update extraction script

fix update script
migrate immich
2025-11-22 17:39:26 -05:00 · 2025-11-22 17:20:46 -05:00 · 2025-11-22 17:20:33 -05:00 · 2025-11-22 16:54:31 -05:00 · 2025-11-22 16:43:37 -05:00 · 2025-11-22 16:41:37 -05:00
28 changed files with 325 additions and 589 deletions
--- a/host_vars/all.template.yml
+++ b/host_vars/all.template.yml
@@ -1,9 +1,21 @@
 ansible_user:
 data_dir:
-docker_network_name:
-TZ:
 PUID:
 PGID:
+TZ:
+docker_network_name:
+media_path:
+
+# frigate
+FRIGATE_RECORDINGS_PATH:
+
+# traefik
+TRAEFIK_CF_API_EMAIL:
+TRAEFIK_CF_API_KEY:
+TRAEFIK_DASH_URL:
+
+# plex
+PLEX_CLAIM_TOKEN:

 # api
 API_CONTACT_WEBHOOK:
@@ -26,11 +38,6 @@ OWNCLOUD_DB_DATABASE:
 OWNCLOUD_DB_HOST:
 OWNCLOUD_ADMIN_USERNAME:
 OWNCLOUD_ADMIN_PASSWORD:
-
-# traefik
-TRAEFIK_DASH_URL:
-TRAEFIK_CF_API_EMAIL:
-TRAEFIK_CF_API_KEY:
 TRAEFIK_HOST_IP:
 TRAEFIK_VIDEO_MACHINE:
 TRAEFIK_ENABLE_DASH:
@@ -48,17 +55,6 @@ MASTODON_VAPID_PUBLIC_KEY:
 MASTODON_ARE_DETERMINISTIC:
 MASTODON_ARE_KEY_DERIVATION:
 MASTODON_ARE_PRIMARY:
-
-# wings
-WINGS_URL:
-WINGS_CONTAINER_DIR:
-media_path:
-
-# frigate
-FRIGATE_RECORDINGS_PATH:
-
-# plex
-PLEX_CLAIM_TOKEN:
 ansible_become_pass:

 # glance
--- a/main.yml
+++ b/main.yml
@@ -61,12 +61,6 @@
    - name: Deploy Drop
      import_tasks: tasks/drop.yml
      tags: drop_deploy
-    - name: Deploy Gluetun
-      import_tasks: tasks/gluetun.yml
-      tags: gluetun_deploy
-    - name: Deploy QBittorrent
-      import_tasks: tasks/qbittorrent.yml
-      tags: qbittorrent_deploy
    - name: Deploy Jackett
      import_tasks: tasks/jackett.yml
      tags: jackett_deploy
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -25,12 +25,6 @@
    state: present
  when: build is defined

- name: Pull latest Docker image
-  docker_image:
-    name: "{{ image.name }}"
-    tag: "{{ image.tag }}"
-    source: pull
-
 - name: Create Docker Network
  docker_network:
    name: "{{ network_name }}"
@@ -39,11 +33,18 @@
 - name: Create Docker Container
  docker_container:
    name: "{{ name }}"
-    image: "{{ image.name }}:{{ image.tag }}"
-    command: "{{ command | default(omit) }}"
    recreate: true
    restart_policy: unless-stopped
-    networks: "{{ networks }}"
+    pull: "{{ build is not defined }}"
+    published_ports: "{{ published_ports | default(omit) }}"
+    network_mode: "{{ network_mode | default(omit) }}"
+    image: "{{ image.name }}:{{ image.tag }}"
+    command: "{{ command | default(omit) }}"
+    networks: "{{ networks | default(omit) }}"
    volumes: "{{ volumes | default(omit) }}"
    env: "{{ env | default(omit) }}"
    labels: "{{ labels | default(omit) }}"
+    healthcheck: "{{ healthcheck | default(omit) }}"
+    devices: "{{ devices | default(omit) }}"
+    mounts: "{{ mounts | default(omit) }}"
+    privileged: "{{ privileged | default(omit) }}"
--- a/scripts/deploy_containers.py
+++ b/scripts/deploy_containers.py
@@ -21,10 +21,10 @@ def deploy(tag = None, host = None):
  command = construct_command(tag, host)
  
  if tag:
-    print(f"Deploying {tag}...\n")
+    print(f"[MAIN] Deploying {tag}...")
  else:
-    print(f"Deploying {host}...\n")
-  res = subprocess.run(command, shell=True, stdout=subprocess.DEVNULL)
+    print(f"[MAIN] Deploying host {host}...")
+  res = subprocess.run(command, shell=True)

  return res.returncode == 0

@@ -75,8 +75,9 @@ def main():

  deployed = []
  failed = []
+
  for task in new_diff:
-    deployment = deploy(tag=task)
+    deployment = deploy(tag=task.split("/")[1])

    if not deployment:
      failed.append(task)
--- a/scripts/extract_to_template.py
+++ b/scripts/extract_to_template.py
@@ -10,21 +10,39 @@ if os.path.exists(host_vars_path):
    
  vaults = os.listdir(host_vars_path)

+  # 1st run - extract ungrouped, global variables
  for vault in vaults:
    vault_path = os.path.join(host_vars_path, vault)
    vault_contents = subprocess.run(f'ansible-vault decrypt "{vault_path}" --vault-password-file ~/.vault_pass.txt --output -', shell=True, universal_newlines=True, stdout=subprocess.PIPE, stderr=subprocess.DEVNULL)
    stdout = vault_contents.stdout.strip().splitlines()

    for line in stdout:
-      if line.startswith("#") and line not in file_contents:
-        file_contents += f"\n{line}\n"
+      if line.startswith("#"):
+        break
+      elif line.split(":")[0] not in file_contents:
+        file_contents += f"{line.split(":")[0]}:\n"
+        
+  # 2nd run - extract service-specific variables
+  for vault in vaults:
+    vault_path = os.path.join(host_vars_path, vault)
+    vault_contents = subprocess.run(f'ansible-vault decrypt "{vault_path}" --vault-password-file ~/.vault_pass.txt --output -', shell=True, universal_newlines=True, stdout=subprocess.PIPE, stderr=subprocess.DEVNULL)
+    stdout = vault_contents.stdout.strip().splitlines()

-      if ":" in line:
-        if line.split(":")[0] not in file_contents:
-          file_contents += f'{line.split(":")[0]}:\n'
+    has_found_start = False
+    for line in stdout:
+      if has_found_start or line.startswith("#"):
+        if not has_found_start:
+          has_found_start = True
+        
+        if line.startswith("#") and line not in file_contents:
+          file_contents += f"\n{line}\n"

-    with open(os.path.join(host_vars_path, 'all.template.yml'), 'w', encoding="utf8") as template_file:
-      template_file.write(file_contents)
-      template_file.close()
+        if ":" in line:
+          if line.split(":")[0] not in file_contents:
+            file_contents += f'{line.split(":")[0]}:\n'
+
+  with open(os.path.join(host_vars_path, 'all.template.yml'), 'w', encoding="utf8") as template_file:
+    template_file.write(file_contents)
+    template_file.close()

    print("Written to disk!")
--- a/scripts/run_updates.py
+++ b/scripts/run_updates.py
@@ -13,8 +13,8 @@ def search_for_image(image_name):
      data = yaml.safe_load(file)

      for key in data:
-        if "docker_image" in key:
-          if image_name in key["docker_image"]["name"]:
+        if "vars" in key:
+          if image_name in key["vars"]["image"]["name"] or image_name == key["vars"]["image"]["name"]:
            return f"{task.split(".")[0]}_deploy"

 def main():
@@ -29,24 +29,36 @@ def main():
      for task in host['tasks']:
        deployable_tags.append(task['tags'])

-  if len(update_list["images"]) <= 0:
-    print("No images to update!")
-  else:
-    print(f"Updating {update_list["metrics"]["updates_available"]} image(s)..\n")
+  if len(update_list["images"]) > 0:
+    already_deployed = []
+    actually_updatable = []
+    blacklist = []

    for image in update_list["images"]:
      if image['result']['has_update']:
-        if "remote_digest" in image["result"]["info"]:
-          image_name = image["parts"]["repository"]
-          ansible_tag = search_for_image(image_name) 
-
-          if ansible_tag and ansible_tag in deployable_tags:
-            print(f"Updating '{image_name}' ({ansible_tag})..")
-            subprocess.run(f'docker image pull {image_name}', shell=True)
-            subprocess.run(f'ANSIBLE_CONFIG=ansible.cfg ansible-playbook main.yml --tags {ansible_tag} --vault-password-file=~/.vault_pass.txt', shell=True)
+        if image in blacklist:
+          print(f"[UPDATE] Ignoring '{image}' due to its blacklist")
+        elif 'version_update_type' in image['result']['info'] and image['result']['info']['version_update_type'] != "major":
+          actually_updatable.append({ 'reference': image['reference'], 'repository': image['parts']['repository'] })
+        elif 'type' in image['result']['info'] and image['result']['info']['type'] == "digest":
+          actually_updatable.append({ 'reference': image['reference'], 'repository': image['parts']['repository'] })
+    
+    print(f"Redeploying {len(actually_updatable)} container(s)..")
+    for image in actually_updatable:
+      ansible_tag = search_for_image(image['repository'])
+      print(ansible_tag, image['reference'])
+      if ansible_tag and ansible_tag in deployable_tags and ansible_tag not in already_deployed:
+        print(f'[UPDATE] Deploying {ansible_tag}..')
+        subprocess.run(f'ANSIBLE_CONFIG=ansible.cfg ansible-playbook main.yml --tags {ansible_tag} --vault-password-file=~/.vault_pass.txt', shell=True)
+      else:
+        print('[UPDATE] Could not find corresponding task, cleaning up..')
+        subprocess.run(f"docker image remove {image['reference']}", shell=True)
+      already_deployed.append(ansible_tag)

    print("\nAll images updated, refreshing Cup")
    requests.get("https://cup.fntz.net/api/v3/refresh")
+  else:
+    print("No images to update!")

 if __name__ == "__main__":
  main()
--- a/tasks/api.yml
+++ b/tasks/api.yml
@@ -9,7 +9,7 @@
      - "{{ data_dir }}/api/db"
    image:
      name: postgres
-      tag: latest
+      tag: "17"
    networks:
      - name: api
    volumes:
--- a/tasks/drop.yml
+++ b/tasks/drop.yml
@@ -1,29 +1,16 @@
 ---
- name: Create folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/drop"
-    - "{{ data_dir }}/drop/db"
-    - "{{ data_dir }}/drop/app"
-
- name: Create Drop Network
-  docker_network:
-    name: drop
-
- name: Pull latest Drop Docker Image
-  docker_image:
-    name: ghcr.io/drop-oss/drop
-    tag: v0.3.3
-    source: pull
-
- name: Create Drop DB Container
-  docker_container:
+- name: Deploy Drop Database
+  include_role:
+    name: docker
+  vars:
    name: drop_postgres
-    image: postgres:14-alpine
-    recreate: true
-    restart_policy: unless-stopped
+    directories:
+      - "{{ data_dir }}/drop"
+      - "{{ data_dir }}/drop/db"
+    image:
+      name: postgres
+      tag: 14-alpine
+    network_name: drop
    networks:
      - name: drop
    healthcheck:
@@ -39,12 +26,16 @@
      POSTGRES_USER: "drop"
      POSTGRES_DB: "drop"

- name: Create Drop Container
-  docker_container:
+- name: Deploy Drop
+  include_role:
+    name: docker
+  vars:
    name: drop
-    image: ghcr.io/drop-oss/drop:latest
-    recreate: true
-    restart_policy: unless-stopped
+    directories:
+      - "{{ data_dir }}/drop/app"
+    image:
+      name: ghcr.io/drop-oss/drop
+      tag: latest
    networks:
      - name: homelab
      - name: drop
--- a/tasks/ersatztv.yml
+++ b/tasks/ersatztv.yml
@@ -1,23 +1,14 @@
 ---
- name: Create folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/ersatz"
-
- name: Pull latest Docker Image
-  docker_image:
-    name: ghcr.io/ersatztv/ersatztv
-    tag: latest
-    source: pull
-
- name: Create Docker Container
-  docker_container:
+- name: Deploy Ersatz
+  include_role:
+    name: docker
+  vars:
    name: ersatztv
-    image: ghcr.io/ersatztv/ersatztv:latest
-    recreate: true
-    restart_policy: unless-stopped
+    directories:
+      - "{{ data_dir }}/ersatz"
+    image:
+      name: ghcr.io/ersatztv/ersatztv
+      tag: latest
    devices:
      - /dev/dri/renderD128:/dev/dri/renderD128
    mounts:
--- a/tasks/frigate.yml
+++ b/tasks/frigate.yml
@@ -1,24 +1,15 @@
 ---
- name: Create folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/frigate"
-
- name: Pull latest Frigate Docker Image
-  docker_image:
-    name: ghcr.io/blakeblackshear/frigate
-    tag: stable
-    source: pull
-
- name: Deploy Frigate Docker Container
-  docker_container:
+- name: Deploy Frigate
+  include_role:
+    name: docker
+  vars:
    name: frigate
-    image: ghcr.io/blakeblackshear/frigate:stable
-    recreate: true
+    directories:
+      - "{{ data_dir }}/frigate"
+    image:
+      name: ghcr.io/blakeblackshear/frigate
+      tag: stable
    privileged: true
-    restart_policy: unless-stopped
    published_ports:
      - "5000:5000"
      - "8555:8555/tcp"
--- a/tasks/gitea.yml
+++ b/tasks/gitea.yml
@@ -1,23 +1,14 @@
 ---
- name: Create folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/gitea"
-
- name: Pull latest Gitea Docker Image
-  docker_image:
-    name: docker.gitea.com/gitea
-    tag: latest
-    source: pull
-
- name: Create Gitea Docker Container
-  docker_container:
+- name: Deploy Gitea
+  include_role:
+    name: docker
+  vars:
    name: gitea
-    image: docker.gitea.com/gitea:latest
-    restart_policy: unless-stopped
-    recreate: true
+    directories:
+      - "{{ data_dir }}/gitea"
+    image:
+      name: docker.gitea.com/gitea
+      tag: latest
    networks:
      - name: "{{ docker_network_name }}"
    volumes:
--- a/tasks/home-assistant.yml
+++ b/tasks/home-assistant.yml
@@ -1,31 +0,0 @@
---
- name: Create folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/homeassistant"
-
- name: Pull HA Docker Image
-  docker_image:
-    name: ghcr.io/home-assistant/home-assistant:stable
-    source: pull
-
- name: Deploy Home Assistant Container
-  docker_container:
-    name: home_assistant
-    image: ghcr.io/home-assistant/home-assistant:stable
-    recreate: true
-    restart_policy: unless-stopped
-    network_mode: host
-    privileged: true
-    volumes:
-      - "{{ data_dir }}/homeassistant:/config"
-      - "/etc/localtime:/etc/localtime"
-      - "/run/dbus:/run/dbus:ro"
-    labels:
-      traefik.enable: "true"
-      traefik.http.routers.ha.rule: Host(`ha.fntz.net`)
-      traefik.http.routers.ha.entrypoints: webSecure
-      traefik.http.routers.ha.tls.certresolver: letsencrypt
-      traefik.http.services.ha.loadbalancer.server.url: "http://{{ TRAEFIK_HOST_IP }}:8123"
--- a/tasks/homebridge.yml
+++ b/tasks/homebridge.yml
@@ -1,24 +1,15 @@
 ---
- name: Create Folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/homebridge"
-
- name: Pull latest Homebridge Docker Image
-  docker_image:
-    name: homebridge/homebridge
-    tag: latest
-    source: pull
-
- name: Create Homebridge Docker Container
-  docker_container:
+- name: Deploy Homebridge
+  include_role:
+    name: docker
+  vars:
    name: homebridge
-    image: homebridge/homebridge:latest
-    restart_policy: unless-stopped
+    directories:
+      - "{{ data_dir }}/homebridge:/homebridge"
+    image:
+      name: homebridge/homebridge
+      tag: latest
    network_mode: host
-    recreate: true
    volumes:
      - "{{ data_dir }}/homebridge:/homebridge"
    labels:
--- a/tasks/immich.yml
+++ b/tasks/immich.yml
@@ -1,34 +1,16 @@
 ---
- name: Create folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/immich"
-    - "{{ data_dir }}/immich/model-cache"
-    - "{{ data_dir }}/immich/db"
-
- name: Pull latest Immich Server Docker Image
-  docker_image:
-    name: ghcr.io/immich-app/immich-server
-    tag: v2.1.0
-    source: pull
-
- name: Create Immich Redis Docker Container
-  docker_container:
-    name: immich_redis
-    image: docker.io/valkey/valkey:8-bookworm@sha256:fea8b3e67b15729d4bb70589eb03367bab9ad1ee89c876f54327fc7c6e618571
-    restart_policy: unless-stopped
-    recreate: true
-    networks:
-      - name: immich
-
- name: Create Immich DB Docker Container
-  docker_container:
+- name: Deploy Immich DB
+  include_role:
+    name: docker
+  vars:
    name: immich_postgres
-    image: ghcr.io/immich-app/postgres:14-vectorchord0.4.3-pgvectors0.2.0@sha256:bcf63357191b76a916ae5eb93464d65c07511da41e3bf7a8416db519b40b1c23
-    restart_policy: unless-stopped
-    recreate: true
+    directories:
+      - "{{ data_dir }}/immich"
+      - "{{ data_dir }}/immich/model-cache"
+      - "{{ data_dir }}/immich/db"
+    image:
+      name: ghcr.io/immich-app/postgres
+      tag: 14-vectorchord0.4.3-pgvectors0.2.0
    volumes:
      - "{{ data_dir }}/immich/db:/var/lib/postgresql/data"
    env:
@@ -38,13 +20,27 @@
      POSTGRES_INITDB_ARGS: "--data-checksums"
    networks:
      - name: immich
+    network_name: immich

- name: Create Immich Server Docker Container
-  docker_container:
-    name: immich_server
-    image: ghcr.io/immich-app/immich-server:v2.1.0
-    restart_policy: unless-stopped
-    recreate: true
+- name: Deploy Immich Redis
+  include_role:
+    name: docker
+  vars:
+    name: immich_redis
+    image:
+      name: docker.io/valkey/valkey
+      tag: 8-bookworm
+    networks:
+      - name: immich
+
+- name: Deploy Immich Server
+  include_role:
+    name: docker
+  vars:
+    name: immich
+    image:
+      name: ghcr.io/immich-app/immich-server
+      tag: v2.1.0
    networks:
      - name: homelab
      - name: immich
--- a/tasks/jellyfin.yml
+++ b/tasks/jellyfin.yml
@@ -1,39 +0,0 @@
---
- name: Create folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/jellyfin"
-
- name: Pull latest Jellyfin Docker Image
-  docker_image:
-    name: lscr.io/linuxserver/jellyfin
-    tag: latest
-    source: pull
-
- name: Create Jellyfin Docker Container
-  docker_container:
-    name: jellyfin
-    image: lscr.io/linuxserver/jellyfin:latest
-    restart_policy: unless-stopped
-    recreate: true
-    networks:
-      - name: homelab
-    published_ports:
-      - 8096:8096
-    volumes:
-      - "{{ data_dir }}/jellyfin:/config"
-      - "{{ JELLYFIN_TV_PATH }}:/data/tvshows"
-      - "{{ JELLYFIN_MOVIE_PATH }}:/data/movies"
-      - "{{ JELLYFIN_MUSIC_PATH }}:/data/music"
-    env:
-      PUID: "{{ PUID }}"
-      PGID: "{{ PGID }}"
-      TZ: "{{ TZ }}"
-    labels:
-      traefik.enable: "true"
-      traefik.http.routers.jf.rule: Host(`jf.fntz.net`)
-      traefik.http.routers.jf.entrypoints: webSecure
-      traefik.http.routers.jf.tls.certresolver: letsencrypt
-      traefik.http.services.jf.loadbalancer.server.port: "8096"
--- a/tasks/nextcloud.yml
+++ b/tasks/nextcloud.yml
@@ -1,54 +0,0 @@
---
- name: Create folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/nextcloud"
-    - "{{ data_dir }}/nextcloud/data"
-    - "{{ data_dir }}/nextcloud/db"
-
- name: Create Nextcloud Docker Network
-  docker_network:
-    name: nextcloud
-
- name: Pull latest Nextcloud Docker Image
-  docker_image:
-    name: nextcloud
-    tag: latest
-    source: pull
-
- name: Create Nextcloud DB Docker Container
-  docker_container:
-    name: nc_postgresql
-    image: postgres:17-alpine
-    restart_policy: unless-stopped
-    recreate: true
-    networks:
-      - name: nextcloud
-    volumes:
-      - "{{ data_dir }}/nextcloud/db:/var/lib/postgresql/data"
-    env:
-      PGDATA: /var/lib/postgresql/data/pgdata
-      POSTGRES_PASSWORD: "{{ NEXTCLOUD_POSTGRES_PASSWORD }}"
-      POSTGRES_DATABASE: "{{ NEXTCLOUD_POSTGRES_DATABASE }}"
-      POSTGRES_USER: "{{ NEXTCLOUD_POSTGRES_USER }}"
-      POSTGRES_HOST: "{{ NEXTCLOUD_POSTGRES_HOST }}"
-
- name: Create Nextcloud Docker Container
-  docker_container:
-    name: nextcloud
-    image: nextcloud
-    restart_policy: unless-stopped
-    recreate: true
-    networks:
-      - name: "{{ docker_network_name }}"
-      - name: nextcloud
-    volumes:
-      - "{{ data_dir }}/nextcloud/data:/var/www/html"
-    labels:
-      traefik.enable: "true"
-      traefik.http.routers.nc.rule: Host(`{{ NEXTCLOUD_APP_URL }}`)
-      traefik.http.routers.nc.entrypoints: webSecure
-      traefik.http.routers.nc.tls.certresolver: letsencrypt
-      traefik.http.services.nc.loadbalancer.server.port: "80"
--- a/tasks/nzbget.yml
+++ b/tasks/nzbget.yml
@@ -1,23 +1,14 @@
 ---
- name: Create folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/nzbget"
-
- name: Pull latest NZBGet Docker Image
-  docker_image:
-    name: lscr.io/linuxserver/nzbget
-    tag: latest
-    source: pull
-
- name: Create NZBGet Docker Container
-  docker_container:
+- name: Deploy NZBGet
+  include_role:
+    name: docker
+  vars:
    name: nzbget
-    image: lscr.io/linuxserver/nzbget:latest
-    restart_policy: unless-stopped
-    recreate: true
+    directories:
+      - "{{ data_dir }}/nzbget"
+    image:
+      name: lscr.io/linuxserver/nzbget
+      tag: latest
    networks:
      - name: homelab
    volumes:
--- a/tasks/obsidian.yml
+++ b/tasks/obsidian.yml
@@ -1,25 +1,16 @@
 ---
- name: Create folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/obsidian"
-    - "{{ data_dir }}/obsidian/data"
-    - "{{ data_dir }}/obsidian/etc"
-
- name: Pull Docker Image
-  docker_image:
-    name: couchdb
-    tag: latest
-    source: pull
-
- name: Create Docker Container
-  docker_container:
-    name: couchdb
-    image: couchdb:latest
-    recreate: true
-    restart_policy: unless-stopped
+- name: Deploy Obsidian
+  include_role:
+    name: docker
+  vars:
+    name: obsidian
+    directories:
+      - "{{ data_dir }}/obsidian"
+      - "{{ data_dir }}/obsidian/data"
+      - "{{ data_dir }}/obsidian/etc"
+    image:
+      name: couchdb
+      tag: latest
    networks:
      - name: homelab
    volumes:
--- a/tasks/owncloud.yml
+++ b/tasks/owncloud.yml
@@ -1,30 +1,18 @@
 ---
- name: Create folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/owncloud"
-    - "{{ data_dir }}/owncloud/data"
-    - "{{ data_dir }}/owncloud/db"
-    - "{{ data_dir }}/owncloud/redis"
-
- name: Create Owncloud Docker Network
-  docker_network:
-    name: owncloud
-
- name: Pull latest Owncloud Docker Image
-  docker_image:
-    name: owncloud/server
-    tag: "10.15"
-    source: pull
-
- name: Create Owncloud DB Docker Container
-  docker_container:
-    name: oc_database
-    image: mariadb:latest
-    restart_policy: unless-stopped
-    recreate: true
+- name: Deploy Owncloud Database
+  include_role:
+    name: docker
+  vars:
+    name: owncloud_database
+    image:
+      name: mariadb
+      tag: latest
+    directories:
+      - "{{ data_dir }}/owncloud"
+      - "{{ data_dir }}/owncloud/data"
+      - "{{ data_dir }}/owncloud/db"
+      - "{{ data_dir }}/owncloud/redis"
+    network_name: "owncloud"
    networks:
      - name: owncloud
    volumes:
@@ -42,12 +30,14 @@
      timeout: 5s
      retries: 5

- name: Create Owncloud Redis Container
-  docker_container:
-    name: oc_redis
-    image: redis:latest
-    restart_policy: unless-stopped
-    recreate: true
+- name: Deploy Owncloud Redis
+  include_role:
+    name: docker
+  vars:
+    name: owncloud_redis
+    image:
+      name: redis
+      tag: latest
    networks:
      - name: owncloud
    command: "--databases 1"
@@ -59,12 +49,14 @@
    volumes:
      - "{{ data_dir }}/owncloud/redis:/data"

- name: Create Owncloud Docker Container
-  docker_container:
+- name: Deploy Owncloud
+  include_role:
+    name: docker
+  vars:
    name: owncloud
-    image: owncloud/server:10.15
-    restart_policy: unless-stopped
-    recreate: true
+    image:
+      name: owncloud/server
+      tag: 10.16
    networks:
      - name: "{{ docker_network_name }}"
      - name: owncloud
--- a/tasks/pihole.yml
+++ b/tasks/pihole.yml
@@ -1,28 +1,19 @@
 ---
- name: Create folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/pihole"
-
- name: Pull latest PiHole Docker Image
-  docker_image:
-    name: pihole/pihole
-    tag: latest
-    source: pull
-
- name: Create PiHole Docker Container
-  docker_container:
+- name: Deploy PiHole
+  include_role:
+    name: docker
+  vars:
    name: pihole
-    image: pihole/pihole:latest
-    restart_policy: unless-stopped
-    recreate: true
+    directories:
+      - "{{ data_dir }}/pihole"
+    image:
+      name: pihole/pihole
+      tag: latest
+    published_ports:
+      - "53:53/tcp"
+      - "53:53/udp"
    networks:
      - name: homelab
-    published_ports:
-      - "{{ TRAEFIK_HOST_IP }}:53:53/tcp"
-      - "{{ TRAEFIK_HOST_IP }}:53:53/udp"
    volumes:
      - "{{ data_dir }}/pihole:/etc/pihole"
    env:
--- a/tasks/pocketid.yml
+++ b/tasks/pocketid.yml
@@ -1,23 +1,14 @@
 ---
- name: Create Folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/pocketid"
-
- name: Pull latest PocketID Docker Image
-  docker_image:
-    name: ghcr.io/pocket-id/pocket-id
-    tag: v1
-    source: pull
-
- name: Create PocketID Docker Container
-  docker_container:
+- name: Deploy PocketID
+  include_role:
+    name: docker
+  vars:
    name: pocketid
-    image: ghcr.io/pocket-id/pocket-id:v1
-    restart_policy: unless-stopped
-    recreate: true
+    directories:
+      - "{{ data_dir }}/pocketid"
+    image:
+      name: ghcr.io/pocket-id/pocket-id
+      tag: v1
    networks:
      - name: homelab
    volumes:
--- a/tasks/servarr.yml
+++ b/tasks/servarr.yml
@@ -1,36 +1,17 @@
 ---
- name: Create folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/servarr"
-    - "{{ data_dir }}/servarr/sonarr_config"
-    - "{{ data_dir }}/servarr/radarr_config"
-    - "{{ data_dir }}/servarr/lidarr_config"
-
- name: Pull latest Radarr Docker Image
-  docker_image:
-    name: lscr.io/linuxserver/radarr
-    tag: latest
-    source: pull
- name: Pull latest Sonarr Docker Image
-  docker_image:
-    name: lscr.io/linuxserver/sonarr
-    tag: latest
-    source: pull
- name: Pull latest Lidarr Docker Image
-  docker_image:
-    name: lscr.io/linuxserver/lidarr
-    tag: latest
-    source: pull
-
- name: Deploy Radarr Container
-  docker_container:
+- name: Deploy Radarr
+  include_role:
+    name: docker
+  vars:
    name: radarr
-    image: lscr.io/linuxserver/radarr:latest
-    restart_policy: unless-stopped
-    recreate: true
+    directories:
+      - "{{ data_dir }}/servarr"
+      - "{{ data_dir }}/servarr/sonarr_config"
+      - "{{ data_dir }}/servarr/radarr_config"
+      - "{{ data_dir }}/servarr/lidarr_config"
+    image:
+      name: lscr.io/linuxserver/radarr
+      tag: latest
    volumes:
      - "{{ data_dir }}/servarr/radarr_config:/config"
      - "{{ SERVARR_MEDIA_PATH }}:/media"
@@ -48,12 +29,14 @@
      traefik.http.routers.radarr.tls.certresolver: letsencrypt
      traefik.http.services.radarr.loadbalancer.server.port: "7878"

- name: Deploy Sonarr Container
-  docker_container:
+- name: Deploy Sonarr
+  include_role:
+    name: docker
+  vars:
    name: sonarr
-    image: lscr.io/linuxserver/sonarr:latest
-    restart_policy: unless-stopped
-    recreate: true
+    image:
+      name: lscr.io/linuxserver/sonarr
+      tag: latest
    volumes:
      - "{{ data_dir }}/servarr/sonarr_config:/config"
      - "{{ SERVARR_MEDIA_PATH }}:/data"
@@ -71,12 +54,14 @@
      traefik.http.routers.sonarr.tls.certresolver: letsencrypt
      traefik.http.services.sonarr.loadbalancer.server.port: "8989"

- name: Deploy Lidarr Container
-  docker_container:
+- name: Deploy Lidarr
+  include_role:
+    name: docker
+  vars:
    name: lidarr
-    image: lscr.io/linuxserver/lidarr:latest
-    restart_policy: unless-stopped
-    recreate: true
+    image:
+      name: lscr.io/linuxserver/lidarr
+      tag: latest
    env:
      PUID: "{{ PUID }}"
      PGID: "{{ PGID }}"
--- a/tasks/storage-api.yml
+++ b/tasks/storage-api.yml
@@ -1,34 +1,20 @@
 ---
- name: "Create file structure"
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/storage-api"
-    - "{{ data_dir }}/storage-api/app"
-    - "{{ data_dir }}/storage-api/files"
-
- name: "Clone latest Storage API"
-  git:
-    repo: git@git.alexav.gg:alex/storage-api.git
-    dest: "{{ data_dir }}/storage-api/app"
-
- name: "Build Storage API Docker Image"
-  docker_image:
+- name: Deploy Storage API
+  include_role:
+    name: docker
+  vars:
    name: storage-api
-    tag: "latest"
+    directories:
+      - "{{ data_dir }}/storage-api"
+      - "{{ data_dir }}/storage-api/app"
+      - "{{ data_dir }}/storage-api/files"
+    image:
+      name: storage-api
+      tag: latest
    build:
-      path: "{{ data_dir }}/storage-api/app"
-      dockerfile: Dockerfile
-    source: build
-    state: present
-
- name: Deploy Storage API Container
-  docker_container:
-    name: storage_api
-    image: storage-api:latest
-    recreate: true
-    restart_policy: unless-stopped
+      git:
+        repo: git@git.alexav.gg:alex/storage-api.git
+        dest: "{{ data_dir }}/storage-api/app"
    networks:
      - name: "{{ docker_network_name }}"
    volumes:
--- a/tasks/tautulli.yml
+++ b/tasks/tautulli.yml
@@ -1,23 +1,14 @@
 ---
- name: Create folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/tautulli"
-
- name: Pull latest Tautulli Docker Image
-  docker_image:
-    name: ghcr.io/tautulli/tautulli
-    tag: latest
-    source: pull
-
- name: Create Tautulli Docker Container
-  docker_container:
+- name: Deploy Tautulli
+  include_role:
+    name: docker
+  vars:
    name: tautulli
-    image: ghcr.io/tautulli/tautulli
-    restart_policy: unless-stopped
-    recreate: true
+    directories:
+      - "{{ data_dir }}/tautulli"
+    image:
+      name: ghcr.io/tautulli/tautulli
+      tag: latest
    networks:
      - name: homelab
    volumes:
--- a/tasks/termix.yml
+++ b/tasks/termix.yml
@@ -1,23 +1,14 @@
 ---
- name: Create folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/termix"
-
- name: Pull latest Termix Docker Image
-  docker_image:
-    name: ghcr.io/lukegus/termix
-    tag: latest
-    source: pull
-
- name: Create Termix Docker Container
-  docker_container:
+- name: Deploy Termix
+  include_role:
+    name: docker
+  vars:
    name: termix
-    image: ghcr.io/lukegus/termix:latest
-    restart_policy: unless-stopped
-    recreate: true
+    directories:
+      - "{{ data_dir }}/termix"
+    image:
+      name: ghcr.io/lukegus/termix
+      tag: latest
    networks:
      - name: homelab
    volumes:
--- a/tasks/tinyauth.yml
+++ b/tasks/tinyauth.yml
@@ -1,18 +1,16 @@
 ---
- name: Pull latest Tinyauth Docker Image
-  docker_image:
-    name: ghcr.io/steveiliop56/tinyauth
-    tag: v4
-    source: pull
-
- name: Create Tinyauth Docker Container
-  docker_container:
+- name: Deploy Tinyauth
+  include_role:
+    name: docker
+  vars:
    name: tinyauth
-    image: ghcr.io/steveiliop56/tinyauth:v4
-    restart_policy: unless-stopped
-    recreate: true
+    image:
+      name: ghcr.io/steveiliop56/tinyauth
+      tag: v4
    networks:
      - name: homelab
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock"
    env:
      USERS: "{{ TINYAUTH_USERS }}"
      SECRET: "{{ TINYAUTH_SECRET }}"
@@ -28,8 +26,6 @@
      OAUTH_WHITELIST: "{{ TINYAUTH_OAUTH_WHITELIST }}"
      APP_TITLE: "{{ TINYAUTH_APP_TITLE }}"
      BACKGROUND_IMAGE: "{{ TINYAUTH_BACKGROUND_IMAGE }}"
-    volumes:
-      - "/var/run/docker.sock:/var/run/docker.sock"
    labels:
      traefik.enable: "true"
      traefik.http.routers.tinyauth.rule: Host(`auth.fntz.net`)
--- a/tasks/uptime-kuma.yml
+++ b/tasks/uptime-kuma.yml
@@ -1,23 +1,14 @@
 ---
- name: Create folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/uptime-kuma"
-
- name: Pull latest Uptime Kuma Docker Image
-  docker_image:
-    name: louislam/uptime-kuma
-    tag: latest
-    source: pull
-
- name: Create Uptime Kuma Docker Container
-  docker_container:
+- name: Deploy Uptime Kuma
+  include_role:
+    name: docker
+  vars:
    name: uptime-kuma
-    image: louislam/uptime-kuma
-    restart_policy: unless-stopped
-    recreate: true
+    directories:
+      - "{{ data_dir }}/uptime-kuma"
+    image:
+      name: louislam/uptime-kuma
+      tag: latest
    networks:
      - name: homelab
    volumes:
--- a/tasks/vaultwarden.yml
+++ b/tasks/vaultwarden.yml
@@ -1,23 +1,14 @@
 ---
- name: Create folder structure
-  file:
-    path: "{{ item }}"
-    state: directory
-  with_items:
-    - "{{ data_dir }}/vaultwarden"
-
- name: Pull latest Vaultwarden Docker Image
-  docker_image:
-    name: vaultwarden/server
-    tag: latest
-    source: pull
-
- name: Create Vaultwarden Docker Container
-  docker_container:
+- name: Deploy Vaultwarden
+  include_role:
+    name: docker
+  vars:
    name: vaultwarden
-    image: vaultwarden/server:latest
-    restart_policy: unless-stopped
-    recreate: true
+    directories:
+      - "{{ data_dir }}/vaultwarden"
+    image:
+      name: vaultwarden/server
+      tag: latest
    networks:
      - name: homelab
    volumes:
Author	SHA1	Message	Date
Alex Frantz	7806dbb7ef	update extraction script All checks were successful Deploy Containers / Prepare (push) Successful in 4s Details	2025-11-22 17:39:26 -05:00
Alex Frantz	610c62b75a	fix update script All checks were successful Deploy Containers / Prepare (push) Successful in 4s Details	2025-11-22 17:20:46 -05:00
Alex Frantz	60ef84f37d	migrate immich All checks were successful Deploy Containers / Prepare (push) Successful in 25s Details	2025-11-22 17:20:33 -05:00
Alex Frantz	993fd8eee7	fix api All checks were successful Deploy Containers / Prepare (push) Successful in 4s Details	2025-11-22 16:54:31 -05:00
Alex Frantz	a32a59ca0a	lmao All checks were successful Deploy Containers / Prepare (push) Successful in 4s Details	2025-11-22 16:43:37 -05:00
Alex Frantz	909631952b	update api db version All checks were successful Deploy Containers / Prepare (push) Successful in 17s Details	2025-11-22 16:41:37 -05:00
Alex Frantz	5995621767	add omit to networks All checks were successful Deploy Containers / Prepare (push) Successful in 5s Details	2025-11-22 01:04:50 -05:00
Alex Frantz	77504eeffd	fix update script All checks were successful Deploy Containers / Prepare (push) Successful in 4s Details	2025-11-21 21:52:00 -05:00
Alex Frantz	078cb8edff	show stdout All checks were successful Deploy Containers / Prepare (push) Successful in 4s Details	2025-11-21 21:47:22 -05:00
Alex Frantz	023b48ace0	migrate gitea All checks were successful Deploy Containers / Prepare (push) Successful in 16s Details	2025-11-21 21:45:47 -05:00
Alex Frantz	20362a069a	remove pull command, ansible does this All checks were successful Deploy Containers / Prepare (push) Successful in 4s Details	2025-11-21 21:39:03 -05:00
Alex Frantz	4c878661e8	migrate owncloud All checks were successful Deploy Containers / Prepare (push) Successful in 16s Details	2025-11-21 21:33:45 -05:00
Alex Frantz	fb19e9eefe	migrate termix All checks were successful Deploy Containers / Prepare (push) Successful in 16s Details	2025-11-21 21:26:03 -05:00
Alex Frantz	9c32a10144	migrate storage api All checks were successful Deploy Containers / Prepare (push) Successful in 16s Details	2025-11-21 21:24:53 -05:00
Alex Frantz	18d632e4ce	migrate servarr All checks were successful Deploy Containers / Prepare (push) Successful in 16s Details	2025-11-21 21:23:15 -05:00
Alex Frantz	ea30d599a9	migrate obsidian All checks were successful Deploy Containers / Prepare (push) Successful in 16s Details	2025-11-21 21:20:48 -05:00
Alex Frantz	390a571fa4	migrate frigate All checks were successful Deploy Containers / Prepare (push) Successful in 16s Details	2025-11-21 21:18:54 -05:00
Alex Frantz	70fa7c77a8	migrate ersatz All checks were successful Deploy Containers / Prepare (push) Successful in 17s Details	2025-11-21 21:17:19 -05:00
Alex Frantz	1b1d0181c7	fix weird formatting in actions All checks were successful Deploy Containers / Prepare (push) Successful in 5s Details	2025-11-21 21:15:51 -05:00
Alex Frantz	7724c47528	whoops All checks were successful Deploy Containers / Prepare (push) Successful in 17s Details	2025-11-21 21:14:48 -05:00
Alex Frantz	2ed283ae54	migrate drop Some checks failed Deploy Containers / Prepare (push) Failing after 6s Details	2025-11-21 21:14:01 -05:00
Alex Frantz	f5a2b4c6c8	clean up logging All checks were successful Deploy Containers / Prepare (push) Successful in 5s Details	2025-11-21 03:33:05 -05:00
Alex Frantz	f6b850574d	forgot directories All checks were successful Deploy Containers / Prepare (push) Successful in 1m5s Details	2025-11-21 03:31:40 -05:00
Alex Frantz	5ea7ad74cd	fix All checks were successful Deploy Containers / Prepare (push) Successful in 5s Details	2025-11-21 03:30:00 -05:00
Alex Frantz	2897d67957	always pull image All checks were successful Deploy Containers / Prepare (push) Successful in 4s Details	2025-11-21 03:28:00 -05:00
Alex Frantz	681a876dae	migrate vaultwarden All checks were successful Deploy Containers / Prepare (push) Successful in 13s Details	2025-11-21 03:23:35 -05:00
Alex Frantz	a19de4c6a5	migrate uptime kuma All checks were successful Deploy Containers / Prepare (push) Successful in 12s Details	2025-11-21 03:22:34 -05:00
Alex Frantz	5efa6934e3	migrate tinyauth All checks were successful Deploy Containers / Prepare (push) Successful in 17s Details	2025-11-21 03:21:45 -05:00
Alex Frantz	183fb0f237	migrate tautulli All checks were successful Deploy Containers / Prepare (push) Successful in 17s Details	2025-11-21 03:20:17 -05:00
Alex Frantz	4805cca2ce	migrate pocketid All checks were successful Deploy Containers / Prepare (push) Successful in 15s Details	2025-11-21 03:18:57 -05:00
Alex Frantz	30cb6e8786	migrate pihole All checks were successful Deploy Containers / Prepare (push) Successful in 17s Details	2025-11-21 03:17:11 -05:00
Alex Frantz	a8e6ec48a6	migrate nzbget All checks were successful Deploy Containers / Prepare (push) Successful in 17s Details	2025-11-21 03:13:17 -05:00
Alex Frantz	50c6c57372	migrate homebridge All checks were successful Deploy Containers / Prepare (push) Successful in 17s Details	2025-11-21 03:10:33 -05:00