diff --git a/coreos-config/plays/services/blog/docker-compose.yaml b/coreos-config/plays/services/blog/docker-compose.yaml index 933c29d..b1c5d6f 100644 --- a/coreos-config/plays/services/blog/docker-compose.yaml +++ b/coreos-config/plays/services/blog/docker-compose.yaml @@ -10,10 +10,4 @@ services: - "traefik.http.routers.tobiasmanskede.entryPoints=websecure" - "traefik.http.services.tobiasmanskede.loadbalancer.server.port=80" restart: always - networks: - - gateway - -networks: - gateway: - external: true ... diff --git a/coreos-config/plays/services/caddy/docker-compose.yaml b/coreos-config/plays/services/caddy/docker-compose.yaml index f42acd6..068d68b 100644 --- a/coreos-config/plays/services/caddy/docker-compose.yaml +++ b/coreos-config/plays/services/caddy/docker-compose.yaml @@ -12,10 +12,4 @@ services: - "traefik.http.routers.caddyredir.entryPoints=websecure" - "traefik.http.services.caddyredir.loadbalancer.server.port=80" restart: always - networks: - - gateway - -networks: - gateway: - external: true ... diff --git a/coreos-config/plays/services/gitea/docker-compose.yaml b/coreos-config/plays/services/gitea/docker-compose.yaml index 3df99a3..4f071bd 100644 --- a/coreos-config/plays/services/gitea/docker-compose.yaml +++ b/coreos-config/plays/services/gitea/docker-compose.yaml @@ -18,8 +18,8 @@ services: - "GITEA__service__DISABLE_REGISTRATION=true" restart: always networks: + - default # mirror service needs internet - backend - - gateway volumes: - gitea_data:/data - /etc/timezone:/etc/timezone:ro @@ -68,7 +68,6 @@ services: - "DRONE_USER_CREATE=username:tobias,admin:true" networks: - backend - - gateway volumes: - drone_data:/data labels: @@ -82,8 +81,6 @@ services: networks: backend: internal: true - gateway: - external: true volumes: gitea_data: diff --git a/coreos-config/plays/services/hedgedoc/docker-compose.yaml b/coreos-config/plays/services/hedgedoc/docker-compose.yaml index 0774e6d..7a3f78d 100644 --- a/coreos-config/plays/services/hedgedoc/docker-compose.yaml +++ b/coreos-config/plays/services/hedgedoc/docker-compose.yaml @@ -66,14 +66,11 @@ services: condition: service_healthy networks: - backend - - gateway volumes: database: networks: - gateway: - external: true backend: internal: true ... diff --git a/coreos-config/plays/services/keycloak/docker-compose.yaml b/coreos-config/plays/services/keycloak/docker-compose.yaml index 53e20fd..ebac8bf 100644 --- a/coreos-config/plays/services/keycloak/docker-compose.yaml +++ b/coreos-config/plays/services/keycloak/docker-compose.yaml @@ -45,13 +45,10 @@ services: restart: always networks: - backend - - gateway networks: backend: internal: true - gateway: - external: true volumes: pg_data: diff --git a/coreos-config/plays/services/kuma/docker-compose.yaml b/coreos-config/plays/services/kuma/docker-compose.yaml index cc8629d..0808c5e 100644 --- a/coreos-config/plays/services/kuma/docker-compose.yaml +++ b/coreos-config/plays/services/kuma/docker-compose.yaml @@ -14,15 +14,12 @@ services: - "traefik.http.services.kuma-{{ _name }}.loadbalancer.server.port=3001" networks: - default - - gateway - pantalaimon volumes: data: networks: - gateway: - external: true pantalaimon: external: true ... diff --git a/coreos-config/plays/services/linktree/docker-compose.yaml b/coreos-config/plays/services/linktree/docker-compose.yaml index 669e465..2fa7795 100644 --- a/coreos-config/plays/services/linktree/docker-compose.yaml +++ b/coreos-config/plays/services/linktree/docker-compose.yaml @@ -10,10 +10,4 @@ services: - "traefik.http.routers.unruhigeu.entryPoints=websecure" - "traefik.http.services.unruhigeu.loadbalancer.server.port=80" restart: always - networks: - - gateway - -networks: - gateway: - external: true ... diff --git a/coreos-config/plays/services/matrix/docker-compose.yaml b/coreos-config/plays/services/matrix/docker-compose.yaml index 4651401..a6b4def 100644 --- a/coreos-config/plays/services/matrix/docker-compose.yaml +++ b/coreos-config/plays/services/matrix/docker-compose.yaml @@ -30,7 +30,6 @@ services: - redis networks: - default - - gateway - backend labels: - "traefik.enable=true" @@ -73,8 +72,6 @@ services: - "traefik.http.routers.matrix-well-known.rule=Host(`{{ matrix.baseurl }}`) && PathPrefix(`/.well-known/matrix/`)" - "traefik.http.routers.matrix-well-known.entrypoints=websecure" - "traefik.http.services.matrix-well-known.loadbalancer.server.port=80" - networks: - - gateway cinny: image: ghcr.io/cinnyapp/cinny:latest @@ -87,7 +84,6 @@ services: volumes: - ./cinny-config.json:/app/config.json:ro,Z networks: - - gateway - default redis: @@ -215,8 +211,6 @@ services: networks: backend: internal: true - gateway: - external: true volumes: synapse_data: diff --git a/coreos-config/plays/services/miniflux/docker-compose.yaml b/coreos-config/plays/services/miniflux/docker-compose.yaml index e006190..76a6b3f 100644 --- a/coreos-config/plays/services/miniflux/docker-compose.yaml +++ b/coreos-config/plays/services/miniflux/docker-compose.yaml @@ -33,8 +33,8 @@ services: - "prometheus-scrape.port=8080" networks: - backend - - gateway - pantalaimon + - default db: image: postgres:13 @@ -59,9 +59,6 @@ volumes: networks: backend: internal: true - gateway: - external: true - name: gateway pantalaimon: external: true ... diff --git a/coreos-config/plays/services/minio/docker-compose.yaml b/coreos-config/plays/services/minio/docker-compose.yaml index 64e7a63..e370d9c 100644 --- a/coreos-config/plays/services/minio/docker-compose.yaml +++ b/coreos-config/plays/services/minio/docker-compose.yaml @@ -5,8 +5,10 @@ services: minio: image: minio/minio:latest restart: always - networks: - - gateway + ulimits: + nofile: + soft: 4096 + hard: 16000 environment: - "MINIO_ROOT_USER={{ minio.user | mandatory }}" - "MINIO_ROOT_PASSWORD={{ minio.password | mandatory }}" @@ -31,11 +33,6 @@ services: timeout: 20s retries: 3 - -networks: - gateway: - external: true - volumes: data: diff --git a/coreos-config/plays/services/nextcloud/.env b/coreos-config/plays/services/nextcloud/.env deleted file mode 100644 index b4403fc..0000000 --- a/coreos-config/plays/services/nextcloud/.env +++ /dev/null @@ -1 +0,0 @@ -COMPOSE_PROJECT_NAME=nextcloud diff --git a/coreos-config/plays/services/nextcloud/config.php b/coreos-config/plays/services/nextcloud/config.php deleted file mode 100644 index 0b6e28b..0000000 --- a/coreos-config/plays/services/nextcloud/config.php +++ /dev/null @@ -1,114 +0,0 @@ -$ANSIBLE_VAULT;1.2;AES256;secrets -33303039656232646334643237623337356630636666303664373362346436393332663238356636 -3861636233323335653863383236623739376363303263390a396232343333313631353832616633 -36356233383664356533383733396330303462633762623039363361343738336238386230376532 -3465343039663938630a613262333330393166353930326430316461653765623935633361383036 -61336631633365396532383662303532613265633664313533623239346438373664353734306433 -64303239303465383165636634313239623766303136393535363236663762373438303939396561 -37663335303666363066623936326531333463363730356534393066323333346665656363323338 -64326662303263353236396461663636303037633835303366353063393763666135623135366562 -61653136333238393864353436396430303965626439396430356536303331623134343361363839 -38366533653939663734303039356666663730363237633966363338656134313364343637666338 -32323264613935636336376339393064366666353562313133326435306235636633353665393237 -34366565646565656638313739633866333430326531623166373865306362343535626130343039 -65653661396637353031343466376135636165363962636230376666303262393235363964336639 -62303963343364643633623366643265653430323135626366653436663261303838306434663064 -66663262633166396137306131383135356439366364363030626135623162393665333134663565 -34356135623835333330613631663936383765643330643065626636623432356664313166363366 -63373731393032316331626632306666396264373038663238363461363366383738303137333534 -38326664353932613462653661383064366162613466666338663264333633643231343830333337 -63353035383332393639663662663139643436323561356161313032643438633462643339626465 -35376165396261336132383034393362643239633433626133323531353535306463383830343838 -63323731666165646665613132333563386438323639633333653637613035636536313334386366 -65656266376161386161313761333861386438343833326333666262386663623736326636616537 -63613764373666383237656134313061646432313236306665656537323666636630626439383162 -32383534346538323530343063313838326664653233623231653937336230383135613465653439 -38373463646138356464616638303839633337356430316632303030626365623032353761326538 -31643238356430386662353236303030313034653531343636353066306464363934656438663031 -34656330633664343063666562376662303836613066623935386533376633643164323262366138 -39633235353163316463343433653738343033333263383164353234353661653038373231353263 -39356363386338323737663139373961393439346239643166653866323830323462656130336563 -31643433343336653864653030343033666162306662393133303066346235663330343265353336 -35313664303164623461326631303430353136616138663766616237663632373233316535333231 -66636238313833336261386663653563346538636361626261653737633366373439613834346561 -34656437316565363939393761313962653138326130653163383032643465633463656433356133 -31373434663363663637393035613466643865623030633466326666613061316136663761326439 -30313632666362663938663233666539353731373232393263653062383036323336633061383030 -66393062386265303338306132313233636265316538333465303764373932633332613666303933 -63333064626238616363333866626631313764313532646436356562613834633138336539306664 -32316434373634623962323830643961316665343734323563316366656536353131653363383038 -64333430663635323136666231363637346532363930303033626433396333353335363865316665 -34323938316461383339396263393566356338646537623338333363353734316664323865663864 -32373930653963623733666261616366386165373039643665663664316662663761316536376231 -62323662343933326337663566643664353861646361663438323734643130323362666630313131 -64383865336130313136346332656462633732343466343631346233356461656137303561353932 -30333065653934333665323838323032376366376632666438306265356363656134366139333463 -62363135363065633030393032303035663934383536613230646563636236336166363532633139 -31313531303766356565323537333534633763663638303232656235316566633436643739663061 -31646638636335333431373633656563363533373838306163326664613663626432613739376561 -33303636346639313636616464396231383166303761323535616338626530363861656331303738 -31346438346431343166653231373538623064326430663863663039643536356333623263623630 -37323139396366613831623830313336303162643935623436643637353561383163633661303237 -61363436323262316633643036646634303537613939353564326530373138373330396365336530 -32626133663032383765386432626465306338373031373238653966333033393431393561386335 -66613163343366323238666636373532326261616462333139653163613636313662623835623434 -35383936306438333461313563346634393630396237613432316230353731313834323133376239 -30643965613031366530383564623361646331323235666339623530333962643830366563313463 -37396638346266666362393038373034313932353130633764343430366164656136383032363565 -33316632613031346663386636376561383237366261336436653463626363306663663231613035 -38653939643735316131393636373339383338363461663134613831396438623764623239636365 -33616466393365373636643135613763633035396666376166616433643062363463633436396364 -35633864633939303264343365316361653832393462613761323361656563343839613338653336 -66333664643036343361666162633035373435343931333666353866633263646530656163626234 -61336464663232323030613564383335323131656333636633633735306263303637643662376330 -39373733616264656661653836326238323461306133393565303930333662383335393563353965 -33643431623862313436663939616437313266343665356132393066373335656561643338633465 -63373630643361633730363066383731366665393235396130326130653837656633316636653864 -30613237393836383262613263393066663331393736356264663732623964336266656633333633 -32663737663866383235356661343839666230636338633366393935663537363331333366396331 -33663834646436303033396536353036326637383538396562613566353738303332373763333633 -63663432366631323431666230373035383837626333386331356530626533363434306661663038 -34376163343939386463313335623364653630316636623235653066313939303935613765303961 -36646631316334633762643037353034373338326631666130366462636461393830663238393437 -37623161613863656637333065343631333638663639633130633239326562656535303031636662 -39353134326265616665376432396633396566663138326334386530396534343965656334356265 -66383437313630306338306433316435623262653464383533313032646465616466623035353562 -32343935616266626466343837326434313536393365663864663765373530643037666237633166 -30303135343862386636313562373162626638363130306165346335646335363063326563353337 -62373339383130623837666634643665396566333566653463303866633035346136623465363665 -37323437623132316439333530373037636431636233326333656163643737663865333562386665 -38656338643436366135316566306438653231383839613732336139393562633065366237313634 -62646230323533623533396566303864323139633730303765326134393139303261326635386661 -30383933366438663130623632383639346164393461323963313933386535306364333133613035 -36626666326238633331653062636137363238613863633965373337343031383464663130643861 -38376532316464363630393065376438396631376139313332616430623561373362353962383530 -62653239653631316634613637663132396335636334353363363962346466326565366261653564 -37633139353731303064636438616138646463373261373438646464306365326633633437356532 -34626435336235373562663733376262663530343136633632623534356335363531356533613464 -65303361326430643233636466333061393434643630616435306430356532333739633864376139 -37666465623063646231393535313338363034626465393165333232313536313834616463626536 -34353462313139343233663662336138393636336338326132623665623734623132346164353164 -37383562613931363535356535353837333661336238323337306239613965623463613963613762 -61363634663233626263616333643462616263383932343933386437336665346237313131623562 -34303035336666383064653235316636313464343130356430666162393663396466393236666330 -36623432393662373330306431623638343565306433643263316333316233383938383230323832 -36336536393435636138373063306637393737346133343330636230666262363466333266656163 -34663430613335656162613037346539316131323135323834623337363862373065623939343461 -64623933633637313961353633653337366434386361623331336131613565633765616232346161 -31386663353130653332366463316166666261613238343962363533343564316663383664356237 -64663033633464633961656566303737383264663736313439336234376431653737333639663961 -62303665323531356431646338373164653766326166376534663436323962343533343131326565 -32653532356462646133666665326533393439386630646230383339396133643034653030353062 -34363738383463313061383231336364373366643530313231633164613732663165643439336366 -32653962326666356530346165356163336261633138626138636363646261646239323265383666 -39353165633965343764396431653165393363376265613063653039666663326338346330393263 -62653063613665633934326236653663393839653537623334366431616331613461616136303962 -35363936616635613739323161396331333330303165373936323330653532393561323232623837 -33626635383064386363363834653937383235366630343664386433373135643634643635306431 -38613630623331336463646338643832666363663732633238393636613466636637346135353335 -34663037623332306434666663613361313632356264306338313234643938386265376538646630 -33303962333631353935393632333531306432396338623065346162663461323035353333666536 -62626231636131353763633962326361303036343736663566383662383435303533613536346230 -62653562616630623065313137623735613162316465643666666534613137363135393230633138 -64303161346236373861353261393735663736643334393864303366373435376239353332356634 -64346362383438623166613565643661353039633834313132636162666638363733 diff --git a/coreos-config/plays/services/nextcloud/docker-compose.yaml b/coreos-config/plays/services/nextcloud/docker-compose.yaml deleted file mode 100644 index 1426c8e..0000000 --- a/coreos-config/plays/services/nextcloud/docker-compose.yaml +++ /dev/null @@ -1,60 +0,0 @@ ---- -version: '2' - -services: - db: - image: mariadb:latest - restart: always - command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb-file-per-table=1 --skip-innodb-read-only-compressed - volumes: - - database:/var/lib/mysql - environment: - - MYSQL_ROOT_PASSWORD={{ nextcloud.db.rootpassword }} - - MYSQL_PASSWORD={{ nextcloud.db.password }} - - MYSQL_DATABASE={{ nextcloud.db.name }} - - MYSQL_USER={{ nextcloud.db.user }} - networks: - - backend - - app: - image: registry.tobiasmanske.de/nextcloud:main - restart: always - depends_on: - - db - volumes: - - ./config.php:/config.php:ro,Z - - nc_custom_apps:/var/www/html/custom_apps - - nc_data:/var/www/data - environment: - - MYSQL_PASSWORD={{ nextcloud.db.password }} - - MYSQL_DATABASE={{ nextcloud.db.name }} - - MYSQL_USER={{ nextcloud.db.user }} - - MYSQL_HOST=db - networks: - - backend - - gateway - - default - labels: - - "traefik.enable=true" - - "traefik.http.routers.nextcloud.rule=Host(`wolke.chaoswg.org`)" - - "traefik.http.routers.nextcloud.entryPoints=websecure" - - "traefik.http.services.nextcloud.loadbalancer.server.port=80" - - "traefik.http.middlewares.nextcloud.headers.customrequestheaders.Front-End-Https=on" - - "traefik.http.middlewares.nextcloud.headers.customresponseheaders.Strict-Transport-Security=max-age=15768000; includeSubDomains;" - - "traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav" - - "traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/" - - "traefik.http.middlewares.compression.compress=true" - - "traefik.http.routers.nextcloud.middlewares=nextcloud,nextcloud-dav,compression" - -volumes: - nc_custom_apps: - nc_data: - database: - -networks: - gateway: - external: true - name: gateway - backend: - internal: true -... diff --git a/coreos-config/plays/services/prometheus/docker-compose.yaml b/coreos-config/plays/services/prometheus/docker-compose.yaml index a878e8d..7ff543b 100644 --- a/coreos-config/plays/services/prometheus/docker-compose.yaml +++ b/coreos-config/plays/services/prometheus/docker-compose.yaml @@ -22,7 +22,6 @@ services: - cadvisor - node-exporter networks: - - gateway - backend - alertmanager @@ -51,7 +50,6 @@ services: - alertmanager_data:/data networks: - alertmanager - - gateway restart: unless-stopped command: - '--config.file=/etc/alertmanager/config.yml' @@ -80,7 +78,6 @@ services: networks: - alertmanager - pantalaimon - - gateway grafana: @@ -92,7 +89,6 @@ services: - "traefik.http.routers.grafana.entryPoints=websecure" - "traefik.http.services.grafana.loadbalancer.server.port=3000" networks: - - gateway - backend environment: - "GF_SERVER_ROOT_URL=https://grafana.tobiasmanske.de" @@ -173,7 +169,6 @@ services: - "prometheus-scrape.port=3100" networks: - backend - - default promtail: image: grafana/promtail:latest @@ -207,7 +202,6 @@ services: - "prometheus-scrape.port=8080" networks: - backend - - default volumes: prom_data: @@ -217,11 +211,8 @@ volumes: alertmanager_data: mimir_data: networks: - gateway: - external: true pantalaimon: external: true backend: internal: true alertmanager: - internal: true diff --git a/coreos-config/plays/services/radicale/docker-compose.yaml b/coreos-config/plays/services/radicale/docker-compose.yaml index e7acf2e..affe0f4 100644 --- a/coreos-config/plays/services/radicale/docker-compose.yaml +++ b/coreos-config/plays/services/radicale/docker-compose.yaml @@ -30,12 +30,6 @@ services: - "traefik.http.routers.radicale.entryPoints=websecure" - "traefik.http.services.radicale.loadbalancer.server.port=5232" restart: always - networks: - - gateway - -networks: - gateway: - external: true volumes: data: diff --git a/coreos-config/plays/services/registry/docker-compose.yaml b/coreos-config/plays/services/registry/docker-compose.yaml index 230e0ba..1f1167d 100644 --- a/coreos-config/plays/services/registry/docker-compose.yaml +++ b/coreos-config/plays/services/registry/docker-compose.yaml @@ -10,7 +10,6 @@ services: - "traefik.http.services.registry.loadbalancer.server.port=5000" image: 'registry:2' networks: - - gateway - backend volumes: - registry_data:/var/lib/registry @@ -34,7 +33,6 @@ services: - "traefik.http.routers.registry-auth.middlewares=registry-auth-headers" networks: - backend - - gateway volumes: - ./auth_config.yaml:/config/auth_config.yaml:ro,Z - ./server.pem:/server.pem:ro,Z @@ -44,8 +42,6 @@ volumes: registry_data: networks: - gateway: - external: true backend: internal: true ... diff --git a/coreos-config/plays/services/repo_proxy/docker-compose.yaml b/coreos-config/plays/services/repo_proxy/docker-compose.yaml index caed1ee..679301b 100644 --- a/coreos-config/plays/services/repo_proxy/docker-compose.yaml +++ b/coreos-config/plays/services/repo_proxy/docker-compose.yaml @@ -13,10 +13,4 @@ services: - "traefik.http.routers.repoproxy.entryPoints=websecure" - "traefik.http.services.repoproxy.loadbalancer.server.port=80" restart: always - networks: - - gateway - -networks: - gateway: - external: true ... diff --git a/coreos-config/plays/services/search/docker-compose.yaml b/coreos-config/plays/services/search/docker-compose.yaml index 702bba2..d7bab1b 100644 --- a/coreos-config/plays/services/search/docker-compose.yaml +++ b/coreos-config/plays/services/search/docker-compose.yaml @@ -7,7 +7,6 @@ services: container_name: searxng restart: always networks: - - gateway - default - backend volumes: @@ -39,8 +38,6 @@ services: - DAC_OVERRIDE networks: - gateway: - external: true backend: internal: true ... diff --git a/coreos-config/plays/services/thelounge/docker-compose.yaml b/coreos-config/plays/services/thelounge/docker-compose.yaml index e8310e0..5ec6e0d 100644 --- a/coreos-config/plays/services/thelounge/docker-compose.yaml +++ b/coreos-config/plays/services/thelounge/docker-compose.yaml @@ -12,12 +12,6 @@ services: - "traefik.http.routers.thelounge.entryPoints=websecure" - "traefik.http.services.thelounge.loadbalancer.server.port=9000" restart: always - networks: - - gateway - -networks: - gateway: - external: true volumes: data: diff --git a/coreos-config/plays/services/traefik/docker-compose.yaml b/coreos-config/plays/services/traefik/docker-compose.yaml index 7a2b417..829bc56 100644 --- a/coreos-config/plays/services/traefik/docker-compose.yaml +++ b/coreos-config/plays/services/traefik/docker-compose.yaml @@ -10,9 +10,7 @@ services: soft: 4000 hard: 15000 restart: always - ports: - - "443:443" - - "80:80" + network_mode: host privileged: true volumes: - "/var/run/docker.sock:/var/run/docker.sock:z" @@ -22,16 +20,11 @@ services: labels: - "prometheus-scrape.enabled=true" - "prometheus-scrape.port=9091" - networks: - - gateway - - default {% if deploy_traefik_fa %} traefik-fa: image: quay.io/oauth2-proxy/oauth2-proxy:latest restart: unless-stopped - networks: - - gateway depends_on: - traefik labels: @@ -63,8 +56,6 @@ services: whoami: image: containous/whoami - networks: - - gateway labels: - "traefik.enable=true" - "traefik.http.services.whoami.loadbalancer.server.port=80" @@ -78,9 +69,6 @@ volumes: acme: networks: - gateway: - name: gateway - internal: false default: driver: bridge ... diff --git a/coreos-config/plays/services/traefik/dynamic.yaml b/coreos-config/plays/services/traefik/dynamic.yaml index 38f4a87..135adaf 100644 --- a/coreos-config/plays/services/traefik/dynamic.yaml +++ b/coreos-config/plays/services/traefik/dynamic.yaml @@ -1,5 +1,12 @@ http: middlewares: + metrics-ipwhitelist: + ipWhiteList: + sourceRange: + - "127.0.0.1/32" + - "192.168.0.0/16" + - "172.16.0.0/16" + - "10.254.1.0/24" auth-headers: headers: sslRedirect: true diff --git a/coreos-config/plays/services/traefik/traefik.yaml b/coreos-config/plays/services/traefik/traefik.yaml index 13c3c31..23f60f5 100644 --- a/coreos-config/plays/services/traefik/traefik.yaml +++ b/coreos-config/plays/services/traefik/traefik.yaml @@ -8,7 +8,6 @@ metrics: entryPoint: metrics providers: docker: - network: gateway exposedbydefault: false file: filename: /etc/traefik/dynamic.yaml @@ -23,6 +22,9 @@ entryPoints: permanent: true metrics: address: ":9091" + http: + middlewares: + - "metrics-ipwhitelist@file" websecure: address: ":443" http: diff --git a/coreos-config/plays/services/tubearchivist/.env b/coreos-config/plays/services/tubearchivist/.env deleted file mode 100644 index e55d03b..0000000 --- a/coreos-config/plays/services/tubearchivist/.env +++ /dev/null @@ -1 +0,0 @@ -COMPOSE_PROJECT_NAME=tubearchivist diff --git a/coreos-config/plays/services/tubearchivist/docker-compose.yaml b/coreos-config/plays/services/tubearchivist/docker-compose.yaml deleted file mode 100644 index 24cb49e..0000000 --- a/coreos-config/plays/services/tubearchivist/docker-compose.yaml +++ /dev/null @@ -1,82 +0,0 @@ ---- -version: "3.4" - -services: - tubearchivist: - restart: unless-stopped - image: bbilly1/tubearchivist:latest - labels: - - "traefik.enable=true" - - "traefik.http.routers.tubearchivist.middlewares=sso@file" - - "traefik.http.routers.tubearchivist.rule=Host(`tubearchivist.tobiasmanske.de`)" - - "traefik.http.routers.tubearchivist.entryPoints=websecure" - - "traefik.http.services.tubearchivist.loadbalancer.server.port=8000" - volumes: - - media:/youtube - - cache:/cache - environment: - - ES_URL=http://archivist-es:9200 - - REDIS_HOST=archivist-redis - - HOST_UID=1000 - - HOST_GID=1000 - - TA_HOST=tubearchivist.tobiasmanske.de - - TA_USERNAME={{ tubearchivist.username }} - - TA_PASSWORD={{ tubearchivist.password }} - - ELASTIC_PASSWORD={{ tubearchivist.elastic_password }} - - TZ=Europe/Berlin # set your time zone - depends_on: - - archivist-es - - archivist-redis - networks: - - backend - - gateway - - default - - archivist-redis: - image: redislabs/rejson:latest # for arm64 use bbilly1/rejson - container_name: archivist-redis - restart: unless-stopped - volumes: - - redis:/data - depends_on: - - archivist-es - networks: - - backend - - archivist-es: - image: bbilly1/tubearchivist-es:latest # only for amd64, or use official es 8.3.3 - container_name: archivist-es - restart: unless-stopped - environment: - - "xpack.security.enabled=true" - - "ELASTIC_PASSWORD={{ tubearchivist.elastic_password }}" # matching Elasticsearch password - - "discovery.type=single-node" - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - ulimits: - memlock: - soft: -1 - hard: -1 - volumes: - - es:/usr/share/elasticsearch/data # check for permission error when using bind mount, see readme - networks: - - backend - -volumes: - media: - driver: local - name: nobackup_ta_media - driver_opts: {{ docker.cifs.media }} - es: - driver: local - name: nobackup_ta_es - driver_opts: {{ docker.cifs.es }} - cache: - redis: - -networks: - gateway: - external: true - backend: - internal: true - -... diff --git a/coreos-config/plays/services/wkd/docker-compose.yaml b/coreos-config/plays/services/wkd/docker-compose.yaml index 8e7137f..69261ad 100644 --- a/coreos-config/plays/services/wkd/docker-compose.yaml +++ b/coreos-config/plays/services/wkd/docker-compose.yaml @@ -14,10 +14,4 @@ services: volumes: - ./Caddyfile:/etc/caddy/Caddyfile:ro,z - ./data:/data:ro,Z - networks: - - gateway - -networks: - gateway: - external: true ...