Compare commits
3 Commits
b80109f7e1
...
a64a9fdaff
Author | SHA1 | Date | |
---|---|---|---|
a64a9fdaff | |||
534a7813ec | |||
ad40d77b64 |
@ -76,7 +76,7 @@
|
|||||||
mode: 0777
|
mode: 0777
|
||||||
with_items:
|
with_items:
|
||||||
- {src: 'mediaserver-compose.yml', dest: '/home/josiah/apps/mediaserver/mediaserver-compose.yml'}
|
- {src: 'mediaserver-compose.yml', dest: '/home/josiah/apps/mediaserver/mediaserver-compose.yml'}
|
||||||
- {src: 'traefik.toml', dest: '/home/josiah/apps/traefik/traefik.toml'}
|
- {src: 'traefik.yml.j2', dest: '/home/josiah/apps/traefik/traefik.yml'}
|
||||||
|
|
||||||
- name: Ensure acme.json exists
|
- name: Ensure acme.json exists
|
||||||
copy:
|
copy:
|
||||||
|
@ -2,19 +2,19 @@
|
|||||||
version: '3.7'
|
version: '3.7'
|
||||||
services:
|
services:
|
||||||
traefik:
|
traefik:
|
||||||
image: traefik
|
image: traefik:2.5
|
||||||
networks:
|
networks:
|
||||||
- pubnet
|
- pubnet
|
||||||
command: --web --docker --docker.swarmmode --docker.watch --docker.domain="hatchery.home.jowj.net" --logLevel=DEBUG
|
command: --web --docker --docker.swarmmode --docker.watch --docker.domain="services.jowj.net" --logLevel=DEBUG /etc/traefik/
|
||||||
ports:
|
ports:
|
||||||
- 80:80
|
- 80:80/tcp
|
||||||
- 443:443
|
- 443:443/tcp
|
||||||
- 8080:8080
|
- 8080:8080/tcp
|
||||||
volumes:
|
volumes:
|
||||||
- /home/josiah/apps/traefik/acme.json:/acme.json
|
- /home/josiah/apps/traefik/acme.json:/acme.json
|
||||||
- traefik_logs:/var/log/access.log
|
- traefik_logs:/var/log/access.log
|
||||||
- /var/run/docker.sock:/var/run/docker.sock
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
- /home/josiah/apps/traefik/traefik.toml:/traefik.toml
|
- /home/josiah/apps/traefik/traefik.yml:/traefik.yml
|
||||||
deploy:
|
deploy:
|
||||||
mode: global
|
mode: global
|
||||||
placement:
|
placement:
|
||||||
@ -23,7 +23,9 @@ services:
|
|||||||
environment:
|
environment:
|
||||||
DO_AUTH_TOKEN: "{{ DO_AUTH_TOKEN }}"
|
DO_AUTH_TOKEN: "{{ DO_AUTH_TOKEN }}"
|
||||||
labels:
|
labels:
|
||||||
# dashboards
|
# Dashboard shit I stole from Micah:
|
||||||
|
# WARNING: A TRAILING SLASH IS MANDATORY IN THE BROWSER
|
||||||
|
# e.g. https://example.com/dashboard/, not merely /dashboard
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.http.routers.mediaserver-traefik-api.tls.certResolver=mediaserver-resolver"
|
- "traefik.http.routers.mediaserver-traefik-api.tls.certResolver=mediaserver-resolver"
|
||||||
- "traefik.http.routers.mediaserver-traefik-api.rule=Host(`hatchery.home.jowj.net`)&&(PathPrefix(`/api`)||PathPrefix(`/dashboard`)||PathPrefix(`/debug`))"
|
- "traefik.http.routers.mediaserver-traefik-api.rule=Host(`hatchery.home.jowj.net`)&&(PathPrefix(`/api`)||PathPrefix(`/dashboard`)||PathPrefix(`/debug`))"
|
||||||
@ -154,7 +156,8 @@ services:
|
|||||||
- "traefik.http.routers.mediaserver-whoami.service=mediaserver-whoami"
|
- "traefik.http.routers.mediaserver-whoami.service=mediaserver-whoami"
|
||||||
- "traefik.http.services.mediaserver-whoami.loadbalancer.server.port=80"
|
- "traefik.http.services.mediaserver-whoami.loadbalancer.server.port=80"
|
||||||
- "traefik.http.routers.mediaserver-whoami.tls.certResolver=mediaserver-resolver"
|
- "traefik.http.routers.mediaserver-whoami.tls.certResolver=mediaserver-resolver"
|
||||||
- "traefik.http.routers.mediaserver-whoami.tls=true"
|
- "traefik.http.routers.mediaserver-whoami.tls=true"
|
||||||
|
|
||||||
watchtower:
|
watchtower:
|
||||||
# https://hub.docker.com/r/centurylink/watchtower/
|
# https://hub.docker.com/r/centurylink/watchtower/
|
||||||
image: v2tec/watchtower:latest
|
image: v2tec/watchtower:latest
|
||||||
@ -167,18 +170,16 @@ services:
|
|||||||
- pubnet
|
- pubnet
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.http.routers.mediaserver-watchtower.rule=Host(`hatchery.home.jowj.net`) && PathPrefix(`/watchtower`)"
|
- "traefik.http.routers.mediaserver-watchtower.rule=Host(`watchtower.services.jowj.net`)"
|
||||||
- "traefik.http.routers.mediaserver-watchtower.service=mediaserver-watchtower"
|
- "traefik.http.routers.mediaserver-watchtower.service=mediaserver-watchtower"
|
||||||
- "traefik.http.services.mediaserver-watchtower.loadbalancer.server.port=80"
|
- "traefik.http.services.mediaserver-watchtower.loadbalancer.server.port=80"
|
||||||
- "traefik.http.routers.mediaserver-watchtower.tls.certResolver=mediaserver-resolver"
|
- "traefik.http.routers.mediaserver-watchtower.tls.certResolver=mediaserver-resolver"
|
||||||
- "traefik.http.routers.mediaserver-watchtower.tls=true"
|
- "traefik.http.routers.mediaserver-watchtower.tls=true"
|
||||||
|
|
||||||
tubesync:
|
tubesync:
|
||||||
image: ghcr.io/meeb/tubesync:latest
|
image: ghcr.io/meeb/tubesync:v0.9.1
|
||||||
container_name: tubesync
|
container_name: tubesync
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
ports:
|
|
||||||
- 4848:4848
|
|
||||||
networks:
|
networks:
|
||||||
- pubnet
|
- pubnet
|
||||||
environment:
|
environment:
|
||||||
@ -190,11 +191,11 @@ services:
|
|||||||
- "/home/josiah/Downloads/tubesync-downloads/:/downloads"
|
- "/home/josiah/Downloads/tubesync-downloads/:/downloads"
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=true"
|
- "traefik.enable=true"
|
||||||
- "traefik.http.services.mediaserver-tubesync.loadbalancer.server.port=4848"
|
- "traefik.http.services.mediaserver-tubesync.loadbalancer.server.port=8080"
|
||||||
- "traefik.http.routers.mediaserver-tubesync.service=mediaserver-tubesync"
|
- "traefik.http.routers.mediaserver-tubesync.service=mediaserver-tubesync"
|
||||||
- "traefik.http.routers.mediaserver-tubesync.rule=Host(`hatchery.home.jowj.net`) && PathPrefix(`/tubesync`)"
|
- "traefik.http.routers.mediaserver-tubesync.rule=Host(`tubesync.services.jowj.net`)"
|
||||||
- "traefik.http.routers.mediaserver-tubesync.tls.certResolver=mediaserver-resolver"
|
- "traefik.http.routers.mediaserver-tubesync.tls.certResolver=mediaserver-resolver"
|
||||||
- "traefik.http.routers.mediaserver-tubesync.tls=true"
|
- "traefik.http.routers.mediaserver-tubesync.tls=true"
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
traefik_acme:
|
traefik_acme:
|
||||||
|
@ -1,36 +0,0 @@
|
|||||||
# defaultEntryPoints must be at the top
|
|
||||||
# because it should not be in any table below
|
|
||||||
|
|
||||||
defaultEntryPoints = ["http", "https"]
|
|
||||||
|
|
||||||
[log]
|
|
||||||
level = "DEBUG"
|
|
||||||
|
|
||||||
[api]
|
|
||||||
dashboard = true
|
|
||||||
|
|
||||||
[entryPoints]
|
|
||||||
[entryPoints.http]
|
|
||||||
address = ":80"
|
|
||||||
[entryPoints.https]
|
|
||||||
address = ":443"
|
|
||||||
|
|
||||||
[http.middlewares]
|
|
||||||
[http.middlewares.mediaserver-https-redir.redirectScheme]
|
|
||||||
scheme = "https"
|
|
||||||
permanent = true
|
|
||||||
|
|
||||||
[certificatesResolvers.mediaserver-resolver.acme]
|
|
||||||
storage = "/acme.json"
|
|
||||||
email = "admin@home.jowj.net"
|
|
||||||
[certificatesResolvers.mediaserver-resolver.acme.dnsChallenge]
|
|
||||||
provider = "digitalocean"
|
|
||||||
delayBeforeCheck = 0
|
|
||||||
|
|
||||||
[providers.docker]
|
|
||||||
|
|
||||||
[docker]
|
|
||||||
endpoint = "unix:///var/run/docker.sock"
|
|
||||||
domain = "hatchery.home.jowj.net"
|
|
||||||
watch = true
|
|
||||||
exposedbydefault = false
|
|
49
ansible/roles/mediaserver/templates/traefik.yml.j2
Normal file
49
ansible/roles/mediaserver/templates/traefik.yml.j2
Normal file
@ -0,0 +1,49 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
# defaultEntryPoints must be at the top
|
||||||
|
defaultEntryPoints:
|
||||||
|
- http
|
||||||
|
- https
|
||||||
|
|
||||||
|
log:
|
||||||
|
level: DEBUG
|
||||||
|
format: common
|
||||||
|
accessLog:
|
||||||
|
format: common
|
||||||
|
|
||||||
|
api:
|
||||||
|
dashboard: true
|
||||||
|
|
||||||
|
entryPoints:
|
||||||
|
http:
|
||||||
|
address: ":80"
|
||||||
|
https:
|
||||||
|
address: ":443"
|
||||||
|
|
||||||
|
http:
|
||||||
|
middlewares:
|
||||||
|
mediaserver-https-redir:
|
||||||
|
redirectScheme:
|
||||||
|
scheme: https
|
||||||
|
permanent: true
|
||||||
|
|
||||||
|
certificatesResolvers:
|
||||||
|
mediaserver-resolver:
|
||||||
|
acme:
|
||||||
|
storage: /acme.json
|
||||||
|
email: "admin@home.jowj.net"
|
||||||
|
dnsChallenge:
|
||||||
|
provider: "digitalocean"
|
||||||
|
|
||||||
|
providers:
|
||||||
|
docker: {}
|
||||||
|
|
||||||
|
docker:
|
||||||
|
endpoint: unix:///var/run/docker.sock
|
||||||
|
domain: "services.jowj.net"
|
||||||
|
watch: true
|
||||||
|
exposedbydefault: false
|
||||||
|
|
||||||
|
# smh https://github.com/traefik/traefik/issues/7360
|
||||||
|
pilot:
|
||||||
|
dashboard: false
|
Loading…
Reference in New Issue
Block a user