ansible
/
homelab
1
0
Fork 0
Code Issues 33 Pull Requests Projects 1 Releases Wiki Activity

Improve networks 

Create a single external network called "external".
Create container-specific networks.
Only a few containers need access to these.
So far: openldap, postgres.
This commit is contained in:
Lukáš Kucharczyk 2021-06-21 10:38:18 +02:00
parent f5824a5ffe
commit c418b61ede
No known key found for this signature in database
GPG Key ID: 65524498C0196B64
6 changed files with 17 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
roles/authelia/tasks/main.yml
View File

@ -17,8 +17,8 @@
ports: ports:
- "9091:9091" - "9091:9091"
networks: networks:
- name: bridge - name: external
- name: nginx-internal - name: openldap
volumes: volumes:
- "{{ data_folder }}/authelia:/config" - "{{ data_folder }}/authelia:/config"
- name: copy nginx endpoint conf - name: copy nginx endpoint conf

2
roles/jellyfin/tasks/main.yml
View File

@ -12,7 +12,7 @@
name: 'jellyfin' name: 'jellyfin'
image: linuxserver/jellyfin image: linuxserver/jellyfin
networks: networks:
- name: nginx-internal - name: external
volumes: volumes:
- "{{ data_folder }}/jellyfin:/config" - "{{ data_folder }}/jellyfin:/config"
- "{{ media.tv }}:/data/tv" - "{{ media.tv }}:/data/tv"

3
roles/keycloak/tasks/main.yml
View File

@ -5,8 +5,9 @@
ports: ports:
- "8080:8080" - "8080:8080"
networks: networks:
- name: external
- name: postgres - name: postgres
- name: nginx-internal - name: openldap
env: env:
"KEYCLOAK_USER": "{{ vault_keycloak_user }}" "KEYCLOAK_USER": "{{ vault_keycloak_user }}"
"KEYCLOAK_PASSWORD": "{{ vault_keycloak_password }}" "KEYCLOAK_PASSWORD": "{{ vault_keycloak_password }}"

9
roles/nginx/tasks/main.yml
View File

@ -14,11 +14,11 @@
- name: generate self-signed certs - name: generate self-signed certs
import_tasks: self-signed.yml import_tasks: self-signed.yml
when: self_signed when: self_signed
- name: create nginx bridge network - name: create external bridge network
docker_network: docker_network:
name: nginx-internal name: external
attachable: true attachable: true
internal: true internal: false
state: present state: present
- name: copy nginx.conf - name: copy nginx.conf
template: template:
@ -37,8 +37,7 @@
name: 'nginx' name: 'nginx'
image: nginx image: nginx
networks: networks:
- name: bridge - name: external
- name: nginx-internal
volumes: volumes:
- "{{ data_folder }}/nginx/conf.d:/etc/nginx/conf.d" - "{{ data_folder }}/nginx/conf.d:/etc/nginx/conf.d"
- "{{ data_folder }}/nginx/nginx.conf:/etc/nginx/nginx.conf" - "{{ data_folder }}/nginx/nginx.conf:/etc/nginx/nginx.conf"

8
roles/openldap/tasks/main.yml
View File

@ -6,13 +6,19 @@
loop: loop:
- "{{ data_folder }}/openldap" - "{{ data_folder }}/openldap"
- "{{ data_folder }}/openldap/data" - "{{ data_folder }}/openldap/data"
- name: create network
docker_network:
name: openldap
attachable: true
internal: true
state: present
- name: run container - name: run container
docker_container: docker_container:
name: "openldap" name: "openldap"
image: osixia/openldap image: osixia/openldap
hostname: openldap hostname: openldap
networks: networks:
- name: nginx-internal - name: openldap
ports: ports:
- "389:389" - "389:389"
- "636:636" - "636:636"

3
roles/portainer/tasks/main.yml
View File

@ -3,8 +3,7 @@
name: 'portainer' name: 'portainer'
image: portainer/portainer-ce image: portainer/portainer-ce
networks: networks:
- name: nginx-internal - name: external
- name: bridge
volumes: volumes:
- "/var/run/docker.sock:/var/run/docker.sock" - "/var/run/docker.sock:/var/run/docker.sock"
ports: ports: