Merge pull request 'feature/treafik: Add mising files, make role work without doing anything that is not automatic' (#2) from feature/treafik into main

Reviewed-on: unhb_admin/ansible#2
This commit is contained in:
erebion 2023-11-28 13:59:17 +01:00
commit dced2eb58e
6 changed files with 123 additions and 81 deletions

View file

@ -65,6 +65,7 @@ firewall_ports:
- 21117/tcp # Rustdesk - 21117/tcp # Rustdesk
traefik_container_name: "traefik" traefik_container_name: "traefik"
traefik_dashboard_hostname: "traefik.un-hack-bar.de"
version: version:
authentik: "2023.10.3" authentik: "2023.10.3"

View file

@ -1,46 +1,50 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
38626432353832643761633761353333306230386661323266323463643266366464346632396232 39663531646261623063306461623531383931653762613831656461313064376561336138663733
6230646530376638666631306636393830306433366265640a656266663039396131633330666537 6434313637646163656637323234613335323031363933330a373661353061373033333063336331
33636564663337633563333236383739393833303934333833373964316337306636646434356337 31646266353135336237386163623861306463613733633964656462366634306361646365313566
6139393666663164320a633761353161653332353234616334356630663939313730366461303030 6239323762343662630a626336326137346261306363643862376636323266393362353437623161
30363864346234353532346362636437306238306263346564366265623964633638303361343963 33356635303231346363613537396631643130313033646332323565666434373066613662353161
62356632633764373734663665316238646232663030373135633830613835376536303966323436 37346366666663336639663664616134366264383061643336356135343631626332656466373638
31653234623765373831353233653036326233613930323463663437386337633132636461333764 38666363336139343739353931313062613430653735376532613866313062663032613432346330
39646537663739393937303465393563613665623162616438346462643135323035393964356262 34653139316539373131393363303736386433363734616432326430346636653762363935363032
37353531343662346532633666366337393865383235623461333632363738313234666431363766 63633861333663626566323539366362633665666537653765313361353963343133326638643538
39643262396163663432346361323430633361353565356430326433383336366661316335663335 62643035383936666637333135616662343436303864373665613463363834623363623366613164
39353963336235353932353963356335333534613535653134613834383433393337396666623438 61633536613438636433653935333437653432656232633936346438323439353662373165626630
32356365396339323264633939663364356230663333613161313539366539396530316565383831 37356333646166303837373738643465353635376531623231623937666633613165643434356535
62633032666335383434623661323861666533663935393531346636313930396231346336306235 39353833366435396639646331666433353431353137393531653539303538313064313534376330
61636131376664356635393736363235653537323932356639633135386238313438666239323763 32376131386530373032373235323765663836663962663262363532303866323331663130623864
31616165663932333630333465316430326462373136323036396336356261656664383934343238 66313631646234323639613362653230363363326564633033623136643439653461373439376331
37633631323931386364633331346264666236393730386434343935393131343566383333303632 64303162613235333639613663373833643632376238316130333764373334616531303761393861
35383732613663373539343633393161343337373438363233333661386139323966306465313461 63303464653436393062343164306631646161333064303230366264313332303365326235383931
66323431643463386363663439383165646539393836613164646461386130663561396132653137 34666466626266333761373837373730633030356163333538313434666238623432623965383262
32613435373664336636346331313533373630323134326432633534366562336331353962326265 64626661323464323465643761356332343365316535343964353836346339313132333937333939
30366638623966383438366464303562353162663063393766383635386639363164396235326537 31656338613739363633373838363862343763613061373463306161643131653264646664323966
64643234613934663736316530343338643630656138396462653938386132376139353238613838 62653638646438336531633534336663326631303461613661383830353564363862373966343862
36663632636565323736383130313934333230363437653631383136643063626433356635363036 61373366326366366137333765376566663638366366303264363366363838646136306330313361
38343036313463643864376632616139613664656639663636386231666132306363326335343331 39306430333234363664383039373764636431303934323664646430303863383131623237356433
38373833653964343030636639346635613563633933393665393332613134393338326664303064 66316434323161653764363361383563643734366635356539386561316135663736303831353264
34313337623034346465643362353762346231346364383837386634356362396633346434343234 61346131633831613365313966626363393765376639326263643237346333363033313763376533
32303835623164396264623230313539366430376539346338306432653935633365366566656462 32396132666164396338653439626436396661366131623234646564356232353764303931313337
39373933613864313265386664336262343830323637356333373437303133393137303333623533 64636365313739343864346333396235623963303061396262653230353533613564636163656262
33626430643131653861383830646332366431363562373434323734373136366162386533633038 33376663663231343266336131613634623233633733343130636133316336363433666134393166
30356261633564346431633436646236346430393531313331666461386235316264376532626234 36633831373762373464376633613430633839333061303531376462626432333264333232356238
37333665396463396330313562303532356464383031396537313263663965336265613133653033 30663461653461626236633865346639363536666264663036653961623737343434306133663735
66316665323536363937326531643766623630376535663935356335623031383233356536653461 30356464343831623463393262646131336538376232323366316666386462653939336365613663
30326466316334343861353265363331623630343939636136646263343538643462643936663238 63613264623861386332663534313562636134373736396263653336393365323665666161336634
61353034386661326462343262656463343539663435383963646531646335636239313036613232 31656536393161653866363933356266323566666438353237656531356162636234323865386437
66366664326562663837396232353831363831386261363532643164306564383331373962393039 62653333623738323264313331303565646533663037633837366632303136633330643132613039
38613538376663393766393264336164333138353938393031313865306133646465626664386537 35393933613161363431643565353234393861636535643463636362306533353961656636383366
32343237323165653634313238623561333664646265313433363564383438643665363764613237 61323366663765373339646363383435306537376336633833393238633238623338303161336332
62396564303135613836356433633632613939313730653930663536316135363565356632636436 39656463303134623461383761613431653439343038623661363765333166363239316435646631
35323764653361363666323461333863353461643434386466353130343932326462333961663333 37346237346466313439653263326262616130613664613332343065636130353661633662393666
39383337303735373762326365306165663133343632616465623338353637333936386130336564 66306234346661303334383363333831323763336663383030633164623230343530383365316565
34366165386566363535323066393932646666643164303264646364653234393433613636333261 64323732653165653535643838376264313930376632373835623866356462626630333833663366
34363734653135336663663035653332383931316362356231306266623131663462396363383033 32623335333435333437653063393633323732636531353334613333353233633536373533326636
61636661653766373437303738666136393231653965303739616138343230323338306231306637 33646264363136343238626133663231653238396539326462326362633839333031383432656465
64323263363363316561303138366464626365373032353239343530316637626462363636303365 38353735623133386564626133663261643030626365303139613832306130613337663062613834
62313631316231313632396464646135653534363438376338636263663438653737623165316131 33653962636431356534653036326434386466616438666131363834353235343762643365323330
35383939363534616161313130656130383764663665303030613839633661313933 62383933623461383437633631633761616633653430326636393635666533373339336266383338
64316361656330306233343330613335373164656138353964646535323762323835333265636435
37376338653238333863383664373064323331363334353765636265663334363739363363636463
30656331366463353639383065363234653661346330346131353838626362373634353661326163
63623762383639633264353466323837383434653536343931653231656535343064

View file

@ -16,40 +16,18 @@
with_items: with_items:
- "{{ docker_volumes_dir }}/traefik" - "{{ docker_volumes_dir }}/traefik"
#- name: "Ensure Pretix has access to its files" - name: "Template Config for Pretix"
# ansible.builtin.file: ansible.builtin.template:
# path: "{{ item }}" src: "{{ item }}.j2"
# state: file dest: "{{ docker_volumes_dir }}/traefik/{{ item }}"
# owner: 15371 force: true
# group: 15371 owner: 0
# mode: '0600' group: 0
# with_items: mode: '0640'
# - "{{ docker_volumes_dir }}/pretix/data/.secret" with_items:
- traefik.yml
#- name: "Template .env files for Pretix" - traefik_dynamic.yml
# ansible.builtin.template: notify: restart-traefik-docker
# src: "{{ item }}.j2"
# dest: "{{ docker_volumes_dir }}/pretix/{{ item }}"
# force: true
# owner: root
# group: root
# mode: '0660'
# with_items:
# - pretix.env
# - pretix-db.env
# notify: restart-pretix-docker
#- name: "Template Config for Pretix"
# ansible.builtin.template:
# src: "{{ item }}.j2"
# dest: "{{ docker_volumes_dir }}/pretix/conf/{{ item }}"
# force: true
# owner: 15371
# group: 15371
# mode: '0640'
# with_items:
# - pretix.cfg
# notify: restart-pretix-docker
- name: "Template systemd unit files for Traefik" - name: "Template systemd unit files for Traefik"
ansible.builtin.template: ansible.builtin.template:

View file

@ -6,8 +6,8 @@ Requires=docker.service
[Service] [Service]
ExecStartPre=-/usr/bin/docker rm --force {{ traefik_container_name }} ExecStartPre=-/usr/bin/docker rm --force {{ traefik_container_name }}
ExecStart=/usr/bin/docker run --rm --name {{ traefik_container_name }} \ ExecStart=/usr/bin/docker run --rm --name {{ traefik_container_name }} \
-v /var/run/docker.sock:/var/run/docker.sock -v {{ docker_volumes_dir }}/traefik/traefik.toml:/traefik.toml \ -v /var/run/docker.sock:/var/run/docker.sock -v {{ docker_volumes_dir }}/traefik/traefik.yml:/traefik.yml \
-v {{ docker_volumes_dir }}/traefik/traefik_dynamic.toml:/traefik_dynamic.toml -v {{ docker_volumes_dir }}/traefik/letsencrypt/:/letsencrypt \ -v {{ docker_volumes_dir }}/traefik/traefik_dynamic.yml:/traefik_dynamic.yml -v {{ docker_volumes_dir }}/traefik/letsencrypt/:/letsencrypt \
-p 80:80 -p 443:443 -p 8448:8448 --network traefik traefik:v2.10.5 -p 80:80 -p 443:443 -p 8448:8448 --network traefik traefik:v2.10.5
ExecStop=/usr/bin/docker stop {{ traefik_container_name }} ExecStop=/usr/bin/docker stop {{ traefik_container_name }}
Restart=always Restart=always

View file

@ -0,0 +1,44 @@
entryPoints:
web:
address: ":80"
http:
redirections:
entryPoint:
to: "websecure"
scheme: "https"
websecure:
address: ":443"
http:
tls:
certResolver: "letsencrypt"
matrixfederation:
address: ":8448"
http:
tls:
certResolver: "letsencrypt"
api:
dashboard: true
#insecure: true
certificatesResolvers:
letsencrypt:
acme:
email: "{{ letsencrypt_email }}"
storage: "/letsencrypt/acme.json"
#caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
tlsChallenge:
providers:
docker:
watch: true
network: "traefik"
exposedByDefault: false
file:
filename: "traefik_dynamic.yml"
log:
level: "INFO"

View file

@ -0,0 +1,15 @@
http:
middlewares:
simpleAuthTraefikDashboard:
basicAuth:
users:
{% for item in traefik_basic_auth_users %} - "{{ item }}"{% endfor %}
routers:
api:
rule: "Host(`{{ traefik_dashboard_hostname }}`)"
entrypoints:
- "websecure"
middlewares:
- "simpleAuthTraefikDashboard"
service: "api@internal"