inputs.docker does not support perdevice and total

roles/backup/files/config/docker01_includes.txt

@@ -1,2 +1 @@
-/opt/docker
 /var/lib/docker/volumes

roles/backup/files/config/podman01_includes.txt

@@ -0,0 +1 @@
+/var/lib/containers

roles/backup/vars/main.yml

@@ -1,7 +1,7 @@
 hosts_to_backup:
   - { hostname: "mariadb02", fqdn: "mariadb02.universe.local." }
   - { hostname: "haproxy02", fqdn: "haproxy02.universe.local." }
-  - { hostname: "AdGuard", fqdn: "AdGuard.universe.local." }
+  - { hostname: "mail", fqdn: "mail.universe.local." }
   - { hostname: "owntrack", fqdn: "owntrack.universe.local." }
   - { hostname: "endor", fqdn: "endor.universe.local." }
   - { hostname: "step-ca", fqdn: "step-ca.universe.local." }
@@ -10,36 +10,42 @@ hosts_to_backup:
   - { hostname: "searx", fqdn: "searx.universe.local." }
   - { hostname: "dnspri", fqdn: "dnspri.universe.local." }
   - { hostname: "gs1900-8hp", fqdn: "gs1900-8hp.universe.local." }
+  - { hostname: "librenms", fqdn: "librenms.universe.local." }
   - { hostname: "webserver", fqdn: "webserver.universe.local." }
   - { hostname: "agh01", fqdn: "agh01.universe.local." }
   - { hostname: "mastodon", fqdn: "mastodon.universe.local." }
+  - { hostname: "icinga", fqdn: "icinga.universe.local." }
   - { hostname: "haproxy01", fqdn: "haproxy01.universe.local." }
+  - { hostname: "freeradius", fqdn: "freeradius.universe.local." }
   - { hostname: "dhcp-kea", fqdn: "dhcp-kea.universe.local." }
   - { hostname: "pi-alert-lan", fqdn: "pi-alert-lan.universe.local." }
   - { hostname: "mariadb01", fqdn: "mariadb01.universe.local." }
   - { hostname: "dhcp-stork", fqdn: "dhcp-stork.universe.local." }
+  - { hostname: "paperless", fqdn: "paperless.universe.local." }
   - { hostname: "truenas", fqdn: "truenas.universe.local." }
+  - { hostname: "grafana", fqdn: "grafana.universe.local." }
   - { hostname: "idrac-dell", fqdn: "idrac-dell.universe.local." }
   - { hostname: "docker01", fqdn: "docker01.universe.local." }
   - { hostname: "pi-alert", fqdn: "pi-alert.universe.local." }
-  - { hostname: "tatooine", fqdn: "tatooine.universe.local." }
+  - { hostname: "pixelfed", fqdn: "pixelfed.universe.local." }
   - { hostname: "pve2", fqdn: "pve2.universe.local." }
   - { hostname: "dnssec2", fqdn: "dnssec2.universe.local." }
   - { hostname: "pve", fqdn: "pve.universe.local." }
-  - { hostname: "jitsimeet", fqdn: "jitsimeet.universe.local." }
   - { hostname: "haproxy", fqdn: "haproxy.universe.local." }
   - { hostname: "homeassistant", fqdn: "homeassistant.universe.local." }
   - { hostname: "ns1", fqdn: "ns1.universe.local." }
-  - { hostname: "pve-ha", fqdn: "pve-ha.universe.local." }
   - { hostname: "backup", fqdn: "backup.universe.local." }
   - { hostname: "tinyproxy", fqdn: "tinyproxy.universe.local." }
-  - { hostname: "bastion", fqdn: "bastion.universe.local." }
   - { hostname: "tatooine2", fqdn: "tatooine2.universe.local." }
   - { hostname: "mailcow", fqdn: "mailcow.universe.local." }
   - { hostname: "netbox", fqdn: "netbox.universe.local." }
+  - { hostname: "AdGuard", fqdn: "AdGuard.universe.local." }
   - { hostname: "samba-ad-dc2", fqdn: "samba-ad-dc2.universe.local." }
+  - { hostname: "graylog", fqdn: "graylog.universe.local." }
   - { hostname: "bmc-truenas", fqdn: "bmc-truenas.universe.local." }
+  - { hostname: "shinobi", fqdn: "shinobi.universe.local." }
   - { hostname: "nextcloud", fqdn: "nextcloud.universe.local." }
+  - { hostname: "podman01", fqdn: "podman01.universe.local." }
   - { hostname: "docker02", fqdn: "docker02.universe.local." }
   - { hostname: "dnssec1", fqdn: "dnssec1.universe.local." }
   - { hostname: "samba-ad-dc1", fqdn: "samba-ad-dc1.universe.local." }

roles/base/tasks/software/aur_helper.yml

@@ -22,10 +22,10 @@
     validate: "visudo -cf %s"
   when: ansible_facts['os_family'] == "Archlinux"
 
-- name: "[Arch] Install AUR helper"
+# - name: "[Arch] Install AUR helper"
-  community.general.aur:
+#   community.general.aur:
-    name: "{{ aur_helper }}"
+#     name: "{{ aur_helper }}"
-    state: present
+#     state: present
-    use: makepkg
+#     use: makepkg
-  become_user: "{{ aur_build_user }}"
+#   become_user: "{{ aur_build_user }}"
-  when: ansible_facts['os_family'] == "Archlinux"
+#   when: ansible_facts['os_family'] == "Archlinux"

roles/docker/files/telegraf.d/input_docker.conf

@@ -6,9 +6,7 @@
   container_name_include = []
   container_name_exclude = []
   timeout = "5s"
-  perdevice = false
   perdevice_include = ["cpu", "blkio", "network"]
-  total = false
   total_include = ["cpu", "blkio", "network"]
   docker_label_include = []
-  docker_label_exclude = []
+  docker_label_exclude = []

roles/reverseproxy/defaults/main.yml

@@ -1,9 +0,0 @@
-caddy_email: "admin@example.com"
-
-portal_domain: "portal.example.com"
-
-nextcloud_domain: "nextcloud.example.net"
-nextcloud_target: "10.0.10.12:80"
-
-gitea_domain: "git.example.net"
-gitea_target: "10.0.10.13:3000"

roles/reverseproxy/handlers/main.yml

@@ -1,11 +0,0 @@
----
-- name: reload systemd
-  command: systemctl daemon-reload
-
-- name: restart caddy-portal
-  systemd:
-    name: caddy-portal
-    state: restarted
-
-- name: reload caddy
-  command: caddy reload --config /etc/caddy/Caddyfile

roles/reverseproxy/tasks/caddy.yml

@@ -12,7 +12,7 @@
     when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
   - ansible.builtin.import_tasks: caddy_config.yml
   - ansible.builtin.import_tasks: caddy_service.yml
-  - ansible.builtin.import_tasks: install_caddy_portal.yml
+
   rescue:
     - set_fact: task_failed=true
     

roles/reverseproxy/tasks/caddy_install.yml

@@ -0,0 +1,37 @@
+---
+- name: Install dependencies
+  apt:
+    name:
+      - curl
+      - unzip
+      - git
+      - build-essential
+    state: present
+    update_cache: yes
+
+- name: Download xcaddy
+  get_url:
+    url: https://github.com/caddyserver/xcaddy/releases/download/v0.9.5/xcaddy_0.9.5_linux_amd64.tar.gz
+    dest: /tmp/xcaddy.tar.gz
+
+- name: Extract xcaddy
+  unarchive:
+    src: /tmp/xcaddy.tar.gz
+    dest: /usr/local/bin/
+    mode: 0755
+    remote_src: yes
+
+- name: Build Caddy with PowerDNS DNS plugin
+  command: >
+    xcaddy build
+    --with github.com/caddy-dns/powerdns
+  args:
+    chdir: /usr/local/bin
+    creates: /usr/local/bin/caddy-custom
+
+- name: Move custom caddy binary
+  copy:
+    src: /usr/local/bin/caddy
+    dest: /usr/local/bin/caddy
+    mode: 0755
+    remote_src: yes

roles/reverseproxy/tasks/install_caddy_portal.yml

@@ -1,34 +0,0 @@
----
-- name: Create caddy-portal directory
-  file:
-    path: /opt/caddy-portal
-    state: directory
-    owner: root
-    group: root
-    mode: '0755'
-
-- name: Download caddy-portal installer
-  get_url:
-    url: "https://github.com/caddy-portal/caddy-portal/releases/latest/download/install.sh"
-    dest: /opt/caddy-portal/install.sh
-    mode: "0755"
-
-- name: Run caddy-portal installer
-  command: bash /opt/caddy-portal/install.sh
-  args:
-    creates: /usr/local/bin/caddy-portal
-  register: portal_install
-
-- name: Install systemd service for caddy-portal
-  template:
-    src: caddy-portal.service.j2
-    dest: /etc/systemd/system/caddy-portal.service
-  notify:
-    - reload systemd
-    - restart caddy-portal
-
-- name: Enable caddy-portal
-  systemd:
-    name: caddy-portal
-    enabled: true
-    state: started

roles/reverseproxy/templates/caddy-portal.service.j2

@@ -1,14 +0,0 @@
-[Unit]
-Description=Caddy Portal
-After=network-online.target
-Wants=network-online.target
-
-[Service]
-ExecStart=/usr/local/bin/caddy-portal server
-Restart=always
-RestartSec=5
-User=root
-WorkingDirectory=/opt/caddy-portal
-
-[Install]
-WantedBy=multi-user.target

roles/server/tasks/utilities/telegraf.yml

@@ -24,12 +24,12 @@
 
 - name: server | telegraf | verify and import key
   ansible.builtin.shell:
-    cmd: "gpg --show-keys --with-fingerprint --with-colons /tmp/influxdata.key 2>&1 | grep -q '^fpr:\\+24C975CBA61A024EE1B631787C3D57159FC2F927:$' && cat /tmp/influxdata.key | gpg --dearmor | tee /etc/apt/keyrings/influxdata.gpg > /dev/null"
+    cmd: "gpg --show-keys --with-fingerprint --with-colons /tmp/influxdata.key 2>&1 | grep -q '^fpr:\\+24C975CBA61A024EE1B631787C3D57159FC2F927:$' && cat /tmp/influxdata.key | gpg --dearmor | tee /usr/share/keyrings/influxdata.gpg > /dev/null"
-    creates: "/etc/apt/trusted.gpg.d/influxdata.gpg"
+    creates: "/usr/share/keyrings/influxdata.gpg"
 
 - name: server | telegraf | add repository
   ansible.builtin.shell:
-    cmd: "echo 'deb [signed-by=/etc/apt/keyrings/influxdata.gpg] https://repos.influxdata.com/debian stable main' | tee /etc/apt/sources.list.d/influxdata.list"
+    cmd: "echo 'deb [signed-by=/usr/share/keyrings/influxdata.gpg] https://repos.influxdata.com/debian stable main' | tee /etc/apt/sources.list.d/influxdata.list"
     creates: "/etc/apt/sources.list.d/influxdata.list"
 
 - name: server | telegraf | install telegraf