Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Networks are in lexical order, make sure public is default
- # https://github.com/moby/moby/pull/22086
- docker_public_network: "aaa_publicnet"
- # Bind to specific host network interface
- docker_public_network_parent: "vmbr1"
- docker_public_network_subnet: "192.168.1.0/24"
- docker_public_network_gateway: "192.168.1.1"
- docker_local_network: "localnet"
- # Create Docker macvlan Network
- # https://docs.ansible.com/ansible/latest/collections/community/docker/docker_network_module.html
- - name: "Create Docker macvlan Network"
- notify:
- - "Restart Docker Service"
- community.docker.docker_network:
- name: "{{ docker_public_network }}"
- driver: macvlan
- driver_options:
- parent: "{{ docker_public_network_parent }}"
- ipam_config:
- - subnet: "{{ docker_public_network_subnet }}"
- gateway: "{{ docker_public_network_gateway }}"
- # Create Docker bridge Network
- # https://docs.ansible.com/ansible/latest/collections/community/docker/docker_network_module.html
- - name: "Create Docker bridge Network"
- notify:
- - "Restart Docker Service"
- community.docker.docker_network:
- name: "{{ docker_local_network }}"
- driver: bridge
- # https://docs.ansible.com/ansible/latest/collections/community/docker/docker_container_module.html
- - name: "Install UniFi Console"
- community.docker.docker_container:
- name: unifi
- image: docker.io/linuxserver/unifi-controller:latest
- pull: yes
- hostname: unifi
- domainname: "{{ ansible_domain }}"
- restart_policy: unless-stopped
- env:
- TZ: "{{ local_timezone }}"
- PUID: "{{ user_id }}"
- PGID: "{{ group_id }}"
- volumes:
- - "{{ appdata_dir }}/unifi/config:/config"
- networks:
- - name: "{{ docker_public_network }}"
- ipv4_address: 192.168.1.2 # unifi.home.insanegenius.net
- - name: "{{ docker_local_network }}"
- # published_ports:
- # External routing via static IP, and static IP
- # - 8443:8443
- labels:
- # Route using unifi-console CNAME, unifi name is used for direct controller access
- traefik.enable: "true"
- traefik.http.routers.unifi.rule: "Host(`unifi-console.{{ ansible_domain }}`) || Host(`unifi-console.{{ external_services_domain }}`)"
- traefik.http.routers.unifi.entrypoints: "websecure"
- # Manually specify port and schema
- traefik.http.services.unifi.loadbalancer.server.scheme: "https"
- traefik.http.services.unifi.loadbalancer.server.port: "8443"
- com.centurylinklabs.watchtower.enable: "true"
- recreate: "{{ docker_container_recreate }}"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement