Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Dec 01 17:19
    gridxy edited #616
  • Nov 30 19:05
    gridxy opened #616
  • Nov 21 17:03
    brumi1024 closed #541
  • Nov 19 16:33
    davestephens closed #615
  • Nov 19 10:37
    Kycilak opened #615
  • Nov 18 12:51
    AlanAndre edited #614
  • Nov 18 12:12
    AlanAndre edited #614
  • Nov 18 12:12
    AlanAndre labeled #614
  • Nov 18 12:12
    AlanAndre opened #614
  • Nov 16 12:18
    dependabot[bot] closed #612
  • Nov 16 12:18
    dependabot[bot] labeled #613
  • Nov 16 12:18
    dependabot[bot] opened #613
  • Nov 09 17:25
    dependabot[bot] labeled #612
  • Nov 09 17:25
    dependabot[bot] opened #612
  • Oct 26 10:04
    mahalel edited #611
  • Oct 26 10:03
    mahalel opened #611
  • Oct 19 01:33
    eniad synchronize #608
  • Oct 19 01:28
    eniad synchronize #608
  • Oct 14 09:50
    HitLuca opened #610
  • Oct 14 09:50
    HitLuca labeled #610
allthestairs
@allthestairs
That is one of those things where I'd have to think about what you're trying to accomplish by tunneling your pi-hole container through a wireguard vpn
Andrew DiLosa
@adilosa
oh i wouldnt need that necessarily. just the only thing in my setup that has weird docker-networking implications
im still on an old fork, before things changed from tasks -> roles, because i incorporated some of the PRs from @bcurran3 like pihole and unifi. will see if i can get wireguard working with all that
as long as wireguard doesnt interfere with pihole working locally, all good there
allthestairs
@allthestairs
hmm, you can probably just drop that one role folder and wireguard.yml in there and have it work since i didn't touch nas.yml
it shouldn't affect anything that you don't put in the wireguard_containers list
I wanted fine-grained here
Andrew DiLosa
@adilosa
sounds good to me! i'll pull your commit in later and see how it goes
allthestairs
@allthestairs
if there are any ansible or docker networking wizards I would love to know a better way to do the, let's say, last four tasks in that role
allthestairs
@allthestairs
I don't seem to have broken traefik yet but hypothetically having two ip addresses, only one of which traefik can see, could cause problems if traefik restarts while the container has two networks
I'll need to figure out if setting traefik.docker.network=bridge will break something
oh right, it doesn't break because we use traefik in host networking mode
Jean Lucas
@jeanlst
Cool! Gonna snatch that hydra role from your rope @allthestairs
Jean Lucas
@jeanlst
Guys, why do we have separate tasks for calibre/guacamole/etc and their defaults inside nas.yml instead of having their own role folder inside roles like the other ones?
Andrew DiLosa
@adilosa
I think the migration to roles hasn't been finished. There's open PRs for Calibre (davestephens/ansible-nas#415) and a bunch of others, but no commits have been made since Apr 2.
allthestairs
@allthestairs
My hydra role should be ready to pull into master. I'm a bad contributor and forgot about fixing my lint problems on that pull request...four months ago.
Jean Lucas
@jeanlst
I was looking at the smarttools issue, has anyone been able to make a role for it? davestephens/ansible-nas#2
19 replies
I have my own domain and I'm using protonmail for mail with that domain
allthestairs
@allthestairs
This looked like an interesting option: https://hub.docker.com/r/analogj/scrutiny
allthestairs
@allthestairs
I integrated https://hub.docker.com/r/analogj/scrutiny into the stats role that I also added to run it alongside grafana
it can handle all sorts of smartd notification tools using https://containrrr.dev/shoutrrr/services/overview/
allthestairs
@allthestairs
If anyone wants to try it you can find my branch here: https://github.com/allthestairs/ansible-nas/tree/scrutiny It does include a commit that transitions the stats task to a role
it should be configurable to allow notifications without manually editing the template file
allthestairs
@allthestairs

I think the migration to roles hasn't been finished. There's open PRs for Calibre (davestephens/ansible-nas#415) and a bunch of others, but no commits have been made since Apr 2.

I went through and created a branch for each reamining task that replaces task with a role and then created another streamlined single-commit branch that has everything as a role with not a single remaining bare task https://github.com/allthestairs/ansible-nas/tree/all_roles

Andrew DiLosa
@adilosa

pulled the commit, seemed to install wireguard fine. ended up moving to wg-quick settings from systemd as part of debugging. turned out there was bug in the Unifi controller that made port forwarding settings silently not take effect, ended up in a whole Unifi upgrade hell where DHCP was hosed all day.

anyways... tl;dr once i rebuilt my network i ended up configuring wireguard manually in the host. it seems to give me access to all my containers that are locally accessible anyway, without mucking around with docker networking.

allthestairs
@allthestairs
I seem to have run into an issue with using it and docker port forwarding but I probably fucked something up manually while experimenting.
It definitely needs more testing before I'd suggest anyone do more than experiment with it.
Also I realized my routing manipulation in the containers isn't a real solution since it doesn't survive a container restart.
I'm not sure if Docker actually supports a way to do what I'm doing, but the current ansible plugin definitely seems not to
Well, actually lets say I'm pretty sure I could make it work if I was willing to go into the docker_container setup for every container and modify it there, but I don't really want to make that sweeping a set of changes to enable VPN
allthestairs
@allthestairs
I think if you added it at container creation time with network_mode as <container_name>:ansible_wireguard it would actually work but I'd need to add a jinja template conditional to every task to make that work
I suppose one could write a wrapper task for ansible-nas in general that replaces docker_container tasks in all the roles that you could use to automatically handle things like traefik labels and vpn routing in some sort of bizarro-inheritance but that would be a big change to the overall project
Jean Lucas
@jeanlst
Is davestephens still maintaining the project or has he set it aside?
georgejung
@georgejung
hey guys, im running home assistant on my ansible nas and my traefik reverse proxy is now throwing 400 errors. Apparently this seems to be an HA thing as my other services behind traefik are working. Anyone know what entries we need to have in HA for a traefik proxy to work? Fwiw im using duckdns...
georgejung
@georgejung

so i had to modify my HA config file to specify the traefik ip for my external access to work with my reverse proxy as of the july HA release. To get this I went into http services and then home assistant and got the ip there that traefik uses. Thats the one i put in my config file:

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 172.30.1.1

https://www.reddit.com/r/homeassistant/comments/og1hao/400_bad_request_error_behind_nginx_proxy_manager/

Mindbuilder1
@Mindbuilder1
hello have a Problem by the instalation at the point to start ansible nas is camming error: Failed to connect to the host via ssh: ssh: Could not resolve hostname ansible-nas: Temporary failure in name resolution"
grafik.png
basavarajbhavi
@basavarajbhavi:matrix.org
[m]
hi, i am running an ansible-playbook file for creating groups and subgroups and I am new to ansible can anyone help me with it... it is giving me an error
task:
  • name: "Create GitLab Group"
    ^ here

this is my playbookfile

  • hosts: all
    tasks:

    - name: "Delete GitLab Group"

    community.general.gitlab_group:

    api_url: http://localhost:8080/

    api_token: "{{CUivwY2io91d-cFjyvAt}}"

    validate_certs: False

    name: my_first_group

    state: absent

  • name: "Create GitLab Group"
    community.general.gitlab_group:
    api_url: http://localhost:8080/
    api_token: "{{CUivwY2io91d-cFjyvAt}}"
    validate_certs: True
    api_username: root
    api_password: "password@123"
    name: my_first_group
    path: my_first_group
    state: present

    The group will by created at https://gitlab.dj-wasabi.local/super_parent/parent/my_first_group

  • name: "Create GitLab SubGroup"
    community.general.gitlab_group:
    api_url: http://localhost.com/
    validate_certs: True
    api_username: root
    api_password: "password@123"
    name: my_first_subgroup
    path: my_first_subgroup
    state: present
    parent: "super_parent/parent"
basavarajbhavi
@basavarajbhavi:matrix.org
[m]
:point_up: Edit: - hosts: all
tasks:

- name: "Delete GitLab Group"

community.general.gitlab_group:

api_url: http://localhost:8080/

api_token: "{{CUivwY2io91d-cFjyvAt}}"

validate_certs: False

name: my_first_group

state: absent

:point_up: Edit: ---
  • hosts: all
    tasks:

    - name: "Delete GitLab Group"

    community.general.gitlab_group:

    api_url: http://localhost:8080/

    api_token: "{{CUivwY2io91d-cFjyvAt}}"

    validate_certs: False

    name: my_first_group

    state: absent

  • name: "Create GitLab Group"
    community.general.gitlab_group:
    api_url: http://localhost:8080/
    api_token: "{{CUivwY2io91d-cFjyvAt}}"
    validate_certs: True
    api_username: root
    api_password: "password@123"
    name: my_first_group
    path: my_first_group
    state: present

    The group will by created at https://gitlab.dj-wasabi.local/super_parent/parent/my_first_group

  • name: "Create GitLab SubGroup"
    community.general.gitlab_group:
    api_url: http://localhost.com/
    validate_certs: True
    api_username: root
    api_password: "password@123"
    name: my_first_subgroup
    path: my_first_subgroup
    state: present
    parent: "super_parent/parent"
zorkol
@zorkol
hey all, i am VERY new to all this can i ask a question here?
jniens1979
@jniens1979
Hi all, I recently installed ansible nas on my supermicro SYS-5028D-TN4T server. Everything works properly, thanks!
I would like to expand the installation with an ip camera application (with onvif support) and it would be nice if this could be added to ansible-nas.
Luca Candela
@CaliLuke
hey y'all, I'm struggling to install the script on ZFS and I was wondering if anyone else has encountered this so I don't have to bug Dave unnecessarily
I described the issue pretty clearly there if anyone can throw me a hand I'll be very grateful
Luca Candela
@CaliLuke
ok I think I got it
the script installed docker with the overlay option, then it couldn't run it
and for some reason it wouldn't overwrite the options when I replaced the storage driver with ZFS
anyways, I edited /etc/docker/daemon.json manually and now docker runs
let's see if I can re-run the ansible script to setup the server now