import changes

This commit is contained in:
Geno 2020-11-27 12:52:52 +01:00
parent c66cb5ec2b
commit 0cd5eacb33
9 changed files with 47 additions and 53 deletions

37
defaults/main.yml Normal file
View File

@ -0,0 +1,37 @@
traefik_api_rule: "Host(`{{ inventory_hostname }}`)"
traefik_metric_rule: "({{ traefik_api_rule }}) && PathPrefix(`/metrics`)"
traefik_users:
- name: "test"
password: "$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
traefik_proxy: []
traefik_tcp_proxy: []
traefik_config:
entryPoints:
ssh:
address: ":22"
web:
address: ":80"
websecure:
address: ":443"
rtmp:
address: ":1935"
providers:
file:
directory: "/etc/traefik/conf.d/"
watch: true
serversTransport:
insecureSkipVerify: true
certificatesResolvers:
my-resolver:
acme:
storage: "/etc/traefik/acme.json"
tlsChallenge: {}
api:
dashboard: true
metrics:
prometheus:
addServicesLabels: true
manualRouting: true

View File

@ -1,4 +1,4 @@
- name: restart traefik - name: restart traefik
systemd: systemd:
name: traefik name: traefik
state: reloaded state: restarted

View File

@ -1,7 +1,7 @@
- name: install ---
- name: Install traefik
package: package:
name: traefik name: traefik
state: latest
- name: fix owner of acme file - name: fix owner of acme file
file: file:
@ -11,9 +11,9 @@
- name: configure - name: configure
notify: restart traefik notify: restart traefik
template: copy:
src: config.toml content: "{{ traefik_config | to_nice_yaml }}"
dest: "/etc/traefik/traefik.toml" dest: "/etc/traefik/traefik.yml"
owner: traefik owner: traefik
- name: create config directory - name: create config directory

View File

@ -1,4 +1,3 @@
[http.middlewares.httpsRedirect.redirectScheme] [http.middlewares.httpsRedirect.redirectScheme]
scheme = "https" scheme = "https"
permanent = true permanent = true

View File

@ -4,13 +4,13 @@
] ]
[http.routers.my-api-redir] [http.routers.my-api-redir]
rule = "Host(`{{ inventory_hostname }}`)" rule = "{{ traefik_api_rule }}"
entryPoints = ["web"] entryPoints = ["web"]
middlewares = ["httpsRedirect"] middlewares = ["httpsRedirect"]
service = "api@internal" service = "api@internal"
[http.routers.my-api] [http.routers.my-api]
rule = "Host(`{{ inventory_hostname }}`)" rule = "{{ traefik_api_rule }}"
entryPoints = ["websecure"] entryPoints = ["websecure"]
middlewares = ["apiAuth"] middlewares = ["apiAuth"]
service = "api@internal" service = "api@internal"

View File

@ -1,5 +1,5 @@
[http.routers.metric-prometheus] [http.routers.metric-prometheus]
rule = "Host(`{{ inventory_hostname }}`) && PathPrefix(`/metrics`)" rule = "{{ traefik_metric_rule }}"
entryPoints = ["websecure"] entryPoints = ["websecure"]
service = "prometheus@internal" service = "prometheus@internal"

View File

@ -6,7 +6,7 @@
[tcp.routers.{{r.name}}] [tcp.routers.{{r.name}}]
entryPoints = {{r.entryPoints}} entryPoints = {{r.entryPoints}}
rule = "{{r.rule }}" rule = "{{r.rule }}"
service = "{{r.name}}" service = "{{r.name}}"
[tcp.services.{{r.name}}.loadBalancer] [tcp.services.{{r.name}}.loadBalancer]

View File

@ -4,11 +4,6 @@
# {{ r.name }}: {{ r.rule }} # {{ r.name }}: {{ r.rule }}
#--------------------------------- #---------------------------------
{% if r.path_strip is not undefined %}
[http.middlewares.{{r.name}}-stripprefix.stripPrefix]
prefixes = {{ r.path_strip }}
{% endif %}
{% if r.tls %} {% if r.tls %}
[http.routers.{{r.name}}-redir] [http.routers.{{r.name}}-redir]
rule = "{{ r.rule }}" rule = "{{ r.rule }}"
@ -24,11 +19,6 @@
[http.routers.{{r.name}}] [http.routers.{{r.name}}]
rule = "{{ r.rule }}" rule = "{{ r.rule }}"
{% if r.path_strip is not undefined %}
middlewares = ["{{r.name}}-stripprefix","httpsRedirect"]
{% else %}
middlewares = ["httpsRedirect"]
{% endif %}
{% if r.tls %} {% if r.tls %}
entryPoints = ["websecure"] entryPoints = ["websecure"]
{% else %} {% else %}

View File

@ -1,32 +0,0 @@
[entryPoints]
[entryPoints.ssh]
address = ":22"
[entryPoints.web]
address = ":80"
[entryPoints.websecure]
address = ":443"
[entryPoints.rtmp]
address = ":1935"
[providers]
[providers.file]
directory = "/etc/traefik/conf.d/"
watch = true
[serversTransport]
insecureSkipVerify = true
[certificatesResolvers.my-resolver.acme]
storage = "/etc/traefik/acme.json"
[certificatesResolvers.my-resolver.acme.tlsChallenge]
# entryPoint = "web"
[api]
dashboard = true
[metrics]
[metrics.prometheus]
addServicesLabels = true
manualRouting = true