Squashed commit of the following:

commit 0ecbedb Author: Martin Brose <[email protected]> Date: Sun Mar 3 21:43:35 2024 +0000 Fix issue with 2 depends_on in same yaml section (geerlingguy#583) commit 8b470f3 Author: Jeff Geerling <[email protected]> Date: Sat Feb 3 22:18:40 2024 -0600 Issue geerlingguy#575: Update remaining instances of old docker-compose command. commit d4170cf Author: Jeff Geerling <[email protected]> Date: Sat Feb 3 22:06:54 2024 -0600 Issue geerlingguy#575: Make sure handler syntax is correct for compose v2. commit 7c20fbd Author: Jeff Geerling <[email protected]> Date: Sat Feb 3 21:28:29 2024 -0600 Issue geerlingguy#575: Follow-ups to make sure initial install works well. commit 38a240b Author: Jeff Geerling <[email protected]> Date: Sat Feb 3 21:06:11 2024 -0600 Fixes geerlingguy#575: Use new docker_compose_v2 plugin. commit d53939c Author: Cedric Wille <[email protected]> Date: Sat Feb 3 21:49:04 2024 -0500 Resolve dependency issues from Debian Bookwrom and improve resolvconf update (geerlingguy#565) * Fix docker setup * Fix missing resolvconf * Update README * Fix permission issue for CI * Fix CI error commit 4c0bb07 Author: Jeff Geerling <[email protected]> Date: Sat Feb 3 20:47:53 2024 -0600 Fixes geerlingguy#569: Updated instructions inside Internet Monitoring directory. commit 7925370 Author: James Byers <[email protected]> Date: Tue Aug 22 04:29:56 2023 +0200 Set allowUiUpdates: true to allow saving dashboard state and adding new dashboards (geerlingguy#541) commit c8d3f40 Author: Nick Bachicha <[email protected]> Date: Wed Aug 16 18:46:38 2023 -0600 Add missing Buster backports apt keys (geerlingguy#538) commit 98c83ad Author: jerzerisz <[email protected]> Date: Mon Jul 17 22:24:01 2023 -0400 update container tags to :latest (geerlingguy#524) added volume: - /etc/localtime:/etc/localtime:ro to syncronize time & timezone to containers commit 7657dd9 Author: Jeff Geerling <[email protected]> Date: Mon Jul 10 16:53:19 2023 -0500 Fixing some linting. commit e3d1875 Author: Jeff Geerling <[email protected]> Date: Mon Jul 10 16:48:27 2023 -0500 Make stale workflow run to test it. commit 088962e Author: Jeff Geerling <[email protected]> Date: Mon Jul 10 16:46:43 2023 -0500 Move stale workflow into workflows directory. commit a7705f9 Author: jerzerisz <[email protected]> Date: Mon Jul 10 17:38:01 2023 -0400 update stale actions per: (geerlingguy#529) https://docs.github.com/en/actions/managing-issues-and-pull-requests/closing-inactive-issues commit e605493 Author: Gianpaolo Macario <[email protected]> Date: Tue Jun 13 06:30:11 2023 +0200 README.md: Use relative URL for images (geerlingguy#517) Small fix to be able to display inline images when the repository is imported as a git submodule commit f4de972 Author: Jeff Geerling <[email protected]> Date: Mon Feb 20 22:38:08 2023 -0600 Some Linty fixes. commit 861e0f4 Author: Jeff Geerling <[email protected]> Date: Mon Feb 20 21:22:01 2023 -0600 Issue geerlingguy#492: Update pi-hole tasks to use path from first task.
jan-chvojka · Apr 10, 2024 · 3248921 · 3248921
1 parent 786c45e
commit 3248921
Showing 17 changed files with 120 additions and 131 deletions.
diff --git a/.ansible-lint b/.ansible-lint
@@ -2,3 +2,4 @@
 skip_list:
   - 'fqcn-builtins'
   - 'no-handler'
+  - 'no-changed-when'
diff --git a/.github/stale.yml b/.github/stale.yml
diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
@@ -0,0 +1,34 @@
+---
+name: Close inactive issues
+'on':
+  schedule:
+    - cron: "55 21 * * 1"  # semi-random time
+
+jobs:
+  close-issues:
+    runs-on: ubuntu-latest
+    permissions:
+      issues: write
+      pull-requests: write
+    steps:
+      - uses: actions/stale@v8
+        with:
+          days-before-stale: 120
+          days-before-close: 60
+          exempt-issue-labels: bug,pinned,security,planned
+          exempt-pr-labels: bug,pinned,security,planned
+          stale-issue-label: "stale"
+          stale-pr-label: "stale"
+          stale-issue-message: |
+            This issue has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution!
+            
+            Please read [this blog post](https://www.jeffgeerling.com/blog/2020/enabling-stale-issue-bot-on-my-github-repositories) to see the reasons why I mark issues as stale.
+          close-issue-message: |
+            This issue has been closed due to inactivity. If you feel this is in error, please reopen the issue or file a new issue with the relevant details.
+          stale-pr-message: |
+            This pr has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution!
+            
+            Please read [this blog post](https://www.jeffgeerling.com/blog/2020/enabling-stale-issue-bot-on-my-github-repositories) to see the reasons why I mark issues as stale.
+          close-pr-message: |
+            This pr has been closed due to inactivity. If you feel this is in error, please reopen the issue or file a new issue with the relevant details.
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.yamllint b/.yamllint
@@ -7,4 +7,4 @@ rules:
     level: warning
 
 ignore: |
-  .github/stale.yml
+  .github/workflows/stale.yml
diff --git a/README.md b/README.md
@@ -12,11 +12,11 @@ So that's what this is.
 
 **Internet Monitoring**: Installs Prometheus and Grafana, along with a few Docker containers to monitor your Internet connection with Speedtest.net speedtests and HTTP tests so you can see uptime, ping stats, and speedtest results over time.
 
-![Internet Monitoring Dashboard in Grafana](/images/internet-monitoring.png)
+![Internet Monitoring Dashboard in Grafana](images/internet-monitoring.png)
 
 **Pi-hole**: Installs the Pi-hole Docker configuration so you can use Pi-hole for network-wide ad-blocking and local DNS. Make sure to update your network router config to direct all DNS queries through your Raspberry Pi if you want to use Pi-hole effectively!
 
-![Pi-hole on the Internet Pi](/images/pi-hole.png)
+![Pi-hole on the Internet Pi](images/pi-hole.png)
 
 Other features:
 
@@ -40,23 +40,25 @@ It should also work with Ubuntu for Pi, or Arch Linux, but has not been tested o
 
 ## Setup
 
-1. [Install Ansible](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html). The easiest way (especially on Pi or a Debian system) is via Pip:
-   1. (If on Pi/Debian): `sudo apt-get install -y python3-pip`
-   2. (Everywhere): `pip3 install ansible`
-2. Clone this repository: `git clone https://github.com/geerlingguy/internet-pi.git`, then enter the repository directory: `cd internet-pi`.
-3. Install requirements: `ansible-galaxy collection install -r requirements.yml` (if you see `ansible-galaxy: command not found`, restart your SSH session or reboot the Pi and try again)
-4. Make copies of the following files and customize them to your liking:
-   - `example.inventory.ini` to `inventory.ini` (replace IP address with your Pi's IP, or comment that line and uncomment the `connection=local` line if you're running it on the Pi you're setting up).
-   - `example.config.yml` to `config.yml`
-5. Run the playbook: `ansible-playbook main.yml` or `ansible-playbook main.yml -i ./inventory.ini`
+  1. [Install Ansible](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html). The easiest way (especially on Pi or a Debian system) is via Pip:
+     1. (If on Pi/Debian): `sudo apt-get install -y python3-pip`
+     2. (Everywhere): `pip3 install ansible`
+     3. If you get an error like "externally-managed-environment", follow [this guide to fix it](https://www.jeffgeerling.com/blog/2023/how-solve-error-externally-managed-environment-when-installing-pip3), then run `pip3 install ansible` again.
+     4. Make sure Ansible is in your PATH: `export PATH=$PATH:~/.local/bin` (and consider [adding it permanently](https://askubuntu.com/a/1113838)).
+  2. Clone this repository: `git clone https://github.com/geerlingguy/internet-pi.git`, then enter the repository directory: `cd internet-pi`.
+  3. Install requirements: `ansible-galaxy collection install -r requirements.yml` (if you see `ansible-galaxy: command not found`, restart your SSH session or reboot the Pi and try again)
+  4. Make copies of the following files and customize them to your liking:
+     - `example.inventory.ini` to `inventory.ini` (replace IP address with your Pi's IP, or comment that line and uncomment the `connection=local` line if you're running it on the Pi you're setting up).
+     - `example.config.yml` to `config.yml`
+  5. Run the playbook: `ansible-playbook main.yml`
 
-> **If running locally on the Pi**: You may encounter an error like "Error while fetching server API version". If you do, please either reboot or log out and log back in, then run the playbook again.
+> **If running locally on the Pi**: You may encounter an error like "Error while fetching server API version" or "connect: permission denied". If you do, please either reboot or log out and log back in, then run the playbook again.
 
 ## Usage
 
 ### Pi-hole
 
-Visit the Pi's IP address (e.g. http://192.168.1.10/) and use the `pihole_password` you configured in your `config.yml` file. An existing pi-hole installation can be left unaltered by disabling the setup of this proyect's installation in your `config.yml` (`pihole_enable: false`)
+Visit the Pi's IP address (e.g. http://192.168.1.10/admin) and use the `pihole_password` you configured in your `config.yml` file. An existing pi-hole installation can be left unaltered by disabling the setup of this project's installation in your `config.yml` (`pihole_enable: false`)
 
 ### Grafana
 
@@ -94,15 +96,15 @@ prometheus_node_exporter_targets:
 To upgrade Pi-hole to the latest version, run the following commands:
 
 ```bash
-cd ~/pi-hole #
-docker-compose pull             # pulls the latest images
-docker-compose up -d --no-deps  # restarts containers with newer images
+cd ~/pi-hole # 
+docker compose pull             # pulls the latest images
+docker compose up -d --no-deps  # restarts containers with newer images
 docker system prune --all       # deletes unused images
 ```
 
 ### Configurations and internet-monitoring images
 
-Upgrades for the other configurations are similar (go into the directory, and run the same `docker-compose` commands. Make sure to `cd` into the `config_dir` that you use in your `config.yml` file.
+Upgrades for the other configurations are similar (go into the directory, and run the same `docker compose` commands. Make sure to `cd` into the `config_dir` that you use in your `config.yml` file. 
 
 Alternatively, you may update the initial `config.yml` in the the repo folder and re-run the main playbook: `ansible-playbook main.yml`. At some point in the future, a dedicated upgrade playbook may be added, but for now, upgrades may be performed manually as shown above.
 
@@ -119,16 +121,16 @@ To remove `internet-pi` from your system, run the following commands (assuming t
 cd ~/internet-monitoring
 
 # Shut down internet-monitoring containers and delete data volumes.
-docker-compose down -v
+docker compose down -v
 
 # Enter the pi-hole directory.
 cd ~/pi-hole
 
 # Shutdown pi-hole containers and delete data volumes.
-docker-compose down -v
+docker compose down -v
 
 # Delete all the unused container images, volumes, etc. from the system.
-docker system prune -f
+docker system prune -af
 ```
 
 Do the same thing for any of the other optional directories added by this project (e.g. `shelly-plug-prometheus`, `starlink-exporter`, etc.).

diff --git a/internet-monitoring/README.md b/internet-monitoring/README.md
@@ -12,11 +12,7 @@ Make sure Docker and [Docker Compose](https://docs.docker.com/compose/install/)
 
 ## Quick Start
 
-```
-git clone https://github.com/geerlingguy/internet-monitoring
-cd internet-monitoring
-docker-compose up -d
-```
+Follow the directions inside the main README file in this repository (make sure you have `monitoring_enable: true` in your `config.yml` before running the Ansible playbook).
 
 Go to [http://localhost:3030/d/o9mIe_Aik/internet-connection](http://localhost:3030/d/o9mIe_Aik/internet-connection) (change `localhost` to your docker host ip/name).
 
@@ -28,7 +24,7 @@ For speedtest the only relevant configuration is how often you want the check to
 
 Once configurations are done, run the following command:
 
-    $ docker-compose up -d
+    $ docker compose up -d
 
 That's it. docker-compose builds the entire Grafana and Prometheus stack automagically.
 

diff --git a/internet-monitoring/grafana/provisioning/dashboards/dashboard.yml b/internet-monitoring/grafana/provisioning/dashboards/dashboard.yml
@@ -8,5 +8,6 @@ providers:
     type: file
     disableDeletion: false
     editable: true
+    allowUiUpdates: true
     options:
       path: /etc/grafana/provisioning/dashboards
diff --git a/main.yml b/main.yml
@@ -1,5 +1,6 @@
 ---
-- hosts: internet_pi
+- name: Configure Internet Pi.
+  hosts: internet_pi
   become: true
 
   pre_tasks:

diff --git a/tasks/debian-libseccomp-update.yml b/tasks/debian-libseccomp-update.yml
@@ -6,6 +6,8 @@
   loop:
     - 04EE7237B7D453EC
     - 648ACFD622F3D138
+    - 0E98404D386FA1D9
+    - 6ED0E7B82643E131
 
 - name: Add Buster backports for fixed libseccomp2.
   ansible.builtin.apt_repository:

diff --git a/tasks/docker.yml b/tasks/docker.yml
@@ -34,6 +34,8 @@
       - python3-pip
       - git
       - rsync
+      - docker-compose-plugin
+      - resolvconf
     state: present
   when: ansible_facts.os_family == "Debian"
 
@@ -46,15 +48,10 @@
       - python-pip
       - git
       - rsync
+      - docker-compose-plugin
     state: present
   when: ansible_facts.os_family == "Archlinux"
 
-- name: Install Docker Compose using Pip.
-  ansible.builtin.pip:
-    name: docker-compose
-    state: present
-    executable: pip3
-
 - name: "Ensure user is added to the docker group: {{ ansible_user }}"
   ansible.builtin.user:
     name: "{{ ansible_user }}"

diff --git a/tasks/handlers.yml b/tasks/handlers.yml
@@ -7,31 +7,31 @@
   become: false    
 
 - name: Restart pi-hole
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
     project_src: "{{ config_dir }}/pi-hole/"
-    build: false
-    restarted: true
+    build: never
+    state: restarted
   become: false
 
 - name: Restart internet-monitoring
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
     project_src: "{{ config_dir }}/internet-monitoring/"
-    build: false
-    restarted: true
+    build: never
+    state: restarted
   become: false
 
 - name: Restart shelly-plug-prometheus
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
     project_src: "{{ config_dir }}/shelly-plug-prometheus/"
-    build: false
-    restarted: true
+    build: never
+    state: restarted
   become: false
 
 - name: Restart starlink-exporter
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
     project_src: "{{ config_dir }}/starlink-exporter/"
-    build: false
-    restarted: true
+    build: never
+    state: restarted
   become: false
 
 - name: Restart influxdb

diff --git a/tasks/internet-monitoring.yml b/tasks/internet-monitoring.yml
@@ -45,7 +45,7 @@
   become: false
 
 - name: Ensure internet-monitoring environment is running.
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
     project_src: "{{ config_dir }}/internet-monitoring/"
-    build: false
+    build: never
   become: false
diff --git a/tasks/pi-hole.yml b/tasks/pi-hole.yml
@@ -5,23 +5,30 @@
     state: directory
     mode: 0755
   become: false
+  register: pi_hole_dir
 
 - name: Copy Pi-hole docker-compose template to Pi.
   ansible.builtin.template:
     src: templates/pi-hole-docker-compose.yml.j2
-    dest: "{{ config_dir }}/pi-hole/docker-compose.yml"
+    dest: "{{ pi_hole_dir.path }}/docker-compose.yml"
     mode: '0640'
   become: false
   notify: Restart pi-hole
 
 # TODO: The first time this playbook is run, the `pi` user may not be added
 # to the `docker` group, so this task may fail.
 - name: Ensure Pi-hole is running.
-  community.docker.docker_compose:
-    project_src: "{{ config_dir }}/pi-hole/"
-    build: false
+  community.docker.docker_compose_v2:
+    project_src: "{{ pi_hole_dir.path }}/"
+    build: never
   become: false
 
+- name: Ensure resolveconf exists.
+  ansible.builtin.file:
+    path: "/etc/resolvconf.conf"
+    state: touch
+    mode: "744"
+
 - name: Update resolveconf for local name server use.
   ansible.builtin.lineinfile:
     line: "name_servers=127.0.0.1"

diff --git a/tasks/shelly-plug.yml b/tasks/shelly-plug.yml
@@ -17,9 +17,9 @@
   notify: Restart shelly-plug-prometheus
 
 - name: Ensure Shelly Plug Prometheus exporter is running.
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
     project_src: "{{ config_dir }}/shelly-plug-prometheus/"
-    build: false
+    build: never
   become: false
 
 - name: Copy shelly dashboard config to grafana

diff --git a/tasks/starlink.yml b/tasks/starlink.yml
@@ -15,9 +15,9 @@
   notify: Restart starlink-exporter
 
 - name: Ensure Starlink Prometheus exporter is running.
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
     project_src: "{{ config_dir }}/starlink-exporter/"
-    build: false
+    build: never
   become: false
 
 - name: Copy starlink dashboard config to grafana.

diff --git a/templates/docker-compose.yml.j2 b/templates/docker-compose.yml.j2
@@ -15,21 +15,23 @@ networks:
 services:
 {% if domain_name_enable %}
   nginx-proxy:
-    image: nginxproxy/nginx-proxy
+    image: nginxproxy/nginx-proxy:latest
     restart: always
     ports:
       - "80:80"
     networks:
       - back-tier
       - front-tier
     volumes:
+      - /etc/localtime:/etc/localtime:ro
       - /var/run/docker.sock:/tmp/docker.sock:ro
 {% endif %}
 
   prometheus:
-    image: prom/prometheus:v2.25.2
+    image: prom/prometheus:latest
     restart: always
     volumes:
+      - /etc/localtime:/etc/localtime:ro
       - ./prometheus/:/etc/prometheus/
       - prometheus_data:/prometheus
     command:
@@ -54,64 +56,66 @@ services:
 {% endif %}
 
   grafana:
-    image: grafana/grafana
+    image: grafana/grafana:latest
     restart: always
     volumes:
+      - /etc/localtime:/etc/localtime:ro
       - grafana_data:/var/lib/grafana
       - ./grafana/provisioning/:/etc/grafana/provisioning/
-    depends_on:
-      - prometheus
     ports:
       - 3030:3000
     env_file:
       - ./grafana/config.monitoring
     networks:
       - back-tier
       - front-tier
-{% if domain_name_enable and domain_name and domain_grafana %}
     depends_on:
+      - prometheus
+{% if domain_name_enable and domain_name and domain_grafana %}
       - nginx-proxy
     environment:
       - VIRTUAL_HOST={{ domain_grafana }}.{{ domain_name }}
       - VIRTUAL_PORT=3000
 {% endif %}
 
   ping:
-    tty: true
-    stdin_open: true
+    image: prom/blackbox-exporter:latest
+    restart: always
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - ./blackbox/config:/config
     expose:
       - 9115
     ports:
       - 9115:9115
-    image: prom/blackbox-exporter
-    restart: always
-    volumes:
-      - ./blackbox/config:/config
+    tty: true
+    stdin_open: true
     command:
       - '--config.file=/config/blackbox.yml'
     networks:
       - back-tier
 
   speedtest:
+    image: miguelndecarvalho/speedtest-exporter:latest
+    restart: always
     expose:
       - 9798
     ports:
       - 9798:9798
-    image: miguelndecarvalho/speedtest-exporter
-    restart: always
     networks:
       - back-tier
 
   nodeexp:
+    image: prom/node-exporter:latest
+    restart: always
     privileged: true
-    image: prom/node-exporter
     volumes:
+      - /etc/localtime:/etc/localtime:ro
       - /proc:/host/proc:ro
       - /sys:/host/sys:ro
       - /:/rootfs:ro
     ports:
       - 9100:9100
-    restart: always
     command:
       - '--path.procfs=/host/proc'
       - '--path.sysfs=/host/sys'

diff --git a/templates/pi-hole-docker-compose.yml.j2 b/templates/pi-hole-docker-compose.yml.j2
@@ -14,6 +14,7 @@ services:
   pihole:
     container_name: pihole
     image: pihole/pihole:latest
+    restart: unless-stopped
     hostname: '{{ pihole_hostname }}'
     network_mode: host
 #     ports:
@@ -43,6 +44,7 @@ services:
       - 127.0.0.1
       - 8.8.8.8
     volumes:
+      - /etc/localtime:/etc/localtime:ro
       - './etc-pihole/:/etc/pihole/'
       - './etc-dnsmasq.d/:/etc/dnsmasq.d/'
     cap_add:
@@ -62,11 +64,11 @@ services:
       - "{{ domain_prometheus }}.{{ domain_name }}:{{ ansible_facts['default_ipv4']['address'] }}"
 {% endif %}
 {% endif %}
-    restart: unless-stopped
 
   pihole-exporter:
     container_name: pihole-exporter
     image: ekofr/pihole-exporter:latest
+    restart: unless-stopped
     hostname: 'pihole-exporter'
     ports:
       - "9617:9617"
@@ -75,4 +77,3 @@ services:
       PIHOLE_PASSWORD: '{{ pihole_password }}'
       INTERVAL: '30s'
       PORT: 9617
-    restart: unless-stopped