runner

9.9 KB•YML

main.yml

9.9 KB • 287 lines • yaml

1---
2# Runner Services Role Defaults
3# Multi-service container deployment with NFS integration
4
5# ==============================================================================
6# GENERAL SETTINGS
7# ==============================================================================
8runner_enabled: true
9# Legacy variables - no longer used with consolidated structure
10# runner_docker_dir: "/docker/runner"  # Now each service uses /docker/[service]
11# runner_data_dir: "/docker/runner-data"  # Now consolidated into each service directory
12runner_nfs_mount_dir: "/mnt/docker"
13runner_user: "{{ ansible_user }}"
14runner_group: "users"
15runner_uid: 1000
16runner_gid: 1000
17
18# Timezone configuration
19runner_timezone: "Europe/Amsterdam"
20
21# Docker network for runner services
22runner_docker_network: "runner-network"
23runner_network_subnet: "172.20.0.0/16"
24
25# NFS Configuration
26runner_nfs_enabled: true
27runner_nas_host: "192.168.34.200"
28runner_nfs_options: "rw,sync,hard,intr,rsize=8192,wsize=8192,timeo=14"
29
30# ==============================================================================
31# NFS MOUNT CONFIGURATION
32# ==============================================================================
33runner_nfs_mounts:
34  - name: "frigate"
35    local_path: "{{ runner_nfs_mount_dir }}/frigate"
36    nfs_path: "/mnt/rstorage/cctv-data"
37    host: "{{ runner_nas_host }}"
38    options: "{{ runner_nfs_options }}"
39    
40  - name: "immich" 
41    local_path: "{{ runner_nfs_mount_dir }}/immich"
42    nfs_path: "/mnt/rstorage/media/pictures"
43    host: "{{ runner_nas_host }}"
44    options: "{{ runner_nfs_options }}"
45    
46  - name: "forgejo"
47    local_path: "{{ runner_nfs_mount_dir }}/forgejo"
48    nfs_path: "/mnt/rstorage/code-repo"
49    host: "{{ runner_nas_host }}"
50    options: "{{ runner_nfs_options }}"
51    
52  - name: "harbor"
53    local_path: "{{ runner_nfs_mount_dir }}/harbor"
54    nfs_path: "/mnt/rstorage/registry-data"  
55    host: "{{ runner_nas_host }}"
56    options: "{{ runner_nfs_options }}"
57
58# ==============================================================================
59# SERVICE CONFIGURATIONS
60# ==============================================================================
61
62# Frigate - AI NVR System
63frigate_enabled: true
64frigate_port: 5000
65frigate_rtmp_port: 1935
66frigate_rtsp_port: 8554
67frigate_config_dir: "/docker/frigate"
68frigate_data_dir: "{{ runner_nfs_mount_dir }}/frigate"
69frigate_mqtt_enabled: true
70frigate_mqtt_host: "{{ vault_runner.frigate_mqtt_host | default('192.168.34.94') }}"
71frigate_mqtt_port: "{{ vault_runner.frigate_mqtt_port | default(1883) }}"
72frigate_hardware_acceleration: "vaapi"  # vaapi, nvdec, nvenc, qsv, or none
73
74# Frigate cameras configuration (from vault)
75frigate_cameras:
76  - name: "dining-room"
77    host: "{{ vault_runner.dining_room_camera_host | default('') }}"
78    username: "{{ vault_runner.dining_room_camera_user | default('') }}"
79    password: "{{ vault_runner.dining_room_camera_pass | default('') }}"
80    path: "/live0"
81    enabled: true
82    
83  - name: "living-room"
84    host: "{{ vault_runner.living_room_camera_host | default('') }}"
85    username: "{{ vault_runner.living_room_camera_user | default('') }}"
86    password: "{{ vault_runner.living_room_camera_pass | default('') }}"
87    path: "/live0"
88    enabled: true
89    
90  - name: "bed-room"
91    host: "{{ vault_runner.bed_room_camera_host | default('') }}"
92    username: "{{ vault_runner.bed_room_camera_user | default('') }}"
93    password: "{{ vault_runner.bed_room_camera_pass | default('') }}"
94    path: "/live0"
95    enabled: true
96    
97  - name: "alina-office"
98    host: "{{ vault_runner.alina_office_camera_host | default('') }}"
99    username: "{{ vault_runner.alina_office_camera_user | default('') }}"
100    password: "{{ vault_runner.alina_office_camera_pass | default('') }}"
101    path: "/live0"
102    enabled: true
103    
104  - name: "tapo-cam"
105    host: "{{ vault_runner.tapocam_host | default('') }}"
106    username: "{{ vault_runner.tapocam_user | default('') }}"
107    password: "{{ vault_runner.tapocam_pass | default('') }}"
108    path: "/stream1"
109    port: 554
110    enabled: true
111
112# Immich - Photo Management
113immich_enabled: true
114immich_server_port: 2283
115immich_ml_port: 3003
116immich_config_dir: "/docker/immich"
117immich_data_dir: "/docker/immich"
118immich_upload_dir: "{{ runner_nfs_mount_dir }}/immich"
119immich_db_name: "{{ vault_runner.postgres_db | default('') }}"
120immich_db_user: "{{ vault_runner.postgres_user | default('') }}"
121immich_redis_enabled: true
122immich_ml_enabled: true
123immich_facial_recognition: true
124immich_hardware_acceleration: "none"  # none, vaapi, nvdec, nvenc, or qsv
125
126# Forgejo - Git Server  
127forgejo_enabled: true
128forgejo_http_port: 3000
129forgejo_ssh_port: 2222
130forgejo_config_dir: "/docker/forgejo"
131forgejo_data_dir: "{{ runner_nfs_mount_dir }}/forgejo"
132forgejo_db_type: "sqlite3"
133forgejo_app_name: "Forgejo Git Service"
134forgejo_domain: "git.local"
135forgejo_ssh_domain: "{{ ansible_default_ipv4.address }}"
136
137# Stirling-PDF - PDF Processing
138stirling_pdf_enabled: true
139stirling_pdf_port: 8080
140stirling_pdf_config_dir: "/docker/stirling-pdf"
141stirling_pdf_data_dir: "/docker/stirling-pdf"
142
143# Tandoor - Recipe Manager
144tandoor_enabled: true
145tandoor_port: 8010
146tandoor_config_dir: "/docker/tandoor"
147tandoor_data_dir: "/docker/tandoor"
148tandoor_media_dir: "{{ tandoor_data_dir }}/media"
149tandoor_static_dir: "{{ tandoor_data_dir }}/static"
150tandoor_db_engine: "django.db.backends.postgresql"
151
152# Ghost CMS - Headless CMS
153ghost_enabled: true
154ghost_port: 2368
155ghost_config_dir: "/docker/ghost"
156ghost_data_dir: "/docker/ghost"
157ghost_content_dir: "{{ ghost_data_dir }}/content"
158ghost_db_client: "mysql"
159ghost_db_host: "ghost-mysql"
160ghost_db_name: "ghost"
161ghost_db_user: "ghost"
162ghost_url: "http://localhost:2368"
163
164# ==============================================================================
165# DATABASE CONFIGURATIONS  
166# ==============================================================================
167
168# PostgreSQL (Immich)
169postgres_enabled: "{{ immich_enabled }}"
170postgres_config_dir: "/docker/immich/postgres"
171postgres_db: "{{ vault_runner.postgres_db | default('') }}"
172postgres_user: "{{ vault_runner.postgres_user | default('') }}"
173postgres_version: "14"
174
175# Redis (Immich)
176redis_enabled: "{{ immich_redis_enabled }}"
177redis_config_dir: "/docker/immich/redis"
178redis_port: 6379
179
180# MySQL (Ghost CMS)
181mysql_enabled: "{{ ghost_enabled }}"
182mysql_config_dir: "/docker/ghost/mysql"
183mysql_db: "{{ ghost_db_name }}"
184mysql_user: "{{ ghost_db_user }}"
185mysql_version: "8.0"
186
187# ==============================================================================
188# SECURITY SETTINGS (FROM VAULT)
189# ==============================================================================
190
191# Database passwords
192postgres_password: "{{ vault_runner.postgres_password | default('') }}"
193mysql_password: "{{ vault_runner.mysql_password | default('') }}"
194mysql_root_password: "{{ vault_runner.mysql_root_password | default('') }}"
195
196# Service secrets
197immich_jwt_secret: "{{ vault_runner.immich_jwt_secret | default('') }}"
198ghost_database_password: "{{ vault_runner.ghost_database_password | default('') }}"
199tandoor_secret_key: "{{ vault_runner.tandoor_secret_key | default('') }}"
200
201# MQTT credentials (from vault) - centralized definitions
202frigate_mqtt_username: "{{ vault_runner.frigate_mqtt_username | default('') }}"
203frigate_mqtt_password: "{{ vault_runner.frigate_mqtt_password | default('') }}"
204
205# ==============================================================================
206# DIRECTORY STRUCTURE
207# ==============================================================================
208
209# Local configuration directories
210runner_config_directories:
211  - "{{ frigate_config_dir }}"
212  - "{{ immich_config_dir }}"
213  - "{{ immich_config_dir }}/postgres"
214  - "{{ immich_config_dir }}/redis"
215  - "{{ immich_config_dir }}/library"
216  - "{{ immich_config_dir }}/cache"
217  - "{{ immich_config_dir }}/model-cache"
218  - "{{ immich_config_dir }}/postgres-init"
219  - "{{ forgejo_config_dir }}"
220  - "{{ stirling_pdf_config_dir }}"
221  - "{{ tandoor_config_dir }}"
222  - "{{ tandoor_data_dir }}/db"
223  - "{{ tandoor_data_dir }}/media"
224  - "{{ tandoor_data_dir }}/static"
225  - "{{ ghost_config_dir }}"
226  - "{{ ghost_config_dir }}/content"
227  - "{{ ghost_config_dir }}/mysql"
228
229# NFS mount directories
230runner_nfs_directories:
231  - "{{ runner_nfs_mount_dir }}"
232  - "{{ runner_nfs_mount_dir }}/frigate"
233  - "{{ runner_nfs_mount_dir }}/immich"
234  - "{{ runner_nfs_mount_dir }}/forgejo"
235  - "{{ runner_nfs_mount_dir }}/harbor"
236
237# ==============================================================================
238# PERFORMANCE SETTINGS
239# ==============================================================================
240
241# Docker resource limits
242default_memory_limit: "1g"
243default_cpu_limit: "1"
244
245# Health check configuration
246health_check_interval: "30s"
247health_check_timeout: "30s"
248health_check_retries: 5
249health_check_start_period: "60s"
250
251# Service-specific limits
252frigate_memory_limit: "4g"
253frigate_cpu_limit: "2"
254immich_memory_limit: "2g"
255immich_cpu_limit: "2"
256immich_ml_memory_limit: "4g"
257immich_ml_cpu_limit: "2"
258postgres_memory_limit: "1g"
259postgres_cpu_limit: "1"
260mysql_memory_limit: "1g"
261mysql_cpu_limit: "1"
262
263# ==============================================================================
264# SERVICE HEALTH ENDPOINTS
265# ==============================================================================
266service_endpoints:
267  frigate: "http://localhost:{{ frigate_port }}/api/config"
268  immich: "http://localhost:{{ immich_server_port }}/api/server-info/ping"
269  forgejo: "http://localhost:{{ forgejo_http_port }}/api/v1/version"
270  stirling_pdf: "http://localhost:{{ stirling_pdf_port }}/api/v1/info/status"
271  tandoor: "http://localhost:{{ tandoor_port }}/accounts/login/"
272  ghost: "http://localhost:{{ ghost_port }}/ghost/api/admin/site/"
273
274# ==============================================================================
275# LOGGING CONFIGURATION
276# ==============================================================================
277logging_driver: "json-file"
278logging_max_size: "10m"
279logging_max_file: "3"
280
281# Service-specific logging levels
282frigate_log_level: "info"
283immich_log_level: "log"
284forgejo_log_level: "Info"
285ghost_logging: "info"
286
287

1--- 2# Runner Services Role Defaults 3# Multi-service container deployment with NFS integration 4 5# ============================================================================== 6# GENERAL SETTINGS 7# ============================================================================== 8runner_enabled: true 9# Legacy variables - no longer used with consolidated structure 10# runner_docker_dir: "/docker/runner" # Now each service uses /docker/[service] 11# runner_data_dir: "/docker/runner-data" # Now consolidated into each service directory 12runner_nfs_mount_dir: "/mnt/docker" 13runner_user: "{{ ansible_user }}" 14runner_group: "users" 15runner_uid: 1000 16runner_gid: 1000 17 18# Timezone configuration 19runner_timezone: "Europe/Amsterdam" 20 21# Docker network for runner services 22runner_docker_network: "runner-network" 23runner_network_subnet: "172.20.0.0/16" 24 25# NFS Configuration 26runner_nfs_enabled: true 27runner_nas_host: "192.168.34.200" 28runner_nfs_options: "rw,sync,hard,intr,rsize=8192,wsize=8192,timeo=14" 29 30# ============================================================================== 31# NFS MOUNT CONFIGURATION 32# ============================================================================== 33runner_nfs_mounts: 34 - name: "frigate" 35 local_path: "{{ runner_nfs_mount_dir }}/frigate" 36 nfs_path: "/mnt/rstorage/cctv-data" 37 host: "{{ runner_nas_host }}" 38 options: "{{ runner_nfs_options }}" 39 40 - name: "immich" 41 local_path: "{{ runner_nfs_mount_dir }}/immich" 42 nfs_path: "/mnt/rstorage/media/pictures" 43 host: "{{ runner_nas_host }}" 44 options: "{{ runner_nfs_options }}" 45 46 - name: "forgejo" 47 local_path: "{{ runner_nfs_mount_dir }}/forgejo" 48 nfs_path: "/mnt/rstorage/code-repo" 49 host: "{{ runner_nas_host }}" 50 options: "{{ runner_nfs_options }}" 51 52 - name: "harbor" 53 local_path: "{{ runner_nfs_mount_dir }}/harbor" 54 nfs_path: "/mnt/rstorage/registry-data" 55 host: "{{ runner_nas_host }}" 56 options: "{{ runner_nfs_options }}" 57 58# ============================================================================== 59# SERVICE CONFIGURATIONS 60# ============================================================================== 61 62# Frigate - AI NVR System 63frigate_enabled: true 64frigate_port: 5000 65frigate_rtmp_port: 1935 66frigate_rtsp_port: 8554 67frigate_config_dir: "/docker/frigate" 68frigate_data_dir: "{{ runner_nfs_mount_dir }}/frigate" 69frigate_mqtt_enabled: true 70frigate_mqtt_host: "{{ vault_runner.frigate_mqtt_host | default('192.168.34.94') }}" 71frigate_mqtt_port: "{{ vault_runner.frigate_mqtt_port | default(1883) }}" 72frigate_hardware_acceleration: "vaapi" # vaapi, nvdec, nvenc, qsv, or none 73 74# Frigate cameras configuration (from vault) 75frigate_cameras: 76 - name: "dining-room" 77 host: "{{ vault_runner.dining_room_camera_host | default('') }}" 78 username: "{{ vault_runner.dining_room_camera_user | default('') }}" 79 password: "{{ vault_runner.dining_room_camera_pass | default('') }}" 80 path: "/live0" 81 enabled: true 82 83 - name: "living-room" 84 host: "{{ vault_runner.living_room_camera_host | default('') }}" 85 username: "{{ vault_runner.living_room_camera_user | default('') }}" 86 password: "{{ vault_runner.living_room_camera_pass | default('') }}" 87 path: "/live0" 88 enabled: true 89 90 - name: "bed-room" 91 host: "{{ vault_runner.bed_room_camera_host | default('') }}" 92 username: "{{ vault_runner.bed_room_camera_user | default('') }}" 93 password: "{{ vault_runner.bed_room_camera_pass | default('') }}" 94 path: "/live0" 95 enabled: true 96 97 - name: "alina-office" 98 host: "{{ vault_runner.alina_office_camera_host | default('') }}" 99 username: "{{ vault_runner.alina_office_camera_user | default('') }}" 100 password: "{{ vault_runner.alina_office_camera_pass | default('') }}" 101 path: "/live0" 102 enabled: true 103 104 - name: "tapo-cam" 105 host: "{{ vault_runner.tapocam_host | default('') }}" 106 username: "{{ vault_runner.tapocam_user | default('') }}" 107 password: "{{ vault_runner.tapocam_pass | default('') }}" 108 path: "/stream1" 109 port: 554 110 enabled: true 111 112# Immich - Photo Management 113immich_enabled: true 114immich_server_port: 2283 115immich_ml_port: 3003 116immich_config_dir: "/docker/immich" 117immich_data_dir: "/docker/immich" 118immich_upload_dir: "{{ runner_nfs_mount_dir }}/immich" 119immich_db_name: "{{ vault_runner.postgres_db | default('') }}" 120immich_db_user: "{{ vault_runner.postgres_user | default('') }}" 121immich_redis_enabled: true 122immich_ml_enabled: true 123immich_facial_recognition: true 124immich_hardware_acceleration: "none" # none, vaapi, nvdec, nvenc, or qsv 125 126# Forgejo - Git Server 127forgejo_enabled: true 128forgejo_http_port: 3000 129forgejo_ssh_port: 2222 130forgejo_config_dir: "/docker/forgejo" 131forgejo_data_dir: "{{ runner_nfs_mount_dir }}/forgejo" 132forgejo_db_type: "sqlite3" 133forgejo_app_name: "Forgejo Git Service" 134forgejo_domain: "git.local" 135forgejo_ssh_domain: "{{ ansible_default_ipv4.address }}" 136 137# Stirling-PDF - PDF Processing 138stirling_pdf_enabled: true 139stirling_pdf_port: 8080 140stirling_pdf_config_dir: "/docker/stirling-pdf" 141stirling_pdf_data_dir: "/docker/stirling-pdf" 142 143# Tandoor - Recipe Manager 144tandoor_enabled: true 145tandoor_port: 8010 146tandoor_config_dir: "/docker/tandoor" 147tandoor_data_dir: "/docker/tandoor" 148tandoor_media_dir: "{{ tandoor_data_dir }}/media" 149tandoor_static_dir: "{{ tandoor_data_dir }}/static" 150tandoor_db_engine: "django.db.backends.postgresql" 151 152# Ghost CMS - Headless CMS 153ghost_enabled: true 154ghost_port: 2368 155ghost_config_dir: "/docker/ghost" 156ghost_data_dir: "/docker/ghost" 157ghost_content_dir: "{{ ghost_data_dir }}/content" 158ghost_db_client: "mysql" 159ghost_db_host: "ghost-mysql" 160ghost_db_name: "ghost" 161ghost_db_user: "ghost" 162ghost_url: "http://localhost:2368" 163 164# ============================================================================== 165# DATABASE CONFIGURATIONS 166# ============================================================================== 167 168# PostgreSQL (Immich) 169postgres_enabled: "{{ immich_enabled }}" 170postgres_config_dir: "/docker/immich/postgres" 171postgres_db: "{{ vault_runner.postgres_db | default('') }}" 172postgres_user: "{{ vault_runner.postgres_user | default('') }}" 173postgres_version: "14" 174 175# Redis (Immich) 176redis_enabled: "{{ immich_redis_enabled }}" 177redis_config_dir: "/docker/immich/redis" 178redis_port: 6379 179 180# MySQL (Ghost CMS) 181mysql_enabled: "{{ ghost_enabled }}" 182mysql_config_dir: "/docker/ghost/mysql" 183mysql_db: "{{ ghost_db_name }}" 184mysql_user: "{{ ghost_db_user }}" 185mysql_version: "8.0" 186 187# ============================================================================== 188# SECURITY SETTINGS (FROM VAULT) 189# ============================================================================== 190 191# Database passwords 192postgres_password: "{{ vault_runner.postgres_password | default('') }}" 193mysql_password: "{{ vault_runner.mysql_password | default('') }}" 194mysql_root_password: "{{ vault_runner.mysql_root_password | default('') }}" 195 196# Service secrets 197immich_jwt_secret: "{{ vault_runner.immich_jwt_secret | default('') }}" 198ghost_database_password: "{{ vault_runner.ghost_database_password | default('') }}" 199tandoor_secret_key: "{{ vault_runner.tandoor_secret_key | default('') }}" 200 201# MQTT credentials (from vault) - centralized definitions 202frigate_mqtt_username: "{{ vault_runner.frigate_mqtt_username | default('') }}" 203frigate_mqtt_password: "{{ vault_runner.frigate_mqtt_password | default('') }}" 204 205# ============================================================================== 206# DIRECTORY STRUCTURE 207# ============================================================================== 208 209# Local configuration directories 210runner_config_directories: 211 - "{{ frigate_config_dir }}" 212 - "{{ immich_config_dir }}" 213 - "{{ immich_config_dir }}/postgres" 214 - "{{ immich_config_dir }}/redis" 215 - "{{ immich_config_dir }}/library" 216 - "{{ immich_config_dir }}/cache" 217 - "{{ immich_config_dir }}/model-cache" 218 - "{{ immich_config_dir }}/postgres-init" 219 - "{{ forgejo_config_dir }}" 220 - "{{ stirling_pdf_config_dir }}" 221 - "{{ tandoor_config_dir }}" 222 - "{{ tandoor_data_dir }}/db" 223 - "{{ tandoor_data_dir }}/media" 224 - "{{ tandoor_data_dir }}/static" 225 - "{{ ghost_config_dir }}" 226 - "{{ ghost_config_dir }}/content" 227 - "{{ ghost_config_dir }}/mysql" 228 229# NFS mount directories 230runner_nfs_directories: 231 - "{{ runner_nfs_mount_dir }}" 232 - "{{ runner_nfs_mount_dir }}/frigate" 233 - "{{ runner_nfs_mount_dir }}/immich" 234 - "{{ runner_nfs_mount_dir }}/forgejo" 235 - "{{ runner_nfs_mount_dir }}/harbor" 236 237# ============================================================================== 238# PERFORMANCE SETTINGS 239# ============================================================================== 240 241# Docker resource limits 242default_memory_limit: "1g" 243default_cpu_limit: "1" 244 245# Health check configuration 246health_check_interval: "30s" 247health_check_timeout: "30s" 248health_check_retries: 5 249health_check_start_period: "60s" 250 251# Service-specific limits 252frigate_memory_limit: "4g" 253frigate_cpu_limit: "2" 254immich_memory_limit: "2g" 255immich_cpu_limit: "2" 256immich_ml_memory_limit: "4g" 257immich_ml_cpu_limit: "2" 258postgres_memory_limit: "1g" 259postgres_cpu_limit: "1" 260mysql_memory_limit: "1g" 261mysql_cpu_limit: "1" 262 263# ============================================================================== 264# SERVICE HEALTH ENDPOINTS 265# ============================================================================== 266service_endpoints: 267 frigate: "http://localhost:{{ frigate_port }}/api/config" 268 immich: "http://localhost:{{ immich_server_port }}/api/server-info/ping" 269 forgejo: "http://localhost:{{ forgejo_http_port }}/api/v1/version" 270 stirling_pdf: "http://localhost:{{ stirling_pdf_port }}/api/v1/info/status" 271 tandoor: "http://localhost:{{ tandoor_port }}/accounts/login/" 272 ghost: "http://localhost:{{ ghost_port }}/ghost/api/admin/site/" 273 274# ============================================================================== 275# LOGGING CONFIGURATION 276# ============================================================================== 277logging_driver: "json-file" 278logging_max_size: "10m" 279logging_max_file: "3" 280 281# Service-specific logging levels 282frigate_log_level: "info" 283immich_log_level: "log" 284forgejo_log_level: "Info" 285ghost_logging: "info" 286 287