jotbe/ansible-role-traefik-docker
1
0
Fork 0
Code Issues Pull requests 1 Releases Wiki Activity

Consolidated variable usage and added install path. #1

Open
jsydll wants to merge 1 commit from feature/dict-vars-and-install-paths into master
pull from: feature/dict-vars-and-install-paths
merge into: jotbe:master
Conversation 0 Commits 1 Files changed 5 +67 -64
5 changed files with 67 additions and 64 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit d4be3972d8 - Show all commits

32
README.md
View file

@ -13,22 +13,24 @@ Role Variables
-------------- --------------
``` ```
traefik_install_user: {{ ansible_user }
traefik_install_path: /home/{{ traefik_install_user }}
traefik_letsencrypt_email:
traefik_virtual_host: localhost traefik_virtual_host: localhost
traefik: traefik_expose_internally: True
expose_internally: True traefik_expose_externally: False
expose_externally: False traefik_use_acme_staging: True
use_acme_staging: True traefik_dns_challenge_provider: False
dns_challenge_provider: False # NOT WORKING YET!
# NOT WORKING YET! # Extra mapping, for name -> internal address, like myservice: 'http://otherhost:12345'
# Extra mapping, for name -> internal address, like myservice: 'http://otherhost:12345' #traefik_extra_mapping:
#extra_mapping: # myservice: http://otherhost:12345
# myservice: http://otherhost:12345 # use key:value pairs here to add additional environment variables to your traefik docker image.
# use key:value pairs here to add additional environment variables to your traefik docker image. # for instance, if you're using a dns challenge provider place your api keys etc here.
# for instance, if you're using a dns challenge provider place your api keys etc here. #traefik_additional_env_vars:
#additional_env_vars: # # DUMMY_KEY: DUMMY_VALUE
# # DUMMY_KEY: DUMMY_VALUE # CLOUDFLARE_EMAIL: EMAIL
# CLOUDFLARE_EMAIL: EMAIL # CLOUDFLARE_API_KEY: API_KEY
# CLOUDFLARE_API_KEY: API_KEY
``` ```
License License

33
defaults/main.yml
View file

@ -1,19 +1,20 @@
--- ---
# defaults file for traefik # defaults file for traefik
traefik_install_user: '{{ ansible_user }}' # This user must be present on the host
traefik_install_path: '/home/{{ traefik_install_user }}'
traefik_virtual_host: localhost traefik_virtual_host: localhost
traefik: traefik_expose_internally: True
expose_internally: True traefik_expose_externally: False
expose_externally: False traefik_enable_acme: False
enable_acme: False traefik_use_acme_staging: True
use_acme_staging: True traefik_dns_challenge_provider: False
dns_challenge_provider: False # NOT WORKING YET!
# NOT WORKING YET! # Extra mapping, for name -> internal address, like myservice: 'http://otherhost:12345'
# Extra mapping, for name -> internal address, like myservice: 'http://otherhost:12345' #traefik_extra_mapping:
#extra_mapping: # - myservice: http://otherhost:12345
# myservice: http://otherhost:12345 # use key:value pairs here to add additional environment variables to your traefik docker image.
# use key:value pairs here to add additional environment variables to your traefik docker image. # for instance, if you're using a dns challenge provider place your api keys etc here.
# for instance, if you're using a dns challenge provider place your api keys etc here. #traefik_additional_env_vars:
#additional_env_vars: # # DUMMY_KEY: DUMMY_VALUE
# # DUMMY_KEY: DUMMY_VALUE # CLOUDFLARE_EMAIL: EMAIL
# CLOUDFLARE_EMAIL: EMAIL # CLOUDFLARE_API_KEY: API_KEY
# CLOUDFLARE_API_KEY: API_KEY

36
tasks/main.yml
View file

@ -3,44 +3,44 @@
- name: Ensure traefik config directory exists - name: Ensure traefik config directory exists
file: file:
path: /home/{{ docker_user }}/traefik path: "{{ traefik_install_path }}/traefik"
state: directory state: directory
owner: '{{ docker_user }}' owner: '{{ traefik_install_user }}'
group: '{{ docker_user }}' group: '{{ traefik_install_user }}'
tags: config tags: config
- name: Ensure traefik rules directory exists - name: Ensure traefik rules directory exists
file: file:
path: /home/{{ docker_user }}/traefik/rules path: "{{ traefik_install_path }}/traefik/rules"
state: directory state: directory
owner: '{{ docker_user }}' owner: '{{ traefik_install_user }}'
group: '{{ docker_user }}' group: '{{ traefik_install_user }}'
tags: config tags: config
- name: Provide TLS default options - name: Provide TLS default options
template: template:
src: templates/t2-rules-tls-options.toml.j2 src: templates/t2-rules-tls-options.toml.j2
dest: /home/{{ docker_user }}/traefik/rules/tls-options.toml dest: "{{ traefik_install_path }}/traefik/rules/tls-options.toml"
owner: "{{ docker_user }}" owner: "{{ traefik_install_user }}"
group: "{{ docker_user }}" group: "{{ traefik_install_user }}"
mode: '0644' mode: '0644'
tags: config tags: config
- name: Provide docker-compose.yml - name: Provide docker-compose.yml
template: template:
src: templates/docker-compose.traefik.yml.j2 src: templates/docker-compose.traefik.yml.j2
dest: /home/{{ docker_user }}/traefik/docker-compose.yml dest: "{{ traefik_install_path }}/traefik/docker-compose.yml"
owner: "{{ docker_user }}" owner: "{{ traefik_install_user }}"
group: "{{ docker_user }}" group: "{{ traefik_install_user }}"
mode: '0644' mode: '0644'
tags: config tags: config
- name: Provide traefik.toml - name: Provide traefik.toml
template: template:
src: templates/traefik.toml.j2 src: templates/traefik.toml.j2
dest: /home/{{ docker_user }}/traefik/traefik.toml dest: "{{ traefik_install_path }}/traefik/traefik.toml"
owner: "{{ docker_user }}" owner: "{{ traefik_install_user }}"
group: "{{ docker_user }}" group: "{{ traefik_install_user }}"
mode: '0644' mode: '0644'
tags: config tags: config
@ -48,19 +48,19 @@
copy: copy:
content: "" content: ""
force: no force: no
dest: /home/{{ docker_user }}/traefik/acme.json dest: "{{ traefik_install_path }}/traefik/acme.json"
mode: 0600 mode: 0600
tags: config tags: config
- name: "docker-compose: Teardown existing Traefik service (only removes the containers)" - name: "docker-compose: Teardown existing Traefik service (only removes the containers)"
docker_compose: docker_compose:
project_src: "/home/{{ docker_user }}/traefik/" project_src: "{{ traefik_install_path }}/traefik/"
state: absent state: absent
tags: ['never', 'teardown'] tags: ['never', 'teardown']
- name: "docker-compose: Start Traefik service" - name: "docker-compose: Start Traefik service"
docker_compose: docker_compose:
project_src: "/home/{{ docker_user }}/traefik/" project_src: "{{ traefik_install_path }}/traefik/"
register: output register: output
tags: service_start tags: service_start

16
templates/docker-compose.traefik.yml.j2
View file

@ -9,27 +9,27 @@ services:
# Load Balancer / SSL / Web Server # Load Balancer / SSL / Web Server
revproxy: revproxy:
image: traefik:v2.2 image: traefik:v2.2
restart: always restart: unless-stopped
networks: networks:
- public - public
ports: ports:
{% if traefik.expose_internally | default(False) %} {% if traefik_expose_internally | default(False) %}
- "8181:8080" - "8181:8080"
{% endif %} {% endif %}
- "80:80" - "80:80"
- "443:443" - "443:443"
{% if traefik.additional_env_vars | default(False) %} {% if traefik_additional_env_vars | default(False) %}
environment: environment:
{% for item in traefik.additional_env_vars | dict2items %} {% for item in traefik_additional_env_vars | dict2items %}
- {{item.key}}={{item.value}} - {{item.key}}={{item.value}}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
- /home/{{ docker_user }}/traefik/traefik.toml:/traefik.toml - {{ traefik_install_path }}/traefik/traefik.toml:/traefik.toml
- /home/{{ docker_user }}/traefik/acme.json:/acme.json - {{ traefik_install_path }}/traefik/acme.json:/acme.json
- /home/{{ docker_user }}/traefik/rules:/rules - {{ traefik_install_path }}/traefik/rules:/rules
{% if traefik.expose_externally | default(False) %} {% if traefik_expose_externally | default(False) %}
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.docker.network=traefik" - "traefik.docker.network=traefik"

14
templates/traefik.toml.j2
View file

@ -26,29 +26,29 @@ defaultEntryPoints = ["web", "websecure"]
directory = "/rules" directory = "/rules"
watch = true watch = true
{% if traefik.enable_acme %} {% if traefik_enable_acme %}
[certificatesResolvers.defaultresolver.acme] [certificatesResolvers.defaultresolver.acme]
{% if traefik.use_acme_staging %} {% if traefik_use_acme_staging %}
caServer = "https://acme-staging-v02.api.letsencrypt.org/directory" caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"
{% endif %} {% endif %}
email = "{{ letsencrypt_email }}" email = "{{ traefik_letsencrypt_email }}"
storage = "acme.json" storage = "acme.json"
[certificatesResolvers.defaultresolver.acme.httpChallenge] [certificatesResolvers.defaultresolver.acme.httpChallenge]
entryPoint = "web" entryPoint = "web"
{% endif %} {% endif %}
{% if traefik.extra_mapping | default(False) %} {% if traefik_extra_mapping | default(False) %}
### NOT WORKING YET! ### NOT WORKING YET!
#[backends] #[backends]
{% for service_name in traefik.extra_mapping %} {% for service_name in traefik_extra_mapping %}
#[backends.{{ service_name }}_backend] #[backends.{{ service_name }}_backend]
# [backends.{{ service_name }}_backend.servers.server1] # [backends.{{ service_name }}_backend.servers.server1]
# url = "{{ traefik.extra_mapping[service_name] }}" # url = "{{ traefik_extra_mapping[service_name] }}"
{% endfor %} {% endfor %}
# #
#[frontends] #[frontends]
{% for service_name in traefik.extra_mapping %} {% for service_name in traefik_extra_mapping %}
# [frontends.{{ service_name }}_frontend] # [frontends.{{ service_name }}_frontend]
# backend = "{{ service_name }}_backend" # backend = "{{ service_name }}_backend"
# [frontends.{{ service_name }}_frontend.routes.test_1] # [frontends.{{ service_name }}_frontend.routes.test_1]