import changes

defaults/main.yml

@@ -0,0 +1,37 @@
+traefik_api_rule: "Host(`{{ inventory_hostname }}`)"
+traefik_metric_rule: "({{ traefik_api_rule }}) && PathPrefix(`/metrics`)"
+
+traefik_users:
+- name: "test"
+  password: "$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
+
+traefik_proxy: []
+traefik_tcp_proxy: []
+
+traefik_config:
+  entryPoints:
+    ssh:
+      address: ":22"
+    web:
+      address: ":80"
+    websecure:
+      address: ":443"
+    rtmp:
+      address: ":1935"
+  providers:
+    file:
+      directory: "/etc/traefik/conf.d/"
+      watch: true
+  serversTransport:
+    insecureSkipVerify: true
+  certificatesResolvers:
+    my-resolver:
+      acme:
+        storage: "/etc/traefik/acme.json"
+        tlsChallenge: {}
+  api:
+    dashboard: true
+  metrics:
+    prometheus:
+      addServicesLabels: true
+      manualRouting: true

handlers/main.yml

@@ -1,4 +1,4 @@
 - name: restart traefik
   systemd:
     name: traefik
-    state: reloaded
+    state: restarted

tasks/main.yml

@@ -1,7 +1,7 @@
-- name: install
+---
+- name: Install traefik
   package:
     name: traefik
-    state: latest
 
 - name: fix owner of acme file
   file:
@@ -11,9 +11,9 @@
 
 - name: configure
   notify: restart traefik
-  template:
-    src: config.toml
-    dest: "/etc/traefik/traefik.toml"
+  copy:
+    content: "{{ traefik_config  | to_nice_yaml }}"
+    dest: "/etc/traefik/traefik.yml"
     owner: traefik
 
 - name: create config directory

templates/conf.d/00-default.toml

@@ -1,4 +1,3 @@
 [http.middlewares.httpsRedirect.redirectScheme]
   scheme = "https"
   permanent = true
-

templates/conf.d/10-api.toml

@@ -4,13 +4,13 @@
   ]
 
 [http.routers.my-api-redir]
-  rule = "Host(`{{ inventory_hostname }}`)"
+  rule = "{{ traefik_api_rule }}"
   entryPoints = ["web"]
   middlewares = ["httpsRedirect"]
   service = "api@internal"
 
 [http.routers.my-api]
-  rule = "Host(`{{ inventory_hostname }}`)"
+  rule = "{{ traefik_api_rule }}"
   entryPoints = ["websecure"]
   middlewares = ["apiAuth"]
   service = "api@internal"

templates/conf.d/10-metric-prometheus.toml

@@ -1,5 +1,5 @@
 [http.routers.metric-prometheus]
-  rule = "Host(`{{ inventory_hostname }}`) && PathPrefix(`/metrics`)"
+  rule = "{{ traefik_metric_rule }}"
   entryPoints = ["websecure"]
   service = "prometheus@internal"
 

templates/conf.d/50-easy-tcp.toml

@@ -6,7 +6,7 @@
 
 [tcp.routers.{{r.name}}]
 entryPoints = {{r.entryPoints}}
-rule = "{{r.rule }}" 
+rule = "{{r.rule }}"
 service = "{{r.name}}"
 
 [tcp.services.{{r.name}}.loadBalancer]

templates/conf.d/70-easy-proxy.toml

@@ -4,11 +4,6 @@
 # {{ r.name }}: {{ r.rule }}
 #---------------------------------
 
-{% if r.path_strip is not undefined %}
-[http.middlewares.{{r.name}}-stripprefix.stripPrefix]
-  prefixes = {{ r.path_strip }}
-{% endif %}
-
 {% if r.tls %}
 [http.routers.{{r.name}}-redir]
   rule = "{{ r.rule }}"
@@ -24,11 +19,6 @@
 
 [http.routers.{{r.name}}]
   rule = "{{ r.rule }}"
-{% if r.path_strip is not undefined %}
-  middlewares = ["{{r.name}}-stripprefix","httpsRedirect"]
-{% else %}
-  middlewares = ["httpsRedirect"]
-{% endif %}
 {% if r.tls %}
   entryPoints = ["websecure"]
 {% else %}

templates/config.toml

@@ -1,32 +0,0 @@
-[entryPoints]
-  [entryPoints.ssh]
-    address = ":22"
-
-  [entryPoints.web]
-    address = ":80"
-
-  [entryPoints.websecure]
-    address = ":443"
-
-  [entryPoints.rtmp]
-    address = ":1935"
-
-[providers]
-  [providers.file]
-    directory = "/etc/traefik/conf.d/"
-    watch = true
-
-[serversTransport]
-  insecureSkipVerify = true
-
-[certificatesResolvers.my-resolver.acme]
-  storage = "/etc/traefik/acme.json"
-  [certificatesResolvers.my-resolver.acme.tlsChallenge]
-  # entryPoint = "web"
-
-[api]
-  dashboard = true
-[metrics]
-  [metrics.prometheus]
-    addServicesLabels = true
-    manualRouting = true