From 6283f5db0c9bbc8de50ea10ffbec60b3056c92c0 Mon Sep 17 00:00:00 2001 From: josiah Date: Sun, 3 May 2020 12:30:03 -0500 Subject: [PATCH] WIP: broken, doesn't work. --- ansible/roles/test/tasks/main.yml | 7 +-- ansible/roles/test/templates/test-compose.yml | 51 ++++++++++++------- ansible/roles/test/templates/traefik.toml | 15 ++++-- ansible/roles/test/templates/traefik.yml | 39 ++++++++++++++ 4 files changed, 87 insertions(+), 25 deletions(-) create mode 100644 ansible/roles/test/templates/traefik.yml diff --git a/ansible/roles/test/tasks/main.yml b/ansible/roles/test/tasks/main.yml index 2126a1e..489b924 100644 --- a/ansible/roles/test/tasks/main.yml +++ b/ansible/roles/test/tasks/main.yml @@ -5,12 +5,13 @@ dest: "{{ item.dest }}" mode: 0777 with_items: - - {src: 'test-compose.yml', dest: '/home/josiah/apps/traefik/docker-compose.yml'} - - {src: 'traefik.toml', dest: '/home/josiah/apps/traefik/traefik.toml'} + - {src: 'test-compose.yml', dest: '/home/josiah/apps/test/docker-compose.yml'} + - {src: 'traefik.yml', dest: '/home/josiah/apps/test/traefik.yml'} + - {src: 'traefik.toml', dest: '/home/josiah/apps/test/traefik.toml'} - name: Deploy awful stack docker_stack: state: present name: test compose: - - /home/josiah/apps/awful/docker-compose.yml + - /home/josiah/apps/test/docker-compose.yml diff --git a/ansible/roles/test/templates/test-compose.yml b/ansible/roles/test/templates/test-compose.yml index fadde7a..76ed19d 100644 --- a/ansible/roles/test/templates/test-compose.yml +++ b/ansible/roles/test/templates/test-compose.yml @@ -1,9 +1,8 @@ -version: '3' +version: '3.3' networks: gitea: external: false - pubnet: volumes: traefik_acme: @@ -12,35 +11,51 @@ volumes: services: traefik: image: traefik:v2.2 - networks: - - pubnet - command: --web --docker --docker.swarmmode --docker.watch --logLevel=DEBUG + environment: + DO_AUTH_TOKEN: "{{ DO_AUTH_TOKEN }}" ports: - - 80:80 - - 443:443 - - 5000:5000 + - 80:80/tcp + - 443:443/tcp + - 8080:8080/tcp volumes: - - traefik_acme:/acme/ - - traefik_logs:/var/log/access.log + - traefik_acme:/acme + - traefik_logs:/log - /var/run/docker.sock:/var/run/docker.sock - - /home/josiah/apps/traefik/traefik.toml:/traefik.toml + - /home/josiah/apps/test/traefik.toml:/etc/traefik/traefik.toml deploy: mode: global placement: constraints: - node.role == manager labels: - - "traefik.enable=true" - - "traefik.http.routers.awfulAll-traefik-api.rule=Host(`awful-1.awful.club`)&&(PathPrefix(`/api`)||PathPrefix(`/dashboard`)||PathPrefix(`/debug`))" + - "traefik.enable=true" + + # Dashboard + - "traefik.http.routers.awfulAll-traefik-api.rule=Host(`awful-1.awful.club`)&&(PathPrefix(`/dashboard`)" - "traefik.http.routers.awfulAll-traefik-api.service=api@internal" - - "traefik.http.routers.awfulAll-traefik-api.entrypoints=http" + - "traefik.http.routers.awfulAll-traefik-api.entryPoint=https" + - "traefik.http.routers.awfulAll-traefik-api.tls.certresolver=awfulAll-resolver" + - "traefik.http.routers.awfulAll-traefik-api.tls=true" - whoami: + awfulAll-whoami: image: containous/whoami:latest - networks: - - pubnet + labels: - "traefik.enable=true" - "traefik.http.routers.awfulAll-whoami.rule=Host(`whoami.awful.club`)" - "traefik.http.routers.awfulAll-whoami.service=awfulAll-whoami" - - "traefik.http.services.awfulAll-whoami.loadbalancer.server.port=80" + - "traefik.http.routers.awfulAll-whoami.entryPoint=https" + - "traefik.http.routers.awfulAll-whoami.tls.certresolver=awfulAll-resolver" + - "traefik.http.routers.awfulAll-whoami.tls=true" + + # root-handlers: + # image: nginx:1.18 + # labels: + # - "traefik.enable=true" + # - "traefik.http.routers.awfulAll-whoami.rule=Host(`whoami.awful.club`)" + # - "traefik.http.routers.awfulAll-whoami.service=awfulAll-whoami" + # - "traefik.http.routers.awfulAll-whoami.entryPoints=https" + # - "traefik.http.routers.awfulAll-whoami.tls.certresolver=awfulAll-resolver" + # # - "traefik.http.services.awfulAll-whoami.loadbalancer.server.port=443" + # volumes: + # - /home/josiah/apps/nginx:/etc/nginx/conf.d diff --git a/ansible/roles/test/templates/traefik.toml b/ansible/roles/test/templates/traefik.toml index b23a013..c8303aa 100644 --- a/ansible/roles/test/templates/traefik.toml +++ b/ansible/roles/test/templates/traefik.toml @@ -8,6 +8,7 @@ defaultEntryPoints = ["http", "https"] [api] dashboard = true + insecure = false [entryPoints] [entryPoints.http] @@ -16,13 +17,17 @@ defaultEntryPoints = ["http", "https"] address = ":443" [http.middlewares] - [http.middlewares.mediaserver-https-redir.redirectScheme] + [http.middlewares.awfulAll-https-redir.redirectScheme] scheme = "https" permanent = true -[certificatesResolvers.mediaserver-resolver.acme] - storage = "/acme.json" - email = "" +[certificatesResolvers.awfulAll-resolver.acme] + storage = "/acme/acme.json" + email = "me@jowj.net" + caServer = "https://acme-staging-v02.api.letsencrypt.org/directory" + + [certificatesResolvers.awfulAll-resolver.acme.dnsChallenge] + provider = "digitalocean" [providers.docker] @@ -31,3 +36,5 @@ defaultEntryPoints = ["http", "https"] endpoint = "unix:///var/run/docker.sock" watch = true exposedbydefault = false + + diff --git a/ansible/roles/test/templates/traefik.yml b/ansible/roles/test/templates/traefik.yml new file mode 100644 index 0000000..117427a --- /dev/null +++ b/ansible/roles/test/templates/traefik.yml @@ -0,0 +1,39 @@ +# defaultEntryPoints must be at the top +# because it should not be in any table below +defaultEntryPoints: ["http", "https"] + +global: + checkNewVersion: true + sendAnonymousUsage: true +api: + dashboard: true + debug: true + insecure: false +entryPoints: + ssh: + address: ":22" + http: + address: ":80" + https: + address: ":443" + +providers: + docker: + watch: true + swarmMode: true + endpoint: "unix:///var/run/docker.sock" + exposedbydefault: false +certificatesResolvers: + letsencrypt: + acme: + email: "me@jowj.net" + storage: "/acme/acme.json" + caServer: "https://acme-staging-v02.api.letsencrypt.org/directory" + dnsChallenge: + provider: "digitalocean" +log: + # filePath: "/log/traefik.log" + level: DEBUG +# accessLog: +# filePath: "/log/access.log" +# bufferingSize: 100