From eb1491863e706c77e1053caef97907adce0df118 Mon Sep 17 00:00:00 2001 From: josiah Date: Mon, 4 May 2020 17:46:44 -0500 Subject: [PATCH] Fuck around with a test traefik role. --- ansible/roles/test/tasks/main.yml | 2 +- ansible/roles/test/templates/test-compose.yml | 69 +++++-------------- ansible/roles/test/templates/traefik.toml | 40 ----------- ansible/roles/test/templates/traefik.yml | 22 +++--- 4 files changed, 29 insertions(+), 104 deletions(-) delete mode 100644 ansible/roles/test/templates/traefik.toml diff --git a/ansible/roles/test/tasks/main.yml b/ansible/roles/test/tasks/main.yml index 489b924..f4a9443 100644 --- a/ansible/roles/test/tasks/main.yml +++ b/ansible/roles/test/tasks/main.yml @@ -7,7 +7,7 @@ with_items: - {src: 'test-compose.yml', dest: '/home/josiah/apps/test/docker-compose.yml'} - {src: 'traefik.yml', dest: '/home/josiah/apps/test/traefik.yml'} - - {src: 'traefik.toml', dest: '/home/josiah/apps/test/traefik.toml'} + # - {src: 'traefik.toml', dest: '/home/josiah/apps/test/traefik.toml'} - name: Deploy awful stack docker_stack: diff --git a/ansible/roles/test/templates/test-compose.yml b/ansible/roles/test/templates/test-compose.yml index 76ed19d..bebbc29 100644 --- a/ansible/roles/test/templates/test-compose.yml +++ b/ansible/roles/test/templates/test-compose.yml @@ -1,61 +1,26 @@ -version: '3.3' +version: "3.3" -networks: - gitea: - external: false - -volumes: - traefik_acme: - traefik_logs: - services: + traefik: - image: traefik:v2.2 + image: "traefik:v2.2" + container_name: "traefik" + ports: + - "80:80" + - "443:443" + - "8080:8080" environment: DO_AUTH_TOKEN: "{{ DO_AUTH_TOKEN }}" - ports: - - 80:80/tcp - - 443:443/tcp - - 8080:8080/tcp volumes: - - traefik_acme:/acme - - traefik_logs:/log - - /var/run/docker.sock:/var/run/docker.sock - - /home/josiah/apps/test/traefik.toml:/etc/traefik/traefik.toml - deploy: - mode: global - placement: - constraints: - - node.role == manager - labels: - - "traefik.enable=true" + - "/home/josiah/apps/test/letsencrypt/:/letsencrypt" + - "/var/run/docker.sock:/var/run/docker.sock:ro" + - "/home/josiah/apps/test/traefik.yml:/etc/traefik/traefik.yml" - # Dashboard - - "traefik.http.routers.awfulAll-traefik-api.rule=Host(`awful-1.awful.club`)&&(PathPrefix(`/dashboard`)" - - "traefik.http.routers.awfulAll-traefik-api.service=api@internal" - - "traefik.http.routers.awfulAll-traefik-api.entryPoint=https" - - "traefik.http.routers.awfulAll-traefik-api.tls.certresolver=awfulAll-resolver" - - "traefik.http.routers.awfulAll-traefik-api.tls=true" - - awfulAll-whoami: - image: containous/whoami:latest - + whoami: + image: "containous/whoami" + container_name: "simple-service" labels: - "traefik.enable=true" - - "traefik.http.routers.awfulAll-whoami.rule=Host(`whoami.awful.club`)" - - "traefik.http.routers.awfulAll-whoami.service=awfulAll-whoami" - - "traefik.http.routers.awfulAll-whoami.entryPoint=https" - - "traefik.http.routers.awfulAll-whoami.tls.certresolver=awfulAll-resolver" - - "traefik.http.routers.awfulAll-whoami.tls=true" - - # root-handlers: - # image: nginx:1.18 - # labels: - # - "traefik.enable=true" - # - "traefik.http.routers.awfulAll-whoami.rule=Host(`whoami.awful.club`)" - # - "traefik.http.routers.awfulAll-whoami.service=awfulAll-whoami" - # - "traefik.http.routers.awfulAll-whoami.entryPoints=https" - # - "traefik.http.routers.awfulAll-whoami.tls.certresolver=awfulAll-resolver" - # # - "traefik.http.services.awfulAll-whoami.loadbalancer.server.port=443" - # volumes: - # - /home/josiah/apps/nginx:/etc/nginx/conf.d + - "traefik.http.routers.whoami.rule=Host(`whoami.awful.club`)" + - "traefik.http.routers.whoami.entrypoints=websecure" + - "traefik.http.routers.whoami.tls.certresolver=awful-letsencrypt" diff --git a/ansible/roles/test/templates/traefik.toml b/ansible/roles/test/templates/traefik.toml deleted file mode 100644 index c8303aa..0000000 --- a/ansible/roles/test/templates/traefik.toml +++ /dev/null @@ -1,40 +0,0 @@ -# defaultEntryPoints must be at the top -# because it should not be in any table below - -defaultEntryPoints = ["http", "https"] - -[log] - level = "DEBUG" - -[api] - dashboard = true - insecure = false - -[entryPoints] - [entryPoints.http] - address = ":80" - [entryPoints.https] - address = ":443" - -[http.middlewares] - [http.middlewares.awfulAll-https-redir.redirectScheme] - scheme = "https" - permanent = true - -[certificatesResolvers.awfulAll-resolver.acme] - storage = "/acme/acme.json" - email = "me@jowj.net" - caServer = "https://acme-staging-v02.api.letsencrypt.org/directory" - - [certificatesResolvers.awfulAll-resolver.acme.dnsChallenge] - provider = "digitalocean" - - -[providers.docker] - -[docker] - endpoint = "unix:///var/run/docker.sock" - watch = true - exposedbydefault = false - - diff --git a/ansible/roles/test/templates/traefik.yml b/ansible/roles/test/templates/traefik.yml index 117427a..d54abe5 100644 --- a/ansible/roles/test/templates/traefik.yml +++ b/ansible/roles/test/templates/traefik.yml @@ -6,34 +6,34 @@ global: checkNewVersion: true sendAnonymousUsage: true api: - dashboard: true + dashboard: false debug: true insecure: false entryPoints: ssh: address: ":22" - http: + web: address: ":80" - https: + websecure: address: ":443" providers: docker: watch: true - swarmMode: true + swarmMode: false endpoint: "unix:///var/run/docker.sock" exposedbydefault: false certificatesResolvers: - letsencrypt: + awful-letsencrypt: acme: email: "me@jowj.net" - storage: "/acme/acme.json" - caServer: "https://acme-staging-v02.api.letsencrypt.org/directory" + storage: "/letsencrypt/acme.json" + # caServer: "https://acme-staging-v02.api.letsencrypt.org/directory" dnsChallenge: provider: "digitalocean" log: - # filePath: "/log/traefik.log" + filePath: "/log/traefik.log" level: DEBUG -# accessLog: -# filePath: "/log/access.log" -# bufferingSize: 100 +accessLog: + filePath: "/log/access.log" + bufferingSize: 100