Test with a fresh installation, fix a few bugs

kiocosta · Nov 11, 2021 · 2cd4b3a · 2cd4b3a
1 parent 697a687
commit 2cd4b3a
Show file tree

Hide file tree

Showing 33 changed files with 118 additions and 73 deletions.
diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml
@@ -154,6 +154,8 @@ ikev2_ondemand: true
 #
 # Samba
 #
+enable_samba: true
+
 samba_server_string: "{{ hostname }}"
 
 samba_users:

diff --git a/roles/containers/deconz/defaults/main.yml b/roles/containers/deconz/defaults/main.yml
@@ -5,4 +5,6 @@ dashboard_url: "http://deconz.box/"
 
 homer_category: smarthome
 
-dashboard_name: "Phoscon-GW"
+dashboard_name: "Phoscon-GW"
+
+upstream_port: "8085"
diff --git a/roles/containers/deluge/defaults/main.yml b/roles/containers/deluge/defaults/main.yml
@@ -4,3 +4,5 @@ container_name: deluge
 dashboard_url: "http://deluge.box"
 
 homer_category: media
+
+upstream_port: "8112"
diff --git a/roles/containers/homeassistant/defaults/main.yml b/roles/containers/homeassistant/defaults/main.yml
@@ -1,8 +1,10 @@
 ---
 container_name: homeassistant
 
-dashboard_url: "http://homeassistant.box"
+dashboard_url: "https://homeassistant.box"
 
 homer_category: smarthome
 
-dashboard_name: "Home Assistant"
+dashboard_name: "Home Assistant"
+
+health_url: "http://{{ ansible_default_ipv4.address }}:3000/http://{{ ansible_default_ipv4.address }}:8123"
diff --git a/roles/containers/jackett/defaults/main.yml b/roles/containers/jackett/defaults/main.yml
@@ -1,8 +1,10 @@
 ---
 container_name: jackett
 
-dashboard_url: "http://jackett.box/"
+dashboard_url: "https://jackett.box/"
 
 homer_category: system
 
-dashboard_name: Jackett
+dashboard_name: Jackett
+
+health_url: "http://{{ ansible_default_ipv4.address }}:3000/http://jackett:9117/api/v2.0/indexers/all/results/torznab"
diff --git a/roles/containers/jellyfin/defaults/main.yml b/roles/containers/jellyfin/defaults/main.yml
@@ -4,3 +4,5 @@ container_name: jellyfin
 dashboard_url: "http://jellyfin.box"
 
 homer_category: media
+
+health_url: "http://{{ ansible_default_ipv4.address }}:3000/http://jellyfin:8096"
diff --git a/roles/containers/jellyfin/tasks/main.yml b/roles/containers/jellyfin/tasks/main.yml
@@ -41,6 +41,6 @@
   docker_network:
     name: swag_network
     connected:
-      - jellyfin
+      - "{{ container_name }}"
     appends: yes
   when: enable_swag
diff --git a/roles/containers/nextcloud/tasks/main.yml b/roles/containers/nextcloud/tasks/main.yml
@@ -4,7 +4,7 @@
     name: "nextcloud-mariadb"
     image: "mariadb:latest"
     pull: yes
-    command: "--transaction-isolation=READ-COMMITTED --binlog-format=ROW --skip-innodb-read-only-compressed"
+    command: "--transaction-isolation=READ-COMMITTED --binlog-format=ROW --skip-innodb-read-only-compressed --innodb-read-only-compressed=OFF"
     state: 'started'
     labels:
       "flame.type": "application"

diff --git a/roles/containers/photoprism/defaults/main.yml b/roles/containers/photoprism/defaults/main.yml
@@ -4,4 +4,6 @@ dashboard_url: "http://photoprism.box"
 
 homer_category: services
 
-dashboard_name: "PhotoPrism"
+dashboard_name: "PhotoPrism"
+
+upstream_port: "2342"
diff --git a/roles/containers/radarr/defaults/main.yml b/roles/containers/radarr/defaults/main.yml
@@ -3,4 +3,6 @@ container_name: radarr
 
 dashboard_url: "http://radarr.box/"
 
-homer_category: media
+homer_category: media
+
+upstream_port: "7878"
diff --git a/roles/containers/swag/templates/bitwarden.subdomain.conf.j2 b/roles/containers/swag/templates/bitwarden.subdomain.conf.j2
@@ -3,13 +3,15 @@ server {
     listen [::]:443 ssl;
 
     server_name {{ swag_urls['bitwarden'] }};
-
 
+
+    {% include "common/params.j2" %}
     include /config/nginx/ssl.conf;
 
     client_max_body_size 128M;
 
     location / {
+        {% include "common/cors.j2" %}
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app bitwarden;

diff --git a/roles/containers/swag/templates/common/cors.j2 b/roles/containers/swag/templates/common/cors.j2
@@ -0,0 +1,3 @@
+    if ($request_method ~* "(GET|POST|HEAD)") {
+        add_header "Access-Control-Allow-Origin"  *;
+    }
diff --git a/roles/containers/swag/templates/common/internal.j2 b/roles/containers/swag/templates/common/internal.j2
@@ -1,6 +1,8 @@
-listen 80;
+
+    listen 80;
     listen 443 ssl;
     allow {{ lan_network }};
+    allow 172.18.0.0/16;
     deny all;
     include /config/nginx/ssl.conf;
     client_max_body_size 0;
diff --git a/roles/containers/swag/templates/common/params.j2 b/roles/containers/swag/templates/common/params.j2
@@ -1 +1,2 @@
-add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive"; 
+
+    add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive"; 
diff --git a/roles/containers/swag/templates/deconz.subdomain.conf.j2 b/roles/containers/swag/templates/deconz.subdomain.conf.j2
@@ -1,8 +1,10 @@
 server {
     {% include "common/internal.j2" %}
+    {% include "common/params.j2" %}
     server_name {{ swag_urls['deconz'] }};
 
     location / {
+        {% include "common/cors.j2" %}
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app deconz;

diff --git a/roles/containers/swag/templates/deluge.subdomain.conf.j2 b/roles/containers/swag/templates/deluge.subdomain.conf.j2
@@ -1,8 +1,10 @@
 server {
     {% include "common/internal.j2" %}
+    {% include "common/params.j2" %}
     server_name {{ swag_urls['deluge'] }};
 
     location / {
+        {% include "common/cors.j2" %}
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app deluge;

diff --git a/roles/containers/swag/templates/homeassistant.subdomain.conf.j2 b/roles/containers/swag/templates/homeassistant.subdomain.conf.j2
@@ -1,19 +1,11 @@
 server {
     {% include "common/internal.j2" %}
+    {% include "common/params.j2" %}
     server_name {{ swag_urls['homeassistant'] }};
 
     location / {
-        # enable the next two lines for http auth
-        #auth_basic "Restricted";
-        #auth_basic_user_file /config/nginx/.htpasswd;
-
-        # enable the next two lines for ldap auth
-        #auth_request /auth;
-        #error_page 401 =200 /ldaplogin;
-
-        # enable for Authelia
-        #include /config/nginx/authelia-location.conf;
-
+        {% include "common/cors.j2" %}
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, HEAD';
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app {{ ansible_default_ipv4.address }};

diff --git a/roles/containers/swag/templates/homer.subdomain.conf.j2 b/roles/containers/swag/templates/homer.subdomain.conf.j2
@@ -1,8 +1,10 @@
 server {
     {% include "common/internal.j2" %}
+    {% include "common/params.j2" %}
     server_name homer.box;
 
     location / {
+        {% include "common/cors.j2" %}
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app homer;

diff --git a/roles/containers/swag/templates/jackett.subdomain.conf.j2 b/roles/containers/swag/templates/jackett.subdomain.conf.j2
@@ -1,8 +1,11 @@
 server {
     {% include "common/internal.j2" %}
-    server_name swag_urls['jellyfin'];
+    {% include "common/params.j2" %}
+    server_name {{ swag_urls['jackett'] }};
 
     location / {
+        {% include "common/cors.j2" %}
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, HEAD';
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app jackett;

diff --git a/roles/containers/swag/templates/jellyfin.subdomain.conf.j2 b/roles/containers/swag/templates/jellyfin.subdomain.conf.j2
@@ -1,19 +1,21 @@
 server {
     {% include "common/internal.j2" %}
+    {% include "common/params.j2" %}
     server_name {{ swag_urls['jellyfin'] }};
 
     location / {
+        {% include "common/cors.j2" %}
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, HEAD';
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app jellyfin;
         set $upstream_port 8096;
         set $upstream_proto http;
         proxy_pass $upstream_proto://$upstream_app:$upstream_port;
-
         proxy_set_header Range $http_range;
         proxy_set_header If-Range $http_if_range;
     }
-
+    
     location ~ (/jellyfin)?/socket {
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;

diff --git a/roles/containers/swag/templates/nextcloud.subdomain.conf.j2 b/roles/containers/swag/templates/nextcloud.subdomain.conf.j2
@@ -3,13 +3,15 @@ server {
     listen [::]:443 ssl;
 
     server_name {{ swag_urls['nextcloud'] }};
+    {% include "common/params.j2" %}
 
     include /config/nginx/ssl.conf;
 
     add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
     client_max_body_size 0;
 
     location / {
+        {% include "common/cors.j2" %}
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app nextcloud;

diff --git a/roles/containers/swag/templates/photoprism.subdomain.conf.j2 b/roles/containers/swag/templates/photoprism.subdomain.conf.j2
@@ -1,8 +1,10 @@
 server {
     {% include "common/internal.j2" %}
+    {% include "common/params.j2" %}
     server_name {{ swag_urls['photoprism'] }};
 
     location / {
+        {% include "common/cors.j2" %}
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app photoprism;

diff --git a/roles/containers/swag/templates/radarr.subdomain.conf.j2 b/roles/containers/swag/templates/radarr.subdomain.conf.j2
@@ -1,8 +1,10 @@
 server {
     {% include "common/internal.j2" %}
+    {% include "common/params.j2" %}
     server_name {{ swag_urls['radarr'] }};
 
     location / {
+        {% include "common/cors.j2" %}
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app radarr;

diff --git a/roles/containers/swag/templates/sonarr.subdomain.conf.j2 b/roles/containers/swag/templates/sonarr.subdomain.conf.j2
@@ -4,6 +4,7 @@ server {
     server_name {{ swag_urls['sonarr'] }};
 
     location / {
+        {% include "common/cors.j2" %}
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app sonarr;

diff --git a/roles/containers/swag/templates/unifi.subdomain.conf.j2 b/roles/containers/swag/templates/unifi.subdomain.conf.j2
@@ -1,8 +1,10 @@
 server {
     {% include "common/internal.j2" %}
+    {% include "common/params.j2" %}
     server_name {{ swag_urls['unifi'] }};
 
     location / {
+        {% include "common/cors.j2" %}
         include /config/nginx/proxy.conf;
         include /config/nginx/resolver.conf;
         set $upstream_app unifi;

diff --git a/roles/containers/unifi/defaults/main.yml b/roles/containers/unifi/defaults/main.yml
@@ -5,4 +5,6 @@ dashboard_url: "https://unifi.box"
 
 homer_category: system
 
-dashboard_name: "UniFi Controller"
+dashboard_name: "UniFi Controller"
+
+upstream_port: "8443"
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
@@ -148,5 +148,13 @@
 
   - name: Restore the "{{ docker_dir }}" folder from the MergerFS array
     shell:
-      cmd: "rsync -avz --delete {{ mergerfs_root }}/docker_data {{ docker_dir }}"
-    when: persistent_data_find.matched < 20 or persistent_data.stat.exists == false
+      cmd: "rsync -avz --delete {{ mergerfs_root }}/docker_data/data/ {{ docker_dir }}/"
+    when: persistent_data_find.matched < 20 or persistent_data.stat.exists == false
+
+  - name: Chmod the data folder
+    file:
+      dest: "{{ docker_dir }}"
+      state: directory
+      owner: "{{ username }}"
+      group: "{{ username }}"
+      recurse: yes
diff --git a/roles/essential/tasks/main.yml b/roles/essential/tasks/main.yml
@@ -38,10 +38,8 @@
 
 - name: Update and upgrade apt packages (Debian and Ubuntu)
   when: ansible_os_family == 'Debian'
-  apt:
-    upgrade: "yes"
-    update_cache: yes
-    cache_valid_time: 86400 
+  shell:
+    cmd: apt update && apt upgrade -y
 
 - name: Alpine specific tasks
   become: yes
@@ -115,6 +113,17 @@
   hostname:
     name: "{{ inventory_hostname }}"
 
+- name: Replace the hostname entry with our own
+  ansible.builtin.lineinfile:
+    path: /etc/hosts
+    insertafter: ^127\.0\.0\.1 *localhost
+    line: "127.0.0.1 {{ inventory_hostname }}"
+    owner: root
+    group: root
+    mode: '0644' 
+
+
+
 - name: Suppress login messages
   file:
     name: /home/{{ username }}/.hushlogin

diff --git a/roles/filesystems/hd-idle/tasks/main.yml b/roles/filesystems/hd-idle/tasks/main.yml
@@ -37,7 +37,7 @@
 
   - name: Install the deb package 
     shell:
-      cmd: cd /tmp/hd-idle && dpkg -y -i hd-idle*.deb
+      cmd: cd /tmp/hd-idle && dpkg -i hd-idle*.deb
 
 - name: Install the hd-idle configuration file
   template: 

diff --git a/roles/homer/tasks/main.yml b/roles/homer/tasks/main.yml
@@ -16,11 +16,14 @@
     files_matching: main.yml
     name: "{{ item.path.split('/')[-1] }}"
   with_items: "{{ containers.files }}"
-  no_log: true
+
+- name: Print out
+  debug:
+    var: "{{ containers.files }}"
 
 - name: Populate the dictionary of all containers
   set_fact:
-    homer_urls: "{{ homer_urls | default([]) + [{ 'logo': '/assets/tools/homer-icons/' + item.path.split('/')[-1] + '.png', 'name': lookup('vars', item.path.split('/')[-1])['dashboard_name'] | default(item.path.split('/')[-1] | title), 'url' : lookup('vars', item.path.split('/')[-1])['dashboard_url'] | default(''), 'endpoint': 'http://' + ansible_default_ipv4['address'] + ':3000/' + lookup('vars', item.path.split('/')[-1])['dashboard_url'] | default(''), 'category': lookup('vars', item.path.split('/')[-1])['homer_category'] | default ('') }] }}"
+    homer_urls: "{{ homer_urls | default([]) + [{ 'logo': '/assets/tools/homer-icons/' + item.path.split('/')[-1] + '.png', 'name': lookup('vars', item.path.split('/')[-1])['dashboard_name'] | default(item.path.split('/')[-1] | title), 'url' : lookup('vars', item.path.split('/')[-1])['dashboard_url'] | default(''), 'endpoint': lookup('vars', item.path.split('/')[-1])['health_url'] | default(''), 'category': lookup('vars', item.path.split('/')[-1])['homer_category'] | default ('') }] }}"
   when: lookup('vars', 'enable_' + item.path.split('/')[-1]) | default(False)
   with_items: "{{ containers.files }}"
 
@@ -89,5 +92,6 @@
     name: swag_network
     connected:
       - homer
+      - cors-container
     appends: yes
   when: enable_swag
-Original file line number
+Diff line change
@@ Expand Up / @@ -154,6 +154,8 @@ ikev2_ondemand: true @@
     #
     # Samba
     #
+    enable_samba: true
     samba_server_string: "{{ hostname }}"
     samba_users:
@@ Expand Down @@
Original file line number	Diff line number	Diff line change
Expand Up		@@ -4,3 +4,5 @@ container_name: deluge
		dashboard_url: "http://deluge.box"

		homer_category: media

		upstream_port: "8112"
Original file line number	Diff line number	Diff line change
Expand Up		@@ -4,3 +4,5 @@ container_name: jellyfin
		dashboard_url: "http://jellyfin.box"

		homer_category: media

		health_url: "http://{{ ansible_default_ipv4.address }}:3000/http://jellyfin:8096"
Original file line number	Diff line number	Diff line change
		@@ -1 +1,2 @@
		add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";

		add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";