Move docker containers to new PVE container

ansible/roles/pve_docker/files/calibre/docker-compose.yml

@@ -0,0 +1,16 @@
+version: "2.3"
+services:
+  calibre:
+    image: linuxserver/calibre-web:latest
+    environment:
+      - PUID={{ docker_user.id }}
+      - PGID={{ docker_user.id }}
+      - TZ=Europe/London
+    restart: unless-stopped
+    volumes:
+      - "./calibre:/config"
+      - /mnt/tank/files/ebooks:/books:ro
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.calibre.rule=Host(`calibre.jakehoward.tech`)
+      - traefik.http.routers.calibre.tls.certresolver=le

ansible/roles/pve_docker/files/gotify/docker-compose.yml

@@ -0,0 +1,14 @@
+version: "2.3"
+services:
+  gotify:
+    image: gotify/server:2.0.19
+    environment:
+      - TZ=Europe/London
+    volumes:
+      - ./data:/app/data
+    restart: unless-stopped
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.gotify.rule=Host(`gotify.jakehoward.tech`)
+      - traefik.http.routers.gotify.tls.certresolver=le
+      - traefik.http.routers.gotify.middlewares=compress@file

ansible/roles/pve_docker/files/librespeed/docker-compose.yml

@@ -0,0 +1,17 @@
+version: "2.3"
+services:
+  librespeed:
+    image: linuxserver/librespeed:latest
+    environment:
+      - PUID={{ docker_user.id }}
+      - PGID={{ docker_user.id }}
+      - TZ=Europe/London
+    ports:
+      - 33377:80
+    restart: unless-stopped
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.librespeed.rule=Host(`speed.jakehoward.tech`)
+      - traefik.http.routers.librespeed.tls.certresolver=le
+      - traefik.http.routers.librespeed.middlewares=librespeed-auth@docker
+      - traefik.http.middlewares.librespeed-auth.basicauth.users={{ librespeed_basicauth }}

ansible/roles/pve_docker/files/nextcloud/config.php

@@ -0,0 +1,44 @@
+<?php
+$CONFIG = array (
+  'memcache.local' => '\\OC\\Memcache\\APCu',
+  'memcache.locking' => '\\OC\\Memcache\\Redis',
+  'memcache.distributed' => '\\OC\\Memcache\\Redis',
+  'filelocking.enabled' => true,
+  'redis' =>
+  array (
+    'host' => 'redis',
+    'port' => 6379,
+    'timeout' => 0.0,
+  ),
+  'datadirectory' => '/data',
+  'instanceid' => '{{ nextcloud.instance_id }}',
+  'passwordsalt' => '{{ nextcloud.passwordsalt }}',
+  'secret' => '{{ nextcloud.secret }}',
+  'trusted_domains' =>
+  array (
+    0 => 'intersect.jakehoward.tech',
+  ),
+  'dbtype' => 'mysql',
+  'version' => '20.0.3.2',
+  'overwrite.cli.url' => 'https://intersect.jakehoward.tech',
+  'dbname' => 'nextcloud',
+  'dbhost' => 'mariadb',
+  'dbport' => '3306',
+  'dbtableprefix' => 'oc_',
+  'mysql.utf8mb4' => true,
+  'dbuser' => 'nextcloud',
+  'dbpassword' => 'nextcloud',
+  'installed' => true,
+  'trusted_proxies' =>
+  array (
+    0 => '172.17.0.1',
+  ),
+  'maintenance' => false,
+  'theme' => '',
+  'loglevel' => 2,
+  'preview_max_x' => '2048',
+  'preview_max_y' => '2048',
+  'jpeg_quality' => '60',
+  'has_rebuilt_cache' => true,
+  'logfile' => '/config/log/nextcloud.log',
+);

ansible/roles/pve_docker/files/nextcloud/docker-compose.yml

@@ -0,0 +1,60 @@
+version: "2.3"
+
+services:
+  nextcloud:
+    image: linuxserver/nextcloud:version-20.0.3
+    environment:
+      - PUID={{ docker_user.id }}
+      - PGID={{ docker_user.id }}
+      - TZ=Europe/London
+      - DOCKER_MODS=theorangeone/lsio-mod-more-processes:latest
+    volumes:
+      - "./nextcloud/apps:/config/www/nextcloud/apps"
+      - "./nextcloud/config.php:/config/www/nextcloud/config/config.php"
+      - /mnt/tank/files/nextcloud:/data
+      - /mnt/tank/files:/mnt/files
+    restart: unless-stopped
+    depends_on:
+      - mariadb
+      - redis
+      - collabora
+    tmpfs:
+      - /config/log
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.nextcloud.rule=Host(`intersect.jakehoward.tech`)
+      - traefik.http.routers.nextcloud.tls.certresolver=le
+      - traefik.http.services.nextcloud-nextcloud.loadbalancer.server.port=443
+      - traefik.http.services.nextcloud-nextcloud.loadbalancer.server.scheme=https
+      - traefik.http.middlewares.nextcloud-hsts.headers.stsseconds=15552000
+      - traefik.http.routers.nextcloud.middlewares=nextcloud-hsts@docker
+
+  mariadb:
+    image: mariadb:10.5
+    restart: unless-stopped
+    volumes:
+      - ./mariadb:/var/lib/mysql
+    environment:
+      - MYSQL_ROOT_PASSWORD=nextcloud
+      - MYSQL_DATABASE=nextcloud
+      - MYSQL_USER=nextcloud
+      - MYSQL_PASSWORD=nextcloud
+
+  redis:
+    image: redis:6-alpine
+    restart: unless-stopped
+    volumes:
+      - ./redis:/data
+
+  collabora:
+    image: collabora/code:latest
+    restart: unless-stopped
+    cap_add:
+      - MKNOD
+    environment:
+      - domain=intersect\\.jakehoward\\.tech
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.collabora.rule=Host(`collabora.jakehoward.tech`)
+      - traefik.http.routers.collabora.tls.certresolver=le
+      - traefik.http.services.collabora-nextcloud.loadbalancer.server.scheme=https

ansible/roles/pve_docker/files/quassel/docker-compose.yml

@@ -0,0 +1,29 @@
+version: "2.3"
+services:
+  quassel-core:
+    image: linuxserver/quassel-core:latest
+    environment:
+      - PUID={{ docker_user.id }}
+      - PGID={{ docker_user.id }}
+      - TZ=Europe/London
+      - DB_BACKEND=PostgreSQL
+      - DB_PGSQL_USERNAME=quassel
+      - DB_PGSQL_PASSWORD=quassel
+      - DB_PGSQL_HOSTNAME=db
+      - DB_PGSQL_PORT=5432
+      - AUTH_AUTHENTICATOR=Database
+      - RUN_OPTS=--config-from-environment
+    restart: unless-stopped
+    depends_on:
+      - db
+    ports:
+      - "4242:4242"
+
+  db:
+    image: postgres:12-alpine
+    restart: unless-stopped
+    environment:
+      - POSTGRES_USER=quassel
+      - POSTGRES_PASSWORD=quassel
+    volumes:
+      - /mnt/tank/dbs/postgres/quassel:/var/lib/postgresql/data

ansible/roles/pve_docker/files/synapse/docker-compose.yml

@@ -0,0 +1,34 @@
+version: "2.3"
+
+services:
+
+  synapse:
+    image: matrixdotorg/synapse:v1.24.0
+    restart: unless-stopped
+    environment:
+      - SYNAPSE_CONFIG_PATH=/etc/homeserver.yaml
+      - SYNAPSE_REPORT_STATS=yes
+      - UID={{ docker_user.id }}
+      - GID={{ docker_user.id }}
+    volumes:
+      - "{{ app_data_dir }}/synapse/homeserver.yaml:/etc/homeserver.yaml"
+      - "{{ app_data_dir }}/synapse:/data"
+    depends_on:
+      - db
+    expose:
+      - 8008
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.synapse.rule=Host(`matrix.jakehoward.tech`)
+      - traefik.http.routers.synapse.tls.certresolver=le
+      - traefik.http.routers.synapse.entrypoints=web-secure,matrix
+
+  db:
+    image: postgres:12-alpine
+    restart: unless-stopped
+    environment:
+      - POSTGRES_USER=synapse
+      - POSTGRES_PASSWORD=synapse
+      - POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
+    volumes:
+      - /mnt/tank/dbs/postgres/synapse:/var/lib/postgresql/data

ansible/roles/pve_docker/files/tt-rss/config.php

@@ -0,0 +1,82 @@
+<?php
+  // *******************************************
+  // *** Database configuration (important!) ***
+  // *******************************************
+
+  define('DB_TYPE', 'pgsql');
+  define('DB_HOST', 'db');
+  define('DB_USER', 'tt-rss');
+  define('DB_NAME', 'tt-rss');
+  define('DB_PASS', 'tt-rss');
+  define('DB_PORT', '5432');
+  define('MYSQL_CHARSET', 'UTF8');
+
+  // ***********************************
+  // *** Basic settings (important!) ***
+  // ***********************************
+
+  define('SELF_URL_PATH', 'https://tt-rss.jakehoward.tech/');
+  define('SINGLE_USER_MODE', false);
+  define('SIMPLE_UPDATE_MODE', false);
+
+  // *****************************
+  // *** Files and directories ***
+  // *****************************
+
+  define('PHP_EXECUTABLE', '/usr/bin/php');
+  define('LOCK_DIRECTORY', 'lock');
+  define('CACHE_DIR', 'cache');
+  define('ICONS_DIR', "feed-icons");
+  define('ICONS_URL', "feed-icons");
+
+  // **********************
+  // *** Authentication ***
+  // **********************
+
+  define('AUTH_AUTO_CREATE', true);
+  define('AUTH_AUTO_LOGIN', true);
+
+  // *********************
+  // *** Feed settings ***
+  // *********************
+
+  define('FORCE_ARTICLE_PURGE', 0);
+
+  // ****************************
+  // *** Sphinx search plugin ***
+  // ****************************
+
+  define('SPHINX_SERVER', 'localhost:9312');
+  define('SPHINX_INDEX', 'ttrss, delta');
+
+  // ***********************************
+  // *** Self-registrations by users ***
+  // ***********************************
+
+  define('ENABLE_REGISTRATION', false);
+  define('REG_NOTIFY_ADDRESS', 'user@your.domain.dom');
+  define('REG_MAX_USERS', 10);
+
+  // **********************************
+  // *** Cookies and login sessions ***
+  // **********************************
+
+  define('SESSION_COOKIE_LIFETIME', 864000);
+
+  // *********************************
+  // *** Email and digest settings ***
+  // *********************************
+
+  define('SMTP_FROM_NAME', 'Tiny Tiny RSS');
+  define('SMTP_FROM_ADDRESS', 'noreply@your.domain.dom');
+  define('DIGEST_SUBJECT', '[tt-rss] New headlines for last 24 hours');
+
+  // ************************
+  // *** General settings ***
+  // ************************
+
+  define('CHECK_FOR_UPDATES', false);
+  define('ENABLE_GZIP_OUTPUT', true);
+  define('PLUGINS', 'auth_internal, note');
+  define('LOG_DESTINATION', 'sql');
+  define('CONFIG_VERSION', 26);

ansible/roles/pve_docker/files/tt-rss/docker-compose.yml

@@ -0,0 +1,32 @@
+version: "2.3"
+
+services:
+  tt-rss:
+    image: lunik1/tt-rss:latest
+    environment:
+      - PUID={{ docker_user.id }}
+      - PGID={{ docker_user.id }}
+      - TZ=Europe/London
+    volumes:
+      - "./tt-rss/config.php:/config/config.php:ro"
+      - "./tt-rss/feed-icons:/config/feed-icons"
+      - ./plugins:/config/plugins.local
+    restart: unless-stopped
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.tt-rss.rule=Host(`tt-rss.jakehoward.tech`)
+      - traefik.http.routers.tt-rss.tls.certresolver=le
+      - traefik.http.routers.tt-rss.middlewares=compress@file
+    depends_on:
+      - db
+    tmpfs:
+      - /config/log
+
+  db:
+    image: postgres:12-alpine
+    restart: unless-stopped
+    volumes:
+      - ./postgres:/var/lib/postgresql/data
+    environment:
+      - POSTGRES_PASSWORD=tt-rss
+      - POSTGRES_USER=tt-rss

ansible/roles/pve_docker/files/wallabag/docker-compose.yml

@@ -0,0 +1,24 @@
+version: "2.3"
+
+services:
+  wallabag:
+    image: wallabag/wallabag:2.4.0
+    restart: unless-stopped
+    environment:
+      - SYMFONY__ENV__SECRET={{ wallabag_secret }}
+      - SYMFONY__ENV__DOMAIN_NAME=https://wallabag.jakehoward.tech
+    volumes:
+      - "./wallabag/data:/var/www/wallabag/data"
+      - "./wallabag/images:/var/www/wallabag/images"
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.wallabag.rule=Host(`wallabag.jakehoward.tech`)
+      - traefik.http.routers.wallabag.tls.certresolver=le
+    depends_on:
+      - redis
+
+  redis:
+    image: redis:6-alpine
+    restart: unless-stopped
+    volumes:
+      - ./redis:/data

ansible/roles/pve_docker/files/whoami/docker-compose.yml

@@ -0,0 +1,10 @@
+version: "2.3"
+
+services:
+  whoami:
+    image: traefik/whoami:latest
+    restart: unless-stopped
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.whoami.rule=Host(`whoami.theorangeone.net`) || Host(`who.0rng.one`)
+      - traefik.http.routers.whoami.tls.certresolver=le

ansible/roles/pve_docker/tasks/calibre.yml

@@ -0,0 +1,23 @@
+- name: Create calibre directory
+  file:
+    path: /opt/calibre
+    state: directory
+    owner: "{{ docker_user.name }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
+- name: Install calibre compose file
+  template:
+    src: files/calibre/docker-compose.yml
+    dest: /opt/calibre/docker-compose.yml
+    mode: "{{ docker_compose_file_mask }}"
+    owner: "{{ docker_user.name }}"
+    validate: /usr/bin/docker-compose -f %s config
+  register: compose_file
+  become: true
+
+- name: restart calibre
+  shell:
+    chdir: /opt/calibre
+    cmd: "{{ docker_update_command }}"
+  when: compose_file.changed

ansible/roles/pve_docker/tasks/gotify.yml

@@ -0,0 +1,24 @@
+- name: Create gotify directory
+  file:
+    path: /opt/gotify
+    state: directory
+    owner: "{{ docker_user.name }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
+- name: Install gotify compose file
+  template:
+    src: files/gotify/docker-compose.yml
+    dest: /opt/gotify/docker-compose.yml
+    mode: "{{ docker_compose_file_mask }}"
+    owner: "{{ docker_user.name }}"
+    validate: /usr/bin/docker-compose -f %s config
+  register: compose_file
+  become: true
+
+
+- name: restart gotify
+  shell:
+    chdir: /opt/gotify
+    cmd: "{{ docker_update_command }}"
+  when: compose_file.changed

ansible/roles/pve_docker/tasks/librespeed.yml

@@ -0,0 +1,26 @@
+- name: Include librespeed variables
+  include_vars: librespeed.yml
+
+- name: Create librespeed directory
+  file:
+    path: /opt/librespeed
+    state: directory
+    owner: "{{ docker_user.name }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
+- name: Install librespeed compose file
+  template:
+    src: files/librespeed/docker-compose.yml
+    dest: /opt/librespeed/docker-compose.yml
+    mode: "{{ docker_compose_file_mask }}"
+    owner: "{{ docker_user.name }}"
+    validate: /usr/bin/docker-compose -f %s config
+  register: compose_file
+  become: true
+
+- name: restart librespeed
+  shell:
+    chdir: /opt/librespeed
+    cmd: "{{ docker_update_command }}"
+  when: compose_file.changed

ansible/roles/pve_docker/tasks/main.yml

@@ -0,0 +1,26 @@
+- name: Install calibre
+  include: calibre.yml
+
+- name: Install gotify
+  include: gotify.yml
+
+- name: Install librespeed
+  include: librespeed.yml
+
+- name: Install nextcloud
+  include: nextcloud.yml
+
+- name: Install quassel
+  include: quassel.yml
+
+- name: Install synapse
+  include: synapse.yml
+
+- name: Install tt-rss
+  include: tt-rss.yml
+
+- name: Install wallabag
+  include: wallabag.yml
+
+- name: Install whoami
+  include: whoami.yml

ansible/roles/pve_docker/tasks/nextcloud.yml

@@ -0,0 +1,42 @@
+- name: Include nextcloud variables
+  include_vars: nextcloud.yml
+
+- name: Create nextcloud directory
+  file:
+    path: /opt/nextcloud
+    state: directory
+    owner: "{{ docker_user.name }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
+- name: Install nextcloud compose file
+  template:
+    src: files/nextcloud/docker-compose.yml
+    dest: /opt/nextcloud/docker-compose.yml
+    mode: "{{ docker_compose_file_mask }}"
+    owner: "{{ docker_user.name }}"
+    validate: /usr/bin/docker-compose -f %s config
+  register: compose_file
+  become: true
+
+- name: Install nextcloud config
+  template:
+    src: files/nextcloud/config.php
+    dest: /opt/nextcloud/config.php
+    mode: "{{ docker_compose_file_mask }}"
+    owner: "{{ docker_user.name }}"
+  register: config_file
+  become: true
+
+- name: restart nextcloud
+  shell:
+    chdir: /opt/nextcloud
+    cmd: "{{ docker_update_command }}"
+  when: compose_file.changed or config_file.changed
+
+- name: Set data dir permissions
+  cron:
+    name: Set nextcloud data permissions
+    special_time: daily
+    job: chown -R {{ docker_user.name }}:{{ docker_user.name }} /mnt/tank/files/nextcloud
+  become: true

ansible/roles/pve_docker/tasks/quassel.yml

@@ -0,0 +1,23 @@
+- name: Create quassel directory
+  file:
+    path: /opt/quassel
+    state: directory
+    owner: "{{ docker_user.name }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
+- name: Install quassel compose file
+  template:
+    src: files/quassel/docker-compose.yml
+    dest: /opt/quassel/docker-compose.yml
+    mode: "{{ docker_compose_file_mask }}"
+    owner: "{{ docker_user.name }}"
+    validate: /usr/bin/docker-compose -f %s config
+  register: compose_file
+  become: true
+
+- name: restart quassel
+  shell:
+    chdir: /opt/quassel
+    cmd: "{{ docker_update_command }}"
+  when: compose_file.changed

ansible/roles/pve_docker/tasks/synapse.yml

@@ -0,0 +1,35 @@
+- name: Include synapse variables
+  include_vars: synapse.yml
+
+- name: Create synapse directory
+  file:
+    path: /opt/synapse
+    state: directory
+    owner: "{{ docker_user.name }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
+- name: Install synapse compose file
+  template:
+    src: files/synapse/docker-compose.yml
+    dest: /opt/synapse/docker-compose.yml
+    mode: "{{ docker_compose_file_mask }}"
+    owner: "{{ docker_user.name }}"
+    validate: /usr/bin/docker-compose -f %s config
+  register: compose_file
+  become: true
+
+- name: Install synapse config
+  template:
+    src: files/synapse/homeserver.yml
+    dest: "{{ app_data_dir }}/synapse/homeserver.yaml"
+    mode: "{{ docker_compose_file_mask }}"
+    owner: "{{ docker_user.name }}"
+  register: homeserver_config
+  become: true
+
+- name: restart synapse
+  shell:
+    chdir: /opt/synapse
+    cmd: "{{ docker_update_command }}"
+  when: compose_file.changed or homeserver_config.changed

ansible/roles/pve_docker/tasks/tt-rss.yml

@@ -0,0 +1,66 @@
+- name: Create tt-rss directory
+  file:
+    path: /opt/tt-rss
+    state: directory
+    owner: "{{ docker_user.name }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
+- name: Create tt-rss plugins directory
+  file:
+    path: /opt/tt-rss/plugins
+    state: directory
+    owner: "{{ docker_user.name }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  register: plugins_dir
+  become: true
+
+- name: Install tt-rss compose file
+  template:
+    src: files/tt-rss/docker-compose.yml
+    dest: /opt/tt-rss/docker-compose.yml
+    mode: "{{ docker_compose_file_mask }}"
+    owner: "{{ docker_user.name }}"
+    validate: /usr/bin/docker-compose -f %s config
+  register: compose_file
+  become: true
+
+- name: Install tt-rss config
+  template:
+    src: files/tt-rss/config.php
+    dest: "{{ app_data_dir }}/tt-rss/config.php"
+    mode: "{{ docker_compose_file_mask }}"
+    owner: "{{ docker_user.name }}"
+  register: config_file
+  become: true
+
+- name: Install fever plugin
+  git:
+    repo: https://github.com/DigitalDJ/tinytinyrss-fever-plugin
+    dest: "{{ plugins_dir.path }}/fever"
+    depth: 1
+  register: fever_plugin
+  become: true
+
+- name: Install feediron plugin
+  git:
+    repo: https://github.com/feediron/ttrss_plugin-feediron
+    dest: "{{ plugins_dir.path }}/feediron"
+    depth: 1
+  register: feediron_plugin
+  become: true
+
+- name: Ensure plugins are owned by {{ docker_user.name }}
+  file:
+    path: "{{ plugins_dir.path }}"
+    state: directory
+    owner: "{{ docker_user.name }}"
+    mode: u=rwX,g=rX,o=rX
+    recurse: true
+  become: true
+
+- name: restart tt-rss
+  shell:
+    chdir: /opt/tt-rss
+    cmd: "{{ docker_update_command }}"
+  when: compose_file.changed or config_file.changed or fever_plugin.changed or feediron_plugin.changed

ansible/roles/pve_docker/tasks/wallabag.yml

@@ -0,0 +1,26 @@
+- name: Include wallabag variables
+  include_vars: wallabag.yml
+
+- name: Create wallabag directory
+  file:
+    path: /opt/wallabag
+    state: directory
+    owner: "{{ docker_user.name }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
+- name: Install wallabag compose file
+  template:
+    src: files/wallabag/docker-compose.yml
+    dest: /opt/wallabag/docker-compose.yml
+    mode: "{{ docker_compose_file_mask }}"
+    owner: "{{ docker_user.name }}"
+    validate: /usr/bin/docker-compose -f %s config
+  register: compose_file
+  become: true
+
+- name: restart wallabag
+  shell:
+    chdir: /opt/wallabag
+    cmd: "{{ docker_update_command }}"
+  when: compose_file.changed

ansible/roles/pve_docker/tasks/whoami.yml

@@ -0,0 +1,23 @@
+- name: Create whoami directory
+  file:
+    path: /opt/whoami
+    state: directory
+    owner: "{{ docker_user.name }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
+- name: Install whoami compose file
+  template:
+    src: files/whoami/docker-compose.yml
+    dest: /opt/whoami/docker-compose.yml
+    mode: "{{ docker_compose_file_mask }}"
+    owner: "{{ docker_user.name }}"
+    validate: /usr/bin/docker-compose -f %s config
+  register: compose_file
+  become: true
+
+- name: restart whoami
+  shell:
+    chdir: /opt/whoami
+    cmd: "{{ docker_update_command }}"
+  when: compose_file.changed or config_file.changed

ansible/roles/pve_docker/vars/librespeed.yml

@@ -0,0 +1,9 @@
+librespeed_basicauth: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  35356563313534363433663038363934303165303033616366333965653939653430363065613832
+  6361303335363161393130383565346237613362326433630a343663366263626531326633626366
+  30313535643466306662626361326361623536353636333965326131626130613337323732643865
+  3265643930333535630a666362353034376364613731326236363136363562303163646266313265
+  63386138356164633365313239383365393638393738633461393536653935643665626562313835
+  61623635366362303462633432376436326638373339666561383434613364366237366666393332
+  643139616536666232346262386239663931

ansible/roles/pve_docker/vars/nextcloud.yml

@@ -0,0 +1,24 @@
+nextcloud:
+  instance_id: !vault |
+    $ANSIBLE_VAULT;1.1;AES256
+    30343838333336366638343832633063343135393262336238633632333962656236656666343930
+    6438366539333138303263383532643866333434633261350a366530326432393837343934656136
+    64396131386165383237356463616436643263613931363030643262373963326337356338636435
+    3233376662343033320a333332626162363438356266663335633038323538373365393765363538
+    3430
+  passwordsalt: !vault |
+    $ANSIBLE_VAULT;1.1;AES256
+    66623930383738323135663662643465663230376431383035626131623866313166366239653330
+    3731393939623461366263616265363434663137313532640a356565623135616231643433626563
+    62393936656532366139653530393731663634663463663334303731363564376466393238393062
+    6663393830656161630a613334366332623535383937663863363136336661633332333638643939
+    66343163613066303466613032306465353563623331633837333166346163616231
+  secret: !vault |
+    $ANSIBLE_VAULT;1.1;AES256
+    62383337306165336235353864623232363330643239363733653639396665336463303563376131
+    6634313135663936613935333561396130643236313634630a633136643538666333386663333835
+    66323334666364343038663335313735346134353231663830383262353564316361346366386238
+    6437363863353461380a323164356163343236636334313166336265323363386638383239613233
+    39343533363830613338623064633861623362623537636363373232663134353639386166663135
+    63613361353965336332323935383032623362363265303035666533386565393261343031653034
+    313965383063353036633438613439333562

ansible/roles/pve_docker/vars/synapse.yml

@@ -0,0 +1,28 @@
+synapse:
+  registration_shared_secret: !vault |
+    $ANSIBLE_VAULT;1.1;AES256
+    36363037303531333331356363393631623633636366653139346665316638623039323031633066
+    3262366439396362336338313933363539616262383461330a353638613364616134613130616665
+    66643239366363623536663163386138633535353066613633346131366333316538643031396537
+    3634356163353232620a663538393966353961353562376136303161336636663535376238383938
+    66623539643032353131313538313131326237313936313061616566643639623939313161633230
+    33663666633130373138393937323939383865623939623035373835626363386466663233333534
+    376362626664643664653833646162333863
+  macaroon_secret_key: !vault |
+    $ANSIBLE_VAULT;1.1;AES256
+    64643336366430326631643331316239646539363362383531313335396231306335623538333761
+    3565393330656363376233356631353665636139643261360a656362623264353931613936666531
+    64373437366364313862326564623135643838343834633364656238356565353463393230326631
+    6438383561666561390a323965353136383264376265633364356265346463316161383563663939
+    66653565623666353833353639386634633631366234643933323836633033613963373863303466
+    66326435393266326233613833616263623739346634613531346535346136373965336333373566
+    316535323861356438623065313530346461
+  form_secret: !vault |
+    $ANSIBLE_VAULT;1.1;AES256
+    36313462383034633133373938613161316436313631333061346664653861353062316539393536
+    3436373931363139653232353764393534303530366231310a643335333735656361333632346332
+    30393931366466666535363837663436633533366662373834643362636663386439356236393933
+    3532363432623637330a663263643263333764383637373339616665353631616130643537326263
+    38386538393032353365313733393835303630356536303635373764633139626162356165343539
+    64343135323833356130363262353638353533396563656566666635663263383065646630663063
+    366137356638386537376236623531326636

ansible/roles/pve_docker/vars/wallabag.yml

@@ -0,0 +1,11 @@
+wallabag_secret: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  64353939666265306238333239316631373533643030663638316338356330653539643837373637
+  6638323330373264363535316339616432373132613939360a653533393164386266646337663234
+  33306333663165303431343537336465383937646437643630313037326135643666656435373331
+  6563303734643532370a313361656434333537366636366265653861656636386164373261666633
+  31646263326539303862386261623938323338333839656135656663643231653361663438326136
+  65306537383931393432633561333131386138333132383737383539646233313735613566633537
+  61656630396333376635393264346266356238626134316331623638393234363161336439303939
+  31393361393432366638613865323663326630306432363364663266663264656339323939306266
+  62646464306363353032326638613361633433303433633361656662353237396631