lino/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: lino/homelab:faaa61f257e9ee155421f601b4cee3ed0ad732b7
Branches Tags
lino/homelab:main
...
compare: lino/homelab:0c887b8cdb2b56017c8319c9cdbb189408fa96d8
Branches Tags
lino/homelab:main

3 Commits
faaa61f257 ... 0c887b8cdb

Author SHA1 Message Date
Lino Silva 0c887b8cdb feat: Komodo periphery pub key 2026-04-03 23:36:52 +01:00
Lino Silva ea17af3ad0 feat: Komodo periphery 2026-04-02 23:14:57 +01:00
Lino Silva 330c8f76a2 feat: Komodo 2026-04-02 23:08:53 +01:00
11 changed files with 228 additions and 68 deletions
Expand all files Collapse all files
ansible/inventories/group_vars/all/app_disks.yml
+9
View File
@@ -11,3 +11,12 @@ app_data_disks:
disk_id: scsi1 disk_id: scsi1
mount_point: /data/pocket-id mount_point: /data/pocket-id
device: /dev/sdb device: /dev/sdb
komodo:
vm: infra-core-1
vmid: 410
node: purah
size: "20"
storage: purah-mirror-860gb
disk_id: scsi2
mount_point: /data/komodo
device: /dev/sdc
ansible/inventories/group_vars/all/main.yml
+14
View File
@@ -68,6 +68,13 @@ auto_configure_traefik:
port: 5656 port: 5656
auth_required: true auth_required: true
# infra
komodo:
subdomain: "komodo"
host: "10.0.4.10"
port: 9120
auth_required: true
homeassistant: homeassistant:
subdomain: "homeassistant" subdomain: "homeassistant"
host: "10.0.2.100" host: "10.0.2.100"
@@ -227,3 +234,10 @@ tinyauth_client_secret: "{{ vault_tinyauth_client_secret }}"
# Website configuration (root domain) # Website configuration (root domain)
website_host: 10.0.4.10 website_host: 10.0.4.10
website_port: 8080 website_port: 8080
# Komodo configuration
komodo_admin_password: "{{ vault_komodo_admin_password }}"
komodo_db_username: "{{ vault_komodo_db_username }}"
komodo_db_password: "{{ vault_komodo_db_password }}"
komodo_webhook_secret: "{{ vault_komodo_webhook_secret }}"
komodo_jwt_secret: "{{ vault_komodo_jwt_secret }}"
ansible/inventories/group_vars/all/vault.yml
+41 -23
View File
@@ -1,24 +1,42 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
30313630303965636564373566613935316136353337323334613363356630356437616461303566 38316332346633663733346561333162356230356539346265303565316635353866333166363663
6436623763356437366662356536313762366635373964640a323036636138346435386135313164 6238393162336531616335643063353061653339393163360a323365376231393636393938356663
30303835353434666535656532636662613762643236353263636163313930313335386466663235 39636234653963653930393462323034613361366230323661633537326638346335643235653335
6337613933633234390a643963326530353732363837373936623363336638316238623930323732 3931313539333239330a306238646231306333353137656332656263363135343830653864323435
31633238376462323435626635373161346230666131656161633961633531343938303164303231 63636337346165323030646264653036616237313134653537386436383632353237306136366361
30333139396462663963626263353161333964643334666562646161366534613764333366663161 34626530643230353732366135616661633934323638313430386561636362363961613462653839
65306661323134383434626266663934333365383133373632373739316532396663333835303761 31656130313765326431356437326435343431306561393938356162396562316638343333386164
36366131343664653161666364636430316535363734386139323833646239613264393365306365 62396231323661626438356235393033313834366631343539613430333863653836316132373833
66376166663361323337646663633836613664393934323664613664616362313931643965646138 62373665363062336530613462643839616633653233323135376564653134303134323230623833
37663064623563633561346166326163616261663533333462383933313437346537336538613737 65356133646335663333376137613565386462303137336431346338616239653464633839633462
32336336383836343337653538346661303834623433626239313132303437613366363032356633 66633465363365363037613564636336306261393931303065633839336331656264613534323030
34303039306534613730613663323736303034333136343735363962643537613961323334376563 39303736343835646430326535333264383438343631623036326162653964653664303663383833
34383966306537613237346434376132306364333137633065373234393865393735396235326639 36326430653862303539626461303334313436363930633033343339373464313663326464393633
38616239386362653730613865643361386339313337336161386530636235383433636333623437 33623235643432666430336262626130346564396135343064333837633264383435666266333138
37396239306330346237323133623166636532323132353833356432386336353165663134366363 39613830613639636433326334396165353035623136633534393638376532666134626631333764
63336166363161386238356438633538313638353939393932653638616462626631666230623432 34653061346464306632386162633263616365636536656432666636663935353431633562663635
37626131383362636561373563366362613230366266346664643735373138383837303736333336 64363038633561633532633139356236393463656139333933643261366262386364326231633434
66343139666533313965656137303364376230366664646633323561626436643134313834396436 32326462633834613961303266313963363366613534363961383633366435626466666436306232
65373537353233343062333339653633313134343636316535633561633832353232313435653563 65323365303932343933303238323363326637346363353938653630646135623636313636643437
36386232333631633062396363636634663536346266396266343634313466303561633935376466 34393530343133356432616331386332383632333734346563306162396564373332373761643030
62303431313461356665323163376638336564353665363464326163396364353736613935666663 39343561633764376138643634353463663066303637383262383762623534633536663138383363
62306530306566383335633039323764643163303663346661653262393232343537663166363162 62613863383463316634653633343939343863336531623537343563373065616231393038616335
373636316466363066323461306161383737 63336562306435316338323934343331323436326661373762306533346530326637313863333432
32316164333164353037313762396532343663623537313461376265666162316239366661396666
66633637303361333065323234656461663333366163313138666465643634313961326431336331
35336437626664356431313631353661666465353230303663393931373639326566646338333135
39626334303438313631366466356431663536353639633931323633333135306432326166383937
64626630666536343138643034663961353133643166633738663864366266643337636132386334
37366464346364313166393835633465626535623332386162303564363030386430383966396461
31626630643432376436396537306362633437663763616432633039386564393966333963386133
62626563383831636136633539353731626463393861393132353834613936643564333365353934
32376162636466393637336364363239636530316436653632336233613634623261373037646332
36346162623164613736316263333132356131643461346332303531633439363037316437393661
33646234333132393333383461663635626161306431323530333666373935323035373833363462
33623237393033363930323533663434353535353962376539333431313561393062343466343337
65303230376136323838313730623866306534646531356637323865393262663363383163623131
31613063623935616438353735386134356139393634383136363935343739313836653637616533
38316364303332646135373339343830306437613936323235616133363837616363666435613432
32313830316164306463623861656361353961313235653730363633616464666533343863396662
38646138326363386164623062353738363236643164666639383532373934636466303138383637
37313466353036643766353266653737646363626439303962346235306338396631
ansible/inventories/group_vars/all/vms.yml
+1
View File
@@ -9,6 +9,7 @@ vms:
ip: 10.0.4.10 ip: 10.0.4.10
network_bridge: "vmbr0" network_bridge: "vmbr0"
storage: purah-mirror-860gb storage: purah-mirror-860gb
cpu_type: host
# media-1: # media-1:
# vmid: 420 # vmid: 420
ansible/inventories/hosts.ini
-17
View File
@@ -1,17 +0,0 @@
[ms01]
purah ansible_host=10.0.2.5
yunobo ansible_host=10.0.3.4
[nuc]
mipha ansible_host=10.0.2.3
sidon ansible_host=10.0.2.2
yuga ansible_host=10.0.2.7
[infra]
infra-core-1 ansible_host=10.0.4.1
[media]
media-1 ansible_host=10.0.4.10
[apps]
apps-1 ansible_host=10.0.4.20
ansible/playbooks/provision_vms.yml
+9 -24
View File
@@ -4,36 +4,21 @@
# roles: # roles:
# - proxmox_vm # - proxmox_vm
- hosts: edge
become: yes
roles:
- base
- docker
- keepalived
- traefik
- hosts: infra - hosts: infra
become: yes become: yes
roles: roles:
- base - base
- docker - docker
- komodo
- tinyauth - tinyauth
- pocketid - pocketid
- website - website
# - hosts: all
# become: yes
# roles:
# - base
# - docker
# - komodo
# - hosts: purah - hosts: edge
# become: yes become: yes
# roles: roles:
# - vm_infra - base
# - vm_plex - docker
- komodo-periphery
# - hosts: yunobo - keepalived
# become: yes - traefik
# roles:
# - vm_apps
ansible/roles/komodo-periphery/tasks/main.yml
+39
View File
@@ -0,0 +1,39 @@
---
- name: Fetch core public key from infra-core-1
delegate_to: infra-core-1
slurp:
src: /data/komodo/app/keys/core.pub
register: core_pub_key_content
run_once: true
- name: Create komodo periphery directory
file:
path: /opt/komodo-periphery
state: directory
mode: "0755"
- name: Create komodo periphery data directories
file:
path: "{{ item }}"
state: directory
mode: "0755"
loop:
- /data/komodo/app/keys
- /etc/komodo
- name: Copy core public key to periphery hosts
copy:
content: "{{ core_pub_key_content['content'] | b64decode }}"
dest: /data/komodo/app/keys/core.pub
mode: "0644"
- name: Create docker-compose file for komodo periphery
template:
src: docker-compose.yml.j2
dest: /opt/komodo-periphery/docker-compose.yml
mode: "0644"
- name: Start komodo periphery
shell: cd /opt/komodo-periphery && docker compose down && docker compose up -d
args:
chdir: /opt/komodo-periphery
ansible/roles/komodo-periphery/templates/docker-compose.yml.j2
+20
View File
@@ -0,0 +1,20 @@
services:
periphery:
image: ghcr.io/moghtech/komodo-periphery:2
init: true
container_name: komodo-periphery
restart: unless-stopped
environment:
PERIPHERY_CORE_ADDRESS: 10.0.4.10:9120
PERIPHERY_CONNECT_AS: {{ inventory_hostname }}
PERIPHERY_CORE_PUBLIC_KEYS: file:/config/keys/core.pub
PERIPHERY_ROOT_DIRECTORY: /etc/komodo
PERIPHERY_DISABLE_TERMINALS: false
PERIPHERY_DISABLE_CONTAINER_TERMINALS: false
PERIPHERY_INCLUDE_DISK_MOUNTS: /etc/hostname
TZ: Europe/Lisbon
volumes:
- /data/komodo/app/keys:/config/keys
- /var/run/docker.sock:/var/run/docker.sock
- /proc:/proc
- /etc/komodo:/etc/komodo
ansible/roles/komodo/tasks/main.yml
+27 -4
View File
@@ -1,6 +1,29 @@
--- ---
- name: Install Komodo agent - name: Create komodo directory
ansible.builtin.shell: | file:
curl -sSL https://komodo.install/script.sh | bash path: /opt/komodo
state: directory
mode: "0755"
- name: Create komodo data directory
file:
path: /data/komodo
state: directory
mode: "0755"
- name: Create komodo periphery root directory
file:
path: /etc/komodo
state: directory
mode: "0755"
- name: Create docker-compose file for komodo
template:
src: docker-compose.yml.j2
dest: /opt/komodo/docker-compose.yml
mode: "0644"
- name: Start komodo
shell: cd /opt/komodo && docker compose down && docker compose up -d
args: args:
creates: /usr/local/bin/komodo chdir: /opt/komodo
ansible/roles/komodo/templates/docker-compose.yml.j2
+67
View File
@@ -0,0 +1,67 @@
services:
mongo:
image: mongo
labels:
komodo.skip: "" # Prevent Komodo from stopping with StopAllContainers
command: --quiet --wiredTigerCacheSizeGB 0.25
restart: unless-stopped
volumes:
- /data/komodo/db/mongo-data:/data/db
- /data/komodo/db/mongo-config:/data/configdb
environment:
MONGO_INITDB_ROOT_USERNAME: {{ komodo_db_username }}
MONGO_INITDB_ROOT_PASSWORD: {{ komodo_db_password }}
komodo-core:
image: ghcr.io/moghtech/komodo-core:2
init: true
container_name: komodo
restart: unless-stopped
depends_on:
- mongo
ports:
- "9120:9120"
environment:
KOMODO_DATABASE_ADDRESS: mongo:27017
KOMODO_DATABASE_USERNAME: {{ komodo_db_username }}
KOMODO_DATABASE_PASSWORD: {{ komodo_db_password }}
KOMODO_HOST: "https://komodo.{{ domain }}"
KOMODO_LOCAL_AUTH: true
KOMODO_INIT_ADMIN_USERNAME: admin
KOMODO_INIT_ADMIN_PASSWORD: {{ komodo_admin_password }}
KOMODO_FIRST_SERVER_NAME: "infra-core-1"
KOMODO_PERIPHERY_PUBLIC_KEY: file:/config/keys/periphery.pub
KOMODO_WEBHOOK_SECRET: {{ komodo_webhook_secret }}
KOMODO_JWT_SECRET: {{ komodo_jwt_secret }}
KOMODO_JWT_TTL: "1-day"
KOMODO_MONITORING_INTERVAL: "15-sec"
KOMODO_RESOURCE_POLL_INTERVAL: "1-hr"
KOMODO_DISABLE_USER_REGISTRATION: true
KOMODO_ENABLE_NEW_USERS: false
TZ: "Europe/Lisbon"
volumes:
- /data/komodo/app/keys:/config/keys
- /data/komodo/app/backups:/backups
- /var/run/docker.sock:/var/run/docker.sock
periphery:
image: ghcr.io/moghtech/komodo-periphery:2
init: true
container_name: komodo-periphery
restart: unless-stopped
depends_on:
- komodo-core
environment:
PERIPHERY_CORE_ADDRESS: ws://komodo-core:9120
PERIPHERY_CONNECT_AS: "infra-core-1"
PERIPHERY_CORE_PUBLIC_KEYS: file:/config/keys/core.pub
PERIPHERY_ROOT_DIRECTORY: /etc/komodo
PERIPHERY_DISABLE_TERMINALS: false
PERIPHERY_DISABLE_CONTAINER_TERMINALS: false
PERIPHERY_INCLUDE_DISK_MOUNTS: /etc/hostname
TZ: "Europe/Lisbon"
volumes:
- /data/komodo/app/keys:/config/keys
- /var/run/docker.sock:/var/run/docker.sock
- /proc:/proc
- /etc/komodo:/etc/komodo
ansible/roles/proxmox_vm/tasks/main.yml
+1
View File
@@ -24,6 +24,7 @@
vmid: "{{ item.value.vmid }}" vmid: "{{ item.value.vmid }}"
cores: "{{ item.value.cores }}" cores: "{{ item.value.cores }}"
memory: "{{ item.value.memory }}" memory: "{{ item.value.memory }}"
cpu: "{{ item.value.cpu_type | default('kvm64') }}"
scsihw: virtio-scsi-pci scsihw: virtio-scsi-pci
net: net:
net0: "virtio,bridge={{ item.value.network_bridge }}" net0: "virtio,bridge={{ item.value.network_bridge }}"