diff --git a/ansible/roles/awfulAll/tasks/main.yml b/ansible/roles/awfulAll/tasks/main.yml
index 69f9dcc..85c9533 100644
--- a/ansible/roles/awfulAll/tasks/main.yml
+++ b/ansible/roles/awfulAll/tasks/main.yml
@@ -62,13 +62,15 @@
# dest: /home/josiah/apps/znc/
# version: master
-- name: copy over awful-All compose file
+- name: copy over awful-All config files
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0777
with_items:
- {src: 'awful-compose.yml', dest: '/home/josiah/apps/awful/docker-compose.yml'}
+ - {src: 'traefik.yml', dest: '/home/josiah/apps/awful/traefik.yml'}
+ - {src: 'awful.club.html', dest: '/home/josiah/apps/awful/awful.club.html'}
- name: Deploy awful stack
docker_stack:
diff --git a/ansible/roles/awfulAll/templates/awful-compose.yml b/ansible/roles/awfulAll/templates/awful-compose.yml
index a113e96..6c200d8 100644
--- a/ansible/roles/awfulAll/templates/awful-compose.yml
+++ b/ansible/roles/awfulAll/templates/awful-compose.yml
@@ -8,167 +8,43 @@ volumes:
nextcloud:
db:
traefik_acme:
- traefik_logs:
+ traefik_logs:
+ nginx_logs:
-services:
+services:
+
traefik:
- image: traefik
- networks:
- - pubnet
- command: --web --docker --docker.swarmmode --docker.watch --logLevel=DEBUG
+ image: "traefik:v2.2"
ports:
- - 80:80
- - 443:443
- - 5000:5000
- volumes:
- - traefik_acme:/acme/
- - traefik_logs:/var/log/access.log
- - /var/run/docker.sock:/var/run/docker.sock
- - /home/josiah/apps/traefik/traefik.toml:/traefik.toml
- deploy:
- mode: global
- placement:
- constraints:
- - node.role == manager
- labels:
- - "traefik.enable=true"
- - "traefik.http.routers.awfulAll-traefik-api.rule=Host(`awful-1.awful.club`)&&(PathPrefix(`/api`)||PathPrefix(`/dashboard`)||PathPrefix(`/debug`))"
- - "traefik.http.routers.awfulAll-traefik-api.service=api@internal"
- - "traefik.http.routers.awfulAll-traefik-api.entrypoints=http"
-
- whoami:
- image: containous/whoami:latest
- networks:
- - pubnet
- labels:
- - "traefik.enable=true"
- - "traefik.http.routers.awfulAll-whoami.rule=Host(`awful-1.awful.club`) && PathPrefix(`/whoami`)"
- - "traefik.http.routers.awfulAll-whoami.service=awfulAll-whoami"
- - "traefik.http.services.awfulAll-whoami.loadbalancer.server.port=80"
-
- mojo-web:
- build:
- context: /home/josiah/apps/mojo/mojo-web/
- dockerfile: Dockerfile
- image: mojo-web
+ - "80:80"
+ - "443:443"
+ - "222:222"
+ - "8080:8080"
environment:
- SLACK_BOT_TOKEN: {{ slack_bot_token }}
+ DO_AUTH_TOKEN: "{{ DO_AUTH_TOKEN }}"
volumes:
- - /mnt/volume_sfo2_znc/:/shared/
+ - "/home/josiah/apps/awful/letsencrypt/:/letsencrypt"
+ - "/var/run/docker.sock:/var/run/docker.sock:ro"
+ - "/home/josiah/apps/test/traefik.yml:/etc/traefik/traefik.yml"
+ - traefik_logs:/log
- mojo-rtm:
- build:
- context: /home/josiah/apps/mojo/mojo-rtm/
- dockerfile: Dockerfile
- image: mojo-rtm
- environment:
- SLACK_BOT_TOKEN: {{ slack_bot_token }}
- volumes:
- - /mnt/volume_sfo2_znc/:/shared/
- labels:
- - "traefik.enable=true"
- - "traefik.http.services.awfulAll-mojo-rtm.loadbalancer.server.port=443"
- - "traefik.http.routers.awfulAll-mojo-rtm.service=awfulAll-mojo-rtm"
- - "traefik.http.routers.awfulAll-mojo-rtm.rule=Host(`slack.awful.club`)"
-
- arke:
- build:
- context: /home/josiah/apps/arke/
- dockerfile: Dockerfile
- image: arke
- volumes:
- - /mnt/volume_sfo2_znc/:/shared/
-
- znc:
- build:
- context: /home/josiah/apps/znc/
- dockerfile: Dockerfile
- image: znc
- ports:
- - 5000:5000
- volumes:
- - /mnt/volume_sfo2_znc/:/znc-data
+ whoami:
+ image: "containous/whoami"
labels:
- "traefik.enable=true"
- - "traefik.http.services.awfulAll-mojo-rtm.loadbalancer.server.port=5000"
- - "traefik.http.routers.awfulAll-mojo-rtm.service=awfulAll-znc"
- - "traefik.http.routers.awfulAll-mojo-rtm.rule=Host(`bouncer.awful.club`)"
+ - "traefik.http.routers.whoami.rule=Host(`whoami.awful.club`)"
+ - "traefik.http.routers.whoami.entrypoints=websecure"
+ - "traefik.http.routers.whoami.tls.certresolver=awful-letsencrypt"
- gitea-server:
- image: gitea/gitea:latest
- environment:
- - USER_UID=1000
- - USER_GID=1000
- - DB_TYPE=postgres
- - DB_HOST=db:5432
- - DB_NAME={{ GITEA_DB_NAME }}
- - DB_USER={{ GITEA_DB_USER }}
- - DB_PASSWD={{ GITEA_DB_PASSWD }}
- restart: always
- networks:
- - gitea
+ nginx:
+ image: nginx:1.17.10
volumes:
- - /mnt/volume_sfo2_01/gitea:/data
- ports:
- - "3000:3000"
- - "222:22"
- depends_on:
- - db
+ - /etc/nginx/:/etc/nginx/
+ - /etc/letsencrypt/:/etc/letsencrypt/
+ - /home/josiah/apps/awful/awful.club.html:/var/www/awful.club/html/index.html
+ - nginx_logs:/log
labels:
- "traefik.enable=true"
- - "traefik.services.awfulAll-gitea.port=222"
- - "traefik.http.services.awfulAll-gitea.loadbalancer.server.port=3000"
- - "traefik.http.routers.awfulAll-gitea.service=awfulAll-znc"
- - "traefik.http.routers.awfulAll-gitea.rule=Host(`git.awful.club`)"
-
- gitea-db:
- image: postgres:9.6
- restart: always
- environment:
- - POSTGRES_USER={{ GITEA_POSTGRES_USER }}
- - POSTGRES_PASSWORD={{ GITEA_POSTGRES_USER }}
- - POSTGRES_DB={{ GITEA_POSTGRES_USER }}
- networks:
- - gitea
- volumes:
- - /mnt/volume_sfo2_01/psql:/var/lib/postgresql/data
-
- nextcloud-db:
- image: postgres:9.6
- ports:
- - 5432:5432
- restart: always
- volumes:
- - /mnt/shared_document_store/nextcloud/sql:/var/lib/postgresql
- environment:
- - USER_UID=1000
- - USER_GID=1000
- - POSTGRES_ROOT_PASSWORD={{ NEXTCLOUD_POSTGRES_ROOT_PASSWORD }}
- - POSTGRES_PASSWORD={{ NEXTCLOUD_POSTGRES_PASSWORD }}
- - POSTGRES_DB={{ NEXTCLOUD_POSTGRES_DATABASE }}
- - POSTGRES_USER={{ NEXTCLOUD_POSTGRES_USER }}
- - POSTGRES_HOST={{ NEXTCLOUD_POSTGRES_HOST }}
- - NEXTCLOUD_ADMIN_USER={{ NEXTCLOUD_ADMIN_USER }}
- - NEXTCLOUD_ADMIN_PASSWORD={{ NEXTCLOUD_ADMIN_PASSWORD }}
-
- nextcloud-app:
- image: nextcloud:18
- ports:
- - 8080:80
- links:
- - nextcloud-db
- volumes:
- - /mnt/shared_document_store/nextcloud/html/:/var/www/html/
- depends_on:
- - nextcloud-db
- environment:
- - USER_UID=1000
- - USER_GID=1000
- - POSTGRES_ROOT_PASSWORD={{ NEXTCLOUD_POSTGRES_ROOT_PASSWORD }}
- - POSTGRES_PASSWORD={{ NEXTCLOUD_POSTGRES_PASSWORD }}
- - POSTGRES_DB={{ NEXTCLOUD_POSTGRES_DATABASE }}
- - POSTGRES_USER={{ NEXTCLOUD_POSTGRES_USER }}
- - POSTGRES_HOST={{ NEXTCLOUD_POSTGRES_HOST }}
- - NEXTCLOUD_ADMIN_USER={{ NEXTCLOUD_ADMIN_USER }}
- - NEXTCLOUD_ADMIN_PASSWORD={{ NEXTCLOUD_ADMIN_PASSWORD }}
-
+ - "traefik.http.routers.nginx.rule=Host(`awful.club`)||Host(`jowj.net`)"
+ - "traefik.http.routers.nginx.entrypoints=websecure"
+ - "traefik.http.routers.nginx.tls.certresolver=awful-letsencrypt"
diff --git a/ansible/roles/awfulAll/templates/awful.club.html b/ansible/roles/awfulAll/templates/awful.club.html
new file mode 100644
index 0000000..ecdba0c
--- /dev/null
+++ b/ansible/roles/awfulAll/templates/awful.club.html
@@ -0,0 +1,9 @@
+
+
+ welcome to awful.club
+
+
+ Success! The awful.club server block is working!
+ you made it past the traefik config to the nginx config
+
+
diff --git a/ansible/roles/awfulAll/templates/traefik.yml b/ansible/roles/awfulAll/templates/traefik.yml
new file mode 100644
index 0000000..5c562d2
--- /dev/null
+++ b/ansible/roles/awfulAll/templates/traefik.yml
@@ -0,0 +1,39 @@
+# defaultEntryPoints must be at the top
+# because it should not be in any table below
+defaultEntryPoints: ["http", "https"]
+
+global:
+ checkNewVersion: true
+ sendAnonymousUsage: true
+api:
+ dashboard: false
+ debug: true
+ insecure: false
+entryPoints:
+ ssh:
+ address: ":22"
+ web:
+ address: ":80"
+ websecure:
+ address: ":443"
+
+providers:
+ docker:
+ watch: true
+ swarmMode: false
+ endpoint: "unix:///var/run/docker.sock"
+ exposedbydefault: false
+certificatesResolvers:
+ awful-letsencrypt:
+ acme:
+ email: "me@jowj.net"
+ storage: "/letsencrypt/acme.json"
+ # caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
+ dnsChallenge:
+ provider: "digitalocean"
+log:
+ filePath: "/log/traefik.log"
+ level: DEBUG
+accessLog:
+ filePath: "/log/access.log"
+ bufferingSize: 100