Merge branch 'nc' into main

Mayurifag · Apr 20, 2024 · afc39f5 · afc39f5
2 parents d6572de + 1d4b88d
commit afc39f5
Show file tree

Hide file tree

Showing 35 changed files with 85 additions and 381 deletions.
diff --git a/README.md b/README.md
@@ -98,28 +98,26 @@ Host mayurifag-prod
 
 ## Applications List
 
-| Name                    | Default endpoint                             | App. Port     |
-| ----------------------- | -------------------------------------------- | ------------- |
-| Blocky                  | -                                            | -             |
-| Doku                    | <http://doku.mayurifag.local>                | 9090          |
-| Dozzle                  | <http://dozzle.mayurifag.local>              | 8080          |
-| Filerun                 | <http://filerun.mayurifag.local>             | 80 [+3306 db] |
-| Filebrowser             | <http://fb.mayurifag.local>                  | 80            |
-| Glances                 | <http://glances.mayurifag.local>             | 61208/61209   |
-| Go-socks5-proxy         | <socks5://mayurifag.local:7777> (+auth)      | 1080          |
-| Homer                   | <http://homer.mayurifag.local>               | 8080          |
-| Hemmelig                | <http://secret.mayurifag.local>              | 3000          |
-| mayurifag.github.io     | <http://mayurifag.local>                     | 8005          |
-| Navidrome               | <http://mus.mayurifag.local>                 | 80            |
-| Netdata                 | <http://netdata.mayurifag.local>             | 19999         |
-| Nextcloud               | <http://nextcloud.mayurifag.local>           | 80            |
-| Owncloud Infinite Scale | <http://ocis.mayurifag.local>                | 9200          |
-| Portainer               | <http://portainer.mayurifag.local>           | 9000          |
-| Shadowsocks-rust        | <https://ss.mayurifag.local/xray> (uses TLS) | 1080          |
-| Wallabag                | <http://wallabag.mayurifag.local>            | 80            |
-| Watchtower              | -                                            | -             |
-| Wireguard-Easy          | <http://wg.mayurifag.local>                  | 58172         |
-| Whattocommit            | <http://commit.mayurifag.local>              | 8080          |
+| Name                    | Default endpoint                             | App. Port   |
+| ----------------------- | -------------------------------------------- | ----------- |
+| Blocky                  | -                                            | -           |
+| Doku                    | <http://doku.mayurifag.local>                | 9090        |
+| Dozzle                  | <http://dozzle.mayurifag.local>              | 8080        |
+| Filebrowser             | <http://fb.mayurifag.local>                  | 80          |
+| Glances                 | <http://glances.mayurifag.local>             | 61208/61209 |
+| Go-socks5-proxy         | <socks5://mayurifag.local:7777> (+auth)      | 1080        |
+| Homer                   | <http://homer.mayurifag.local>               | 8080        |
+| Hemmelig                | <http://secret.mayurifag.local>              | 3000        |
+| mayurifag.github.io     | <http://mayurifag.local>                     | 8005        |
+| Navidrome               | <http://mus.mayurifag.local>                 | 80          |
+| Netdata                 | <http://netdata.mayurifag.local>             | 19999       |
+| Owncloud Infinite Scale | <http://ocis.mayurifag.local>                | 9200        |
+| Portainer               | <http://portainer.mayurifag.local>           | 9000        |
+| Shadowsocks-rust        | <https://ss.mayurifag.local/xray> (uses TLS) | 1080        |
+| Wallabag                | <http://wallabag.mayurifag.local>            | 80          |
+| Watchtower              | -                                            | -           |
+| Wireguard-Easy          | <http://wg.mayurifag.local>                  | 58172       |
+| Whattocommit            | <http://commit.mayurifag.local>              | 8080        |
 
 ## TODO
 
@@ -131,6 +129,8 @@ need to deploy my services once again.
 
 ### High priority
 
+- [ ] Some strange things with Traefik config. If problem with "my-headers" ->
+  return "my-headers@file"
 - [ ] Log rotation for docker containers
 - [ ] ~~https://github.com/alexta69/metube~~
 - [ ] ~~Add cleaning up apt-get to get extra 1GB~~

diff --git a/Vagrantfile b/Vagrantfile
@@ -32,11 +32,9 @@ Vagrant.configure(2) do |config|
       dozzle.mayurifag.local
       glances.mayurifag.local
       fb.mayurifag.local
-      filerun.mayurifag.local
       homer.mayurifag.local
       mus.mayurifag.local
       netdata.mayurifag.local
-      nextcloud.mayurifag.local
       ocis.mayurifag.local
       portainer.mayurifag.local
       traefik.mayurifag.local

diff --git a/group_vars/all.yml b/group_vars/all.yml
@@ -82,18 +82,12 @@ doku_subdomain: "doku"
 whattocommit_enabled: true
 whattocommit_subdomain: "commit"
 
-nextcloud_enabled: true
-nextcloud_subdomain: "nextcloud"
-
 ocis_enabled: true
 ocis_subdomain: "ocis"
 
 filebrowser_enabled: true
 filebrowser_subdomain: "fb"
 
-filerun_enabled: true
-filerun_subdomain: "filerun"
-
 blocky_enabled: true
 
 navidrome_enabled: true

diff --git a/inventories/sample/group_vars/sample.yml b/inventories/sample/group_vars/sample.yml
@@ -78,18 +78,12 @@ doku_subdomain: "doku"
 whattocommit_enabled: true
 whattocommit_subdomain: "commit"
 
-nextcloud_enabled: true
-nextcloud_subdomain: "nextcloud"
-
 ocis_enabled: true
 ocis_subdomain: "ocis"
 
 filebrowser_enabled: true
 filebrowser_subdomain: "fb"
 
-filerun_enabled: true
-filerun_subdomain: "filerun"
-
 blocky_enabled: true
 
 navidrome_enabled: true

diff --git a/provisioning.yml b/provisioning.yml
@@ -83,11 +83,6 @@
         - blocky
       when: (blocky_enabled | default(False))
 
-    - role: nextcloud
-      tags:
-        - nextcloud
-      when: (nextcloud_enabled | default(False))
-
     - role: ocis
       tags:
         - ocis
@@ -138,11 +133,6 @@
         - dozzle
       when: (dozzle_enabled | default(False))
 
-    - role: filerun
-      tags:
-        - filerun
-      when: (filerun_enabled | default(False))
-
     - role: hemmelig
       tags:
         - hemmelig
@@ -153,12 +143,6 @@
         - navidrome
       when: (navidrome_enabled | default(False))
 
-    # Nextcloud is unable to configure right after install and I dont want to wait untill il will be ok. So moved this section here.
-    - role: nextcloud_config
-      tags:
-        - nextcloud
-      when: (nextcloud_enabled | default(False))
-
     - role: geerlingguy.security
 
     - role: cheatsheet
diff --git a/roles/cheatsheet/tasks/main.yml b/roles/cheatsheet/tasks/main.yml
@@ -17,13 +17,6 @@
       Dont forget to change SSH configuration (user, etc.)
       $ ssh mayurifag-prod
 
-      ### Nextcloud
-
-      - Remove all files
-      - Settings: Language/Locale; Accessibility -> Dark Theme
-      - Disable apps: Collaborative tags, Usage survey, First run wizard, Monitoring
-      - Enable apps: News, Notes, Keeweb, Calendar, Contacts, Tasks
-
       ### Wallabag
 
       Change default user's password from `wallabag:wallabag` into anything else.
@@ -32,13 +25,7 @@
 
       Make user and add default docker entrypoint.
 
-      ### Filerun
-
-      Change username
-      Set dark theme
-      Enable API
-
-      ### Files Nextcloud/Filerun
+      ### Files (Filebrowser/OCIS)
 
       You have to sync files now via app. Setup iOS/Android/Mac/Win(?)
       Sync bookmarks via floccus

diff --git a/roles/doku/tasks/main.yml b/roles/doku/tasks/main.yml
@@ -5,11 +5,11 @@
     image: amerkurev/doku
     pull: true
     volumes:
-      - '/var/run/docker.sock:/var/run/docker.sock:ro'
-      - '/:/hostroot:ro'
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+      - "/:/hostroot:ro"
     restart_policy: unless-stopped
     labels:
       traefik.enable: "{{ doku_available_externally }}"
       traefik.http.routers.doku.rule: "Host(`{{ doku_subdomain }}.{{ server_hostname }}`)"
       traefik.http.services.doku.loadbalancer.server.port: "9090"
-      traefik.http.routers.doku.middlewares: "auth@file,my-headers@file"
+      traefik.http.routers.doku.middlewares: "auth,my-headers"
diff --git a/roles/dozzle/tasks/main.yml b/roles/dozzle/tasks/main.yml
@@ -16,4 +16,4 @@
       traefik.enable: "{{ dozzle_available_externally }}"
       traefik.http.routers.dozzle.rule: "Host(`{{ dozzle_subdomain }}.{{ server_hostname }}`)"
       traefik.http.services.dozzle.loadbalancer.server.port: "8080"
-      traefik.http.routers.dozzle.middlewares: "my-headers@file"
+      traefik.http.routers.dozzle.middlewares: "my-headers"
diff --git a/roles/filebrowser/defaults/main.yml b/roles/filebrowser/defaults/main.yml
@@ -2,13 +2,14 @@
 filebrowser_enabled: true
 filebrowser_available_externally: "true"
 
-filebrowser_data_directory: "{{ files_home }}/filebrowser"
+filebrowser_data_directory: "{{ docker_home }}/filebrowser"
 filebrowser_files_directory: "{{ files_home }}/"
 
 filebrowser_container: "filebrowser/filebrowser"
 filebrowser_version: "v2.28.0-s6"
 
 filebrowser_subdomain: "fb"
+syncthing_subdomain: "st"
 
 filebroswer_uid: "{{ admin_uid }}"
 filebroswer_gid: "{{ admin_gid }}"
diff --git a/roles/filebrowser/tasks/main.yml b/roles/filebrowser/tasks/main.yml
@@ -10,10 +10,11 @@
     state: directory
     owner: "{{ filebroswer_uid }}"
     group: "{{ filebroswer_gid }}"
-    mode: u+rw,g-wx,o-rwx
+    mode: u+rwx,g+rwx,o-rwx
   with_items:
     - "{{ filebrowser_files_directory }}"
     - "{{ filebrowser_data_directory }}/config"
+    - "{{ filebrowser_data_directory }}/syncthing_config"
 
 - name: Touch Filebrowser database file
   file:
@@ -42,7 +43,7 @@
     volumes:
       - "{{ filebrowser_data_directory }}/config/filebrowser.db:/database/filebrowser.db"
       - "{{ filebrowser_data_directory }}/config/settings.json:/config/settings.json"
-      - "{{ filebrowser_data_directory }}/files:/srv"
+      - "{{ filebrowser_files_directory }}/:/srv"
     env:
       TZ: "{{ server_timezone }}"
       PUID: "{{ filebroswer_uid }}"
@@ -58,4 +59,28 @@
       traefik.enable: "{{ filebrowser_available_externally }}"
       traefik.http.routers.filebrowser.rule: "Host(`{{ filebrowser_subdomain }}.{{ server_hostname }}`)"
       traefik.http.services.filebrowser.loadbalancer.server.port: "80"
-      traefik.http.routers.filebrowser.middlewares: "my-headers@file"
+      # traefik.http.routers.filebrowser.middlewares: "my-headers"
+
+- name: Syncthing Docker Container
+  docker_container:
+    name: syncthing
+    image: "linuxserver/syncthing"
+    pull: true
+    recreate: yes
+    volumes:
+      - "{{ filebrowser_data_directory }}/syncthing_config:/config"
+      - "{{ filebrowser_files_directory }}:/mnt"
+    env:
+      TZ: "{{ server_timezone }}"
+      PUID: "{{ filebroswer_uid }}"
+      PGID: "{{ filebroswer_gid }}"
+    ports:
+      # - "8384:8384" # web ui - we pass it through traefik
+      - "22000:22000"
+      - "21027:21027/udp"
+    restart_policy: unless-stopped
+    labels:
+      traefik.enable: "{{ filebrowser_available_externally }}"
+      traefik.http.routers.syncthing.rule: "Host(`{{ syncthing_subdomain }}.{{ server_hostname }}`)"
+      traefik.http.services.syncthing.loadbalancer.server.port: "8384"
+      # traefik.http.routers.syncthing.middlewares: "my-headers"
diff --git a/roles/filerun/defaults/main.yml b/roles/filerun/defaults/main.yml
diff --git a/roles/filerun/tasks/main.yml b/roles/filerun/tasks/main.yml
diff --git a/roles/filerun/templates/config.php.j2 b/roles/filerun/templates/config.php.j2
diff --git a/roles/glances/tasks/main.yml b/roles/glances/tasks/main.yml
@@ -16,4 +16,4 @@
       traefik.enable: "{{ glances_available_externally }}"
       traefik.http.routers.glances.rule: "Host(`{{ glances_subdomain }}.{{ server_hostname }}`)"
       traefik.http.services.glances.loadbalancer.server.port: "61208"
-      traefik.http.routers.glances.middlewares: "auth@file,my-headers@file"
+      traefik.http.routers.glances.middlewares: "auth,my-headers"
diff --git a/roles/hemmelig/tasks/main.yml b/roles/hemmelig/tasks/main.yml
@@ -28,4 +28,4 @@
       traefik.enable: "{{ hemmelig_available_externally }}"
       traefik.http.routers.hemmelig.rule: "Host(`{{ hemmelig_subdomain }}.{{ server_hostname }}`)"
       traefik.http.services.hemmelig.loadbalancer.server.port: "3000"
-      traefik.http.routers.hemmelig.middlewares: "my-headers@file"
+      traefik.http.routers.hemmelig.middlewares: "my-headers"
diff --git a/roles/homer/tasks/main.yml b/roles/homer/tasks/main.yml
@@ -24,4 +24,4 @@
       traefik.enable: "true"
       traefik.http.routers.homer.rule: "Host(`{{ homer_subdomain }}.{{ server_hostname }}`)"
       traefik.http.services.homer.loadbalancer.server.port: "8080"
-      traefik.http.routers.homer.middlewares: "auth@file,my-headers@file"
+      traefik.http.routers.homer.middlewares: "auth,my-headers"
diff --git a/roles/homer/templates/config.yml.j2 b/roles/homer/templates/config.yml.j2
@@ -55,18 +55,6 @@ services:
   - name: "Services"
     icon: "fas fa-laptop-code"
     items:
-{% if nextcloud_enabled == true %}
-      - name: "Nextcloud"
-        icon: "fas fa-cloud"
-        subtitle: "Auth need to configure"
-        url: "http://{{ nextcloud_subdomain }}.{{ server_hostname }}"
-{% endif %}
-{% if filerun_enabled == true %}
-      - name: "Filerun"
-        icon: "fas fa-cloud"
-        subtitle: "Auth need to configure"
-        url: "http://{{ filerun_subdomain }}.{{ server_hostname }}"
-{% endif %}
 {% if portainer_enabled == true %}
       - name: "Portainer"
         icon: "fas fa-toolbox"

diff --git a/roles/mayurifag_github_io/tasks/main.yml b/roles/mayurifag_github_io/tasks/main.yml
@@ -10,4 +10,4 @@
       traefik.enable: "{{ mayurifag_github_io_available_externally }}"
       traefik.http.routers.mayurifag_github_io.rule: "Host(`{{ server_hostname }}`)"
       traefik.http.services.mayurifag_github_io.loadbalancer.server.port: "8005"
-      traefik.http.routers.mayurifag_github_io.middlewares: "my-headers@file"
+      traefik.http.routers.mayurifag_github_io.middlewares: "my-headers"