This commit is contained in:
Julian-Samuel Gebühr 2023-03-25 18:35:44 +01:00
commit e18838f91c
5 changed files with 115 additions and 77 deletions

View file

@ -76,3 +76,10 @@ After installation, you can go to the AdGuard Home URL, as defined in `adguard_h
As mentioned in the [URL](#url) section above, you may hit some annoyances when hosting under a subpath.
The first time you visit the AdGuard Home pages, you'll go through a setup wizard **make sure to set the HTTP port to `3000`**. This is the in-container port that our Traefik setup expects and uses for serving the install wizard to begin with. If you go with the default (`80`), the web UI will stop working after the installation wizard completes.
Things you should consider doing later:
- increasing the per-client Rate Limit (from the default of `20`) in the **DNS server configuration** section in **Settings** -> **DNS Settings**
- enabling caching in the **DNS cache configuration** section in **Settings** -> **DNS Settings**
- adding additional blocklists by discovering them on [Firebog](https://firebog.net/) or other sources and importing them from **Filters** -> **DNS blocklists**
- reading the AdGuard Home [README](https://github.com/AdguardTeam/AdGuardHome/blob/master/README.md) and [Wiki](https://github.com/AdguardTeam/AdGuardHome/wiki)

View file

@ -25,12 +25,7 @@ system_swap_enabled: true
A swap file will be created in `/var/swap` (configured using the `system_swap_path` variable) and enabled in your `/etc/fstab` file.
By default, the swap file will have the following size:
- on systems with `<= 2GB` of RAM, swap file size = `total RAM * 2`
- on systems with `> 2GB` of RAM, swap file size = `1GB`
To avoid these calculations and set your own size explicitly, set the `system_swap_size` variable in megabytes, example (4gb):
By default, the swap file will have `1GB` size, but you can set the `system_swap_size` variable in megabytes, example (4gb):
```yaml
system_swap_size: 4096

View file

@ -1275,6 +1275,30 @@ hubsite_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResol
# Services
##########
# Adguard home
hubsite_service_adguard_home_enabled: "{{ adguard_home_enabled }}"
hubsite_service_adguard_home_name: Adguard Home
hubsite_service_adguard_home_url: "https://{{ adguard_home_hostname }}{{ adguard_home_path_prefix }}"
hubsite_service_adguard_home_logo_location: "{{ role_path }}/assets/shield.png"
hubsite_service_adguard_home_description: "A network-wide DNS software for blocking ads & tracking"
hubsite_service_adguard_home_priority: 1000
# Docker Registry Browser
hubsite_service_docker_registry_browser_enabled: "{{ docker_registry_browser_enabled }}"
hubsite_service_docker_registry_browser_name: Docker Registry Browser
hubsite_service_docker_registry_browser_url: "https://{{ docker_registry_browser_hostname }}{{ docker_registry_browser_path_prefix }}"
hubsite_service_docker_registry_browser_logo_location: "{{ role_path }}/assets/docker.png"
hubsite_service_docker_registry_browser_description: "Browse docker images"
hubsite_service_docker_registry_browser_priority: 1000
# Focalboard
hubsite_service_focalboard_enabled: "{{ focalboard_enabled }}"
hubsite_service_focalboard_name: Focalboard
hubsite_service_focalboard_url: "https://{{ focalboard_hostname }}{{ focalboard_path_prefix }}"
hubsite_service_focalboard_logo_location: "{{ role_path }}/assets/focalboard.png"
hubsite_service_focalboard_description: "An open source, self-hosted alternative to Trello, Notion, and Asana."
hubsite_service_focalboard_priority: 1000
# Gitea
hubsite_service_gitea_enabled: "{{ gitea_enabled }}"
hubsite_service_gitea_name: Gitea
@ -1291,6 +1315,14 @@ hubsite_service_gotosocial_logo_location: "{{ role_path }}/assets/gotosocial.png
hubsite_service_gotosocial_description: "A fediverse server"
hubsite_service_gotosocial_priority: 1000
# Grafana
hubsite_service_grafana_enabled: "{{ grafana_enabled }}"
hubsite_service_grafana_name: Grafana
hubsite_service_grafana_url: "https://{{ grafana_hostname }}{{ grafana_path_prefix }}"
hubsite_service_grafana_logo_location: "{{ role_path }}/assets/grafana.png"
hubsite_service_grafana_description: "Check how your server is doing"
hubsite_service_grafana_priority: 1000
# Miniflux
hubsite_service_miniflux_enabled: "{{ miniflux_enabled }}"
hubsite_service_miniflux_name: Miniflux
@ -1315,6 +1347,22 @@ hubsite_service_peertube_logo_location: "{{ role_path }}/assets/peertube.png"
hubsite_service_peertube_description: "Watch and upload videos"
hubsite_service_peertube_priority: 1000
# Radicale
hubsite_service_radicale_enabled: "{{ radicale_enabled }}"
hubsite_service_radicale_name: Radicale
hubsite_service_radicale_url: "https://{{ radicale_hostname }}{{ radicale_path_prefix }}"
hubsite_service_radicale_logo_location: "{{ role_path }}/assets/radicale.png"
hubsite_service_radicale_description: "Sync contacts and calendars"
hubsite_service_radicale_priority: 1000
# Syncthing
hubsite_service_syncthing_enabled: "{{ syncthing_enabled }}"
hubsite_service_syncthing_name: Syncthing
hubsite_service_syncthing_url: "https://{{ syncthing_hostname }}{{ syncthing_path_prefix }}"
hubsite_service_syncthing_logo_location: "{{ role_path }}/assets/syncthing.png"
hubsite_service_syncthing_description: "Sync your files"
hubsite_service_syncthing_priority: 1000
# Uptime Kuma
hubsite_service_uptime_kuma_enabled: "{{ uptime_kuma_enabled }}"
hubsite_service_uptime_kuma_name: Uptime Kuma
@ -1332,21 +1380,41 @@ hubsite_service_vaultwarden_logo_location: "{{ role_path }}/assets/vaultwarden.p
hubsite_service_vaultwarden_description: "Securely access your passwords"
hubsite_service_vaultwarden_priority: 1000
# Woodpecker CI
hubsite_service_woodpecker_ci_enabled: "{{ devture_woodpecker_ci_server_enabled }}"
hubsite_service_woodpecker_ci_name: Woodpecker CI
hubsite_service_woodpecker_ci_url: "https://{{ devture_woodpecker_ci_server_hostname }}"
hubsite_service_woodpecker_ci_logo_location: "{{ role_path }}/assets/woodpecker.png"
hubsite_service_woodpecker_ci_description: "Check you CI"
hubsite_service_woodpecker_ci_priority: 1000
hubsite_service_list_auto: |
{{
([{'name': hubsite_service_adguard_home_name, 'url': hubsite_service_adguard_home_url, 'logo_location': hubsite_service_adguard_home_logo_location, 'description': hubsite_service_adguard_home_description, 'priority': hubsite_service_adguard_home_priority}] if hubsite_service_adguard_home_enabled else [])
+
([{'name': hubsite_service_focalboard_name, 'url': hubsite_service_focalboard_url, 'logo_location': hubsite_service_focalboard_logo_location, 'description': hubsite_service_focalboard_description, 'priority': hubsite_service_focalboard_priority}] if hubsite_service_focalboard_enabled else [])
+
([{'name': hubsite_service_gitea_name, 'url': hubsite_service_gitea_url, 'logo_location': hubsite_service_gitea_logo_location, 'description': hubsite_service_gitea_description, 'priority': hubsite_service_gitea_priority}] if hubsite_service_gitea_enabled else [])
+
([{'name': hubsite_service_gotosocial_name, 'url': hubsite_service_gotosocial_url, 'logo_location': hubsite_service_gotosocial_logo_location, 'description': hubsite_service_gotosocial_description, 'priority': hubsite_service_gotosocial_priority}] if hubsite_service_gotosocial_enabled else [])
+
([{'name': hubsite_service_grafana_name, 'url': hubsite_service_grafana_url, 'logo_location': hubsite_service_grafana_logo_location, 'description': hubsite_service_grafana_description, 'priority': hubsite_service_grafana_priority}] if hubsite_service_grafana_enabled else [])
+
([{'name': hubsite_service_miniflux_name, 'url': hubsite_service_miniflux_url, 'logo_location': hubsite_service_miniflux_logo_location, 'description': hubsite_service_miniflux_description, 'priority': hubsite_service_miniflux_priority}] if hubsite_service_miniflux_enabled else [])
+
([{'name': hubsite_service_nextcloud_name, 'url': hubsite_service_nextcloud_url, 'logo_location': hubsite_service_nextcloud_logo_location, 'description': hubsite_service_nextcloud_description, 'priority': hubsite_service_nextcloud_priority}] if hubsite_service_nextcloud_enabled else [])
+
([{'name': hubsite_service_peertube_name, 'url': hubsite_service_peertube_url, 'logo_location': hubsite_service_peertube_logo_location, 'description': hubsite_service_peertube_description, 'priority': hubsite_service_peertube_priority}] if hubsite_service_peertube_enabled else [])
+
([{'name': hubsite_service_radicale_name, 'url': hubsite_service_radicale_url, 'logo_location': hubsite_service_radicale_logo_location, 'description': hubsite_service_radicale_description, 'priority': hubsite_service_radicale_priority}] if hubsite_service_radicale_enabled else [])
+
([{'name': hubsite_service_uptime_kuma_name, 'url': hubsite_service_uptime_kuma_url, 'logo_location': hubsite_service_uptime_kuma_logo_location, 'description': hubsite_service_uptime_kuma_description, 'priority': hubsite_service_uptime_kuma_priority}] if hubsite_service_uptime_kuma_enabled else [])
+
([{'name': hubsite_service_syncthing_name, 'url': hubsite_service_syncthing_url, 'logo_location': hubsite_service_syncthing_logo_location, 'description': hubsite_service_syncthing_description, 'priority': hubsite_service_syncthing_priority}] if hubsite_service_syncthing_enabled else [])
+
([{'name': hubsite_service_vaultwarden_name, 'url': hubsite_service_vaultwarden_url, 'logo_location': hubsite_service_vaultwarden_logo_location, 'description': hubsite_service_vaultwarden_description, 'priority': hubsite_service_vaultwarden_priority}] if hubsite_service_vaultwarden_enabled else [])
+
([{'name': hubsite_service_woodpecker_ci_name, 'url': hubsite_service_woodpecker_ci_url, 'logo_location': hubsite_service_woodpecker_ci_logo_location, 'description': hubsite_service_woodpecker_ci_description, 'priority': hubsite_service_woodpecker_ci_priority}] if hubsite_service_woodpecker_ci_enabled else [])
}}
########################################################################

View file

@ -1,44 +1,54 @@
# Shows help
default:
@just --list --justfile {{ justfile() }}
@just --list --justfile {{ justfile() }}
# Pulls external Ansible roles
roles:
rm -rf roles/galaxy
ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force
#!/usr/bin/env sh
set -euo pipefail
if [ -x "$(command -v agru)" ]; then
agru
else
rm -rf roles/galaxy
ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force
fi
# Updates requirements.yml if there are any new tags available. Requires agru
update:
@agru -u
# Runs ansible-lint against all roles in the playbook
lint:
ansible-lint
ansible-lint
# Runs the playbook with --tags=install-all,start and optional arguments
install-all *extra_args: (run-tags "install-all,start" extra_args)
# Runs installation tasks for a single service
install-service service *extra_args:
just --justfile {{ justfile() }} run --tags=install-{{ service }},start-group --extra-vars=group={{ service }} {{ extra_args }}
just --justfile {{ justfile() }} run --tags=install-{{ service }},start-group --extra-vars=group={{ service }} {{ extra_args }}
# Runs the playbook with --tags=setup-all,start and optional arguments
setup-all *extra_args: (run-tags "setup-all,start" extra_args)
# Runs the playbook with the given list of arguments
run +extra_args:
time ansible-playbook -i inventory/hosts setup.yml {{ extra_args }}
time ansible-playbook -i inventory/hosts setup.yml {{ extra_args }}
# Runs the playbook with the given list of comma-separated tags and optional arguments
run-tags tags *extra_args:
just --justfile {{ justfile() }} run --tags={{ tags }} {{ extra_args }}
just --justfile {{ justfile() }} run --tags={{ tags }} {{ extra_args }}
# Starts all services
start-all *extra_args: (run-tags "start-all" extra_args)
# Starts a specific service group
start-group group *extra_args:
@just --justfile {{ justfile() }} run-tags start-group --extra-vars="group={{ group }}" {{ extra_args }}
@just --justfile {{ justfile() }} run-tags start-group --extra-vars="group={{ group }}" {{ extra_args }}
# Stops all services
stop-all *extra_args: (run-tags "stop-all" extra_args)
# Stops a specific service group
stop-group group *extra_args:
@just --justfile {{ justfile() }} run-tags stop-group --extra-vars="group={{ group }}" {{ extra_args }}
@just --justfile {{ justfile() }} run-tags stop-group --extra-vars="group={{ group }}" {{ extra_args }}

View file

@ -1,141 +1,99 @@
---
- src: git+https://github.com/geerlingguy/ansible-role-docker
name: geerlingguy.docker
version: 6.1.0
- src: git+https://gitlab.com/etke.cc/roles/swap
version: 843a0222b76a5ec361b35f31bf4dc872b6d7d54e
- src: git+https://gitlab.com/etke.cc/roles/ssh
name: geerlingguy.docker
- src: git+https://gitlab.com/etke.cc/roles/swap.git
version: abfb18b6862108bbf24347500446203170324d7f
- src: git+https://gitlab.com/etke.cc/roles/ssh.git
version: 237adf859f9270db8a60e720bc4a58164806644e
- src: git+https://gitlab.com/etke.cc/roles/fail2ban
- src: git+https://gitlab.com/etke.cc/roles/fail2ban.git
version: 09886730e8d3c061f22d1da4a542899063f97f0a
- src: git+https://github.com/devture/com.devture.ansible.role.docker_sdk_for_python.git
version: 129c8590e106b83e6f4c259649a613c6279e937a
- src: git+https://github.com/devture/com.devture.ansible.role.playbook_help.git
version: c1f40e82b4d6b072b6f0e885239322bdaaaf554f
- src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git
version: 327d2e17f5189ac2480d6012f58cf64a2b46efba
- src: git+https://github.com/devture/com.devture.ansible.role.timesync.git
version: 3d5bb2976815958cdce3f368fa34fb51554f899b
- src: git+https://github.com/devture/com.devture.ansible.role.playbook_state_preserver.git
version: ff2fd42e1c1a9e28e3312bbd725395f9c2fc7f16
- src: git+https://github.com/devture/com.devture.ansible.role.postgres.git
version: 38764398bf82b06a1736c3bfedc71dfd229e4b52
- src: git+https://github.com/devture/com.devture.ansible.role.postgres_backup.git
version: 8e9ec48a09284c84704d7a2dce17da35f181574d
- src: git+https://github.com/devture/com.devture.ansible.role.container_socket_proxy.git
version: v0.1.1-1
- src: git+https://github.com/devture/com.devture.ansible.role.traefik.git
version: v2.9.9-0
- src: git+https://github.com/devture/com.devture.ansible.role.systemd_service_manager.git
version: 6ccb88ac5fc27e1e70afcd48278ade4b564a9096
- src: git+https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages.git
version: 9b4b088c62b528b73a9a7c93d3109b091dd42ec6
- src: git+https://github.com/devture/com.devture.ansible.role.woodpecker_ci_server.git
version: v0.15.7-2
- src: git+https://github.com/devture/com.devture.ansible.role.woodpecker_ci_agent.git
version: v0.15.7-1
- src: git+https://gitlab.com/etke.cc/roles/miniflux.git
version: v2.0.43-2
- src: git+https://gitlab.com/etke.cc/roles/grafana.git
version: v9.4.7-0
- src: git+https://gitlab.com/etke.cc/roles/radicale.git
version: v3.1.8.1-2
- src: git+https://gitlab.com/etke.cc/roles/uptime_kuma.git
version: v1.21.0-0
- src: git+https://gitlab.com/etke.cc/roles/redis.git
version: v7.0.10-0
- src: git+https://gitlab.com/etke.cc/roles/prometheus_node_exporter.git
version: v1.5.0-7
- src: git+https://gitlab.com/etke.cc/roles/prometheus_blackbox_exporter.git
version: v0.23.0-3
- src: git+https://gitlab.com/etke.cc/roles/redmine.git
version: v5.0.5-1
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-adguard-home.git
name: adguard_home
version: v0.107.26-0
name: adguard_home
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-aux.git
version: v1.0.0-0
name: aux
version: v1.0.0-0
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-collabora-online.git
name: collabora_online
version: v22.05.12.1.1-0
name: collabora_online
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-docker-registry.git
name: docker_registry
version: v2.8.1-1
name: docker_registry
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-docker-registry-browser.git
name: docker_registry_browser
version: v1.6.0-0
name: docker_registry_browser
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-docker-registry-purger.git
name: docker_registry_purger
version: v1.0.0-0
name: docker_registry_purger
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-focalboard.git
name: focalboard
version: v7.8.0-0
name: focalboard
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-gitea.git
name: gitea
version: v1.19.0-0
name: gitea
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-nextcloud.git
name: nextcloud
version: v26.0.0-0
name: nextcloud
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-peertube.git
name: peertube
version: v5.1.0-0
name: peertube
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git
name: prometheus
version: v2.43.0-0
name: prometheus
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-syncthing.git
name: syncthing
version: v1.23.2-0
name: syncthing
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-vaultwarden.git
name: vaultwarden
version: v1.27.0-2
name: vaultwarden
- src: git+https://github.com/moan0s/hubsite.git
version: 6b20c472d36ce5765dc44675d42cce74cbcbd0fe
name: hubsite
version: b64a45e4b9e01a773598a9a753dcd2dff1179c1b
- src: git+https://github.com/moan0s/role-firezone.git
name: firezone
version: ac8564d5e11a75107ba93aec6427b83be824c30a
name: firezone
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-gotosocial.git
name: gotosocial
version: 148933d390a2a789ee4595a593d825e64d5e6f46