Automated template extraction

test
wait no that doesn't make sense
2025-11-21 08:05:44 +00:00 · 2025-11-21 03:04:08 -05:00 · 2025-11-21 03:01:58 -05:00 · 2025-11-21 03:01:44 -05:00 · 2025-11-21 02:59:27 -05:00 · 2025-11-21 02:59:13 -05:00
66 changed files with 1888 additions and 770 deletions
--- a/.gitea/workflows/deploy-all.yml
+++ b/.gitea/workflows/deploy-all.yml
@@ -0,0 +1,26 @@
 name: Deploy All Containers
 on:
  workflow_dispatch:
 jobs:
  deploy:
    name: Prepare
    runs-on: runner
    steps:
      - name: Checkout Repo
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Deploy
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.SSH_KNOWN_HOSTS }}" >> ~/.ssh/known_hosts
          chmod 644 ~/.ssh/known_hosts
          eval $(ssh-agent -s)
          ssh-add <(echo "${{ secrets.SSH_KEY }}")
          echo "HOST *" > ~/.ssh/config
          echo "${{ secrets.VAULT_PASS }}" > ~/.vault_pass.txt
          chmod 600 ansible.cfg 
          /usr/bin/ansible-playbook main.yml --vault-password-file ~/.vault_pass.txt
--- a/.gitea/workflows/update.yml
+++ b/.gitea/workflows/update.yml
@@ -0,0 +1,17 @@
 name: Update Images
 on:
  workflow_dispatch:
 jobs:
  run-update:
    name: Run update script
    runs-on: runner
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
      - name: Run update script
        run: |
          echo "${{ secrets.VAULT_PASS }}" > ~/.vault_pass.txt
          python3 scripts/run_updates.py
--- a/.gitea/workflows/write-new-template.yml
+++ b/.gitea/workflows/write-new-template.yml
@@ -0,0 +1,39 @@
 name: Create New Secrets Template
 on:
  workflow_dispatch:
 jobs:
  create-pr:
    name: Extract updated template
    runs-on: runner
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
      - name: Run extraction script
        run: |
          echo "${{ secrets.VAULT_PASS }}" > ~/.vault_pass.txt
          python3 scripts/extract_to_template.py
      - name: Commit changes
        run: |
          git config user.name "Service Account"
          git config user.email "alex+homelab@alexav.gg"
          git checkout -b template-extraction-${{ github.run_number }}
          git add .
          git commit -m "Automated template extraction"
          git push origin template-extraction-${{ github.run_number }}
      - name: Create Pull Request
        run: |
          curl -X POST \
            "https://git.alexav.gg/api/v1/repos/alex/homelab/pulls" \
            -H "Authorization: token ${{ secrets.TOKEN }}" \
            -H "Content-Type: application/json" \
            -d '{
              "title": "Automated Template Extraction",
              "body": "Updates the `all.template.yml` file with latest secrets for services",
              "head": "template-extraction-${{ github.run_number }}",
              "base": "main"
            }'
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -1,4 +1,4 @@
 [defaults]
-inventory=inventories/hosts
+inventory=hosts
 host_key_checking=False
 interpreter_python=auto_silent
--- a/group_vars/all.template.yml
+++ b/group_vars/all.template.yml
@@ -1,9 +1,65 @@
-# global
+ansible_user:
 data_dir:
 docker_network_name:
 TZ:
 PUID:
 PGID:
-TZ:
+
 # api
 API_CONTACT_WEBHOOK:
 API_JWT_KEY:
 API_STEAM_API_KEY:
 API_LASTFM_API_KEY:
 API_DATABASE_URL:
 API_POSTGRES_PASSWORD:
 API_ADMIN_KEY:
 # plausible
 PLAUSIBLE_BASE_URL:
 PLAUSIBLE_SECRET_KEY_BASE:
 # owncloud
 OWNCLOUD_APP_URL:
 OWNCLOUD_DB_PASSWORD:
 OWNCLOUD_DB_USER:
 OWNCLOUD_DB_DATABASE:
 OWNCLOUD_DB_HOST:
 OWNCLOUD_ADMIN_USERNAME:
 OWNCLOUD_ADMIN_PASSWORD:
 # traefik
 TRAEFIK_DASH_URL:
 TRAEFIK_CF_API_EMAIL:
 TRAEFIK_CF_API_KEY:
 TRAEFIK_HOST_IP:
 TRAEFIK_VIDEO_MACHINE:
 TRAEFIK_ENABLE_DASH:
 # fivem
 FIVEM_LICENSE_KEY:
 # mastodon
 MASTODON_DB_PASS:
 MASTODON_LOCAL_DOMAIN:
 MASTODON_SECRET_KEY_BASE:
 MASTODON_OTP_SECRET:
 MASTODON_VAPID_PRIVATE_KEY:
 MASTODON_VAPID_PUBLIC_KEY:
 MASTODON_ARE_DETERMINISTIC:
 MASTODON_ARE_KEY_DERIVATION:
 MASTODON_ARE_PRIMARY:
 # wings
 WINGS_URL:
 WINGS_CONTAINER_DIR:
 media_path:
 # frigate
 FRIGATE_RECORDINGS_PATH:
 # plex
 PLEX_CLAIM_TOKEN:
 ansible_become_pass:
 # glance
 GLANCE_PIHOLE_TOKEN:
@@ -22,6 +78,7 @@ TINYAUTH_GENERIC_TOKEN_URL:
 TINYAUTH_GENERIC_USER_URL:
 TINYAUTH_GENERIC_SCOPES:
 TINYAUTH_GENERIC_NAME:
 TINYAUTH_REDIRECT_URL:
 TINYAUTH_OAUTH_WHITELIST:
 TINYAUTH_APP_TITLE:
 TINYAUTH_BACKGROUND_IMAGE:
@@ -45,11 +102,11 @@ GLUETUN_SERVER_HOSTNAMES:
 # immich
 IMMICH_UPLOAD_LOCATION:
-IMMICH_DB_DATA_LOCATION: /postgres
+IMMICH_DB_DATA_LOCATION:
-IMMICH_VERSION: release
+IMMICH_VERSION:
-IMMICH_DB_PASSWORD: postgres
+IMMICH_DB_PASSWORD:
-IMMICH_DB_USERNAME: postgres
+IMMICH_DB_USERNAME:
-IMMICH_DB_DATABASE_NAME: postgres
+IMMICH_DB_DATABASE_NAME:
 # jellyfin
 JELLYFIN_TV_PATH:
@@ -59,14 +116,8 @@ JELLYFIN_MUSIC_PATH:
 # navidrome
 NAVIDROME_MUSIC_PATH:
 # nextcloud
 NEXTCLOUD_POSTGRES_PASSWORD:
 NEXTCLOUD_POSTGRES_DATABASE:
 NEXTCLOUD_POSTGRES_USER:
 NEXTCLOUD_POSTGRES_HOST:
 # ntfy
-NTFY_UPSTREAM_BASE_URL: https://ntfy.sh
+NTFY_UPSTREAM_BASE_URL:
 NTFY_BASE_URL:
 # nzbget
@@ -96,9 +147,6 @@ ROMM_SERVER_APPLICATION_URL:
 # servarr
 SERVARR_MEDIA_PATH:
 # syncthing
 SYNCTHING_DATA_PATH:
 # vaultwarden
 VAULTWARDEN_DOMAIN:
@@ -108,5 +156,21 @@ GITEA_RUNNER_REGISTRATION_TOKEN:
 GITEA_RUNNER_NAME:
 GITEA_RUNNER_LABELS:
-# grafana
+# monitoring
 GRAFANA_AUTH_ANONYMOUS_ENABLED:
 # drop
 DROP_GIANT_BOMB_API_KEY:
 # obsidian
 COUCHDB_USER:
 COUCHDB_PASSWORD:
 # helium
 HELIUM_BASE_URL:
 HELIUM_EXT_HMAC_SECRET:
 # pterodactyl
 PTERODACTYL_APP_URL:
 PTERODACTYL_MYSQL_PASSWORD:
 PTERODACTYL_MYSQL_ROOT_PASSWORD:
--- a/host_vars/jackson.yml
+++ b/host_vars/jackson.yml
@@ -1,105 +1,113 @@
 $ANSIBLE_VAULT;1.1;AES256
-62643330653736373764393833363035323137393736633433346139333639663664303735373261
+38663262326664303464653331306266333862363635643761346638366633666563303035346662
-3531373434336335393763666437623039393165376462390a363439396662633661316232343336
+6230313164666332623438636464313435323532393636650a333039326661383864373838333634
-33326133336436663638303036386330613830333838383861633730616230336565316535613264
+34653135643737393966353932343066653166653339313939666161363735636634643466363036
-3766363466373364370a303934646532303033353130326264393634646562363132616437366432
+3630633764646438650a393562343335316363616564383733363233343463356633353837353138
-39303930643939363831373631366137373137393539303033316165633234666164376438306531
+65376435343730626466393062656233326330303565376639386332306265306266356634383830
-64363865653761386366653665666333643134336338333935363337303462636561623263303261
+32613432386561346634633334666365323061313833396364313465326664353064653237623136
-34303337346134373161316335666237323439303133313137666336393331366163633866323766
+31343762383838316161306565323432643630343537346166616666353738343034346233313266
-66373766373061643366323635346237343030356635613364643165373361343333383836633433
+62353933323432343564303633636532396439643937306366313333626430313639653162333364
-37353265623935323735306233316336373931613039616162393336326633643139313965363338
+36646463353964323139613339326462666334376132633834313537653761333832333436663738
-62353636303137353636396361316363626132666330363230373561653163623364303036663235
+35393939326530353064633333323139356234643031653130633665303434313365663238643434
-63323965666135393064333039396562373634383938613433333132333266336238366638346334
+31663630313036343939646631326239343361653238646636363234353062346534363039373637
-33366533326232376539353039373136303863373231346561666338386136656332343463633939
+31313562666133343732626438353062663863336638323037373361616665613831616165393835
-31616338316439373366326366353762313066356562613738366465343437666631373030646666
+32336334393739666366623933626265643964663831336337343632643732383264623534383964
-36666236373332363035336139616464666430343764613863343962616230316362353738373664
+34313030336339613934303637363964653064653231666139353836653734626338333331383961
-32343639666231386338396139353736313235646164613438303738356238303930653538353561
+39646331623636613332393663663135363139653663383764333433316430313136356433326235
-63323533333736616664353439613933323837646665303431633361373064326561653438333061
+35303962646463323534623263623730313166643232303566343135323537386635396165383539
-34663034306530613438373132356631616463306663313331656234613165353335393132366437
+64393165623466633936393232363730313233656139383935343561343236343763623232343736
-62326231653862613765643535623363366264363638623362376237373933326637653864383436
+39383765633662653434383965646461663730373864326561343265663838643339616539396364
-33383535356231303365316638356566373439346133653036326362373663343239383762323766
+38313566343836363530613336326262373736643566323866386565346363363333636262613331
-33303137363762306136383762323337333662326131346135633932313135353937346532316264
+38613065333465363931623462653732626633316638626632353338373636383835653165336666
-30613865363636623732383337376137383039376264313135653039306532353665343635643738
+62646133383639663934656332613666663031623530336362633234633534363738363664623236
-66656239373333323266383962666239346538343434353136306439326365323235626661613162
+62316332363432346534353336343561303066633965373130626664343935393833663363393062
-36353234643930663939373465383661303038316166326230333734326536303331396137623064
+30333739626636323839623663393666393239663562653333383066303130363638366566666532
-65366232623365303964363932666436353336316333623630646337616235626366613433303865
+65346361636537393335393330313635336665636638366530346335313761323035623666623734
-36643836626231333964653830376435643563613538666339326464383365663265616535626238
+30396531383064376661363363323161353132356164636132343531336337613837613931656136
-30616533663032323663643438656666626330633164663161626530306134306433373430336239
+64303034626261643635356165636463326565653035316335353730396431663261363333656265
-32363237313861373964316139613766356334313064346135343739353361376630386130626633
+38626664636637623866343138303131643462366639336237363566386235656438343138666237
-34613732383630646335653633313466313864326430663633353231653765356566353766333833
+61653164376663326663646631393666386630666531666465373433393734653737343765363964
-63316439383938663334323635633538396134343232626234363337353331643336303037343332
+64313337336539336664303262343333623161646135633039376637653932626432333533356532
-63386664653534366438633464316534643261366237393336396535323435656533643137343137
+35306561323464623762336432366530343661363037383939383035653237353466336531653434
-39356135623333316532353962333630663432393238333334386637663735646530626562613839
+36383530633661616564333230363633383665376139353836643334646262323938643139663138
-36333834363562363931343264646337343766303464366264316564313736656136376336626163
+33653766666233393332333134386631316535643163323362356539633932323738353636393164
-33373731623930656266623433613164396166323332643035643734353138626632376434323337
+66646466613864633631656565303038613639633534306438303731356232663332316633623361
-36306465663339363733393235653964646130396463356264663963366362653238386235623739
+39303262353565383636616131333032306531646566313066373231313730386331633435336133
-35613065366365333833643739376636333733396162666362393461616136653365326230386531
+30626564643965303131666234663630653237373566653633343662623864393138353265646333
-33653166313235653863346137626564336239656530386232636533396664353330663634373630
+34336338356163323139616234323137366365656662633931666534303439326636333562366530
-36626265373762313432333936303663646361353035336431346434306434383261656636336263
+35363266633334616463623635666632386338653432653832326636336337626437643061623638
-31363964343038626434613336663436383132343739393163356434333066386132353137666163
+61646561666162616330623333346230613965316461383034333734383763383635396433373335
-38346465303937633139363532653539383436396263613139636236363336336161393631656530
+37653362636132313139316336356264373763333361333630366535336339623166306663623433
-63393530333534353166646339613538323664633236383161396466376339323763313838316233
+63333338613261633163613865303962383238383963353530633136623362313561316533343737
-33616338323438623138383131393735396235623861323536613761643663393934353862326638
+66336231323763353964376339613531613939336238656364353536346436663464636637303337
-34643866626466663836333965376163653037386164366634623239653231623432616531386263
+39313066613164656431383162326562353036613165613635346639656233626439623939393663
-30366533306439633134333163316233656164306133323961366530666666336566363537626434
+66306136656236663766643738303738616230626534333132666331316439363136326264386635
-63633830363539373534663836353163306137613233366436613863346638363335373663333831
+64616337613639306536373366366235633766613033313464353538376363663239333930363139
-65396533626263383530353764376263643230656262363233336132316132656235663631663363
+37666231626334373132363863346232623866353032626138353838333764633738386166666265
-62303933616131336666336262663333376430383733333261393262623334353165633362653932
+38393461633832306465633130343634323763346464643262653330356337353534636566353935
-65623965323332353761323637343037396435616136343364323266303163336362366337303839
+36333936343130653861303432626135383438653134326162613833336261613839376161616136
-34346235333661613232623262626664363062653834383435666336336266343636666664363639
+31666436353361303438303735623139613063333162303566623431373031646434643766363335
-33386134633631306534303631613234393366373763626633323761386265666237636662653433
+32363835376438613163666330333732353432396661666632663633393965396531653830333737
-32313233393038383931303136633565313434623862643134353435333265306535313262343636
+63356238613537643033643765616561666163386364376236353031656465333661333830626230
-34646365623534373936626266613731643162366435306331336165383037613062346636666239
+32346431633464636663366364643239386135396235336663626335383663373761383165646262
-35396561653765653963313339353365396438313363336661643931633339653533653164626131
+37313330376336373462623266343632393637663066313531646333666531653132633164353266
-37326538383430353733386531383333623463663731643261346633343036393433333935366137
+37636238623637363166323731653739373764343965626530333834366233323435646339636233
-32373432326666383533623531383335313562363230373238333331306662633361323832633566
+39626164653331643036386130663539663532643232333338656661333130376537333261346135
-63613233393331373163343264633564646232636363333337383138663836393339663537333565
+34373565643535616333326333383231346162383032636132333166376163373761306337643235
-32323538623136376235386435663236626636393630653366343664356565383232363332313937
+61636363323761366236326139373763306561383331303563333461386130353039333862336363
-32653438393435373934393065666663323266343233316636343262336137313263323337353230
+65323532623538346638333036316430303130316366376632623133643933393466353162643335
-32383130643135663730623664633431663237613834333735346433333635336266616233393561
+37383836323631393664636262333839323336353835663138653061623037636262333432613131
-34646538653733343864356365336634653637643139323265623466313434653738626533383664
+62303162646133376263306361663161636131323030396164313435356164386239393032633061
-36386339393365366537323230346534376634333465306333666532316662363437633934346163
+33346438373036306365363935626539653930386638383265373733386366663036393637656264
-65376437623638336638623133363831373239623731373639333638366233653937616537643138
+61303235326462626630366335373561313730613163623339333630313561663636353366393564
-65613339306131313039616163393761383433613039386566346266363065376166373366613033
+33303861623038623135346164376636323661373431653962363332653766663438323664376561
-32626135366466643036306235626265353564663738656163666466326635386134323739333831
+65313835386464616361306438316434656331653632346330333131626536323064386664633430
-38313834663164663834666263343333383738636563386635663438313531616131666465623366
+63353062336630663935353838316366316138323037383566613166336138306262313766383630
-66356138383561626331313037306664653035323534616562643034663766666166303239323064
+66336163666262636435326231326437336333666265663434316635313430623437306230646534
-38666565636535633235393932663866316364623636316661376262663238656531353337366332
+33643039376230643163303562376261316163626436626363316234396263633864376331353230
-33346663373865333830633333383734346261643962613230633730326335313266386333356639
+66656531646366633163336636343665393838666166643966306636363462666361303839656433
-31363839363132623839626632646139363534326263653036616632633965623035626265633064
+37353061656162653336363333343631633865636566646534306231353064643336383365376335
-33643561383038383538343864666532313838643765373737633762643865306261646434623030
+66396339376666623561393731633462643330363331623934643935303563393463346563373964
-65313037396165653538383061383338326535346134336464326439383030303338656465626239
+63623063376365646663386431653533373739343962656236356461383930373366383163666432
-64386363663633353566306265363732646130323765633833356565623635353062663935313939
+65353664363565646235393134316562643230383962636136633866376534326165343864383736
-37613733643032363064623461306639633234343564666538313133613433393161366331316533
+62306333386636306330373562336137386338303836303365353834303239336464613966313638
-37643166633935393833306362363436613637623635656364373036613564313261326439343366
+38333437313635653866396435656239313535376461623663343663333466393136313936353831
-34323132646166353361633632663937353931376438356562376539333961336662643165636363
+66646465663632323866376330316266343033646466316564613261656666313634663735616535
-34396165626537643232326162366337303039373739316333653933633235356263616364336238
+37393664613033346234633163373965393763356661636437626263326666643934653931393931
-39613739626234323366336466383433626262623436316538643666343031333161363730663430
+66373338636463393536633231663564386561313231323463343638383630396362336239333437
-30306238633164376135623232633563663034633737643263336536666532366336396232326435
+39343635663830313234316538636131653765616636613631353432646163376338346565383038
-30616333376239626664356237336366343737396662336338653031316536343966633363313866
+39306631646563636130643530353865393337373066336666353732633161383933626635623735
-65383237623535316631303234663263326634626562653562633430356537393561613162623165
+63623736613538396635306633393030613434373433663563643065613935376230363935343563
-66363633363538363338393834343464393566343161613730373439363332613931346336646166
+31316639333664303361626661353034396138623864373164383362356666633763323333363936
-31343361376664313662646332366365396164636131336332346236663531373837656432303035
+32366635633162376436393738663535313338363665383566656634323932303834656639363566
-38363435643430623132343166363265346163643530633536616164383233616432303138346635
+33663637643866333535646662643339383339353934383738343138323466313130666563633433
-31326130313936393039636565646566633931303833313165373538656631346234646232373266
+61383033616338646665323166623461366635636666326365326666393739303963353365636662
-64393233383161363238636238383033666633336432393562306533313235653964616464393634
+64653132376239636630396430346462626136323734353631356238303838663563643433643833
-63646339643533363264643935333438303536383966336336666666373739366432626335373166
+34656635373431623639653062386562623539303938336334303238666565363137613638626339
-33616266373439633134636633366466623836663865363337353563376239383633343165373438
+61666439303339323061326337623435383662613761336165336361343762373935626131383135
-34663239303336626234336236666435363331343261396666366337323133373832623665393565
+39633562353339363936646263313763326366623833333530373032393537373539386636616532
-31323233323561336135366231656238633864353933626465656134636332346566663033666137
+34663963646234356136653261386138356638393335626365333263396232613361306239323439
-64313936343365393961363963666435353936653633343666376334393562363532336437616662
+61663937646561336637313831373730316635383564346536663533656130323863393566386261
-32393230346335646361316133663166386534343066326132623135663634656262653335383534
+37343563333035333233666362653765333037353636646265366235316163646430616635336534
-38343264363234346234646437663562616630346431623535616131663634393765343134353035
+63663330303535663237373466666162356236613137623663343262626431316363356439643734
-37643031386465336430663831353534633833656538663764313638636161623134353665623736
+33646537383963316336353132366639306136353566313038363366666261313730303837643434
-31333739376666306264333731396366383335633166383733646136306437653031373732386466
+35663638616333346365313939303636656361363634373837383965373932663565666434383636
-38363966616537616661383561393931613662326535316232326166626232316333346662316562
+65333138666466356334353837303838303831353063333336393335343033373539383662363832
-37653436386663616361616434333336336665383537363530333465346431653962366439303738
+31303834366531393436303834316139663533333836376136326364383333393164656164353630
-31666230393961373330643762386439336134663337333736633233333835333563353566633166
+64646535363231303137303732643863616237666562363763363265326131356361333961356133
-36633233316333393731656638323161306536313036346139653337313939653064663466376239
+63396638636330393938613839383061616166373865316536323835363565613937363161323631
-31623633623932633632346135346633666163353863663934643736376239313262313533396233
+39343865393861373136383763646438616537373866663466303165616461373365656130613661
-37616233396663323764373165663935333633396634306437393364313566303332646630366566
+38663734376639623966633239376134386239383638653730643439656333326532303535373735
-62343539376533636537366535643166386565343234366532303230393366393037356363326233
+63663233663963333661643734316337323263666531373665343561396631396563306161373964
-64613832353934346462653366646564666161613739386332386636326634303131643633636235
+62653236366136353463363735376434343061643732636533636634653363386336303034393266
-39386132303830363265333031333264386532303132333434323536613235376566623035613837
+34616263376537383230653263323962366164643939646366653635663735373939633532323138
-65646232303462373766306139366261623338646463663830313134616562343966303662653361
+64393637326131666262316639353337666632646662663935393037303335353762326163353931
-33613763373235613833
+34663535363232383232356635633963626637333132366337356537313964616434323261653936
 35316462373631626438343538363533393964333463666566323135643165633863633331653765
 36373861386232303739636438653735396538623336366236353238643065353732643136333561
 37663336636138306335356630313231373732333936656231626537376564313064653433313337
 62343763343036636432613534346461386532626139346164633738346361653634353636623831
 31626566336234656661303466623364626261356331623235306265333937316539333539373133
 38373532353734653337313834323037656431666362333333666237386334373063653530623831
 66343065303761303035346664653761376335363334373166393861373236666565373131303539
 32373431613532643236
--- a/host_vars/jade.yml
+++ b/host_vars/jade.yml
@@ -1,190 +1,221 @@
 $ANSIBLE_VAULT;1.1;AES256
-34613132613738633435316130386263343061303161633063646466373138346138323037323639
+62383466373737653035333232303338326366323539316363336337393862373265666333356433
-6630653636343366313566373865343930633031396466650a306363313065653666356265643730
+3261393563633166343066346436363532336261376134350a353937653561346237666134343561
-62336434313438616463643034363237326434666263666336303230316432366263313261336135
+32623332613731343631666563663731663739323633636239353035366335386366626366343934
-3264633436646562340a333039313766633930643264636637653664643636363134653666633035
+3333313835326639340a333463326635643561393464643063613530396430333838666234353538
-30613535383636396436323762616365386338396565313134313932336430333863323431663733
+32643366326165383435366266303463626330343533346561646232383337323332623663353131
-32343561323436386432323263623435313935616235306536396636386165326337363637303864
+66306538353864356466663233353237356132616161373166393736336438353066303963663764
-33363833623430343530383632656530336536613830303962363335383866626463353138336336
+65643465626461393232396461356132383939353035643736633437316132386461313131623961
-37663836366638313132376337366632653135646531613631313830363439313963353530336538
+35366464356133373333663530613066613233303161623534653331393864376333303937333037
-39313135303736373963656330363938636235383265393961626632356330653438663466303862
+61663239633030626339653062663939633662316633376135626466623637656239616234373461
-30346633663364376362343865666230326233363163383761326564313132323136363234373638
+64353633386638363132643530366237396335333263306136373939343565323765313565643666
-30626565303563396131653937353230353837666139616539313630373737386265393839313039
+30366162373337366331313232373333393939653561626238373236393430363464633333313562
-39613862613263383164303264623066343863306163623163653632323865653166373635666338
+63626463313336363961663431366364303065623933303261303963326266386131346566323638
-32636639626435396533383439373331306335336663316638373432623966653662353265633166
+36316161343738386436383731383961656336363137303566366335653538663432323765663062
-33343163653439376134393338613339396364633539386435633664643665613664316330646230
+34626232383533643363383039643762626337316636626438633438383037353432323132663464
-62386239313837646135393662363735393665386432356535306132613038373336306464646466
+38616532316534356632643630326534643962353634383162313338396538643862313061613838
-35666631303334646164626163393061383132623132356161323830363562326664323833333766
+35636165366337623532623737393738343230626530623330303465383263393763623664343466
-39393035376638653338373137613464356266616335626665316162326431346236313666396137
+63666135353663363961306366626162373836653461316537373961333364373236373361383238
-38663736373036656431646235343332386365663461333734623461313166376562343761306338
+66656636646665623739326638623061663765363030316263613666666364663261343830393330
-37333437303163646439316333343663353764353030313461373033373339613966623734643736
+65366366306333323837343666633935613635396663623962386430613937626366313232363962
-61616466383230653735323130333631326161343566653435326634326164653336633937663636
+65613064303731613865366432353866326135386464386637363335653135343665623632663066
-62643264353466303661326530653164363935626331613234616139613833303530633830356337
+66663165633163396264303236613734383464633966663663333731616665333037663538636530
-36643762636366623939653636333564636565643939633233653036303931343833323830333731
+32323830303864616565363862316132303131636635326431303261313131646234346164653862
-35346330616435383437653764333430396236363563616433326334373761656264313336373361
+62396666303961633165333931653061613132396433393436623665383033396130336231323337
-34373830656334313230333463333139363061343836656638646230346364313032613036353731
+39333563313137623035376139396261343432666130306566326662376636663938326439663235
-39646138326533363830306430643236366433613136306633303762306463646562613431666535
+66636561663464336637323663363363333338393665616339643864633839656463626665666664
-30393532376434613362653734336362663935326438323232626437356530616138373735633161
+30373463363135326134613730366430326666623766613131326562366265663662323438333563
-37353339653533616536626537336462646632356234396239393230633263656439633330366135
+62363037356231656664623332626562346266363035393562336262373363333366383739616636
-33663862343039346632393037306137313630393330333532663565613165383332313635333134
+63333763303038353234643564303132353834353439656239396463313862363464366634646439
-66353861303066366638616666636232303335313137343064363031376337643930363062323566
+32643638623035366632396234626134393461633163616664303934623861383462623438323831
-35346262633031383762323136663934623833313539313965366164353935633933633732363138
+33316361363830353062353832336366363161653630323735356239663037616364636665636330
-38333537613831396565666364333333316338313537393130393161623532393266636163326332
+65313531396530323064353862353939393565376662356138653736386637623265326632306561
-39333834643333363037333637396530386432643762393261666639343966363662306237373938
+61343764393034633461353432343830326661353663373965373961663330313035396437663738
-39333439306131613730343564636563626232626238373565653537333330326130306330383036
+66333539626565313635663531323366323636336237306561346234323962613636653864383532
-63396435633736663532303661643232306134333333386439383236383637386533663831613133
+36326138383566666434393932343439653263393332663766626261653336333432623337343439
-35356137623037316138393735316165643437666336313163383935366434353230626130383136
+30316336346466383333313332303238383761303033336164613462366532353761383333666665
-66346537373430653236336239326262383639353163656339343933666137643539313865646239
+36306661303832646432626461616236333730353538663765653539303561343534643862356463
-30633330313235396532346264666564313765316165336532373162333062343062353162663536
+61646361653464653462346334313232316633376539643836326462336236366330323061373538
-66616537636566316366653031386661626539623164336662646466373734656661613565633637
+63363638643862343539643639383935326439356534653339393835383139626539373834653238
-35666565663266343436393430626138663764343661333262613065323264393163646230663839
+62396464373766316132376136343631316132396661336233623637396166376466353936666263
-39353864366566333465386532373036373665633762336433316438633939396465353433366462
+31613261356366356130306437613364333866333830643665333866646263333034326336373563
-63343436353339383363613630386134363935373863383162396631366562393833333564376666
+66343764633164666666353161636236376163626262373536353464363032333561363963376266
-64363832313439386261653364363130326266333065306164613665343465353566663338343138
+37646539316163336637313863373064393466613863653834636639626566383535363663393866
-39323731386632663064643739666436616630653838333237336366346139373137613265623034
+31633737376532316165333531656166646533386439323130396430323431376662626661383564
-38306461366530373562636161326361613836376266373836323462626364383666376664623839
+63323265383933626631326133636163363630666538316331623733663535326261323438383263
-65376130383462343331396236376532643335376561316332616439613333393836303765363137
+66623035343132646466613063396561323164323336636639636535393832383234623062626630
-33316366323232396566623332356338396637383763306130336261623366383062303766663565
+66383739336565643563653438376430353961383062386539353965323462356462353266306163
-32363036356534643035623339656437393765393365333638383863653365343230333837346535
+35383964616562653563666262366264343735333461646564646264306365373933656565363136
-61643263633863326561396266366563333765613935386631663437383734316238633731356636
+64313530356536336665393333323464336238333637306562396635383835306135326165373763
-33323966633336366236373431376266666162653936313136303366343532353338303736373130
+63336665366461663137383834643136383034646238643463656539386330363761363064613434
-65323634333838626237656334336131636438643435353131626430656131346332323032396434
+65623836323732633262643062396366633264396334353938633463623462383563343631303239
-33626332316138303935633539396565393266643664356131396265356563653632346166666137
+37363263383935333665336334366334323166306165333466326232656637646132613339323239
-66303665633238323266306435653230323965643663373661613438323461366535353662363466
+66303830356330396432613163616166323261643861646264336436313733363362343835646464
-35636331613761326565373165653763383030666366383263616234386266663263336361363737
+66383762613665306465643938363631343630633733376137383133346465653662313938623237
-31346336643064326264633636316164393065356437633162346332373063326563373535633734
+63313333383933393131373039323065333635353030396163623130303462343764656533643936
-39643666373835306331623133346637383137303662613134313038313265323438363830383065
+65333239333236393537373863386435623231376163323261326331306263326662653132623032
-66666238613930633763363838343733616537643032636364326465333463323665373937383033
+61663532383865636566623761356533656363343863633161343230633433306533633130323131
-61386639396532353366646661366265333838633732613866616164633765663034323632316134
+37366234376565666633353962353939343634653662336139353662356337393438363261353636
-64656637396339616564386264633732356462313031303565343630653265373132623336356161
+35643563316165376233383134653363343262633035326261666633383437626237373637663932
-32623534653361356632663930343830656238376234383538616533323466656332373463376236
+66326636643662636539346138663530623365376330343833363263616666623938623736303030
-66333634346130373866373735323464366534396362306430653832303434393431653264386533
+62393135626565303464666138613365623632666638653265666139333930333737663965323631
-34336263383062663232613939373063613137633438393730653434336639663532613231353865
+39613330363561363366333765313837343462316633613835313865656363333132326336626539
-38653636323236343066353637653235383238343837633861663631353665383262303737626339
+39623364343131306263363863323730323939353261646335366133393962623137653864373131
-32656537373364383233626631386231343838616564323234336264653636356637346166656265
+62383935313265363937313664336432393965653463643466646137373630373631363736636431
-65336166376134386134623932313332323265386664636466313436376132306663343233306631
+35323432636633663138376339383131383461656465643766636636306565663639623163636234
-36666439633236336333656137313665383163323234363530366534363731383832633737396330
+33626237353334396432656530663833633235666239326336316139323439633337663433643331
-38323863636566623031393763633934616632313534653666353361383663323061616462386661
+35643766323361393064336137666664396465373765393034303462653737663063373065316465
-63346361386563366535666363323334376533343233306236326162353865643631373565303037
+61336363353831316338663536653063613061333034613237306531663037653835663538666337
-35646264306237383966636565363163393434633339653039373363663932336333633162656536
+37613834343164396133343736393165663263653161663537313234613366653532646630373766
-38383035313233633362663938383730396266663138623461393035303234663738303363393632
+37636331326338383039663030346666323234393632363233323037383863313564363563346338
-34643461343461313162303430383235303961323832383537356232313066643961346463613064
+63656261653464663663643231653833346130386433373562623662633963346630336533316435
-30343864336237623165343539643833393963653534643531613262343162363136663231353432
+66333439396638343563633138326431346131373439396566633232356535393565656231663737
-35356264326235336363623734656639343161633365373138373533303966646263393637303966
+36376163393133643337613639303039623832666438666661383436636661393233366663333838
-64646638316462663365396330303439663464666433326434326634666536333335353434626466
+64653564623562363339656162353836306437303738373439303933313637393464306265323336
-62306633626637663736373164363364363164656434303136363639376561343131353331666435
+63326436393364373931653563356363313139343734633663316362323738653738343732363138
-64303133383431353765376162306366643238376661313832643239323665666435316362373931
+61393761326138653036643332383235626236356564633232323462333135326264353937336463
-36643365353063393563333835376538653963336135613038623865383734353936336335313532
+31313965366132623737353232373134323433306564333862326634663362356238353465653364
-64646666303332613738356134623436313039643432393439306230653864393131366536383237
+31623933316465666331653831393461316538393537386636376461653236336434626134616662
-30326434613039643839303031396531626461343637623363373065356363633961393466363435
+62623634366336333739373332376239386336336631396263303535373564303862663666663562
-33646661373162343062313339633730366362353762613235643665383664616437346532633935
+61313830386438616262633533336334353735333331346436373230613363356166353430386430
-36396534393836646230313931343761346234363063373539373132373365383064636661396437
+62343735373231656139343035396562386661356538376661643435353237353962333930363939
-30363233663430626137386134393636333765616335383664376665666337393735373030376230
+61613733653064343833396530343432663238363537373631306132666235613330343866353031
-36643162326639346564653363393336343138336662393735303438313730336163303039326535
+64396531363337373236656235633261623239663439303834356139623833623339353862663230
-39306664626263353337303362326433663765363264343839366434363162366537633266393261
+31363039663033323663353766616465393063356263323239353461616239346332396532633066
-38396130353231366633623565383162616364363534646539373434363834316365333634313634
+64346563613934633937333433383764363731366132626365323661313962636464396539386236
-32353664653133326462313361613235613261393136383834323465626664363534616534323535
+63316563353661376330346139663737306162366661656461353862326666373030336136366632
-35323664316438333764356330383630343635346263393564393533386331613766313030336130
+63616439616630366435623065386430646537363333393965663534383531323462373833363965
-31396466353062303935343765656166343864303961393863343365326333316233663835623636
+64323931383534643730303466373366393435313663306631666364376665626434623430326164
-62666461646330356266323639633564666631363066333635326533303539383635363530353530
+64366437626634643362396565306665313231326336366630326163356630373663653633376434
-38616534313137616464656537613564656631313266623832346236623030373033623638303730
+64393033336463326631303862653337656163343932363661303862346133373562663537663930
-32376338383363613931663431343535393831353337393836383362306665383535383736653663
+34373761373537633130366661653539343931383663653234333663323738356535306664656664
-36636339303662633363653333306566326439323934393831393131336165356431376639653138
+61383337323238636634373830626138393466336666386262393039393963633835366531643831
-65376333656135343463363737613630636533343537623066343865613365616562646366353463
+35313531613832663637386566313436363566346432346536313263633038393438666431663737
-38333263306236383133313532363565386461623438353865653939323161373331383338656237
+62633631656534353961306663613634616336393833616166613836373539333131633066666365
-31643836396232393662393639666536373965313036373034393230346132656630653166346338
+63656264353831353630343834356239653331376539376331386663386334366463363935656431
-31396139343131353535376364323966653336353163623931346366346339633432636336636135
+64386439656135383139626136653066613166353738613262623231323132626330366561643030
-38613063393839643064323536373534643066346261353938666361336562393130626530616631
+36613765336339383863666535303930626534643934383731336461383432376461636230343030
-31393761333931303533363161383439326137636565666435316566313034363237376135373931
+36383330376231336661653735373961643936303064373365616333663836323663333361376462
-64326332643264653266303836613037313037646365363732313865336332613638643531376634
+34616538343235366332633430613130633237303363353932346366636631366466306533373063
-65386465653136336234613165303261313035646566613337633939333435633338393731346263
+66363832623237636266643861363238396534666164393735303165393933623766313262323333
-36376333363738373339383866373835663632663332313634623562653663636235393939656435
+37623830613733333162303061383166363838303965666664633861376238343165633234633232
-39393563393465383931396435663863333036373466336235653163646231663463643462386661
+63636633353937376131306435383061343030666361323061616262353935643030333966626433
-62393539633964626564393866386634363330636261376266646630393132623935653134666637
+35356562316336343932313539623239363036336361326234666339366335343033643435346536
-32323735343833656539623061636463343334623730363139343031313661386434613264613137
+65346261663338326465316237353934633334353033646433353035653530396232666638636262
-33353434633561363734353061316132643765303237353931323039653637353464643034626363
+37393532656561643839373333363331316235636566316531393865633131373936316236663839
-34646365633631383231643636323536366432363536353063376633633531666539666631623832
+63663835633437346336626432326235356432616364316465376239363864323561383636623338
-38636132313165326132653138653564373032666630656362643037666439356330383834386539
+39646266396162313938613062623430663237633465633261626562626636396637373137366465
-66343863643566353563623938623533663631313139363435353562653835653930373463646335
+65643134666236386538643062663135643266303861396337353638306532306236636136623039
-63303938633736633734316361386436643931316534633737346639396137653036383638393163
+34336130666633313661653761393536346661343063653562326462363434366531656430353232
-63386435646562646265363066346139646361383838653638633334646561623461623762663432
+32643164303364613362616631356364643835346561383962316265336637353837383462653037
-35396335643431636265626631633538373535633864336538613437323031646263663832376361
+34633031346261633835373131656166386439306361356636663338613731393434323039353665
-33333238613031373739653739636362323132343838643963353465343966633163366337663566
+35636365303365353833623463626463326632383737373235353464323939616539636531383665
-37363332643161346637636665383635343930323632373865336165346237626534346232623735
+32333761313439626339613834316464363835636331373331363730373861313739363164313330
-34353063313638383466653939666433666432346235663538363931393330363438376665356362
+33326136326566336633316437316132613430393166333130623335393232653065376131666465
-63363561396566666630383233376630376530303732343939643338353461396332303839646664
+31303132353465313761633265313266373132633231353766346633386639336464613134353832
-32353935333664646431316137623837633233393137396530323931323066623531323038383538
+34613035396165633864616664636563353265316432336636326632386234633263393261323136
-64343365356439386334663234356639613031343934663962306633663534336462613337633838
+66356338613666303863393937626365376631643666363830613836333236383466353835306535
-33306431323662376335333562663362663466373364613333353037396666326462396666306137
+63313939386335313936376233626231343062323662313565653439306534386133396336623265
-62333764633631616162383231373132666561383664313266633136323266316339343635316439
+30326334373433386639626362396138346234346630383930373636616239353734356432356237
-36383332373735363930303239633836653435643739356463643263353636636563346330306565
+33636135353736313961303730386433346433663332363465343732353132356162383936343238
-64363933343837613438383231643632396463653862343930613539393663616163623463386666
+35633866303031663238666662366137316366333564336134393465383438616465656666653664
-30336436356162383966613337313633666433663231643730366233383438363737333162623836
+37383231623136363163663562343938653631316131613864663936363336343465343931613830
-63353962636337366139356463663138653737616563323464383539613637616363646132323565
+61633166663534643765306337316635633163326238353561376631353661386437363935353636
-32366266623761666330356239336339336434353737373739313864353365313435353663393735
+35623831366532393061343764633735396363623161373661316238303639396166643430323432
-32373333323538396331366337396637356131393234316562653936633166306431333436313161
+36363137303834643233616331623764343161623264653531373431646364376662376238353233
-66353965366438656139633030303233373733313964363636306261323265356233663034323766
+62626464393336653530383434353066353865333139323363396635393530616332383463373032
-38633235646239333331633136313934623136386466653366393037613765643161656430333933
+36363665653234313263333334393535333961393063303366393034333734626235313835313665
-31643062623837653039623335383466646232353130346536663831313035323537363638663861
+39376330346132343035653531396430656231646631653131633064643530363561393665663661
-37663830623565643638666236343063643164366164346230663264376665613339663164396131
+64636133623231396663393662333738653631356436646166356531303066636139376166353830
-32353139353435396631363763353430663534323065313930303764326364376632393364636334
+36626461646635323730326463323065393061356633653931663334633532663834323332363534
-61393165383363653661393038626538376233326231376463303935646432336635323961323135
+34306539386532386365313766343462656264653332346363366231663764633436343334343235
-65633336633639303839616266633065343365343363393431306335653536363639353963393662
+61653465303635353062333232396261336139633561373034396533383933373933356462666134
-37633338323366376332366231396236613463663837346263346263656564333265373036376230
+32323631353536663761663439353162633539346561396166303738376432383533643766366465
-35623066303961303866633062336430626462396665626330323864666336396339373438386236
+61373536663836613237366666646133343532376461323139643565396135366533356439306438
-34313163376139666136643232616561326163353261323737323434303937306534613335336135
+62643235316231663564326238386238353536356330363236313064333862366336636363323834
-30616361633365623939366438366536323335626135656136363936663663616262376362326561
+33336236313939316162393964346363363236383263363638336531623463643338323461326338
-61653066323061303237383562386337316331303937346232316339636638343463383131333136
+33626430343834623466666461396534326466393934643631306637633562623531643636343031
-62326530663665316238386330323630386433636563356537313061656161373264646632613538
+35626637363265306563643463666337316633613263353363306330613064306664343735353265
-65326663363637316236303761386131633535363237363061346135313037373238333030333962
+38623033623364626437353434653732636161303732326239633837346336343666386138383935
-65396139346431656165386334353831373132636566666362653934303063323962353030383365
+63626238663630366630366635356531303564663866616563393164346564643338666561396432
-35353137306533333635303264646233366633323066393736396133303764613731333565303962
+37396439393866666661353463623865333863613765353264306633636239656530303230373537
-62386161303066343462383365396233393563386138373763646264346161653935316566313261
+61336634383861633165366265313136343464396464663136393864623436626537313935663831
-33646163656134306339373634396266353861333632346464613830356534346562613534663762
+64386162356665616331383839373533363161623630663431663136643732353065376161336564
-38353662636662343361316233666264626631646162323737666637636165613566623330303166
+36663931383033313130643831306364663365313265313831373636643861303261626130326234
-37643566353137663666623663383232303865386162393030616133326233393364376161633139
+36613038356132343936346463636463356332303261663830373333346435316364383161643065
-39316438336632353935323733626537386534343239396166353961383563393738363131616538
+35323262373736626636343562313731646234373464633664663562366364656466323737356435
-32353931623037393630333063653133303564633030393861393739353962313263393261356532
+63653266356265633163386337333731316266663032656131346134353264306436366466393464
-38383835306464353865306362333966643732383830386362373038306465343364346633656366
+66653662333464646437636439313565333465366339383365666538376464653563313835343561
-34323432656337333666636233643838373563326464313930633934663662663635333036316333
+35373661353832643363363266343561613066343138636339633033343932643633633035616232
-30643765303539343264623936346166636538653630363030333439656634396539653039353137
+39336635636135666461643134636435326433613331353035656232313662343735663833353234
-35663632656231386465623939343235383763336165313939343231666466376534343663343366
+39653337386430353364373237313533373933383333346536356337356535653531303532663235
-66366266336435343661306331326333623763363933633533613335366535316166646662653664
+36323531643735666538323838323932623438646236613330383863393836393365363636626232
-38373833366262363465306366396537623164383466663634373539363238356266653337396262
+34393239383236626537303666393532626335396434363763356466326633363464646565323431
-31663032336335383833623439346165643135353564336261393134306163313734663634336431
+35383934613964663839343332353539653136306566653763396564343538643663366636306331
-66336339336638396232356334663830633236373138626631353132306465383463313362636665
+63386531326635373134353564316532353333383834376332306237336366616532363034383866
-65646435653963333736313830626233646263373862333761663937663761353234643833336266
+32326133333932323861373433376662343537343935663864346537633063316561316538666431
-66653037656235646338663432333662376361343639633263616630343564396661636262323035
+32623863373432363264373637373864396363353933303762373662626364653434363738393234
-64356231616433356439393435363332373966363631653834373731666533663666636139613632
+64616464633433376336356236376635623232306264316464616465636139363861666435316563
-36313133336636656135396364663234323964303633393462666435623562313363656363373566
+66396630346437616433613665303462653662376563623763633466653166643536376466323133
-63623531623130616362323965323833386565366132306464396265316131663334396661333731
+64626630376338666164353839323062303132663633343937643761356535633238356634626165
-35323537393437666339643963313063326536646139333563303163343264656332343334386364
+62363237336264623932613835303236623333316564393338633861313333666466346435323766
-66353830313733316330636161376635336138653164373335366138383136343239333462623662
+35626432373737653138653931616562396161363037613339323961633534623537666637626133
-34656639386431313037363261633263313433393466633963363330633835316539363334626530
+61653637306531646239383639333366643937393932623131383335616436663863393064323833
-64646632376138636136616130376665323533363330653531656132306636643662393338663631
+35306635386336613037383761653638643930303334386139623135313434346232316233373632
-32643736386339336536353865363865623033623163656136353631656562306535666435633964
+38393737636132333138636534383565666230323831303964333132656663383838386538656537
-66393834363239666366383165646333353963313563613465626232653039633331666433383439
+36316166653239323162326333383035346636366163636233393936613563333032653339623264
-32356138396263616139636230646336653336393739623334356566353834353236653832323734
+35303766623730653939383439643265343365363064336430356431666163656661666330323563
-34396338623434623961616433653536346236343162363534373565393464343639613263353331
+33383761326562333937396535303366373136653163643138393931323838313531383264386463
-36313364333064313261343533636138643561363831326136383437353435386531396337623861
+63316230333735396538613561313132613861336166663238613730323438383830643963356230
-32643735616234666163393361363631343035346134363330663733653538363631343038636430
+66343933656536356136633065663037663233623662393133353739343065333438333235333836
-62343432646265333862663963353837303631653161323033373530633165643463656161323839
+39613962376238643933653131363261313164333333383032613235653136326262623461663032
-61626363303036383034336261653565393963386435666663346332396432386431343461386461
+36326164323036386562313638623331663166633039373264323333386635363437373839393432
-35343634396639393633383864393462626230663339353332383739373230613661313938386463
+31363564643536613530383066383530643537353263366565346533343761353530313739346137
-65313465376664383737336438333737396230366139633433643130353264653733353436626162
+38616335386539363861306232326330386563663433663132383938323866646564383864333864
-38306639623435323431646338613236333431346138313134356164393133373462353732623164
+64663733333961373730366137656563376562366366646135383662333831636462623762356563
-61626166343536653436343734313739336632343534356638396563346435343031656238383630
+65313433363633343662316337306638383132613131393765653135366631633561356138353730
-66646664323530346630323663663361336537363435393062323236363466626135623735383461
+61313135326366373837303130663466353563313465613932633863383664306262653833346462
-38626365323163333037316361303934616363623031633065623830376633353565336338643565
+32393566666566656339326531343265316631623230383130343633333535643939343733343161
-62326333333466636265643263326132316566656163613633383865366663666135653739613939
+64336639666233383865386533326437613630613536303063656631346463353564613030366662
-38316335323765356562666266386566363162306139343463616533366561613834383263323639
+35313331303564663835393439623730633031363435366363376230346432333834663933313834
-65396263663235356130376539313535656336343464656536336231373833633466636137633238
+37653561626430363962646136633865353138323835633062666631626436653461303966386164
-37656335636637373466303730363862653033626263356134376538626131303038353765636363
+31616235623932356136663763623263626331343131323933356439316430336564653630653836
-64383032313666376632316161363930663135623037346163303166663233326632343835656433
+38326538666265306230396461376635386464656637363461623639356531313939613363373461
-36646161636332316661333336363961313537326264646135356365636564646336386431393937
+34366136616238373731333962613437383563653161323337336135356462346431343064386463
-66393863386463626331363439353164663562306663326361643035303963343162303565636635
+36613235353263623430333035376133353966373130316134303639303865323534386239386632
-63323739623363383039393336373631303666636265343331393833363762373463383662373164
+31313935343336303535653861363036363461373537336561363532626137623066663932343037
-62353536313239353764633637633931376365353835343432353930616666353730346338383439
+37333164356232343763613464326234343230616362326333643665643261656266336638303330
-65623263613031666263346561643438643162366433643136646637666532393833313162353365
+36626133333166386661393833356661383337336136336537656233326666383133623637396264
-34383061653330646134313434643663386361393031383739653339336266356337373232316130
+64316264616439313565306666616238336661363365633833623263333363623132383830346130
-64613032613664376535653261666461666366326661663038383931646535316661
+35366234323837646531366330333632616133333364343766393233333237373836323837666161
 63643138376538363639353330373136376564643261623731313931333666353239333561663432
 65396663373436666236376434666632376335353566353530393533633132366130663038643264
 37313832613732353230306135363466616162313137343436653064343231356433366563303738
 35623531636631613061653963656664313038633434316336333633316661306563643262646334
 33613563386330376333663133653138336234386366316538383362383665643361386366386538
 65396534643064303332366532663834366537626261316139326236356136343136383638333339
 36346530356565666332613037373364353366386130313464626565323730316132336262323264
 36633532326534343362656465306535653539613265323634393865646235653363626637383339
 32346264306561383332366462613236316364393931316132323937623763393935313830346430
 64383236333664353431363934303132313434326534646239363366626530643536646230663139
 65316466313562316266653665636361363734393461396630643637623462343866646265633838
 39633137643937656438643433663765363430313337343166366161323434663439353562666132
 38623464623962343534393064376237373231333939323666306465306134336234383932353635
 62656337636465326532613139626462323162303730663837313935633437313265353930663463
 38626231323462363461373131306261326463313763623737303466353835643931653334653132
 65626639396365646333653064396662626566646666306362366334363934646237663830393962
 31343561613162396632396336653834616663643130363131383463613265393337613866353365
 62653737373132616335643731646236363263366433653965393736333766393262613836333365
 34306635666366636430393365626364633061356165353661326563636366346562643733353334
 63316437376330656661633661393362323133666434366565633436363034363039373761633032
 37393163613131383537616434373730303664663562656333653232313937633164363236303663
 32363065366634363731313534343566623830663361663430333061383765363137366662623139
 66346334333061303437396532343330346366396362366362323535306639333962636232363730
 33343236636163666136373264666236386361306337653564623637626135613562303636613535
 38633130396532313362616666636238343035313233323661373032646432626262643662616262
 61353166363330323665616561643736326236363438353636373063373738383361653539303131
 30366364653464373662653066363865626338613433316362393564653739636635333562333036
 30376530323462626264373235313231313163393838633437326265646638373439336638636166
 64323762373835316138636137363166616161616633613632333063323632626637653630346562
 33376334616439376161643038666438373833343632643934303164353866613231346262346261
 61663265366461613634
--- a/host_vars/nas.yml
+++ b/host_vars/nas.yml
@@ -0,0 +1,31 @@
 $ANSIBLE_VAULT;1.1;AES256
 62303937306432656235663330303934363930356632333966343535366438343261323139386135
 6238653639363962373032656433623835313834366431380a653866666266313861643035653638
 62343639336336353130363537356635653661333463386637333331353162636438393462353161
 3531386264373537340a653431633436353030303733343738616431663831316238613930633038
 62353466313762366561396366376363633132383438646362386239616362306563316461626438
 37316232373664656165396237306333336433656464306664653566383761393636396537653331
 30666631383234353064313061306164613364326638356636633636343133666638653261366339
 37376632336133333736626130336165313735313033373138343662396265636563663234376138
 32303137646437626435376463323539636264666663636533363733616637653934333936633139
 36363162306237303931343133363238346231633732656535343963636262316363613434336363
 36373339336332633332626534643762643264653365353062646663623837626463376363363161
 31383865383166396663366230333334373037376333383938363738383862313736313261336234
 65326434383165363861343131363139666238646562383837653233656365313932653163626564
 38633761343338666662393333393165316563346636636135663133613062333836313561333963
 39663733393738336336626438323365366566333331373433326539653565616230643936383737
 38356434323433326432316265396661323964653039393164663533653731626162376134616261
 39613666393764636331353764306531396339373032636531353165316437616464653237356536
 66396661306235333732326136306439316362363063313837383663316361313731303634383331
 30626239633235623164396666396533613734613962653030343334343832323664353431393636
 38623838306239326537383765643036643830303066616232313935376635346237366434396162
 66303932656265316463363432623037383462333638376430616562313238393762616263663138
 63326239623666326636396361353764386363613364643935666339336565393830613435373231
 64383265666661633664383031646530653539323037613837356638643335653235323135323361
 37333731316234646135303566393439363338323264386635336432623862353661313962663965
 35333631336233366364633537396234656430373832326334653030363635626439646532643032
 30636666383865313737353962326665383936613434353830636561323439373537613538393836
 31353164613631386665353762343938383766323739363363633634363433623039376564346333
 64323939356238323462346562616335383437326233363838383930396238343261633863393232
 39346165656662626631376362623663343164376634363532376363623737613962323434313339
 3133306237396463313938383035643034616133336662636234
--- a/inventories/hosts
+++ b/inventories/hosts
@@ -1,8 +1,4 @@
-[jade]
+[ungrouped]
 jade ansible_host=fntz.net ansible_user=alex
 [jackson]
 jackson ansible_host=direct.jackson.alexav.gg ansible_user=root
-
+nas ansible_host=172.16.0.29 ansible_user=alex
 [nas]
 nas ansible_host=nas.fntz.net ansible_user=alex
--- a/main.yml
+++ b/main.yml
@@ -3,8 +3,8 @@
  roles:
    - role: traefik
      tags: traefik_deploy
-    - role: gitea-runner
+      vars:
-      tags: gitea-runner_deploy
+        server: "jade"
  tasks:
    - name: Deploy Glance
@@ -28,9 +28,6 @@
    - name: Deploy PocketID
      import_tasks: tasks/pocketid.yml
      tags: pocketid_deploy
    - name: Deploy Ntfy
      import_tasks: tasks/ntfy.yml
      tags: ntfy_deploy
    - name: Deploy NZBGet
      import_tasks: tasks/nzbget.yml
      tags: nzbget_deploy
@@ -49,9 +46,9 @@
    - name: Deploy Romm
      import_tasks: tasks/romm.yml
      tags: romm_deploy
-    - name: Deploy Nextcloud
+    - name: Deploy Owncloud
-      import_tasks: tasks/nextcloud.yml
+      import_tasks: tasks/owncloud.yml
-      tags: nextcloud_deploy
+      tags: owncloud_deploy
    - name: Deploy Excalidraw
      import_tasks: tasks/excalidraw.yml
      tags: excalidraw_deploy
@@ -61,38 +58,42 @@
    - name: Deploy Immich
      import_tasks: tasks/immich.yml
      tags: immich_deploy
    - name: Deploy Jellyfin
      import_tasks: tasks/jellyfin.yml
      tags: jellyfin_deploy
    - name: Deploy Navidrome
      import_tasks: tasks/navidrome.yml
      tags: navidrome_deploy
    - name: Deploy Monitoring Stack
      import_tasks: tasks/monitoring.yml
      tags: monitoring_deploy
    - name: Deploy Drop
      import_tasks: tasks/drop.yml
      tags: drop_deploy
    - name: Deploy Home Assistant
      import_tasks: tasks/home-assistant.yml
      tags: home-assistant_deploy
    - name: Deploy Gluetun
      import_tasks: tasks/gluetun.yml
      tags: gluetun_deploy
    - name: Deploy QBittorrent
      import_tasks: tasks/qbittorrent.yml
      tags: qbittorrent_deploy
    - name: Deploy Jackett
      import_tasks: tasks/jackett.yml
      tags: jackett_deploy
    - name: Deploy Uptime Kuma
      import_tasks: tasks/uptime-kuma.yml
      tags: uptime-kuma_deploy
    - name: Deploy CouchDB for obsidian
      import_tasks: tasks/obsidian.yml
      tags: obsidian_deploy
    - name: Deploy Pterodactyl
      import_tasks: tasks/pterodactyl.yml
      tags: pterodactyl_deploy
    - name: Deploy Termix
      import_tasks: tasks/termix.yml
      tags: termix_deploy
 - hosts: jackson
  roles:
-    - role: caddy
+    - role: traefik
-      tags: caddy_deploy
+      tags: traefik_deploy
      vars:
        server: "jackson"
    - role: fivem
      tags: fivem_deploy
  tasks:
    - name: Generate Caddyfile
      import_tasks: roles/caddy/tasks/create.yml
      tags: caddyfile_deploy
    - name: Deploy Gitea
      import_tasks: tasks/gitea.yml
      tags: gitea_deploy
@@ -105,6 +106,31 @@
    - name: Deploy Plausible
      import_tasks: tasks/plausible.yml
      tags: plausible_deploy
-    - name: Deploy Nextcloud
+    - name: Deploy Owncloud
-      import_tasks: tasks/nextcloud.yml
+      import_tasks: tasks/owncloud.yml
-      tags: nextcloud_deploy
+      tags: owncloud_deploy
    - name: Deploy Wings
      import_tasks: tasks/wings.yml
      tags: wings_deploy
 - hosts: nas
  roles:
    - role: traefik
      tags: traefik_deploy
      vars:
        server: "nas"
  tasks:
    - name: Deploy Plex
      import_tasks: tasks/plex.yml
      tags: plex_deploy
    - name: Deploy Frigate
      import_tasks: tasks/frigate.yml
      tags: frigate_deploy
    - name: Deploy Ersatz
      import_tasks: tasks/ersatztv.yml
      tags: ersatztv_deploy
    - name: Deploy Wings
      import_tasks: tasks/wings.yml
      tags: wings_deploy
--- a/readme.md
+++ b/readme.md
@@ -1,6 +1,7 @@
 # Homelab IaC
 This repository hosts my homelab infrastructure setup, built using Ansible & Gitea Workflows.
 I primarily host this on my [Gitea](https://git.alexav.gg/alex/homelab) server, but it is mirrored to my GitHub account.
 ## Getting started
@@ -10,4 +11,30 @@ You'll need to install Ansible Playbook, either through APT or another avenue.
 sudo apt install ansible-core
 ```
-Then, configure your vaults using the variable templates provided & update the hosts file to match your hosts. After you've done so, you can simply run `ansible-playbook main.yml` & it will deploy all containers.
+Once you've done so, configure the [hosts](./hosts) file to direct to your server(s). You'll need to deal with the SSH setup, alongside setting up the host variables for each service you want to use.
 ## Project setup
 I have this project set up like so;
 - **tasks/** - All of the playbooks for the services I deploy
 - **roles/** - More comprehensive tasks, like FiveM which requires multiple JNinja templates
 - **scripts/** - Any utility scripts, like the one used for deployment
 - **host_vars/** - All host variables, containings variables for each service
 - **main.yml** - Playbook that contains all the setup for the automated deployment
 ## Deployment
 In my lab, I have a Git runner sitting on my local network. I use this to deploy changes to this repository across all of my machines.
 The business logic for how this is done is in the `scripts/deploy_containers.py` script, which handles
 - Deploying new containers
 - Redeploying changed containers based on the Git diff
 - Redeploying VPN-based containers that need to restart when Gluetun does
 - Redeploying containers when secrets update
 - Cleaning up containers/images when tasks are removed
 This uses `tags` in [main.yml](./main.yml), structured as `{container}_deploy` - so if I update Immich, it will run ansible-playbook with the argument `--tags immich_deploy`.
 When secrets for a specific host are detected as updated, it will run the deploy tasks for all containers that host has (`-l {host}`) to refresh environment variables.
--- a/roles/caddy/tasks/create.yml
+++ b/roles/caddy/tasks/create.yml
@@ -1,8 +0,0 @@
 ---
 - name: Create Caddyfile
  template:
    src: roles/caddy/templates/Caddyfile.j2
    dest: "{{ data_dir }}/caddy/Caddyfile"
 - name: Reload Caddyfile
  command: docker exec -w /etc/caddy caddy caddy reload
--- a/roles/caddy/tasks/main.yml
+++ b/roles/caddy/tasks/main.yml
@@ -1,44 +0,0 @@
 ---
 - name: "Create file structure"
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "{{ data_dir }}/caddy"
    - "{{ data_dir }}/caddy/data"
    - "{{ data_dir }}/caddy/certs"
 - name: Create Dockerfile
  template:
    src: Dockerfile.j2
    dest: "{{ data_dir }}/caddy/Dockerfile"
 - name: Build Caddy Image
  docker_image:
    name: caddy
    tag: "latest"
    build:
      path: "{{ data_dir }}/caddy"
      dockerfile: "Dockerfile"
    source: build
    state: present
 - name: Deploy Caddy Container
  docker_container:
    name: caddy
    image: caddy:latest
    recreate: true
    restart_policy: unless-stopped
    networks:
      - name: "{{ docker_network_name }}"
    env:
      CLOUDFLARE_TOKEN: "{{ CADDY_CLOUDFLARE_TOKEN }}"
      HOST_IP: "{{ CADDY_HOST_IP }}"
      VIDEO_MACHINE: "{{ CADDY_VIDEO_MACHINE }}"
    volumes:
      - "{{ data_dir }}/caddy/data:/data"
      - "{{ data_dir }}/caddy/certs:/etc/letsencrypt"
      - "{{ data_dir }}/caddy/Caddyfile:/etc/caddy/Caddyfile"
    published_ports:
      - 80:80
      - 443:443
--- a/roles/caddy/templates/Caddyfile.j2
+++ b/roles/caddy/templates/Caddyfile.j2
@@ -1,52 +0,0 @@
 # Snippets
 {% if caddy_snippets is defined %}
 {% for snippet_name, snippet_content in caddy_snippets.items() %}
 ({{ snippet_name }}) {
 {% for line in snippet_content %}
  {{ line }}
 {% endfor %}
 }
 {% endfor %}
 {% endif %}
 # Sites
 {% for site in caddy_sites %}
 {{ site.domains | join(', ') }} {
  {% if site.tls is defined %}
  tls {
    {% if site.tls.dns is defined %}
    dns {{ site.tls.dns.provider }} {{ site.tls.dns.token }}
    {% endif %}
    {% if site.tls.cert is defined %}
    {{ site.tls.cert }} {{ site.tls.key }}
    {% endif %}
  }
  {% endif %}
  {% for matcher in site.matchers | default([]) %}
  @{{ matcher.name }} {{ matcher.type }} {{ matcher.value }}
  {% endfor %}
  {% for handler in site.handlers | default([]) %}
  handle {% if handler.matcher is defined %}@{{ handler.matcher }} {% endif %}{
    {% if handler.reverse_proxy is defined %}
    reverse_proxy {{ handler.reverse_proxy }}
    {% endif %}
    {% if handler.import_tinyauth is defined %}
    import tinyauth_forwarder *
    {% endif %}
  }
  {% endfor %}
  {% if handler.default is defined %}
  handle {
    {% if handler.default.redir is defined %}
    redir {{ handler.default.redir }}
    {% else %}
    respond 404
    {% endif %}
  }
  {% endif %}
 }
 {% endfor %}
--- a/roles/caddy/templates/Dockerfile.j2
+++ b/roles/caddy/templates/Dockerfile.j2
@@ -1,5 +0,0 @@
 FROM caddy:builder AS builder
 RUN caddy-builder \
  github.com/caddy-dns/cloudflare
 FROM caddy:latest
 COPY --from=builder /usr/bin/caddy /usr/bin/caddy
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -0,0 +1,49 @@
 ---
 - name: Create folder structure
  file:
    path: "{{ item }}"
    state: directory
  with_items: "{{ directories }}"
  when: directories is defined
 - name: Clone repository
  git:
    repo: "{{ build.git.repo }}"
    dest: "{{ build.git.dest }}"
  when: build is defined
 - name: Build Docker Image
  docker_image:
    name: "{{ image.name }}"
    tag: "{{ image.tag }}"
    build:
      nocache: true
      path: "{{ build.git.dest }}"
      dockerfile: Dockerfile
    source: build
    force_source: true
    state: present
  when: build is defined
 - name: Pull latest Docker image
  docker_image:
    name: "{{ image.name }}"
    tag: "{{ image.tag }}"
    source: pull
 - name: Create Docker Network
  docker_network:
    name: "{{ network_name }}"
  when: network_name is defined
 - name: Create Docker Container
  docker_container:
    name: "{{ name }}"
    image: "{{ image.name }}:{{ image.tag }}"
    command: "{{ command | default(omit) }}"
    recreate: true
    restart_policy: unless-stopped
    networks: "{{ networks }}"
    volumes: "{{ volumes | default(omit) }}"
    env: "{{ env | default(omit) }}"
    labels: "{{ labels | default(omit) }}"
--- a/roles/fivem/tasks/main.yml
+++ b/roles/fivem/tasks/main.yml
@@ -0,0 +1,71 @@
 ---
 - name: Create folder structure
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "{{ data_dir }}/fivem"
    - "{{ data_dir }}/fivem/server"
    - "{{ data_dir }}/fivem/server-data"
 - name: Check if FiveM has already been downloaded
  stat:
    path: "{{ data_dir }}/fivem/server/run.sh"
  register: fivem_server
 - name: Check if FiveM Config directory already exists
  stat:
    path: "{{ data_dir }}/fivem/server-data/server.cfg"
  register: fivem_server_data
 - name: Check if FiveM systemd service exists
  stat:
    path: "/etc/systemd/system/fivem.service"
  register: fivem_systemd
 - name: Download FiveM Linux Build
  get_url:
    url: https://runtime.fivem.net/artifacts/fivem/build_proot_linux/master/20944-eaa15781d4695bd97b050d848e34aac3607c6696/fx.tar.xz
    dest: "{{ data_dir }}/fivem/server.tar.xz"
    mode: 0755
  when: not fivem_server.stat.exists
 - name: Unpack FiveM Linux Build
  unarchive:
    src: "{{ data_dir }}/fivem/server.tar.xz"
    dest: "{{ data_dir }}/fivem/server"
    remote_src: yes
  when: not fivem_server.stat.exists
 - name: Clone FiveM Server Data
  git:
    repo: https://github.com/citizenfx/cfx-server-data.git
    dest: "{{ data_dir }}/fivem/server-data"
  when: not fivem_server_data.stat.exists
 - name: Create FiveM server configuration
  template:
    src: server.cfg.j2
    dest: "{{ data_dir }}/fivem/server-data/server.cfg"
  when: not fivem_server_data.stat.exists
 - name: Stop & remove FiveM systemd service
  become: yes
  shell: |
    systemctl stop fivem.service &&
    rm /etc/systemd/system/fivem.service
  when: fivem_systemd.stat.exists
 - name: Create FiveM systemd service
  become: yes
  template:
    src: fivem.service.j2
    dest: "/etc/systemd/system/fivem.service"
 - name: Enable FiveM systemd service
  become: yes
  command: systemctl enable fivem.service
 - name: Start FiveM systemd service
  become: yes
  command: systemctl start fivem.service
--- a/roles/fivem/templates/fivem.service.j2
+++ b/roles/fivem/templates/fivem.service.j2
@@ -0,0 +1,15 @@
 [Unit]
 Description=FiveM Server
 Documentation=https://git.alexav.gg/alex/homelab
 [Service]
 Type=forking
 ExecStart=/usr/bin/tmux new-session -s fivem -d '/bin/sh {{data_dir}}/fivem/server/run.sh +exec server.cfg'
 WorkingDirectory={{ data_dir }}/fivem/server-data
 TimeoutSec=30
 RestartSec=30
 Restart=no
 User=root
 [Install]
 WantedBy=multi-user.target
--- a/roles/fivem/templates/server.cfg.j2
+++ b/roles/fivem/templates/server.cfg.j2
@@ -0,0 +1,81 @@
 # Only change the IP if you're using a server with multiple network interfaces, otherwise change the port only.
 endpoint_add_tcp "0.0.0.0:30120"
 endpoint_add_udp "0.0.0.0:30120"
 # These resources will start by default.
 ensure mapmanager
 ensure chat
 ensure spawnmanager
 ensure sessionmanager
 ensure basic-gamemode
 ensure hardcap
 ensure rconlog
 # This allows players to use scripthook-based plugins such as the legacy Lambda Menu.
 # Set this to 1 to allow scripthook. Do note that this does _not_ guarantee players won't be able to use external plugins.
 sv_scriptHookAllowed 0
 # Uncomment this and set a password to enable RCON. Make sure to change the password - it should look like set rcon_password "YOURPASSWORD"
 #set rcon_password ""
 # A comma-separated list of tags for your server.
 # For example:
 # - sets tags "drifting, cars, racing"
 # Or:
 # - sets tags "roleplay, military, tanks"
 sets tags "default"
 # A valid locale identifier for your server's primary language.
 # For example "en-US", "fr-CA", "nl-NL", "de-DE", "en-GB", "pt-BR"
 sets locale "root-AQ" 
 # please DO replace root-AQ on the line ABOVE with a real language! :)
 # Set an optional server info and connecting banner image url.
 # Size doesn't matter, any banner sized image will be fine.
 #sets banner_detail "https://url.to/image.png"
 #sets banner_connecting "https://url.to/image.png"
 # Set your server's hostname. This is not usually shown anywhere in listings.
 sv_hostname "Medal.tv Testing Server"
 # Set your server's Project Name
 sets sv_projectName "Medal.tv Testing Server"
 # Set your server's Project Description
 sets sv_projectDesc "A test server for QA"
 # Set Game Build (https://docs.fivem.net/docs/server-manual/server-commands/#sv_enforcegamebuild-build)
 #sv_enforceGameBuild 2802
 # Nested configs!
 #exec server_internal.cfg
 # Loading a server icon (96x96 PNG file)
 #load_server_icon myLogo.png
 # convars which can be used in scripts
 set temp_convar "hey world!"
 # Remove the `#` from the below line if you want your server to be listed as 'private' in the server browser.
 # Do not edit it if you *do not* want your server listed as 'private'.
 # Check the following url for more detailed information about this:
 # https://docs.fivem.net/docs/server-manual/server-commands/#sv_master1-newvalue
 #sv_master1 ""
 # Add system admins
 add_ace group.admin command allow # allow all commands
 add_ace group.admin command.quit deny # but don't allow quit
 add_principal identifier.fivem:1 group.admin # add the admin to the group
 # enable OneSync (required for server-side state awareness)
 set onesync on
 # Server player slot limit (see https://fivem.net/server-hosting for limits)
 sv_maxclients 48
 # Steam Web API key, if you want to use Steam authentication (https://steamcommunity.com/dev/apikey)
 # -> replace "" with the key
 set steam_webApiKey ""
 # License key for your server (https://portal.cfx.re)
 sv_licenseKey {{ FIVEM_LICENSE_KEY }}
--- a/roles/traefik/tasks/main.yml
+++ b/roles/traefik/tasks/main.yml
@@ -14,16 +14,30 @@
    tag: latest
    source: pull
 # create static configuration for traefik
 - name: Create Traefik Configuration
  template:
    src: config.yml.j2
    dest: "{{ data_dir }}/traefik/traefik.yml"
 # create dynamic provider files for each system
 - name: Create Traefik Dynamic File (Local)
  template:
    src: local-dynamic.yml.j2
    dest: "{{ data_dir }}/traefik/dynamic.yml"
  when: server == "jade" or server == "nas"
 - name: Create Traefik Dynamic File (Remote)
  template:
    src: remote-dynamic.yml.j2
    dest: "{{ data_dir }}/traefik/dynamic.yml"
  when: server == "jackson"
 - name: Deploy Traefik Docker Container
  docker_container:
    name: traefik
    image: traefik
    restart_policy: unless-stopped
    recreate: true
    command:
      - --providers.file.directory=/config
    published_ports:
@@ -37,11 +51,6 @@
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - "{{ data_dir }}/traefik/data:/data"
      - "{{ data_dir }}/traefik/traefik.yml:/traefik.yml"
-    labels:
+      - "{{ data_dir }}/traefik/dynamic.yml:/dynamic.yml"
      traefik.enable: "true"
      traefik.http.routers.traefik.rule: Host(`traefik.fntz.net`)
      traefik.http.routers.traefik.entrypoints: webSecure
      traefik.http.routers.traefik.tls.certresolver: letsencrypt
      traefik.http.services.traefik.loadbalancer.server.port: "8080"
    networks:
-      - name: homelab
+      - name: "{{ docker_network_name }}"
--- a/roles/traefik/templates/config.yml.j2
+++ b/roles/traefik/templates/config.yml.j2
@@ -16,9 +16,11 @@ serversTransport:
  insecureSkipVerify: true
 providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
    network: homelab
  file:
    filename: /dynamic.yml
    watch: true
 certificatesResolvers:
  letsencrypt:
    acme:
--- a/roles/traefik/templates/local-dynamic.yml.j2
+++ b/roles/traefik/templates/local-dynamic.yml.j2
@@ -0,0 +1,77 @@
 http:
  middlewares:
    tinyauth:
      forwardauth:
        address: http://tinyauth:3000/api/auth/traefik
  routers:
    plex:
      rule: "Host(`tv.fntz.net`)"
      service: plex
      entryPoints:  
        - webSecure
      tls:
        certResolver: letsencrypt
    jtraefik:
      rule: "Host(`traefik-jackson.fntz.net`)"
      service: jtraefik
      entryPoints:
        - webSecure
      tls:
        certResolver: letsencrypt
    traefik:
      rule: "Host(`traefik.fntz.net`)"
      service: traefik
      entryPoints:
        - webSecure
      tls:
        certResolver: letsencrypt
    nflproxy:
      rule: "Host(`nfl.fntz.net`)"
      service: nflproxy
      entryPoints:
        - webSecure
      tls:
        certResolver: letsencrypt
    nvr:
      rule: "Host(`nvr.fntz.net`)"
      service: nvr
      middlewares: tinyauth
      entryPoints:
        - webSecure
      tls:
        certResolver: letsencrypt
    iptv:
      rule: "Host(`iptv.fntz.net`)"
      service: iptv
      entryPoints:
        - webSecure
      tls:
        certResolver: letsencrypt
  services:
    plex:
      loadBalancer:
        servers:
          - url: "http://172.16.0.29:32400"
    jtraefik:
      loadBalancer:
        servers:
          - url: "http://jackson:8080/"
    traefik:
      loadBalancer:
        servers:
          - url: "http://jade:8080/"
    nflproxy:
      loadBalancer:
        servers:
          - url: "http://jade:5000/"
    nvr:
      loadBalancer:
        servers:
          - url: "http://172.16.0.29:5000/"
    iptv:
      loadBalancer:
        servers:
          - url: "http://nas:8409/"
--- a/roles/traefik/templates/remote-dynamic.yml.j2
+++ b/roles/traefik/templates/remote-dynamic.yml.j2
@@ -0,0 +1,18 @@
 http:
  middlewares:
    landiteRedirect:
      redirectRegex:
        regex: ".*"
        replacement: "https://alexav.gg/?ref=landite"
        permanent: true
  routers:
    landite:
      rule: "Host(`landite.games`)"
      middlewares:
        - landiteRedirect
      service: noop@internal
      entryPoints:
        - webSecure
      tls:
        certResolver: letsencrypt
--- a/scripts/deploy_containers.py
+++ b/scripts/deploy_containers.py
@@ -1,85 +1,120 @@
 import re
 import sys
 import os
 import subprocess
 bracket_regex = r'\[([^\]]*)\]'
 quote_regex = r'"([^"]*)"'
 def git_diff():
  args = sys.argv
  res = subprocess.run(f"git diff --name-only {args[1]} {args[2]}", capture_output=True, shell=True, text=True)
-  return res.stdout.strip().split("\n")
+  return [x for x in res.stdout.strip().split("\n") if "tasks/" in x or "roles/" in x]
-def construct_ansible_command(tag = None):
+def construct_command(tag = None, host = None):
-  command = "ANSIBLE_CONFIG=ansible.cfg /usr/bin/ansible-playbook main.yml --vault-password-file ~/.vault_pass.txt"
+  command = f"ANSIBLE_CONFIG=ansible.cfg /usr/bin/ansible-playbook main.yml --vault-password-file ~/.vault_pass.txt"
  if host:
    command += f" -l {host}"
  if tag:
-    command += f" --tags {tag}"
+    command += f" --tags {tag}_deploy"
  return command
-def run_deployment(tag = None):
+def deploy(tag = None, host = None):
-  if tag:
+  command = construct_command(tag, host)
    command = construct_ansible_command(tag=tag)
  print(f"Running deployment for {tag}..")
  res = subprocess.run(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
  lines = res.stdout.decode(encoding='utf-8').split("\n")
-  success = True
+  if tag:
-  for ind, line in enumerate(lines):
+    print(f"Deploying {tag}...\n")
-    if "fatal:" in line:
+  else:
-      host = re.findall(bracket_regex, line)[0]
+    print(f"Deploying {host}...\n")
-      task_failed = re.findall(bracket_regex, lines[ind - 1])[0]
+  res = subprocess.run(command, shell=True, stdout=subprocess.DEVNULL)
      reason_failed = re.findall(quote_regex, line)
-      print("\n---------------------")
+  return res.returncode == 0
      print(" Deployment failed!")
      print(f" Task: {task_failed}")
      print(f" Host: {host}")
      print(f" Reason: {reason_failed[2].split(":")[1].strip()}")
      print(line)
      print("---------------------\n")
      success = False
      break
  return success
 def main():
  dir_path = os.path.join(os.path.dirname(os.path.abspath(__file__)), '../')
  diff = git_diff()
  # containers that need special treatment
  removed_containers = []
  vpn_containers = [
-    "tasks/qbittorrent.yml"
+    "tasks/qbittorrent.yml",
    "tasks/jackett.yml"
  ]
  managed_roles = [
    "roles/fivem",
    "roles/gitea-runner",
    "roles/traefik"
  ]
-  success = True
+  # special actions
  deployed = 0
  # auto-heal any vpn-dependent containers
  if "tasks/gluetun.yml" in diff:
    print("[MAIN] Detected Gluetun in diff, recreating dependent containers..")
    for container in vpn_containers:
      if container not in diff:
        print(f"Adding {container} to restart list as Gluetun is present..")
        diff.append(container)
  # clean up the diff
  new_diff = []
  for file in diff:
-    if "tasks" in file:
+    task_name = f"{file.split("/")[0]}/{file.split("/")[1]}"
        task_name = file.split("/")[1].split(".")[0] + "_deploy"
        state = run_deployment(tag=task_name)
-        if not state:
+    # i'm not proud of this either
-          success = False
+    if not os.path.exists(os.path.join(dir_path, file)):
-          break
+      if "roles" in file and not os.path.exists(os.path.join(dir_path, task_name)) and task_name in managed_roles:
-        else:
+        print(f"[MAIN] '{task_name}' role removed, marking for cleanup..")
-          deployed += 1
+        removed_containers.append(task_name)
      elif "tasks" in task_name:
        print(f"[MAIN] '{task_name}' non-existent, marking for cleanup..")
        removed_containers.append(task_name) 
    elif "roles" in file:      
      if task_name in managed_roles:
        if task_name not in new_diff:
          new_diff.append(task_name)
    elif "tasks" in file:
      new_diff.append(file.split(".")[0])
    else:
      new_diff.append(file)
-  if success and deployed > 0:
+  deployed = []
  failed = []
  for task in new_diff:
    deployment = deploy(tag=task)
    if not deployment:
      failed.append(task)
    else:
      deployed.append(task)
  for task in removed_containers:
    print(f"[MAIN] Attempting to remove containers related to '{task}'...")
    task_name = task.split("/")[1].split(".")[0]
    containers = subprocess.Popen(f"docker container list | grep {task_name}_", shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
    for line in containers.stdout:
      docker_container_id = line.rstrip().decode('utf8').split(" ")[0]
      if docker_container_id and docker_container_id.strip() != "":
        print(f"[MAIN] Found Docker container {docker_container_id} related to {task}, removing..")
        # clean up containers & dangling images
        subprocess.run(f"/usr/bin/docker container stop {docker_container_id}", shell=True, stdout=subprocess.DEVNULL)
        subprocess.run(f"/usr/bin/docker container rm {docker_container_id}", shell=True, stdout=subprocess.DEVNULL)
        subprocess.run("/usr/bin/docker image prune -f", shell=True, stdout=subprocess.DEVNULL)
        subprocess.run("/usr/bin/docker container prune -f", shell=True, stdout=subprocess.DEVNULL)
  if len(failed) <= 0 and len(deployed) > 0:
    print("\n---------------------")
    print(" Deployment succeeded!")
-    print(f" Tasks: {", ".join(diff)}")
+    print(f" All tasks: {", ".join(deployed)}")
    print("---------------------\n")
-  elif deployed == 0:
+    sys.exit(0)
-    print("Successful, no containers required deployment")
+  elif len(failed) > 0:
    print("\n---------------------")
    print(" Deployment failed!")
    print(f" Failed tasks: {", ".join(failed)}")
    print(f" All tasks: {", ".join(deployed)}")
    print("---------------------\n")
    sys.exit(1)
  elif len(deployed) <= 0:
    print("[MAIN] Successfully executed, no tasks required execution")
    sys.exit(0)
 if __name__ == "__main__":
  main()
--- a/scripts/extract_to_template.py
+++ b/scripts/extract_to_template.py
@@ -0,0 +1,30 @@
 import os
 import subprocess
 host_vars_path = os.path.abspath('host_vars')
 file_contents = ""
 if os.path.exists(host_vars_path):
  if os.path.exists(os.path.join(host_vars_path, 'all.template.yml')):
    os.remove(os.path.join(host_vars_path, 'all.template.yml'))
  vaults = os.listdir(host_vars_path)
  for vault in vaults:
    vault_path = os.path.join(host_vars_path, vault)
    vault_contents = subprocess.run(f'ansible-vault decrypt "{vault_path}" --vault-password-file ~/.vault_pass.txt --output -', shell=True, universal_newlines=True, stdout=subprocess.PIPE, stderr=subprocess.DEVNULL)
    stdout = vault_contents.stdout.strip().splitlines()
    for line in stdout:
      if line.startswith("#") and line not in file_contents:
        file_contents += f"\n{line}\n"
      if ":" in line:
        if line.split(":")[0] not in file_contents:
          file_contents += f'{line.split(":")[0]}:\n'
    with open(os.path.join(host_vars_path, 'all.template.yml'), 'w', encoding="utf8") as template_file:
      template_file.write(file_contents)
      template_file.close()
    print("Written to disk!")
--- a/scripts/run_updates.py
+++ b/scripts/run_updates.py
@@ -0,0 +1,52 @@
 import requests
 import subprocess
 import os
 import yaml
 def search_for_image(image_name):
  tasks_folder = os.path.realpath(os.path.join('./', 'tasks'))
  if "library/" in image_name:
    image_name = image_name.replace("library/", "")
  for task in os.listdir(tasks_folder):
    with open(os.path.join(tasks_folder, task), 'r') as file:
      data = yaml.safe_load(file)
      for key in data:
        if "docker_image" in key:
          if image_name in key["docker_image"]["name"]:
            return f"{task.split(".")[0]}_deploy"
 def main():
  update_list = requests.get("https://cup.fntz.net/api/v3/json")
  update_list.raise_for_status()
  update_list = update_list.json()
  deployable_tags = []
  with open("main.yml", 'r') as file:
    data = yaml.safe_load(file)
    for host in data:
      for task in host['tasks']:
        deployable_tags.append(task['tags'])
  if len(update_list["images"]) <= 0:
    print("No images to update!")
  else:
    print(f"Updating {update_list["metrics"]["updates_available"]} image(s)..\n")
    for image in update_list["images"]:
      if image['result']['has_update']:
        if "remote_digest" in image["result"]["info"]:
          image_name = image["parts"]["repository"]
          ansible_tag = search_for_image(image_name) 
          if ansible_tag and ansible_tag in deployable_tags:
            print(f"Updating '{image_name}' ({ansible_tag})..")
            subprocess.run(f'docker image pull {image_name}', shell=True)
            subprocess.run(f'ANSIBLE_CONFIG=ansible.cfg ansible-playbook main.yml --tags {ansible_tag} --vault-password-file=~/.vault_pass.txt', shell=True)
    print("\nAll images updated, refreshing Cup")
    requests.get("https://cup.fntz.net/api/v3/refresh")
 if __name__ == "__main__":
  main()
--- a/tasks/api.yml
+++ b/tasks/api.yml
@@ -1,64 +1,52 @@
 ---
- name: "Create file structure"
+- name: Deploy API Database
-  file:
+  include_role:
-    path: "{{ item }}"
+    name: docker
-    state: directory
+  vars:
  with_items:
    - "{{ data_dir }}/api"
    - "{{ data_dir }}/api/db"
    - "{{ data_dir }}/api/app"
 - name: "Clone latest API"
  git:
    repo: git@git.alexav.gg:alex/api.git
    dest: "{{ data_dir }}/api/app"
 - name: "Build API Docker Image"
  docker_image:
    name: api
    tag: "latest"
    build:
      path: "{{ data_dir }}/api/app"
      dockerfile: Dockerfile
    source: build
    state: present
 - name: Create API Network
  docker_network:
    name: api
 - name: Deploy Redis Container
  docker_container:
    name: api_redis
    image: redis:latest
    restart_policy: unless-stopped
    recreate: true
    networks:
      - name: api
 - name: Deploy Database Container
  docker_container:
    name: api_postgres
-    image: postgres:latest
+    network_name: api
-    restart_policy: unless-stopped
+    directories:
-    recreate: true
+      - "{{ data_dir }}/api/db"
    image:
      name: postgres
      tag: latest
    networks:
      - name: api
    volumes:
      - "{{ data_dir }}/api/db:/var/lib/postgresql/data"
    env:
      POSTGRES_USER: "api"
      POSTGRES_PASSWORD: "{{ API_POSTGRES_PASSWORD }}"
      PGDATA: "/var/lib/postgresql/data/pgdata"
- name: Deploy API Container
+- name: Deploy API Redis
-  docker_container:
+  include_role:
    name: docker
  vars:
    name: api_redis
    network_name: api
    image:
      name: redis
      tag: latest
    networks:
      - name: api
 - name: Deploy API
  include_role:
    name: docker
  vars:
    name: api
-    image: api:latest
+    network_name: api
    recreate: true
    restart_policy: unless-stopped
    networks:
      - name: api
      - name: "{{ docker_network_name }}"
    build:
      git:
        repo: git@git.alexav.gg:alex/api.git
        dest: "{{ data_dir }}/api/app"
    image:
      name: api
      tag: latest
    env:
      NODE_ENV: "production"
      VERSION: "v4"
@@ -70,3 +58,9 @@
      STEAM_API_KEY: "{{ API_STEAM_API_KEY }}"
      CONTACT_WEBHOOK: "{{ API_CONTACT_WEBHOOK }}"
      JWT_KEY: "{{ API_JWT_KEY }}"
    labels:
      traefik.enable: "true"
      traefik.http.routers.aapi.rule: Host(`api.alexav.gg`)
      traefik.http.routers.aapi.entrypoints: webSecure
      traefik.http.routers.aapi.tls.certresolver: letsencrypt
      traefik.http.services.aapi.loadbalancer.server.url: http://api:3000
--- a/tasks/codeserver.yml
+++ b/tasks/codeserver.yml
@@ -1,17 +1,14 @@
 ---
- name: Create folder structure
+- name: Deploy Code Server
-  file:
+  include_role:
-    path: "{{ item }}"
+    name: docker
-    state: directory
+  vars:
-  with_items:
+    name: "codeserver"
-    - "{{ data_dir }}/code-server"
+    directories:
-
+      - "{{ data_dir }}/code-server"
- name: Create Code Server Docker Container
+    image:
-  docker_container:
+      name: lscr.io/linuxserver/code-server
-    name: codeserver
+      tag: latest
    image: lscr.io/linuxserver/code-server:latest
    restart_policy: unless-stopped
    recreate: true
    networks:
      - name: homelab
    volumes:
@@ -29,3 +26,4 @@
      traefik.http.routers.code.entrypoints: webSecure
      traefik.http.routers.code.tls.certresolver: letsencrypt
      traefik.http.services.code.loadbalancer.server.port: "8443"
      traefik.http.routers.code.middlewares: tinyauth
--- a/tasks/cup.yml
+++ b/tasks/cup.yml
@@ -1,11 +1,10 @@
 ---
- name: Create Cup Docker Container
+- name: Deploy Cup
-  docker_container:
+  include_role:
-    name: Cup
+    name: docker
-    image: ghcr.io/sergi0g/cup
+  vars:
    name: cup
    command: serve
    restart_policy: unless-stopped
    recreate: true
    networks:
      - name: homelab
    volumes:
@@ -16,3 +15,6 @@
      traefik.http.routers.cup.entrypoints: webSecure
      traefik.http.routers.cup.tls.certresolver: letsencrypt
      traefik.http.services.cup.loadbalancer.server.port: "8000"
    image:
      name: ghcr.io/sergi0g/cup
      tag: latest
--- a/tasks/dashdot.yml
+++ b/tasks/dashdot.yml
@@ -1,10 +1,12 @@
 ---
- name: Create Dashdot Docker Container
+- name: Deploy Dashdot
-  docker_container:
+  include_role:
    name: docker
  vars:
    name: dashdot
-    image: mauricenino/dashdot
+    image:
-    restart_policy: unless-stopped
+      name: mauricenino/dashdot
-    recreate: true
+      tag: latest
    networks:
      - name: homelab
    volumes:
--- a/tasks/dozzle.yml
+++ b/tasks/dozzle.yml
@@ -1,12 +1,14 @@
 ---
- name: Create Dozzle Docker Container
+- name: Deploy Dozzle
-  docker_container:
+  include_role:
    name: docker
  vars:
    name: dozzle
    image: amir20/dozzle:latest
    restart_policy: unless-stopped
    recreate: true
    networks:
      - name: homelab
    image:
      name: amir20/dozzle
      tag: latest
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
    env:
@@ -18,3 +20,4 @@
      traefik.http.routers.dz.entrypoints: webSecure
      traefik.http.routers.dz.tls.certresolver: letsencrypt
      traefik.http.services.dz.loadbalancer.server.port: "8080"
      traefik.http.routers.dz.middlewares: tinyauth
--- a/tasks/drop.yml
+++ b/tasks/drop.yml
@@ -12,11 +12,18 @@
  docker_network:
    name: drop
 - name: Pull latest Drop Docker Image
  docker_image:
    name: ghcr.io/drop-oss/drop
    tag: v0.3.3
    source: pull
 - name: Create Drop DB Container
  docker_container:
    name: drop_postgres
    image: postgres:14-alpine
    recreate: true
    restart_policy: unless-stopped
    networks:
      - name: drop
    healthcheck:
@@ -35,8 +42,9 @@
 - name: Create Drop Container
  docker_container:
    name: drop
-    image: ghcr.io/drop-oss/drop:v0.3.0
+    image: ghcr.io/drop-oss/drop:latest
    recreate: true
    restart_policy: unless-stopped
    networks:
      - name: homelab
      - name: drop
@@ -46,6 +54,7 @@
    env:
      DATABASE_URL: "postgres://drop:drop@drop_postgres:5432/drop"
      GIANT_BOMB_API_KEY: "{{ DROP_GIANT_BOMB_API_KEY }}"
      EXTERNAL_URL: "https://games.fntz.net"
    labels:
      traefik.enable: "true"
      traefik.http.routers.drop.rule: Host(`games.fntz.net`)
--- a/tasks/ersatztv.yml
+++ b/tasks/ersatztv.yml
@@ -0,0 +1,31 @@
 ---
 - name: Create folder structure
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "{{ data_dir }}/ersatz"
 - name: Pull latest Docker Image
  docker_image:
    name: ghcr.io/ersatztv/ersatztv
    tag: latest
    source: pull
 - name: Create Docker Container
  docker_container:
    name: ersatztv
    image: ghcr.io/ersatztv/ersatztv:latest
    recreate: true
    restart_policy: unless-stopped
    devices:
      - /dev/dri/renderD128:/dev/dri/renderD128
    mounts:
      - type: tmpfs
        target: /transcode
        tmpfs_size: 5G
    volumes:
      - "{{ data_dir }}/ersatz:/config"
      - "{{ media_path }}:{{ media_path }}:ro"
    published_ports:
      - "8409:8409"
--- a/tasks/excalidraw.yml
+++ b/tasks/excalidraw.yml
@@ -1,10 +1,12 @@
 ---
- name: Create Excalidraw Docker Container
+- name: Deploy Excalidraw
-  docker_container:
+  include_role:
    name: docker
  vars:
    name: excalidraw
-    image: excalidraw/excalidraw
+    image:
-    restart_policy: unless-stopped
+      name: excalidraw/excalidraw
-    recreate: true
+      tag: latest
    networks:
      - name: homelab
    labels:
@@ -12,4 +14,4 @@
      traefik.http.routers.draw.rule: Host(`draw.fntz.net`)
      traefik.http.routers.draw.entrypoints: webSecure
      traefik.http.routers.draw.tls.certresolver: letsencrypt
-      traefik.http.services.draw.loadbalancer.server.port: "3000"
+      traefik.http.services.draw.loadbalancer.server.port: "80"
--- a/tasks/frigate.yml
+++ b/tasks/frigate.yml
@@ -0,0 +1,40 @@
 ---
 - name: Create folder structure
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "{{ data_dir }}/frigate"
 - name: Pull latest Frigate Docker Image
  docker_image:
    name: ghcr.io/blakeblackshear/frigate
    tag: stable
    source: pull
 - name: Deploy Frigate Docker Container
  docker_container:
    name: frigate
    image: ghcr.io/blakeblackshear/frigate:stable
    recreate: true
    privileged: true
    restart_policy: unless-stopped
    published_ports:
      - "5000:5000"
      - "8555:8555/tcp"
      - "8555:8555/udp"
      - "8554:8554"
    devices:
      - /dev/dri/renderD128:/dev/dri/renderD128
    networks:
      - name: "{{ docker_network_name }}"
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - "{{ data_dir }}/frigate:/config"
      - "{{ FRIGATE_RECORDINGS_PATH }}:/media/frigate"
    labels:
      traefik.enable: "true"
      traefik.http.routers.frigate.rule: Host(`nvr.fntz.net`)
      traefik.http.routers.frigate.entrypoints: webSecure
      traefik.http.routers.frigate.tls.certresolver: letsencrypt
      traefik.http.services.frigate.loadbalancer.server.port: "5000"
--- a/tasks/gitea.yml
+++ b/tasks/gitea.yml
@@ -6,6 +6,12 @@
  with_items:
    - "{{ data_dir }}/gitea"
 - name: Pull latest Gitea Docker Image
  docker_image:
    name: docker.gitea.com/gitea
    tag: latest
    source: pull
 - name: Create Gitea Docker Container
  docker_container:
    name: gitea
@@ -22,3 +28,9 @@
    env:
      USER_UID: "1000"
      USER_GID: "1000"
    labels:
      traefik.enable: "true"
      traefik.http.routers.git.rule: Host(`git.alexav.gg`)
      traefik.http.routers.git.entrypoints: webSecure
      traefik.http.routers.git.tls.certresolver: letsencrypt
      traefik.http.services.git.loadbalancer.server.port: "3000"
--- a/tasks/glance.yml
+++ b/tasks/glance.yml
@@ -1,19 +1,16 @@
 ---
- name: Create folder structure
+- name: Deploy Glance
-  file:
+  include_role:
-    path: "{{ item }}"
+    name: docker
-    state: directory
+  vars:
  with_items:
    - "{{ data_dir }}/glance"
    - "{{ data_dir }}/glance/config"
    - "{{ data_dir }}/glance/assets"
 - name: Create Glance Docker Container
  docker_container:
    name: glance
-    image: glanceapp/glance
+    image:
-    restart_policy: unless-stopped
+      name: glanceapp/glance
-    recreate: true
+      tag: latest
    directories:
      - "{{ data_dir }}/glance"
      - "{{ data_dir }}/glance/config"
      - "{{ data_dir }}/glance/assets"
    networks:
      - name: homelab
    env:
--- a/tasks/gluetun.yml
+++ b/tasks/gluetun.yml
@@ -16,6 +16,7 @@
  docker_container:
    name: gluetun
    image: qmcgaw/gluetun
    recreate: true
    capabilities:
      - NET_ADMIN
    devices:
@@ -27,7 +28,7 @@
    published_ports:
      - 8888:8888/tcp
      - 8388:8388/tcp
-      - 8388:8388/ud
+      - 8388:8388/udp
    env:
      VPN_SERVICE_PROVIDER: "{{ GLUETUN_VPN_SERVICE_PROVIDER }}"
      VPN_TYPE: "wireguard"
@@ -36,3 +37,17 @@
      SERVER_COUNTRIES: "{{ GLUETUN_SERVER_COUNTRIES }}"
      SERVER_CITIES: "{{ GLUETUN_SERVER_CITIES }}"
      SERVER_HOSTNAMES: "{{ GLUETUN_SERVER_HOSTNAMES }}"
    labels:
      traefik.enable: "true"
      traefik.http.routers.qbit.rule: Host(`qbit.fntz.net`)
      traefik.http.routers.qbit.service: qbit
      traefik.http.routers.qbit.entrypoints: webSecure
      traefik.http.routers.qbit.tls.certresolver: letsencrypt
      traefik.http.services.qbit.loadbalancer.server.port: "8090"
      traefik.http.routers.jackett.rule: Host(`jackett.fntz.net`)
      traefik.http.routers.jackett.service: jackett
      traefik.http.routers.jackett.entrypoints: webSecure
      traefik.http.routers.jackett.tls.certresolver: letsencrypt
      traefik.http.services.jackett.loadbalancer.server.port: "9117"
--- a/tasks/homebridge.yml
+++ b/tasks/homebridge.yml
@@ -6,6 +6,12 @@
  with_items:
    - "{{ data_dir }}/homebridge"
 - name: Pull latest Homebridge Docker Image
  docker_image:
    name: homebridge/homebridge
    tag: latest
    source: pull
 - name: Create Homebridge Docker Container
  docker_container:
    name: homebridge
@@ -21,3 +27,4 @@
      traefik.http.routers.bridge.entrypoints: webSecure
      traefik.http.routers.bridge.tls.certresolver: letsencrypt
      traefik.http.services.bridge.loadbalancer.server.url: "http://{{ TRAEFIK_HOST_IP }}:8581"
      traefik.http.routers.bridge.middlewares: tinyauth
--- a/tasks/immich.yml
+++ b/tasks/immich.yml
@@ -8,10 +8,16 @@
    - "{{ data_dir }}/immich/model-cache"
    - "{{ data_dir }}/immich/db"
 - name: Pull latest Immich Server Docker Image
  docker_image:
    name: ghcr.io/immich-app/immich-server
    tag: v2.1.0
    source: pull
 - name: Create Immich Redis Docker Container
  docker_container:
    name: immich_redis
-    image: docker.io/valkey/valkey:8-bookworm@sha256:ff21bc0f8194dc9c105b769aeabf9585fea6a8ed649c0781caeac5cb3c247884
+    image: docker.io/valkey/valkey:8-bookworm@sha256:fea8b3e67b15729d4bb70589eb03367bab9ad1ee89c876f54327fc7c6e618571
    restart_policy: unless-stopped
    recreate: true
    networks:
@@ -20,7 +26,7 @@
 - name: Create Immich DB Docker Container
  docker_container:
    name: immich_postgres
-    image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0
+    image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0@sha256:bcf63357191b76a916ae5eb93464d65c07511da41e3bf7a8416db519b40b1c23
    restart_policy: unless-stopped
    recreate: true
    volumes:
@@ -33,21 +39,10 @@
    networks:
      - name: immich
 - name: Create Immich ML Docker Container
  docker_container:
    name: immich_machine_learning
    image: ghcr.io/immich-app/immich-machine-learning:release
    restart_policy: unless-stopped
    recreate: true
    volumes:
      - "{{ data_dir }}/immich/model-cache:/cache"
    networks:
      - name: immich
 - name: Create Immich Server Docker Container
  docker_container:
    name: immich_server
-    image: ghcr.io/immich-app/immich-server:release
+    image: ghcr.io/immich-app/immich-server:v2.1.0
    restart_policy: unless-stopped
    recreate: true
    networks:
@@ -61,6 +56,7 @@
      REDIS_HOSTNAME: "immich_redis"
      DB_PASSWORD: "{{ IMMICH_DB_PASSWORD }}"
      DB_USERNAME: "{{ IMMICH_DB_USERNAME }}"
      DB_DATABASE_NAME: "{{ IMMICH_DB_DATABASE_NAME }}"
    labels:
      traefik.enable: "true"
      traefik.http.routers.img.rule: Host(`img.fntz.net`)
--- a/tasks/jackett.yml
+++ b/tasks/jackett.yml
@@ -0,0 +1,28 @@
 ---
 - name: Create folder structure
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "{{ data_dir }}/jackett"
 - name: Pull latest Jackett Docker Image
  docker_image:
    name: lscr.io/linuxserver/jackett
    tag: latest
    source: pull
 - name: Deploy Jackett Docker Container
  docker_container:
    name: jackett
    image: lscr.io/linuxserver/jackett
    recreate: true
    restart_policy: unless-stopped
    network_mode: "container:gluetun"
    volumes:
      - "{{ data_dir }}/jackett:/config"
      - "{{ media_path}}/Downloads:/downloads"
    env:
      PUID: "{{ PUID }}"
      PGID: "{{ PGID }}"
      TZ: "{{ TZ }}"
--- a/tasks/jellyfin.yml
+++ b/tasks/jellyfin.yml
@@ -6,6 +6,12 @@
  with_items:
    - "{{ data_dir }}/jellyfin"
 - name: Pull latest Jellyfin Docker Image
  docker_image:
    name: lscr.io/linuxserver/jellyfin
    tag: latest
    source: pull
 - name: Create Jellyfin Docker Container
  docker_container:
    name: jellyfin
--- a/tasks/kavita.yml
+++ b/tasks/kavita.yml
@@ -0,0 +1,35 @@
 ---
 - name: Create folder structure
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "{{ data_dir }}/kavita"
 - name: Pull latest Kavita Docker Image
  docker_image:
    name: lscr.io/linuxserver/kavita
    tag: latest
    source: pull
 - name: Deploy Kavita Docker Container
  docker_container:
    name: kavita
    image: lscr.io/linuxserver/kavita
    recreate: true
    restart_policy: unless-stopped
    volumes:
      - "{{ data_dir }}/kavita:/config"
      - "{{ media_path }}/Books:/books"
    env:
      PUID: "{{ PUID }}"
      PGID: "{{ PGID }}"
      TZ: "{{ TZ }}"
    networks:
      - name: homelab
    labels:
      traefik.enable: "true"
      traefik.http.routers.read.rule: Host(`read.fntz.net`)
      traefik.http.routers.read.entrypoints: webSecure
      traefik.http.routers.read.tls.certresolver: letsencrypt
      traefik.http.services.read.loadbalancer.server.port: "5000"
--- a/tasks/monitoring.yml
+++ b/tasks/monitoring.yml
@@ -1,80 +0,0 @@
 ---
 - name: Create folder structure
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "{{ data_dir }}/monitoring"
    - "{{ data_dir }}/monitoring/prometheus"
    - "{{ data_dir }}/monitoring/grafana"
 - name: Create Monitoring Docker Network
  docker_network:
    name: monitoring
 - name: Create Grafana Docker Container
  docker_container:
    name: grafana
    user: "{{ PUID }}"
    image: grafana/grafana:latest
    restart_policy: unless-stopped
    recreate: true
    networks:
      - name: homelab
      - name: monitoring
    volumes:
      - "{{ data_dir }}/monitoring/grafana:/var/lib/grafana"
    env:
      GF_AUTH_ANONYMOUS_ENABLED: "{{ GRAFANA_AUTH_ANONYMOUS_ENABLED }}"
    labels:
      traefik.enable: "true"
      traefik.http.routers.graf.rule: Host(`graf.fntz.net`)
      traefik.http.routers.graf.entrypoints: webSecure
      traefik.http.routers.graf.tls.certresolver: letsencrypt
      traefik.http.services.graf.loadbalancer.server.port: "3000"
 - name: Copy Prometheus Config
  template:
    src: "prometheus.yml.j2"
    dest: "{{ data_dir }}/monitoring/prometheus/config.yml"
    mode: "0744"
 - name: Create Prometheus Docker Container
  docker_container:
    name: prometheus
    image: prom/prometheus:latest
    restart_policy: unless-stopped
    recreate: true
    networks:
      - name: homelab
      - name: monitoring
    volumes:
      - "{{ data_dir }}/monitoring/prometheus:/prometheus"
      - "{{ data_dir }}/monitoring/prometheus/config.yml:/etc/prometheus/prometheus.yml"
 - name: Create CAdvisor Docker Container
  docker_container:
    name: cadvisor
    image: gcr.io/cadvisor/cadvisor:latest
    restart_policy: unless-stopped
    recreate: true
    privileged: true
    networks:
      - name: monitoring
    devices:
      - /dev/kmsg
    volumes:
      - "/:/rootfs:ro"
      - "/var/run:/var/run:ro"
      - "/sys:/sys:ro"
      - "/var/lib/docker:/var/lib/docker:ro"
      - "/dev/disk/:/dev/disk:ro"
 - name: Create Node-Exporter Docker Container
  docker_container:
    name: node-exporter
    image: prom/node-exporter:latest
    restart_policy: unless-stopped
    recreate: true
    networks:
      - name: monitoring
--- a/tasks/navidrome.yml
+++ b/tasks/navidrome.yml
@@ -6,6 +6,12 @@
  with_items:
    - "{{ data_dir }}/navidrome"
 - name: Pull latest Navidrome Docker Image
  docker_image:
    name: deluan/navidrome
    tag: latest
    source: pull
 - name: Create Navidrome Docker Container
  docker_container:
    name: navidrome
--- a/tasks/nextcloud.yml
+++ b/tasks/nextcloud.yml
@@ -12,10 +12,16 @@
  docker_network:
    name: nextcloud
 - name: Pull latest Nextcloud Docker Image
  docker_image:
    name: nextcloud
    tag: latest
    source: pull
 - name: Create Nextcloud DB Docker Container
  docker_container:
    name: nc_postgresql
-    image: postgres:16-alpine
+    image: postgres:17-alpine
    restart_policy: unless-stopped
    recreate: true
    networks:
@@ -40,3 +46,9 @@
      - name: nextcloud
    volumes:
      - "{{ data_dir }}/nextcloud/data:/var/www/html"
    labels:
      traefik.enable: "true"
      traefik.http.routers.nc.rule: Host(`{{ NEXTCLOUD_APP_URL }}`)
      traefik.http.routers.nc.entrypoints: webSecure
      traefik.http.routers.nc.tls.certresolver: letsencrypt
      traefik.http.services.nc.loadbalancer.server.port: "80"
--- a/tasks/ntfy.yml
+++ b/tasks/ntfy.yml
@@ -1,30 +0,0 @@
 ---
 - name: Create folder structure
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "{{ data_dir }}/ntfy"
    - "{{ data_dir }}/ntfy/cache"
    - "{{ data_dir }}/ntfy/data"
 - name: Create Ntfy Docker Container
  docker_container:
    name: ntfy
    image: binwiederhier/ntfy
    command: serve
    restart_policy: unless-stopped
    recreate: true
    networks:
      - name: homelab
    volumes:
      - "{{ data_dir }}/ntfy/cache:/var/cache/ntfy"
      - "{{ data_dir }}/ntfy/data:/etc/ntfy"
    env:
      UPSTREAM_BASE_URL: "{{ NTFY_UPSTREAM_BASE_URL }}"
      BASE_URL: "{{ NTFY_BASE_URL }}"
    labels:
      traefik.enable: "true"
      traefik.http.routers.ntfy.rule: Host(`push.fntz.net`)
      traefik.http.routers.ntfy.entrypoints: webSecure
      traefik.http.routers.ntfy.tls.certresolver: letsencrypt
--- a/tasks/nzbget.yml
+++ b/tasks/nzbget.yml
@@ -6,6 +6,12 @@
  with_items:
    - "{{ data_dir }}/nzbget"
 - name: Pull latest NZBGet Docker Image
  docker_image:
    name: lscr.io/linuxserver/nzbget
    tag: latest
    source: pull
 - name: Create NZBGet Docker Container
  docker_container:
    name: nzbget
@@ -29,3 +35,4 @@
      traefik.http.routers.nzb.entrypoints: webSecure
      traefik.http.routers.nzb.tls.certresolver: letsencrypt
      traefik.http.services.nzb.loadbalancer.server.port: "6789"
      traefik.http.routers.nzb.middlewares: tinyauth
--- a/tasks/obsidian.yml
+++ b/tasks/obsidian.yml
@@ -0,0 +1,36 @@
 ---
 - name: Create folder structure
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "{{ data_dir }}/obsidian"
    - "{{ data_dir }}/obsidian/data"
    - "{{ data_dir }}/obsidian/etc"
 - name: Pull Docker Image
  docker_image:
    name: couchdb
    tag: latest
    source: pull
 - name: Create Docker Container
  docker_container:
    name: couchdb
    image: couchdb:latest
    recreate: true
    restart_policy: unless-stopped
    networks:
      - name: homelab
    volumes:
      - "{{ data_dir }}/obsidian/data:/opt/couchdb/data"
      - "{{ data_dir }}/obsidian/etc:/opt/couchdb/etc/local.d"
    env:
      COUCHDB_USER: "{{ COUCHDB_USER }}"
      COUCHDB_PASSWORD: "{{ COUCHDB_PASSWORD }}"
    labels:
      traefik.enable: "true"
      traefik.http.routers.couch.rule: Host(`couch.fntz.net`)
      traefik.http.routers.couch.entrypoints: webSecure
      traefik.http.routers.couch.tls.certresolver: letsencrypt
      traefik.http.services.couch.loadbalancer.server.port: "5984"
--- a/tasks/owncloud.yml
+++ b/tasks/owncloud.yml
@@ -0,0 +1,93 @@
 ---
 - name: Create folder structure
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "{{ data_dir }}/owncloud"
    - "{{ data_dir }}/owncloud/data"
    - "{{ data_dir }}/owncloud/db"
    - "{{ data_dir }}/owncloud/redis"
 - name: Create Owncloud Docker Network
  docker_network:
    name: owncloud
 - name: Pull latest Owncloud Docker Image
  docker_image:
    name: owncloud/server
    tag: "10.15"
    source: pull
 - name: Create Owncloud DB Docker Container
  docker_container:
    name: oc_database
    image: mariadb:latest
    restart_policy: unless-stopped
    recreate: true
    networks:
      - name: owncloud
    volumes:
      - "{{ data_dir }}/owncloud/db:/var/lib/mysql"
    env:
      MYSQL_ROOT_PASSWORD: "{{ OWNCLOUD_DB_PASSWORD }}"
      MYSQL_DATABASE: "owncloud"
      MYSQL_USER: "owncloud"
      MYSQL_PASSWORD: "{{ OWNCLOUD_DB_PASSWORD }}"
      MARIADB_AUTO_UPGRADE: "1"
    command: "--max-allowed-packet=128M --innodb-log-file-size=64M"
    healthcheck:
      test: "CMD mysqladmin ping -u root --password={{ OWNCLOUD_DB_PASSWORD }}"
      interval: 10s
      timeout: 5s
      retries: 5
 - name: Create Owncloud Redis Container
  docker_container:
    name: oc_redis
    image: redis:latest
    restart_policy: unless-stopped
    recreate: true
    networks:
      - name: owncloud
    command: "--databases 1"
    healthcheck:
      test: CMD redis-cli ping
      interval: 10s
      timeout: 5s
      retries: 5
    volumes:
      - "{{ data_dir }}/owncloud/redis:/data"
 - name: Create Owncloud Docker Container
  docker_container:
    name: owncloud
    image: owncloud/server:10.15
    restart_policy: unless-stopped
    recreate: true
    networks:
      - name: "{{ docker_network_name }}"
      - name: owncloud
    volumes:
      - "{{ data_dir }}/owncloud/data:/mnt/data"
    env:
      OWNCLOUD_DOMAIN: "{{ OWNCLOUD_APP_URL }}"
      OWNCLOUD_TRUSTED_DOMAINS: "{{ OWNCLOUD_APP_URL }}"
      OWNCLOUD_DB_TYPE: "mysql"
      OWNCLOUD_DB_NAME: "owncloud"
      OWNCLOUD_DB_USERNAME: "owncloud"
      OWNCLOUD_DB_PASSWORD: "{{ OWNCLOUD_DB_PASSWORD }}"
      OWNCLOUD_DB_HOST: "oc_database"
      OWNCLOUD_ADMIN_USERNAME: "{{ OWNCLOUD_ADMIN_USERNAME }}"
      OWNCLOUD_ADMIN_PASSWORD: "{{ OWNCLOUD_ADMIN_PASSWORD }}"
      OWNCLOUD_MYSQL_UTF8MB4: "true"
      OWNCLOUD_REDIS_ENBALED: "true"
      OWNCLOUD_REDIS_HOST: "oc_redis"
    labels:
      traefik.enable: "true"
      traefik.http.routers.nc.rule: Host(`{{ OWNCLOUD_APP_URL }}`)
      traefik.http.routers.nc.entrypoints: webSecure
      traefik.http.routers.nc.tls.certresolver: letsencrypt
      traefik.http.services.nc.loadbalancer.server.port: "8080"
      traefik.http.middlewares.limit.buffering.maxRequestBodyBytes: "1073741824"
      traefik.http.routers.nc.middlewares: "limit"
--- a/tasks/pihole.yml
+++ b/tasks/pihole.yml
@@ -6,6 +6,12 @@
  with_items:
    - "{{ data_dir }}/pihole"
 - name: Pull latest PiHole Docker Image
  docker_image:
    name: pihole/pihole
    tag: latest
    source: pull
 - name: Create PiHole Docker Container
  docker_container:
    name: pihole
@@ -15,8 +21,8 @@
    networks:
      - name: homelab
    published_ports:
-      - "{{ CADDY_HOST_IP }}:53:53/tcp"
+      - "{{ TRAEFIK_HOST_IP }}:53:53/tcp"
-      - "{{ CADDY_HOST_IP }}:53:53/udp"
+      - "{{ TRAEFIK_HOST_IP }}:53:53/udp"
    volumes:
      - "{{ data_dir }}/pihole:/etc/pihole"
    env:
--- a/tasks/plausible.yml
+++ b/tasks/plausible.yml
@@ -16,10 +16,16 @@
  docker_network:
    name: metrics
 - name: Pull latest Plausible Docker Image
  docker_image:
    name: ghcr.io/plausible/community-edition
    tag: v3.0.1
    source: pull
 - name: Deploy Plausible Database Docker Container
  docker_container:
    name: metrics_postgres
-    image: postgres:16-alpine
+    image: postgres:17-alpine
    restart_policy: unless-stopped
    recreate: true
    volumes:
@@ -76,3 +82,9 @@
      CLICKHOUSE_DATABASE_URL: "http://metrics_clickhouse:8123/plausible_events_db"
      BASE_URL: "{{ PLAUSIBLE_BASE_URL }}"
      SECRET_KEY_BASE: "{{ PLAUSIBLE_SECRET_KEY_BASE }}"
    labels:
      traefik.enable: "true"
      traefik.http.routers.metrics.rule: Host(`metrics.alexav.gg`)
      traefik.http.routers.metrics.entrypoints: webSecure
      traefik.http.routers.metrics.tls.certresolver: letsencrypt
      traefik.http.services.metrics.loadbalancer.server.port: "8000"
--- a/tasks/plex.yml
+++ b/tasks/plex.yml
@@ -0,0 +1,32 @@
 ---
 - name: Create folder structure
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "{{ data_dir }}/plex"
 - name: Pull latest Plex Docker Image
  docker_image:
    name: lscr.io/linuxserver/plex
    tag: latest
    source: pull
 - name: Deploy Plex Docker Container
  docker_container:
    name: plex
    image: lscr.io/linuxserver/plex
    network_mode: host
    restart_policy: unless-stopped
    recreate: true
    devices:
      - /dev/dri:/dev/dri
    env:
      PUID: "{{ PUID }}"
      PGID: "{{ PGID }}"
      TZ: "{{ TZ }}"
      VERSION: "docker"
      PLEX_CLAIM: "{{ PLEX_CLAIM_TOKEN }}"
    volumes:
      - "{{ data_dir }}/plex:/config"
      - "{{ media_path }}:/media"
--- a/tasks/pocketid.yml
+++ b/tasks/pocketid.yml
@@ -6,6 +6,12 @@
  with_items:
    - "{{ data_dir }}/pocketid"
 - name: Pull latest PocketID Docker Image
  docker_image:
    name: ghcr.io/pocket-id/pocket-id
    tag: v1
    source: pull
 - name: Create PocketID Docker Container
  docker_container:
    name: pocketid
--- a/tasks/pterodactyl.yml
+++ b/tasks/pterodactyl.yml
@@ -0,0 +1,89 @@
 ---
 - name: Create folder structure
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "{{ data_dir }}/pterodactyl"
    - "{{ data_dir }}/pterodactyl/var"
    - "{{ data_dir }}/pterodactyl/logs"
    - "{{ data_dir }}/pterodactyl/nginx"
    - "{{ data_dir }}/pterodactyl/db"
 - name: Create Pterodactyl Network
  docker_network:
    name: pterodactyl
 - name: Pull latest MariaDB Docker Image
  docker_image:
    name: mariadb
    tag: "10.5"
    source: pull
 - name: Pull latest Redis Docker image
  docker_image:
    name: redis
    tag: 7-alpine
    source: pull
 - name: Pull latest Pterodactyl Docker image
  docker_image:
    name: ghcr.io/pterodactyl/panel
    tag: latest
    source: pull
 - name: Create Redis Container
  docker_container:
    name: pterodactyl_redis
    image: redis:7-alpine
    recreate: true
    restart_policy: unless-stopped
    networks:
      - name: pterodactyl
 - name: Create Database Container
  docker_container:
    name: pterodactyl_db
    image: mariadb:10.5
    command: --default-authentication-plugin=mysql_native_password
    recreate: true
    restart_policy: unless-stopped
    volumes:
      - "{{ data_dir }}/pterodactyl/db:/var/lib/mysql"
    networks:
      - name: pterodactyl
    env:
      MYSQL_DATABASE: "panel"
      MYSQL_USER: "pterodactyl"
      MYSQL_ROOT_PASSWORD: "{{ PTERODACTYL_MYSQL_ROOT_PASSWORD }}"
      MYSQL_PASSWORD: "{{ PTERODACTYL_MYSQL_PASSWORD }}"
 - name: Create Pterodactyl Docker Container
  docker_container:
    name: pterodactyl
    image: ghcr.io/pterodactyl/panel:latest
    recreate: true
    restart_policy: unless-stopped
    networks:
      - name: pterodactyl
      - name: homelab
    volumes:
      - "{{ data_dir }}/pterodactyl/nginx:/etc/nginx/http.d"
      - "{{ data_dir }}/pterodactyl/logs:/app/storage/logs"
      - "{{ data_dir }}/pterodactyl/var:/app/var"
    env:
      APP_URL: "{{ PTERODACTYL_APP_URL }}"
      APP_ENVIRONMENT_ONLY: "false"
      APP_TIMEZONE: "{{ TZ }}"
      DB_PASSWORD: "{{ PTERODACTYL_MYSQL_PASSWORD }}"
      APP_ENV: "production"
      CACHE_DRIVER: "redis"
      SESSION_DRIVER: "redis"
      QUEUE_DRIVER: "redis"
      REDIS_HOST: "pterodactyl_redis"
      DB_HOST: "pterodactyl_db"
      TRUSTED_PROXIES: "*"
    labels:
      traefik.enable: "true"
      traefik.http.routers.panel.rule: Host(`panel.fntz.net`)
      traefik.http.routers.panel.entrypoints: webSecure
      traefik.http.routers.panel.tls.certresolver: letsencrypt
      traefik.http.services.panel.loadbalancer.server.port: "80"
--- a/tasks/qbittorrent.yml
+++ b/tasks/qbittorrent.yml
@@ -17,6 +17,7 @@
    name: qbittorrent
    image: lscr.io/linuxserver/qbittorrent
    network_mode: "container:gluetun"
    recreate: true
    env:
      PUID: "{{ PUID }}"
      PGID: "{{ PGID }}"
--- a/tasks/romm.yml
+++ b/tasks/romm.yml
@@ -10,6 +10,12 @@
    - "{{ data_dir }}/romm/config"
    - "{{ data_dir }}/romm/db"
 - name: Pull latest Romm Docker Image
  docker_image:
    name: rommapp/romm
    tag: latest
    source: pull
 - name: Create Romm DB Docker Container
  docker_container:
    name: romm-db
--- a/tasks/servarr.yml
+++ b/tasks/servarr.yml
@@ -9,6 +9,22 @@
    - "{{ data_dir }}/servarr/radarr_config"
    - "{{ data_dir }}/servarr/lidarr_config"
 - name: Pull latest Radarr Docker Image
  docker_image:
    name: lscr.io/linuxserver/radarr
    tag: latest
    source: pull
 - name: Pull latest Sonarr Docker Image
  docker_image:
    name: lscr.io/linuxserver/sonarr
    tag: latest
    source: pull
 - name: Pull latest Lidarr Docker Image
  docker_image:
    name: lscr.io/linuxserver/lidarr
    tag: latest
    source: pull
 - name: Deploy Radarr Container
  docker_container:
    name: radarr
@@ -21,6 +37,10 @@
      - "{{ NZBGET_DOWNLOADS_PATH }}:/downloads"
    networks:
      - name: homelab
    env:
      PUID: "{{ PUID }}"
      PGID: "{{ PGID }}"
      TZ: "{{ TZ }}"
    labels:
      traefik.enable: "true"
      traefik.http.routers.radarr.rule: Host(`radarr.fntz.net`)
@@ -38,6 +58,10 @@
      - "{{ data_dir }}/servarr/sonarr_config:/config"
      - "{{ SERVARR_MEDIA_PATH }}:/data"
      - "{{ NZBGET_DOWNLOADS_PATH }}:/downloads"
    env:
      PUID: "{{ PUID }}"
      PGID: "{{ PGID }}"
      TZ: "{{ TZ }}"
    networks:
      - name: homelab
    labels:
@@ -53,6 +77,10 @@
    image: lscr.io/linuxserver/lidarr:latest
    restart_policy: unless-stopped
    recreate: true
    env:
      PUID: "{{ PUID }}"
      PGID: "{{ PGID }}"
      TZ: "{{ TZ }}"
    volumes:
      - "{{ data_dir }}/servarr/lidarr_config:/config"
      - "{{ SERVARR_MEDIA_PATH }}:/media"
--- a/tasks/storage-api.yml
+++ b/tasks/storage-api.yml
@@ -36,3 +36,9 @@
    env:
      TZ: "{{ TZ }}"
      TOKEN: "{{ API_ADMIN_KEY }}"
    labels:
      traefik.enable: "true"
      traefik.http.routers.storage.rule: Host(`storage.alexav.gg`)
      traefik.http.routers.storage.entrypoints: webSecure
      traefik.http.routers.storage.tls.certresolver: letsencrypt
      traefik.http.services.storage.loadbalancer.server.port: "3001"
--- a/tasks/tautulli.yml
+++ b/tasks/tautulli.yml
@@ -6,6 +6,12 @@
  with_items:
    - "{{ data_dir }}/tautulli"
 - name: Pull latest Tautulli Docker Image
  docker_image:
    name: ghcr.io/tautulli/tautulli
    tag: latest
    source: pull
 - name: Create Tautulli Docker Container
  docker_container:
    name: tautulli
--- a/tasks/termix.yml
+++ b/tasks/termix.yml
@@ -0,0 +1,32 @@
 ---
 - name: Create folder structure
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "{{ data_dir }}/termix"
 - name: Pull latest Termix Docker Image
  docker_image:
    name: ghcr.io/lukegus/termix
    tag: latest
    source: pull
 - name: Create Termix Docker Container
  docker_container:
    name: termix
    image: ghcr.io/lukegus/termix:latest
    restart_policy: unless-stopped
    recreate: true
    networks:
      - name: homelab
    volumes:
      - "{{ data_dir }}/termix:/app/data"
    env:
      PORT: "8080"
    labels:
      traefik.enable: "true"
      traefik.http.routers.termix.rule: Host(`ssh.fntz.net`)
      traefik.http.routers.termix.entrypoints: webSecure
      traefik.http.routers.termix.tls.certresolver: letsencrypt
      traefik.http.services.termix.loadbalancer.server.port: "8080"
--- a/tasks/tinyauth.yml
+++ b/tasks/tinyauth.yml
@@ -1,8 +1,14 @@
 ---
 - name: Pull latest Tinyauth Docker Image
  docker_image:
    name: ghcr.io/steveiliop56/tinyauth
    tag: v4
    source: pull
 - name: Create Tinyauth Docker Container
  docker_container:
    name: tinyauth
-    image: ghcr.io/steveiliop56/tinyauth:v3
+    image: ghcr.io/steveiliop56/tinyauth:v4
    restart_policy: unless-stopped
    recreate: true
    networks:
@@ -11,19 +17,22 @@
      USERS: "{{ TINYAUTH_USERS }}"
      SECRET: "{{ TINYAUTH_SECRET }}"
      APP_URL: "{{ TINYAUTH_APP_URL }}"
-      GENERIC_CLIENT_ID: "{{ TINYAUTH_GENERIC_CLIENT_ID }}"
+      PROVIDERS_POCKETID_CLIENT_ID: "{{ TINYAUTH_GENERIC_CLIENT_ID }}"
-      GENERIC_CLIENT_SECRET: "{{ TINYAUTH_GENERIC_CLIENT_SECRET }}"
+      PROVIDERS_POCKETID_CLIENT_SECRET: "{{ TINYAUTH_GENERIC_CLIENT_SECRET }}"
-      GENERIC_AUTH_URL: "{{ TINYAUTH_GENERIC_AUTH_URL }}"
+      PROVIDERS_POCKETID_AUTH_URL: "{{ TINYAUTH_GENERIC_AUTH_URL }}"
-      GENERIC_TOKEN_URL: "{{ TINYAUTH_GENERIC_TOKEN_URL }}"
+      PROVIDERS_POCKETID_TOKEN_URL: "{{ TINYAUTH_GENERIC_TOKEN_URL }}"
-      GENERIC_USER_URL: "{{ TINYAUTH_GENERIC_USER_URL }}"
+      PROVIDERS_POCKETID_USER_INFO_URL: "{{ TINYAUTH_GENERIC_USER_URL }}"
-      GENERIC_SCOPES: "{{ TINYAUTH_GENERIC_SCOPES }}"
+      PROVIDERS_POCKETID_SCOPES: "{{ TINYAUTH_GENERIC_SCOPES }}"
-      GENERIC_NAME: "{{ TINYAUTH_GENERIC_NAME }}"
+      PROVIDERS_POCKETID_NAME: "{{ TINYAUTH_GENERIC_NAME }}"
      PROVIDERS_POCKETID_REDIRECT_URL: "{{ TINYAUTH_REDIRECT_URL }}"
      OAUTH_WHITELIST: "{{ TINYAUTH_OAUTH_WHITELIST }}"
      APP_TITLE: "{{ TINYAUTH_APP_TITLE }}"
      BACKGROUND_IMAGE: "{{ TINYAUTH_BACKGROUND_IMAGE }}"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
    labels:
      traefik.enable: "true"
      traefik.http.routers.tinyauth.rule: Host(`auth.fntz.net`)
-      traefik.http.routers.tt.entrypoints: webSecure
+      traefik.http.routers.tinyauth.entrypoints: webSecure
-      traefik.http.routers.tt.tls.certresolver: letsencrypt
+      traefik.http.routers.tinyauth.tls.certresolver: letsencrypt
      traefik.http.middlewares.tinyauth.forwardauth.address: http://tinyauth:3000/api/auth/traefik
--- a/tasks/uptime-kuma.yml
+++ b/tasks/uptime-kuma.yml
@@ -0,0 +1,31 @@
 ---
 - name: Create folder structure
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "{{ data_dir }}/uptime-kuma"
 - name: Pull latest Uptime Kuma Docker Image
  docker_image:
    name: louislam/uptime-kuma
    tag: latest
    source: pull
 - name: Create Uptime Kuma Docker Container
  docker_container:
    name: uptime-kuma
    image: louislam/uptime-kuma
    restart_policy: unless-stopped
    recreate: true
    networks:
      - name: homelab
    volumes:
      - "{{ data_dir }}/uptime-kuma:/app/data"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
    labels:
      traefik.enable: "true"
      traefik.http.routers.status.rule: Host(`status.fntz.net`)
      traefik.http.routers.status.entrypoints: webSecure
      traefik.http.routers.status.tls.certresolver: letsencrypt
      traefik.http.services.status.loadbalancer.server.port: "3001"
--- a/tasks/vaultwarden.yml
+++ b/tasks/vaultwarden.yml
@@ -6,6 +6,12 @@
  with_items:
    - "{{ data_dir }}/vaultwarden"
 - name: Pull latest Vaultwarden Docker Image
  docker_image:
    name: vaultwarden/server
    tag: latest
    source: pull
 - name: Create Vaultwarden Docker Container
  docker_container:
    name: vaultwarden
--- a/tasks/wings.yml
+++ b/tasks/wings.yml
@@ -0,0 +1,51 @@
 ---
 - name: Create folder structure
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "{{ data_dir }}/wings"
    - "{{ data_dir }}/wings/lib"
 - name: Pull latest Wings Docker image
  docker_image:
    name: ghcr.io/pterodactyl/wings
    tag: latest
    source: pull
 - name: Create Wings Network
  docker_network:
    name: wings
    driver: bridge
    ipam_config:
      - subnet: "172.55.0.0/16"
 - name: Create Wings Docker Container
  docker_container:
    name: pterodactyl_wings
    image: ghcr.io/pterodactyl/wings:latest
    recreate: true
    restart_policy: unless-stopped
    networks:
      - name: wings
      - name: "{{ docker_network_name }}"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
      - "/etc/pterodactyl:/etc/pterodactyl"
      - "{{ data_dir }}/wings/lib:{{ data_dir }}/wings/lib"
      - "{{ WINGS_CONTAINER_DIR }}:{{ WINGS_CONTAINER_DIR }}"
      - "/var/log/pterodactyl:/var/log/pterodactyl"
      - "/tmp/pterodactyl:/tmp/pterodactyl"
    env:
      TZ: "{{ TZ }}"
      WINGS_UID: "988"
      WINGS_GID: "988"
      WINGS_USERNAME: pterodactyl
    published_ports:
      - "2022:2022"
    labels:
      traefik.enable: "true"
      traefik.http.routers.wings.rule: Host(`{{ WINGS_URL }}`)
      traefik.http.routers.wings.entrypoints: webSecure
      traefik.http.routers.wings.tls.certresolver: letsencrypt
      traefik.http.services.wings.loadbalancer.server.port: "8080"
--- a/templates/prometheus.yml.j2
+++ b/templates/prometheus.yml.j2
@@ -1,19 +0,0 @@
 global:
  scrape_interval: 15s
  evaluation_interval: 15s
 scrape_configs:
  # Prometheus itself
  - job_name: "prometheus"
    static_configs:
      - targets: ["localhost:9090"]
  # Node Exporter (system metrics)
  - job_name: "node-exporter"
    static_configs:
      - targets: ["node-exporter:9100"]
  # Docker metrics
  - job_name: "cadvisor"
    static_configs:
      - targets: ["cadvisor:8083"]