Compare commits
10 Commits
ae556a6317
...
1fe626fad5
Author | SHA1 | Date | |
---|---|---|---|
1fe626fad5 | |||
d4858c89f4 | |||
6658d7226c | |||
36224d0531 | |||
24be358a46 | |||
c38e4f34dd | |||
10a9779996 | |||
b635a00a34 | |||
159c4fda30 | |||
1e104bf1fb |
@ -11,6 +11,10 @@ concise area of concern.
|
|||||||
- [`roles/authelia`](roles/authelia/README.md): Deploys an [authelia.com](https://www.authelia.com)
|
- [`roles/authelia`](roles/authelia/README.md): Deploys an [authelia.com](https://www.authelia.com)
|
||||||
instance, an authentication provider with beta OIDC provider support.
|
instance, an authentication provider with beta OIDC provider support.
|
||||||
|
|
||||||
|
- [`roles/elasticsearch`](roles/elasticsearch/README.md): Deploy [elasticsearch](https://www.docker.elastic.co/r/elasticsearch/elasticsearch-oss),
|
||||||
|
a popular (distributed) search and analytics engine, mostly known by it's
|
||||||
|
letter "E" in the ELK-stack.
|
||||||
|
|
||||||
- [`roles/gitea`](roles/gitea/README.md): Deploy [gitea.io](https://gitea.io), a
|
- [`roles/gitea`](roles/gitea/README.md): Deploy [gitea.io](https://gitea.io), a
|
||||||
lightweight, self-hosted git service.
|
lightweight, self-hosted git service.
|
||||||
|
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
authelia_version: 4.34.6
|
authelia_version: 4.36.4
|
||||||
authelia_user: authelia
|
authelia_user: authelia
|
||||||
authelia_base_dir: /opt/authelia
|
authelia_base_dir: /opt/authelia
|
||||||
authelia_domain: authelia.example.org
|
authelia_domain: authelia.example.org
|
||||||
@ -8,6 +8,7 @@ authelia_domain: authelia.example.org
|
|||||||
authelia_config_dir: "{{ authelia_base_dir }}/config"
|
authelia_config_dir: "{{ authelia_base_dir }}/config"
|
||||||
authelia_config_file: "{{ authelia_config_dir }}/config.yaml"
|
authelia_config_file: "{{ authelia_config_dir }}/config.yaml"
|
||||||
authelia_data_dir: "{{ authelia_base_dir }}/data"
|
authelia_data_dir: "{{ authelia_base_dir }}/data"
|
||||||
|
authelia_asset_dir: "{{ authelia_base_dir }}/assets"
|
||||||
authelia_sqlite_storage_file: "{{ authelia_data_dir }}/authelia.sqlite3"
|
authelia_sqlite_storage_file: "{{ authelia_data_dir }}/authelia.sqlite3"
|
||||||
authelia_notification_storage_file: "{{ authelia_data_dir }}/notifications.txt"
|
authelia_notification_storage_file: "{{ authelia_data_dir }}/notifications.txt"
|
||||||
authelia_user_storage_file: "{{ authelia_data_dir }}/user_database.yml"
|
authelia_user_storage_file: "{{ authelia_data_dir }}/user_database.yml"
|
||||||
@ -42,6 +43,7 @@ authelia_config_default_redirection_url: ~
|
|||||||
authelia_config_server_host: 0.0.0.0
|
authelia_config_server_host: 0.0.0.0
|
||||||
authelia_config_server_port: "{{ authelia_container_listen_port }}"
|
authelia_config_server_port: "{{ authelia_container_listen_port }}"
|
||||||
authelia_config_server_path: ""
|
authelia_config_server_path: ""
|
||||||
|
authelia_config_server_asset_path: "/config/assets/"
|
||||||
authelia_config_server_read_buffer_size: 4096
|
authelia_config_server_read_buffer_size: 4096
|
||||||
authelia_config_server_write_buffer_size: 4096
|
authelia_config_server_write_buffer_size: 4096
|
||||||
authelia_config_server_enable_pprof: true
|
authelia_config_server_enable_pprof: true
|
||||||
@ -55,6 +57,8 @@ authelia_config_log_level: info
|
|||||||
authelia_config_log_format: json
|
authelia_config_log_format: json
|
||||||
authelia_config_log_file_path: ~
|
authelia_config_log_file_path: ~
|
||||||
authelia_config_log_keep_stdout: false
|
authelia_config_log_keep_stdout: false
|
||||||
|
authelia_config_telemetry_metrics_enabled: false
|
||||||
|
authelia_config_telemetry_metrics_address: '0.0.0.0:9959'
|
||||||
authelia_config_totp_disable: true
|
authelia_config_totp_disable: true
|
||||||
authelia_config_totp_issuer: "{{ authelia_domain }}"
|
authelia_config_totp_issuer: "{{ authelia_domain }}"
|
||||||
authelia_config_totp_algorithm: sha1
|
authelia_config_totp_algorithm: sha1
|
||||||
@ -76,8 +80,8 @@ authelia_config_ntp_version: 4
|
|||||||
authelia_config_ntp_max_desync: 3s
|
authelia_config_ntp_max_desync: 3s
|
||||||
authelia_config_ntp_disable_startup_check: false
|
authelia_config_ntp_disable_startup_check: false
|
||||||
authelia_config_ntp_disable_failure: false
|
authelia_config_ntp_disable_failure: false
|
||||||
authelia_config_authentication_backend_disable_reset_password: false
|
|
||||||
authelia_config_authentication_backend_refresh_interval: 5m
|
authelia_config_authentication_backend_refresh_interval: 5m
|
||||||
|
authelia_config_authentication_backend_password_reset_disable: false
|
||||||
authelia_config_authentication_backend_password_reset_custom_url: ~
|
authelia_config_authentication_backend_password_reset_custom_url: ~
|
||||||
authelia_config_authentication_backend_ldap_implementation: custom
|
authelia_config_authentication_backend_ldap_implementation: custom
|
||||||
authelia_config_authentication_backend_ldap_url: ldap://127.0.0.1:389
|
authelia_config_authentication_backend_ldap_url: ldap://127.0.0.1:389
|
||||||
@ -153,7 +157,7 @@ authelia_config_notifier_smtp_timeout: 5s
|
|||||||
authelia_config_notifier_smtp_sender: "Authelia on {{ authelia_domain }} <admin@{{ authelia_domain }}>"
|
authelia_config_notifier_smtp_sender: "Authelia on {{ authelia_domain }} <admin@{{ authelia_domain }}>"
|
||||||
authelia_config_notifier_smtp_identifier: "{{ authelia_domain }}"
|
authelia_config_notifier_smtp_identifier: "{{ authelia_domain }}"
|
||||||
authelia_config_notifier_smtp_subject: "[Authelia @ {{ authelia_domain }}] {title}"
|
authelia_config_notifier_smtp_subject: "[Authelia @ {{ authelia_domain }}] {title}"
|
||||||
authelia_config_notifier_smtp_startup_check_address: false
|
authelia_config_notifier_smtp_startup_check_address: "authelia-test@{{ authelia_domain }}"
|
||||||
authelia_config_notifier_smtp_disable_require_tls: false
|
authelia_config_notifier_smtp_disable_require_tls: false
|
||||||
authelia_config_notifier_smtp_disable_html_emails: false
|
authelia_config_notifier_smtp_disable_html_emails: false
|
||||||
authelia_config_notifier_smtp_tls_skip_verify: false
|
authelia_config_notifier_smtp_tls_skip_verify: false
|
||||||
|
@ -14,6 +14,7 @@
|
|||||||
owner: "{{ item.owner | default(authelia_user) }}"
|
owner: "{{ item.owner | default(authelia_user) }}"
|
||||||
group: "{{ item.group | default(authelia_user) }}"
|
group: "{{ item.group | default(authelia_user) }}"
|
||||||
mode: "{{ item.mode | default('0750') }}"
|
mode: "{{ item.mode | default('0750') }}"
|
||||||
|
when: item.path | default(false, true) | bool
|
||||||
loop:
|
loop:
|
||||||
- path: "{{ authelia_base_dir }}"
|
- path: "{{ authelia_base_dir }}"
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
@ -21,6 +22,8 @@
|
|||||||
mode: "0750"
|
mode: "0750"
|
||||||
- path: "{{ authelia_data_dir }}"
|
- path: "{{ authelia_data_dir }}"
|
||||||
mode: "0750"
|
mode: "0750"
|
||||||
|
- path: "{{ authelia_asset_dir }}"
|
||||||
|
mode: "0750"
|
||||||
|
|
||||||
- name: Ensure config file is generated
|
- name: Ensure config file is generated
|
||||||
copy:
|
copy:
|
||||||
|
@ -5,6 +5,7 @@ authelia_run_group: "{{ (authelia_user_info.group) if authelia_user_info is defi
|
|||||||
|
|
||||||
authelia_container_base_volumes: >-2
|
authelia_container_base_volumes: >-2
|
||||||
{{ [ authelia_config_file + ":/config/configuration.yml:ro"]
|
{{ [ authelia_config_file + ":/config/configuration.yml:ro"]
|
||||||
|
+ ([authelia_asset_dir + '/:' + authelia_config_server_asset_path + ':ro'] if authelia_asset_dir | default(false, true) else [])
|
||||||
+ ([ authelia_sqlite_storage_file + ":" + authelia_config_storage_local_path + ":z" ]
|
+ ([ authelia_sqlite_storage_file + ":" + authelia_config_storage_local_path + ":z" ]
|
||||||
if authelia_config_storage_local_path | default(false, true) else [])
|
if authelia_config_storage_local_path | default(false, true) else [])
|
||||||
+ ([ authelia_notification_storage_file + ":" + authelia_config_notifier_filesystem_filename + ":z" ]
|
+ ([ authelia_notification_storage_file + ":" + authelia_config_notifier_filesystem_filename + ":z" ]
|
||||||
@ -21,6 +22,7 @@ authelia_top_level_config:
|
|||||||
theme: "{{ authelia_config_theme }}"
|
theme: "{{ authelia_config_theme }}"
|
||||||
jwt_secret: "{{ authelia_config_jwt_secret }}"
|
jwt_secret: "{{ authelia_config_jwt_secret }}"
|
||||||
log: "{{ authelia_config_log }}"
|
log: "{{ authelia_config_log }}"
|
||||||
|
telemetry: "{{ authelia_config_telemetry }}"
|
||||||
totp: "{{ authelia_config_totp }}"
|
totp: "{{ authelia_config_totp }}"
|
||||||
webauthn: "{{ authelia_config_webauthn }}"
|
webauthn: "{{ authelia_config_webauthn }}"
|
||||||
duo_api: "{{ authelia_config_duo_api }}"
|
duo_api: "{{ authelia_config_duo_api }}"
|
||||||
@ -49,6 +51,7 @@ authelia_config_server: >-2
|
|||||||
"host": authelia_config_server_host,
|
"host": authelia_config_server_host,
|
||||||
"port": authelia_config_server_port,
|
"port": authelia_config_server_port,
|
||||||
"path": authelia_config_server_path,
|
"path": authelia_config_server_path,
|
||||||
|
"asset_path": authelia_config_server_asset_path,
|
||||||
"read_buffer_size": authelia_config_server_read_buffer_size,
|
"read_buffer_size": authelia_config_server_read_buffer_size,
|
||||||
"write_buffer_size": authelia_config_server_write_buffer_size,
|
"write_buffer_size": authelia_config_server_write_buffer_size,
|
||||||
"enable_pprof": authelia_config_server_enable_pprof,
|
"enable_pprof": authelia_config_server_enable_pprof,
|
||||||
@ -72,6 +75,10 @@ authelia_config_log: >-2
|
|||||||
| combine({"keep_stdout": authelia_config_log_keep_stdout}
|
| combine({"keep_stdout": authelia_config_log_keep_stdout}
|
||||||
if authelia_config_log_file_path | default(false, true) else {})
|
if authelia_config_log_file_path | default(false, true) else {})
|
||||||
}}
|
}}
|
||||||
|
authelia_config_telemetry:
|
||||||
|
metrics:
|
||||||
|
enabled: "{{ authelia_config_telemetry_metrics_enabled }}"
|
||||||
|
address: "{{ authelia_config_telemetry_metrics_address }}"
|
||||||
authelia_config_totp:
|
authelia_config_totp:
|
||||||
disable: "{{ authelia_config_totp_disable }}"
|
disable: "{{ authelia_config_totp_disable }}"
|
||||||
issuer: "{{ authelia_config_totp_issuer }}"
|
issuer: "{{ authelia_config_totp_issuer }}"
|
||||||
@ -101,7 +108,6 @@ authelia_config_ntp:
|
|||||||
authelia_config_authentication_backend: >-2
|
authelia_config_authentication_backend: >-2
|
||||||
{{
|
{{
|
||||||
{
|
{
|
||||||
"disable_reset_password": authelia_config_authentication_backend_disable_reset_password,
|
|
||||||
"refresh_interval": authelia_config_authentication_backend_refresh_interval,
|
"refresh_interval": authelia_config_authentication_backend_refresh_interval,
|
||||||
}
|
}
|
||||||
| combine({"password_reset": authelia_config_authentication_backend_password_reset}
|
| combine({"password_reset": authelia_config_authentication_backend_password_reset}
|
||||||
@ -112,6 +118,7 @@ authelia_config_authentication_backend: >-2
|
|||||||
}}
|
}}
|
||||||
authelia_config_authentication_backend_password_reset:
|
authelia_config_authentication_backend_password_reset:
|
||||||
custom_url: "{{ authelia_config_authentication_backend_password_reset_custom_url }}"
|
custom_url: "{{ authelia_config_authentication_backend_password_reset_custom_url }}"
|
||||||
|
disable: "{{ authelia_config_authentication_backend_password_reset_disable }}"
|
||||||
authelia_config_authentication_backend_ldap:
|
authelia_config_authentication_backend_ldap:
|
||||||
implementation: "{{ authelia_config_authentication_backend_ldap_implementation }}"
|
implementation: "{{ authelia_config_authentication_backend_ldap_implementation }}"
|
||||||
url: "{{ authelia_config_authentication_backend_ldap_url }}"
|
url: "{{ authelia_config_authentication_backend_ldap_url }}"
|
||||||
|
22
roles/elasticsearch/README.md
Normal file
22
roles/elasticsearch/README.md
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
# `finallycoffee.services.elastiscsearch`
|
||||||
|
|
||||||
|
A simple ansible role which deploys a single-node elastic container to provide
|
||||||
|
an easy way to do some indexing.
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
Per default, `/opt/elasticsearch/data` is used to persist data, it is
|
||||||
|
customizable by using either `elasticsearch_base_path` or `elasticsearch_data_path`.
|
||||||
|
|
||||||
|
As elasticsearch be can be quite memory heavy, the maximum amount of allowed RAM
|
||||||
|
can be configured using `elasticsearch_allocated_ram_mb`, defaulting to 512 (mb).
|
||||||
|
|
||||||
|
The cluster name and discovery type can be overridden using
|
||||||
|
`elasticsearch_config_cluster_name` (default: elastic) and
|
||||||
|
`elasticsearch_config_discovery_type` (default: single-node), should one
|
||||||
|
need a multi-node elasticsearch deployment.
|
||||||
|
|
||||||
|
Per default, no ports or networks are mapped, and explizit mapping using
|
||||||
|
either ports (`elasticsearch_container_ports`) or networks
|
||||||
|
(`elasticsearch_container_networks`) is required in order for other services
|
||||||
|
to use elastic.
|
@ -1,6 +1,6 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
gitea_version: "1.16.8"
|
gitea_version: "1.17.0"
|
||||||
gitea_user: git
|
gitea_user: git
|
||||||
gitea_base_path: "/opt/gitea"
|
gitea_base_path: "/opt/gitea"
|
||||||
gitea_data_path: "{{ gitea_base_path }}/data"
|
gitea_data_path: "{{ gitea_base_path }}/data"
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
jellyfin_user: jellyfin
|
jellyfin_user: jellyfin
|
||||||
|
jellyfin_version: 10.8.1
|
||||||
|
|
||||||
jellyfin_base_path: /opt/jellyfin
|
jellyfin_base_path: /opt/jellyfin
|
||||||
jellyfin_config_path: "{{ jellyfin_base_path }}/config"
|
jellyfin_config_path: "{{ jellyfin_base_path }}/config"
|
||||||
@ -10,11 +11,13 @@ jellyfin_media_volumes: []
|
|||||||
|
|
||||||
jellyfin_container_name: jellyfin
|
jellyfin_container_name: jellyfin
|
||||||
jellyfin_container_image_name: "docker.io/jellyfin/jellyfin"
|
jellyfin_container_image_name: "docker.io/jellyfin/jellyfin"
|
||||||
jellyfin_container_image_tag: "latest"
|
jellyfin_container_image_tag: ~
|
||||||
jellyfin_container_image_ref: "{{ jellyfin_container_image_name }}:{{ jellyfin_container_image_tag }}"
|
jellyfin_container_image_ref: "{{ jellyfin_container_image_name }}:{{ jellyfin_container_image_tag | default(jellyfin_version, true) }}"
|
||||||
jellyfin_container_network_mode: host
|
jellyfin_container_network_mode: host
|
||||||
jellyfin_container_networks: ~
|
jellyfin_container_networks: ~
|
||||||
jellyfin_container_volumes: "{{ jellyfin_container_base_volumes + jellyfin_media_volumes }}"
|
jellyfin_container_volumes: "{{ jellyfin_container_base_volumes + jellyfin_media_volumes }}"
|
||||||
|
jellyfin_container_labels: "{{ jellyfin_container_base_labels | combine(jellyfin_container_extra_labels) }}"
|
||||||
|
jellyfin_container_extra_labels: {}
|
||||||
jellyfin_container_restart_policy: "unless-stopped"
|
jellyfin_container_restart_policy: "unless-stopped"
|
||||||
|
|
||||||
jellyfin_host_directories:
|
jellyfin_host_directories:
|
||||||
|
@ -21,13 +21,18 @@
|
|||||||
name: "{{ jellyfin_container_image_ref }}"
|
name: "{{ jellyfin_container_image_ref }}"
|
||||||
state: present
|
state: present
|
||||||
source: pull
|
source: pull
|
||||||
force_source: "{{ jellyfin_container_image_tag in ['stable', 'unstable'] }}"
|
force_source: "{{ jellyfin_container_image_tag | default(false, true) }}"
|
||||||
|
register: jellyfin_container_image_pull_result
|
||||||
|
until: jellyfin_container_image_pull_result is succeeded
|
||||||
|
retries: 5
|
||||||
|
delay: 3
|
||||||
|
|
||||||
- name: Ensure container '{{ jellyfin_container_name }}' is running
|
- name: Ensure container '{{ jellyfin_container_name }}' is running
|
||||||
docker_container:
|
docker_container:
|
||||||
name: "{{ jellyfin_container_name }}"
|
name: "{{ jellyfin_container_name }}"
|
||||||
image: "{{ jellyfin_container_image_ref }}"
|
image: "{{ jellyfin_container_image_ref }}"
|
||||||
user: "{{ jellyfin_uid }}:{{ jellyfin_gid }}"
|
user: "{{ jellyfin_uid }}:{{ jellyfin_gid }}"
|
||||||
|
labels: "{{ jellyfin_container_labels }}"
|
||||||
volumes: "{{ jellyfin_container_volumes }}"
|
volumes: "{{ jellyfin_container_volumes }}"
|
||||||
networks: "{{ jellyfin_container_networks | default(omit, True) }}"
|
networks: "{{ jellyfin_container_networks | default(omit, True) }}"
|
||||||
network_mode: "{{ jellyfin_container_network_mode }}"
|
network_mode: "{{ jellyfin_container_network_mode }}"
|
||||||
|
@ -3,3 +3,6 @@
|
|||||||
jellyfin_container_base_volumes:
|
jellyfin_container_base_volumes:
|
||||||
- "{{ jellyfin_config_path }}:/config:z"
|
- "{{ jellyfin_config_path }}:/config:z"
|
||||||
- "{{ jellyfin_cache_path }}:/cache:z"
|
- "{{ jellyfin_cache_path }}:/cache:z"
|
||||||
|
|
||||||
|
jellyfin_container_base_labels:
|
||||||
|
version: "{{ jellyfin_version }}"
|
||||||
|
Loading…
x
Reference in New Issue
Block a user