templates/docker-compose/proxy/nextcloud.conf - port-forwarding for pico

experimental, untested!
docker-compose.yml etc. - proxy jellyfin on virtual host
2021-12-03 18:00:05 +00:00 · 2021-12-03 17:59:35 +00:00 · 2021-12-03 17:59:35 +00:00 · 2021-12-03 17:59:35 +00:00 · 2021-12-03 17:59:35 +00:00 · 2021-12-03 17:59:35 +00:00
7 changed files with 61 additions and 28 deletions
--- a/snackpot.yml
+++ b/snackpot.yml
@@ -6,11 +6,9 @@
    postgres_password: "{{lookup('passwordstore', 'servers/snackpot/postgres_db.password')}}"
    postgres_db_user: postgres
    nextcloud_hostname: nc.noodlefactory.co.uk
-    nextcloud_base_dir: /var/www/html
-    nextcloud_data_dir: /var/www/data
-    nextcloud_ext_dir: /var/www/ext
    nextcloud_db_user: nextcloud
    nextcloud_db: nextcloud
+    jellyfin_hostname: jf.noodlefactory.co.uk
    letsencrypt_email: webmaster@noodlefactory.co.uk
    docker_compose_base_dir: /opt/docker-compose
    firewall_ports:
@@ -61,21 +59,21 @@
      vars:
        ufw_allow: "{{ firewall_ports }}"
        
-    # - include_role:
-    #     name: mrlesmithjr.netplan
-    #     apply: { become: true, tags: [netplan, network] }
-    #   tags: netplan, network
-    #   vars:
-    #     netplan_enabled: true
-    #     netplan_configuration:
-    #       network:
-    #         version: 2
-    #         ethernets:
-    #           enp3s0:
-    #             addresses: [192.168.0.55/24]
-    #             gateway4: 192.168.0.1
-    #             nameservers:
-    #               addresses: [192.168.0.1]
+    - include_role:
+        name: mrlesmithjr.netplan
+        apply: { become: true, tags: [netplan, network] }
+      tags: netplan, network
+      vars:
+        netplan_enabled: true
+        netplan_configuration:
+          network:
+            version: 2
+            ethernets:
+              enp3s0:
+                addresses: [192.168.0.55/24]
+                gateway4: 192.168.0.1
+                nameservers:
+                  addresses: [192.168.0.1]
    
    - include_role:
        name: docker_compose
--- a/templates/docker-compose/docker-compose.yml
+++ b/templates/docker-compose/docker-compose.yml
@@ -19,8 +19,20 @@ volumes:
  mopidy_data:

 networks:
+  # This is for proxied containers
  proxy-tier:
-    
+  # This is for containers which need to be host mode
+  lan:
+    name: lan
+    driver: macvlan
+    driver_opts:
+      parent: enp3s0 # our ethernet interface
+    ipam:
+      config:
+        - gateway: 192.168.0.1
+          subnet: 192.168.0.0/24
+          ip_range: 192.168.0.240/29 # addresses 240-248 (6 usable)
+
 services:

  postgres:
@@ -124,9 +136,13 @@ services:
      - jellyfin_config:/config
      - jellyfin_cache:/cache
      - minidlna_data:/media
-    network_mode: host
-    environment:
-      - JELLYFIN_PublishedServerUrl=http://snackpot.local
+    networks:
+      proxy-tier:
+      default:
+      lan: # Static ip for the container on the macvlan net
+        ipv4_address: 192.168.0.241
+    env_file:
+      - jellyfin.env
      
  minidlna:
    image: vladgh/minidlna:latest
@@ -134,7 +150,10 @@ services:
    volumes:
      - minidlna_state:/minidlna
      - minidlna_data:/media:ro
-    network_mode: host
+    networks:
+      default:
+      lan: # Static ip for the container on the macvlan net
+        ipv4_address: 192.168.0.242
    environment:
      - UPID=2000
      - UGID=2000
@@ -156,6 +175,8 @@ services:
      - mopidy_data:/data
      # Add local music folder
      - minidlna_data:/music:ro
+    networks:
+      default:
    devices:
      - /dev/snd
    restart: always
@@ -164,8 +185,10 @@ services:
    build: ./upmpdcli
    depends_on:
      - mopidy
-    # Host mode needed for advertisement
-    network_mode: host
+    networks:
+      default:
+      lan: # Static ip for the container on the macvlan net
+        ipv4_address: 192.168.0.243
    restart: always

      # Next three services adapted from
--- a/templates/docker-compose/jellyfin.env.j2
+++ b/templates/docker-compose/jellyfin.env.j2
@@ -0,0 +1,4 @@
+VIRTUAL_HOST={{ jellyfin_hostname }}
+JELLYFIN_PublishedServerUrl=https://{{ jellyfin_hostname }}/
+LETSENCRYPT_HOST={{ jellyfin_hostname }}
+LETSENCRYPT_EMAIL={{ letsencrypt_email }}
--- a/templates/docker-compose/mopidy
+++ b/templates/docker-compose/mopidy
--- a/templates/docker-compose/proxy/nextcloud.conf
+++ b/templates/docker-compose/proxy/nextcloud.conf
@@ -0,0 +1,6 @@
+location ^~ /sites/ {
+    proxy_set_header X-Forwarded-Host $host:$server_port;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Server $host;
+    proxy_pass http://web/index.php/apps/cms_pico/pico_proxy/;
+}
--- a/templates/docker-compose/upmpdcli/Dockerfile
+++ b/templates/docker-compose/upmpdcli/Dockerfile
@@ -1,8 +1,9 @@
-FROM alpine:3.13
+FROM alpine:3.15

 RUN apk update \
  && apk upgrade \
  && apk add --no-cache \
+  --repository http://dl-cdn.alpinelinux.org/alpine/edge/community \
  --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing \
  python3 \
  openssl \
--- a/templates/docker-compose/upmpdcli/upmpdcli.conf
+++ b/templates/docker-compose/upmpdcli/upmpdcli.conf
@@ -8,6 +8,7 @@
 #upnpiface =
 #upnpip = 
 # upnpport =
+upnpip = 192.168.0.243

 # media renderer parameters
 friendlyname = Snackpot
@@ -25,4 +26,4 @@ checkcontentformat = 0
 #mpdport = 6600
 #mpdpassword =
 #ownqueue = 1
-
+mpdhost = mopidy
Author	SHA1	Message	Date
Nick Stokoe	7c091493f9	templates/docker-compose/proxy/nextcloud.conf - port-forwarding for pico experimental, untested!	2021-12-03 18:00:05 +00:00
Nick Stokoe	32cabdd1f4	docker-compose.yml etc. - proxy jellyfin on virtual host nominally working, although some hard-wired values to remove	2021-12-03 17:59:35 +00:00
Nick Stokoe	12f3fcbaaf	docker-compose.yml - reverse proxy the jellyfin container as virtual host we need to take it of host network mode, add it to the proxy-tier and default networks, then enable proxying and lets-encrypt. Tested, works.	2021-12-03 17:59:35 +00:00
Nick Stokoe	15ce90e098	docker-compose/docker-compose.yml - upgrade nextcloud to v22	2021-12-03 17:59:35 +00:00
Nick Stokoe	bb20922852	templates/docker-compose/mopidy - update tracked commit	2021-12-03 17:59:35 +00:00
Nick Stokoe	3d09f9d1e9	docker-compose/docker-compose.yml - upgrade nextcloud and others	2021-12-03 17:59:35 +00:00
Nick Stokoe	2512d2ef31	docker-compose/docker-compose.yml - add extra_hosts snackpot:host-gateway for mopidy	2021-12-03 17:59:35 +00:00
Nick Stokoe	a6290fe82d	docker-compose/upmpdcli/upmpdcli.conf - don't check the content format As this will disallow things that should be allowed.	2021-12-03 17:59:35 +00:00
Nick Stokoe	a4f0664663	docker-compose/upmpdcli/Dockerfile - explicitly specify the config file In the command parameters for upmpdcli - otherwise it seems not to be picked up.	2021-12-03 17:59:35 +00:00
Nick Stokoe	5b3440457f	add jellyfin	2021-12-03 17:59:35 +00:00
Nick Stokoe	73821733cf	docker-compose/upmpdcli/Dockerfile - use python3 not 2	2021-12-03 17:59:35 +00:00
Nick Stokoe	32aaf0fe6b	docker-compose.yml - set mopidy to restart: always	2021-12-03 17:59:35 +00:00
Nick Stokoe	17a04fc559	docker-compose.yml - set upmpdcli to restart: always	2021-12-03 17:59:35 +00:00
Nick Stokoe	18ec2c5320	docker-compose/upmpdcli/Dockerfile - add openssl to the package list upmpdcli seems to use this, optionally	2021-12-03 17:59:35 +00:00
Nick Stokoe	d3fa11cf90	docker-compose.yml - add local audio access to mopidy	2021-12-03 17:59:35 +00:00
Nick Stokoe	caca059da0	snackpot.yml, docker-compose.yml - add mopidy and upmpdcli services mopidy includes icecast	2021-12-03 17:59:35 +00:00
Nick Stokoe	625b2a656a	docker-compose.yml - add MINIDLNA_INOTIFY=yes to minidlna We want it to spot file changes	2021-12-03 17:59:35 +00:00
Nick Stokoe	71d8edab0a	snackpot.yml, docker-compose.yml - these nextcloud paths can be fixed	2021-12-03 17:59:35 +00:00
Nick Stokoe	c160ba5193	snackpot.yml etc. - refine docker-compose config deploy The main job of this commit: - Be explicit about templates: expect the .j2 extension - Copy all other files, so that they can be binary - Don't deploy dotfiles or dotdirectories. This snuck in: - Remove `test` tag - Refine some descriptions	2021-12-03 17:59:35 +00:00
Nick Stokoe	3aaa6deb34	templates/docker-compose/docker-compose.yml - remove some comment cruft	2021-12-03 17:59:35 +00:00
Nick Stokoe	3acc92043c	snackpot.yml - add minidlna containiner set all ports with firewall_ports	2021-12-03 17:59:35 +00:00
Nick Stokoe	375172e34e	roles/ufw/tasks/main.yml - allow more flexible port config specifically, allow specifying protocol	2021-12-03 17:59:35 +00:00
Nick Stokoe	fcad61a6c4	roles/docker_compose/tasks/main.yml - set docker data-root dir	2021-12-03 17:59:35 +00:00
Nick Stokoe	02b37f5680	docker-compose/docker-compose.yml - add nextcloud_cron For running the cron job	2021-12-03 17:59:35 +00:00
Nick Stokoe	8df232dd91	templates/docker-compose/docker-compose.yml - bump nextcloud to v18.0.13	2021-12-03 17:59:35 +00:00
Nick Stokoe	108193a007	snackpot.yml - tag role invocations with `docker-config` Else tagging doesn't work correctly	2021-12-03 17:59:35 +00:00
Nick Stokoe	3e69a85426	templates/bin/ncadmin - remove crufty comments	2021-12-03 17:59:35 +00:00
Nick Stokoe	b72b413755	templates/docker-compose/docker-compose.yml - share /srv with nextcloud For ease of imports	2021-12-03 17:59:35 +00:00
Nick Stokoe	b602592ea4	snackpot.yml - set up networking on server	2021-12-03 17:59:35 +00:00
Nick Stokoe	32f6767cd4	snackpot.yml - add docker compose config Nominally working and tested on a remote VM	2021-12-03 17:59:35 +00:00
Nick Stokoe	e887ad1898	snackpot.yml - adapt from server.playbook.yml	2021-12-03 17:59:35 +00:00
Nick Stokoe	cc89a3f437	roles/docker_compose/handlers/main.yml - add 'listen' clause So we can notify from outside the role	2021-12-03 17:59:35 +00:00
Nick Stokoe	3866f6a0f2	roles/docker_compose_install/ -> roles/docker_compose	2021-12-03 17:59:35 +00:00
Nick Stokoe	38c2667d2d	docker_compose_install - corrections from original copy Use python 3, don't hardwire docker version, etc.	2021-12-03 17:58:01 +00:00