Hello to everybody!
I’m failry new to Ansible. Reading a lot (I mean, a lot) and this is just a hobby project, so I’m not an expert by any means.
What I would like to acomplish is to do an Ansible Playbook automation for a few docker images I use. I have the docker compose.yml that is working fine. Now I’m trying to “translate” this to Ansible. I start to understand how community.docker workds, but lot of options and I’m confused.
GOAL: add variables to a user.yml file (like usernames, passwords, domains, etc) and based on that configure a linux (Ubuntu Server 24) with Ansible.
I think the best way for this would be if any of you would be so kind to help me translate this docker-compose.yml to proper Ansible Palybook. If I have this, I’m convinced I’ll be able to interpret how do to many more.
I added some comments to the compose file.
The volumes on host are now in /opt/name This doesn’t need to be a user import value.
I have hard time to figure out how to pass ENV variables with Community.Docker
And there is the
network_mode: “service:vpn-pia”
part as well to route the container traffic over the VPN docker image. Since this is now in a same compose, service is used. If not in the same compose, then
network_mode: “container:vpn-pia”
should be used, and maybe even depends_on
Here is the content of the docker-compose.yml:
services:
vpn-pia:
image: thrnz/docker-wireguard-pia
container_name: vpn-pia:latest
ports:
- 3000:3000 # stremhu web UI
volumes:
- /opt/vpn-pia:/pia
- /opt/vpn-pia:/pia-shared
cap_add:
- NET_ADMIN
environment:
- TZ=Europe/Budapest
- PUID=1000
- PGID=1000
- LOC=hungary
- USER=abc # THIS SHOULD BE IMPORTED FROM A FILE, MANUALLY ADDED BEFORE PLAYBOOK STARTS
- PASS=abc # THIS SHOULD BE IMPORTED FROM A FILE, MANUALLY ADDED BEFORE PLAYBOOK STARTS
- LOCAL_NETWORK=192.168.1.0/24,172.22.0.0/16,10.8.0.0/24 # I have a script to set these, but that will be next step.
- KEEPALIVE=25
- VPNDNS=1.1.1.1,1.0.0.1
- PORT_FORWARDING=1
- PORT_FILE=/pia-shared/port.dat
- PORT_FILE_CLEANUP=0
- PORT_PERSIST=1
- FIREWALL=1
- ACTIVE_HEALTHCHECKS=1
- HEALTHCHECK_PING_TARGET=www.google.com,1.1.1.1
- HEALTHCHECK_PING_TIMEOUT=5
- RECONNECT=1
- MONITOR_INTERVAL=60
- MONITOR_RETRIES=3
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
- net.ipv6.conf.default.disable_ipv6=1
- net.ipv6.conf.all.disable_ipv6=1
- net.ipv6.conf.lo.disable_ipv6=1
stremhu-source:
image: s4pp1/stremhu-source:latest
container_name: stremhu
environment:
- TORRENT_PORT=6881
- TZ=Europe/Budapest
- PUID=1000
- PGID=1000
volumes:
- /opt/stremhu/data/database:/app/data/database
- /opt/stremhu/data/torrents:/app/data/torrents
- /mnt/hdd/stremhu/data/downloads:/app/data/downloads
restart: unless-stopped
network_mode: "service:vpn-pia"
networks:
caddy_net:
external: true
Thank you so much in advance!