From 1f4fe923fa5723dd1e4c5885bf198b68720f6542 Mon Sep 17 00:00:00 2001 From: William Date: Wed, 9 Mar 2022 12:06:45 +0100 Subject: [PATCH] =?UTF-8?q?Cr=C3=A9ation=20du=20conteneur=20Traefik.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- hosts.example.ini | 5 ++- playbook.yml | 1 + roles/traefik/tasks/main.yml | 54 ++++++++++++++++++++++++++ roles/traefik/templates/traefik.yml.j2 | 24 ++++++++++++ 4 files changed, 83 insertions(+), 1 deletion(-) create mode 100644 roles/traefik/tasks/main.yml create mode 100644 roles/traefik/templates/traefik.yml.j2 diff --git a/hosts.example.ini b/hosts.example.ini index 53ad172..2b20623 100644 --- a/hosts.example.ini +++ b/hosts.example.ini @@ -7,4 +7,7 @@ ansible_python_interpreter=/usr/bin/python3 www_user=user www_group=group www_home=/home/user - +traefik_dashboard=false +traefik_dashboard_host=traefik.example.com +traefik_log_level=ERROR +traefik_letsencrypt_email=admin@example.com diff --git a/playbook.yml b/playbook.yml index 2cb87d2..735625b 100644 --- a/playbook.yml +++ b/playbook.yml @@ -13,3 +13,4 @@ roles: - wwwuser - docker + - traefik diff --git a/roles/traefik/tasks/main.yml b/roles/traefik/tasks/main.yml new file mode 100644 index 0000000..3dbc8f0 --- /dev/null +++ b/roles/traefik/tasks/main.yml @@ -0,0 +1,54 @@ +--- +- name: create directory + file: + path: "{{ www_home }}/traefik" + state: directory + owner: "{{ www_user }}" + group: "{{ www_group }}" + +- name: check if acme file exists + stat: + path: "{{ www_home }}/traefik/acme.json" + register: acme_file + +- name: create acme file if does not exists + file: + path: "{{ www_home }}/traefik/acme.json" + state: touch + mode: 0600 + owner: "{{ www_user }}" + group: "{{ www_group }}" + when: acme_file.stat.exists == False + +- name: add config file + template: + src: traefik.yml.j2 + dest: "{{ www_home }}/traefik/traefik.yml" + mode: 0600 + owner: "{{ www_user }}" + group: "{{ www_group }}" + +- name: create network + docker_network: + name: web + +- name: create container + docker_container: + name: traefik + image: traefik:2.4 + restart_policy: unless-stopped + recreate: true + networks: + - name: web + ports: + - "80:80" + - "443:443" + volumes: + - "{{ www_home }}/traefik/traefik.yml:/etc/traefik/traefik.yml" + - "{{ www_home }}/traefik/acme.json:/acme.json" + - /var/run/docker.sock:/var/run/docker.sock + labels: + traefik.enable: "true" + traefik.http.routers.dashboard.rule: Host(`{{ traefik_dashboard_host }}`) + traefik.http.routers.dashboard.entryPoints: http + traefik.http.routers.dashboard.service: api@internal diff --git a/roles/traefik/templates/traefik.yml.j2 b/roles/traefik/templates/traefik.yml.j2 new file mode 100644 index 0000000..cb1face --- /dev/null +++ b/roles/traefik/templates/traefik.yml.j2 @@ -0,0 +1,24 @@ +entryPoints: + http: + address: :80 + https: + address: :443 + +log: + level: {{ traefik_log_level | default('ERROR') }} + +api: + dashboard: {{ traefik_dashboard | default(false) }} + +providers: + docker: + network: web + exposedByDefault: false + +certificatesResolvers: + letsencrypt: + acme: + email: "{{ traefik_letsencrypt_email }}" + storage: "acme.json" + httpChallenge: + entryPoint: http