import changes
This commit is contained in:
parent
c66cb5ec2b
commit
0cd5eacb33
|
@ -0,0 +1,37 @@
|
||||||
|
traefik_api_rule: "Host(`{{ inventory_hostname }}`)"
|
||||||
|
traefik_metric_rule: "({{ traefik_api_rule }}) && PathPrefix(`/metrics`)"
|
||||||
|
|
||||||
|
traefik_users:
|
||||||
|
- name: "test"
|
||||||
|
password: "$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
|
||||||
|
|
||||||
|
traefik_proxy: []
|
||||||
|
traefik_tcp_proxy: []
|
||||||
|
|
||||||
|
traefik_config:
|
||||||
|
entryPoints:
|
||||||
|
ssh:
|
||||||
|
address: ":22"
|
||||||
|
web:
|
||||||
|
address: ":80"
|
||||||
|
websecure:
|
||||||
|
address: ":443"
|
||||||
|
rtmp:
|
||||||
|
address: ":1935"
|
||||||
|
providers:
|
||||||
|
file:
|
||||||
|
directory: "/etc/traefik/conf.d/"
|
||||||
|
watch: true
|
||||||
|
serversTransport:
|
||||||
|
insecureSkipVerify: true
|
||||||
|
certificatesResolvers:
|
||||||
|
my-resolver:
|
||||||
|
acme:
|
||||||
|
storage: "/etc/traefik/acme.json"
|
||||||
|
tlsChallenge: {}
|
||||||
|
api:
|
||||||
|
dashboard: true
|
||||||
|
metrics:
|
||||||
|
prometheus:
|
||||||
|
addServicesLabels: true
|
||||||
|
manualRouting: true
|
|
@ -1,4 +1,4 @@
|
||||||
- name: restart traefik
|
- name: restart traefik
|
||||||
systemd:
|
systemd:
|
||||||
name: traefik
|
name: traefik
|
||||||
state: reloaded
|
state: restarted
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
- name: install
|
---
|
||||||
|
- name: Install traefik
|
||||||
package:
|
package:
|
||||||
name: traefik
|
name: traefik
|
||||||
state: latest
|
|
||||||
|
|
||||||
- name: fix owner of acme file
|
- name: fix owner of acme file
|
||||||
file:
|
file:
|
||||||
|
@ -11,9 +11,9 @@
|
||||||
|
|
||||||
- name: configure
|
- name: configure
|
||||||
notify: restart traefik
|
notify: restart traefik
|
||||||
template:
|
copy:
|
||||||
src: config.toml
|
content: "{{ traefik_config | to_nice_yaml }}"
|
||||||
dest: "/etc/traefik/traefik.toml"
|
dest: "/etc/traefik/traefik.yml"
|
||||||
owner: traefik
|
owner: traefik
|
||||||
|
|
||||||
- name: create config directory
|
- name: create config directory
|
||||||
|
|
|
@ -1,4 +1,3 @@
|
||||||
[http.middlewares.httpsRedirect.redirectScheme]
|
[http.middlewares.httpsRedirect.redirectScheme]
|
||||||
scheme = "https"
|
scheme = "https"
|
||||||
permanent = true
|
permanent = true
|
||||||
|
|
|
@ -4,13 +4,13 @@
|
||||||
]
|
]
|
||||||
|
|
||||||
[http.routers.my-api-redir]
|
[http.routers.my-api-redir]
|
||||||
rule = "Host(`{{ inventory_hostname }}`)"
|
rule = "{{ traefik_api_rule }}"
|
||||||
entryPoints = ["web"]
|
entryPoints = ["web"]
|
||||||
middlewares = ["httpsRedirect"]
|
middlewares = ["httpsRedirect"]
|
||||||
service = "api@internal"
|
service = "api@internal"
|
||||||
|
|
||||||
[http.routers.my-api]
|
[http.routers.my-api]
|
||||||
rule = "Host(`{{ inventory_hostname }}`)"
|
rule = "{{ traefik_api_rule }}"
|
||||||
entryPoints = ["websecure"]
|
entryPoints = ["websecure"]
|
||||||
middlewares = ["apiAuth"]
|
middlewares = ["apiAuth"]
|
||||||
service = "api@internal"
|
service = "api@internal"
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
[http.routers.metric-prometheus]
|
[http.routers.metric-prometheus]
|
||||||
rule = "Host(`{{ inventory_hostname }}`) && PathPrefix(`/metrics`)"
|
rule = "{{ traefik_metric_rule }}"
|
||||||
entryPoints = ["websecure"]
|
entryPoints = ["websecure"]
|
||||||
service = "prometheus@internal"
|
service = "prometheus@internal"
|
||||||
|
|
||||||
|
|
|
@ -6,7 +6,7 @@
|
||||||
|
|
||||||
[tcp.routers.{{r.name}}]
|
[tcp.routers.{{r.name}}]
|
||||||
entryPoints = {{r.entryPoints}}
|
entryPoints = {{r.entryPoints}}
|
||||||
rule = "{{r.rule }}"
|
rule = "{{r.rule }}"
|
||||||
service = "{{r.name}}"
|
service = "{{r.name}}"
|
||||||
|
|
||||||
[tcp.services.{{r.name}}.loadBalancer]
|
[tcp.services.{{r.name}}.loadBalancer]
|
|
@ -4,11 +4,6 @@
|
||||||
# {{ r.name }}: {{ r.rule }}
|
# {{ r.name }}: {{ r.rule }}
|
||||||
#---------------------------------
|
#---------------------------------
|
||||||
|
|
||||||
{% if r.path_strip is not undefined %}
|
|
||||||
[http.middlewares.{{r.name}}-stripprefix.stripPrefix]
|
|
||||||
prefixes = {{ r.path_strip }}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% if r.tls %}
|
{% if r.tls %}
|
||||||
[http.routers.{{r.name}}-redir]
|
[http.routers.{{r.name}}-redir]
|
||||||
rule = "{{ r.rule }}"
|
rule = "{{ r.rule }}"
|
||||||
|
@ -24,11 +19,6 @@
|
||||||
|
|
||||||
[http.routers.{{r.name}}]
|
[http.routers.{{r.name}}]
|
||||||
rule = "{{ r.rule }}"
|
rule = "{{ r.rule }}"
|
||||||
{% if r.path_strip is not undefined %}
|
|
||||||
middlewares = ["{{r.name}}-stripprefix","httpsRedirect"]
|
|
||||||
{% else %}
|
|
||||||
middlewares = ["httpsRedirect"]
|
|
||||||
{% endif %}
|
|
||||||
{% if r.tls %}
|
{% if r.tls %}
|
||||||
entryPoints = ["websecure"]
|
entryPoints = ["websecure"]
|
||||||
{% else %}
|
{% else %}
|
|
@ -1,32 +0,0 @@
|
||||||
[entryPoints]
|
|
||||||
[entryPoints.ssh]
|
|
||||||
address = ":22"
|
|
||||||
|
|
||||||
[entryPoints.web]
|
|
||||||
address = ":80"
|
|
||||||
|
|
||||||
[entryPoints.websecure]
|
|
||||||
address = ":443"
|
|
||||||
|
|
||||||
[entryPoints.rtmp]
|
|
||||||
address = ":1935"
|
|
||||||
|
|
||||||
[providers]
|
|
||||||
[providers.file]
|
|
||||||
directory = "/etc/traefik/conf.d/"
|
|
||||||
watch = true
|
|
||||||
|
|
||||||
[serversTransport]
|
|
||||||
insecureSkipVerify = true
|
|
||||||
|
|
||||||
[certificatesResolvers.my-resolver.acme]
|
|
||||||
storage = "/etc/traefik/acme.json"
|
|
||||||
[certificatesResolvers.my-resolver.acme.tlsChallenge]
|
|
||||||
# entryPoint = "web"
|
|
||||||
|
|
||||||
[api]
|
|
||||||
dashboard = true
|
|
||||||
[metrics]
|
|
||||||
[metrics.prometheus]
|
|
||||||
addServicesLabels = true
|
|
||||||
manualRouting = true
|
|
Loading…
Reference in New Issue