York"
deploy:
replicas: 1

108
resources/docker-compose/vikunja.yaml.j2 Normal file
View File

@ -0,0 +1,108 @@
---
version: "{{ skylab_compose_version }}"
networks:
vikunja:
name: vikunja
driver: overlay
ipam:
driver: default
config:
- subnet: {{ app.networks.ext }}
volumes:
{% for key, value in app.volumes.items() %}
vikunja-{{ key }}:
name: datastore{{ value }}
driver: glusterfs
{% endfor %}
services:
database:
image: mariadb:{{ app.versions.database }}
hostname: database
command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
networks:
- vikunja
volumes:
- type: volume
source: vikunja-database
target: /var/lib/mysql
read_only: false
environment:
MYSQL_RANDOM_ROOT_PASSWORD: "true"
MYSQL_USER: vikunja
MYSQL_PASSWORD: {{ app.settings.database_password }}
MYSQL_DATABASE: vikunja
deploy:
replicas: 1
cache:
image: redis:{{ app.versions.cache }}
hostname: cache
networks:
- vikunja
deploy:
replicas: 1
proxy:
image: nginx:{{ app.versions.proxy }}
hostname: proxy
networks:
- vikunja
ports:
- published: {{ app.ports.80 }}
target: 80
protocol: tcp
mode: ingress
volumes:
- type: volume
source: vikunja-nginx
target: /etc/nginx/conf.d
read_only: true
deploy:
replicas: 1
api:
image: vikunja/api:{{ app.versions.api }}
hostname: api
networks:
- vikunja
depends_on:
- database
- cache
volumes:
- type: volume
source: vikunja-files
target: /app/vikunja/files
read_only: false
environment:
VIKUNJA_DATABASE_HOST: database
VIKUNJA_DATABASE_PASSWORD: {{ app.settings.database_password }}
VIKUNJA_DATABASE_TYPE: mysql
VIKUNJA_DATABASE_USER: vikunja
VIKUNJA_DATABASE_DATABASE: vikunja
VIKUNJA_REDIS_ENABLED: "1"
VIKUNJA_REDIS_HOST: cache:6379
VIKUNJA_CACHE_ENABLED: "1"
VIKUNJA_CACHE_TYPE: redis
VIKUNJA_FILES_MAXSIZE: 50MB
deploy:
replicas: 1
web:
image: vikunja/frontend:{{ app.versions.web }}
hostname: web
networks:
- vikunja
depends_on:
- database
- cache
- proxy
environment:
VIKUNJA_API_URL: https://{{ app.domain }}/api/v1
deploy:
replicas: 1

35
vars/access.yaml
View File

@ -14,6 +14,41 @@ skylab_accounts:
service: true service: true
password: $6$qNKmYg4y9YS4f5Gr$m0mAqEVbymPguj.1cS.pfclt33Okfmn1KhFC0r1iQ3eVvz/OIZY3x0qGmPnJ1zOXDWyKKs5hnlGTAeZgCh49C. password: $6$qNKmYg4y9YS4f5Gr$m0mAqEVbymPguj.1cS.pfclt33Okfmn1KhFC0r1iQ3eVvz/OIZY3x0qGmPnJ1zOXDWyKKs5hnlGTAeZgCh49C.
- name: autocraft
uid: 1401
service: true
password: $6$j8aWjPweCWmNT4cZ$F7puAjVES60a5mkBg1WfYMYIGbLrs8FFowf5BPzVo9qgbMYEC53i8rHezDACZjHmOxj5PhJkmZjHD4vfbf3PC1
- name: autotea
uid: 1402
service: true
password: $6$NdUiEi2P8TI.2jgb$ai1WbWno8QK6Wg/KAV4IacwG92FctN5aQX2i45a9DSCg8k1nkwGj5gc230FXePh8P7vzQ6ifYrYsAvEfZ1J8B.
- name: autowarden
uid: 1403
service: true
password: $6$a18IBPw40.ELiuy5$RbGfNGUe9iTA6bOaKLsp7q3X3uQ3D1LP8LAF5ioQAafimVvCtwyG.O4Colo9nsl2yoCF6TMIHX9zOTavkbg7W0
- name: autoguard
uid: 1404
service: true
password: $6$PLf4ifrrk0/5AF21$ohZXy0xDzyUiHXwoCW8zvbrPHFiWSWxYx2.QlDy09wND7RbPhwxghHS0trWWVdy14jAxU45mz5YvdAl7qmEIO0
- name: autoplex
uid: 1405
service: true
password: $6$VfMCenzm5UPHrpNN$yQIpnQUZPhO9UoSylaOxR6TOrJfR5dFdzdRFzle7dP/bfeDBKxC6hsy52IEowilL.aCbYevz67R9s1hB3q9GU1
- name: autounifi
uid: 1406
service: true
password: $6$ScrKQGmAifGVDovx$wuQQhEdNya8Tjj/oTeY/eT1grLl17hSYbVeWIIqU.jv.W9vFyoVkxeE/lBcPvBe8XdGjOxWu32WsnomL8irb11
- name: autollama
uid: 1407
service: true
password: $6$lEdCBbqlWIdHuRZZ$Pr9SAybk7uCTfzjtCpSe7RrwM2TKqr8vWtLDARZRQ9e1RpNKHP2bEvkeg2VPc7oACVfxbg7Y8PP0rKOR.3fcD.
skylab_group: skylab_group:
name: skylab name: skylab
gid: 1200 gid: 1200

227
vars/services.yaml Normal file
View File

@ -0,0 +1,227 @@
---
skylab_services:
_meta:
networks:
ext: 192.168.99.0/24
volumes:
nginx: /appdata/nginx
letsencrypt-config: /appdata/letsencrypt/config
letsencrypt-data: /appdata/letsencrypt/data
ports:
80: 80
443: 443
versions:
proxy: latest
certbot: latest
settings:
loopback_address: 192.168.255.255
minecraft:
user: auto_minecraft
domain: mcs.enp.one
networks:
ext: 192.168.102.0/24
volumes:
data: /appdata/minecraft
ports:
25565: 25565
versions:
server: 1.16.5
settings:
admins:
- ScifiGeek42
users:
- ScifiGeek42
- fantasycat256
- CoffeePug
- Snowdude21325
- KaiserSJR
- glutenfreebean
gitea:
user: autotea
domain: vcs.enp.one
networks:
ext: 192.168.103.0/24
volumes:
data: /appdata/gitea
ports:
3000: 3000
22: 2222
versions:
server: 1.15.4
bitwarden:
user: autowarden
domain: ssv.enp.one
networks:
internal: 192.168.104.0/24
external: 192.168.105.0/24
volumes:
db-data: /appdata/bitwarden/mssql/data
db-backup: /appdata/bitwarden/mssql/backup
nginx-data: /appdata/bitwarden/nginx
web: /appdata/bitwarden/web
ssl: /appdata/bitwarden/ssl
ca-certs: /appdata/bitwarden/ca-certificates
core: /appdata/bitwarden/core
identity: /appdata/bitwarden/identity
logs-api: /appdata/bitwarden/logs/api
logs-db: /appdata/bitwarden/logs/mssql
logs-identity: /appdata/bitwarden/logs/identity
logs-nginx: /appdata/bitwarden/logs/nginx
logs-admin: /appdata/bitwarden/logs/admin
logs-icons: /appdata/bitwarden/logs/icons
logs-notifications: /appdata/bitwarden/logs/notifications
logs-events: /appdata/bitwarden/logs/events
ports:
8080: 8090
8443: 8943
versions:
mssql: 1.40.0
web: 2.19.0
attachments: 1.40.0
api: 1.40.0
identity: 1.40.0
admin: 1.40.0
icons: 1.40.0
events: 1.40.0
nginx: 1.40.0
settings:
certificatePassword: !vault |
$ANSIBLE_VAULT;1.1;AES256
34336462333965626665636664636338353139306135393862656539623935666134666638313632
6337393734353237373233663763666566316637393436650a346134353365626637313732346565
64373866633430613637663230383866336362313739313335646330373666353536396463376364
3730306338623831300a346565613730326138333732306237333236393237653363386263376531
30653663346234383538316337386534356534316437323561646637636361396462393335316233
3931623037626539636535353963666635316334613833396437
internalIdentityKey: !vault |
$ANSIBLE_VAULT;1.1;AES256
64343365323264303635306461386464626535343138333637333035343365386138363261666561
3036376532316230326238626662663434343131393336350a363230333637373231333332356230
66383466626139396365333865663538386130633136643861353936613330613535313363323639
6538656632376330380a373534393361613234366536353866353366646263643565346534393235
30623261626364613063353839663130656436316531666431316332653330636436323331316462
3539383064363338313433343837363563313838333231363639
duo__aKey: !vault |
$ANSIBLE_VAULT;1.1;AES256
38353861643436373461393663616366383139393164366664303333333431663364613530323532
3434643335353964613464393734623934313164663339340a303831353734623332316464333735
34343961393562366435653935313038336638623061353761343538333264386638306363386463
3339346561333039650a353163633263386232646366323637383866303033356631376639383561
36316333336434393364316565353363623036613233633933616532376530653138366432303762
6532343435636261353434323461646365396538646466353032
installation__id: !vault |
$ANSIBLE_VAULT;1.1;AES256
62323837366638363735393462326566633235356261326636623239366462316465636163663063
3065613765386138653239383332306363346236666662660a313634333334396633646465356435
66666231633938613838663364323331666434383439303931393761313563663931386532336330
6433383331643933610a323565636462663865666435376334346535323964663264363039623364
32653966363634376534383664663535373830366466336463613365653463363663316165303330
3834653063653334313931643330663163386638363938643130
installation__key: !vault |
$ANSIBLE_VAULT;1.1;AES256
38353130336136623437653131316461653561393539373630623135383036643135623361613735
6431306133623866613836363361376163656434343230660a663635393861333863376461336661
30386562353730326665323030393531663234373430363639306562633031363065386665646431
3163633239366630300a313436386131376433333231346135393735373236626365393533626232
61313536323437363234396536623662613434333363326565303939363562353732
SA_PASSWORD: !vault |
$ANSIBLE_VAULT;1.1;AES256
64313236346631366338313139396532346461333835616466313037363132656632323566663138
6665393239656262363261303362303437343438626234340a663836623362353431373035356562
61383865303835323336363862303035363161376336346563323966633361333966363232393665
6166323331353065380a616138303531643063653633656561383761393433646130656432363436
62383763316130306235396338356236636263653830666139663064626633643635386237373034
3465323836373437383465316537666337373134616135626238
adguard:
user: autoguard
domain: adguard.en1.local
networks:
ext: 192.168.108.0/24
volumes:
config: /appdata/adguard/config
data: /appdata/adguard/data
ports:
53: 53
8064: 8084
versions:
server: v0.106.3
settings:
upstream:
- 1.1.1.1
- 1.0.0.1
plex:
user: autoplex
domain: pms.enp.one
networks:
ext: 192.168.101.0/24
volumes:
config: /appdata/plex
ports:
32400: 32400
3005: 3005
8324: 8324
32469: 32469
1900: 1900
32410: 32410
32413: 32413
32414: 32414
versions:
server: latest
settings:
mediastore: mediastore.skylab.enp.one
internal_subnets:
- 10.42.100.0/24
- 10.42.101.0/24
exclude_hosts:
- jupiter.net.enp.one
- pegasus.skylab.enp.one
unifi:
user: autounifi
domain: unifi.en1.local
networks:
ext: 192.168.100.0/24
volumes:
data: /appdata/unifi
ports:
8080: 8080
8443: 8443
8843: 8843
8880: 8880
3478: 3478
6789: 6789
10001: 10001
versions:
wlc: "6.2"
vikunja:
user: autollama
domain: org.enp.one
networks:
ext: 192.168.107.0/24
volumes:
database: /appdata/vikunja/database
files: /appdata/vikunja/files
nginx: /appdata/vikunja/nginx
ports:
80: 8087
versions:
database: "10"
cache: latest
proxy: latest
api: 0.18.1
web: 0.18.1
settings:
database_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
35313866386161376430383232343834633566363136323761316531663633383231653135313565
6332336461356164623237306436393131383566656233640a316262616161336331356565363963
35313430303237313039346162653564623236373564306333393362623134613437656231633635
6334616138663036610a646234366264646363353635356338633035373166343763353733336339
38663937383165386530326138363965626666386366636330343133633238636236316432613136
6662313533316563646461646336396430306466323831613730