cbalders/homelab-ansible-lxc-dawarich
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial commit: Dawarich LXC role (CT 459 on pve02, .159)

Browse Source 
Self-hosted location history. 4-container compose: Rails 8 app + Sidekiq
+ PostGIS 16-3.4 + Redis 7, plus watchtower. Authentik OIDC end-to-end.
Image pinned at freikin/dawarich:1.7.11 (OIDC support requires >= 1.7.8).

PostGIS DB lives in this LXC, not on the central DB VM (.172) — central
image is postgres:16-alpine without postgis, swapping it carries broader
blast radius than colocating here. Convention exception captured in
homelab-docs project_dawarich memory.

Roles:
  - dawarich: system + Docker + compose + weekly prune timer
  - alloy:    logs+journald → Loki, node metrics → Prometheus

Bring-up sequence proven 2026-06-01. README documents the 5-trap build
chain (image version, entrypoint scripts, solid_cache SQLite bind mount,
APPLICATION_HOSTS+localhost, force_ssl+healthcheck).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Your Name
2026-06-01 21:24:09 -04:00
commit e7b8d4df17
20 changed files with 1126 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
roles/alloy/templates/docker-compose.yml.j2
+33
View File
@@ -0,0 +1,33 @@
---
# Self-contained Alloy stack on /opt/alloy. Runs independently from the
# host's main service (kestra/infisical/mcp/etc) so a service-side compose
# down doesn't take logging with it.
services:
alloy:
image: grafana/alloy:latest
container_name: alloy
restart: unless-stopped
command:
- run
- /etc/alloy/config.alloy
- --storage.path=/var/lib/alloy/data
- --server.http.listen-addr=0.0.0.0:12345
ports:
- "12345:12345"
# Share the host's PID namespace so prometheus.exporter.unix reads
# /proc with the host kernel's cgroup view (cgroup-aware MemAvailable).
# Without this, /proc/meminfo returns hybrid values: MemTotal from the
# host cgroup but Cached/SReclaimable from the container, leading to
# a ~25% MemAvailable inflation. See docs/audit/alloy-consolidation-2026-05-21.md.
pid: host
volumes:
- /opt/alloy/config.alloy:/etc/alloy/config.alloy:ro
- /var/lib/alloy:/var/lib/alloy
- /var/log/journal:/var/log/journal:ro
- /run/log/journal:/run/log/journal:ro
- /etc/machine-id:/etc/machine-id:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
# Host metric collection for prometheus.exporter.unix (node_exporter replacement)
- /:/host/rootfs:ro,rslave
- /proc:/host/proc:ro
- /sys:/host/sys:ro