Update conf to use file provider instead http provider

2023-09-24 17:20:34 +02:00 · 2023-09-24 17:20:34 +02:00 · 6ff4c4050d
commit 6ff4c4050d
parent 0f82e179af
6 changed files with 12 additions and 17 deletions
--- a/group_vars/all.yml.sample
+++ b/group_vars/all.yml.sample
@ -8,6 +8,7 @@ server:
  vpn:
    subnet: 192.168.1.0/24
    ip: 192.168.1.254
+    reverse_proxy_ip: 192.168.1.254
    port: 22
    peers: test

--- a/roles/traefik/tasks/base.yml
+++ b/roles/traefik/tasks/base.yml
@ -18,7 +18,7 @@
  loop:
    - { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
    - { src: 'config/traefik.yml', dest: 'config/traefik.yml' }
-    - { src: 'config/dynamic_conf.yaml', dest: 'config/dynamic_conf.yaml' }
+    - { src: 'config/dynamic_conf.yml', dest: 'config/dynamic_conf.yml' }
  register: traefik_copy_templates_results

 - name: Create proxy network
--- a/roles/traefik/templates/config/dynamic_conf.yaml
+++ b/roles/traefik/templates/config/dynamic_conf.yaml
--- a/roles/traefik/templates/config/traefik.yml
+++ b/roles/traefik/templates/config/traefik.yml
@ -38,8 +38,9 @@ providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
-  http:
-    endpoint: "http://http_provider/dynamic_conf.yaml"
+  file:
+    filename: /dynamic_conf.yml
+    watch: true

 certificatesResolvers:
  sslResolver:
--- a/roles/traefik/templates/docker-compose.yml
+++ b/roles/traefik/templates/docker-compose.yml
@ -8,14 +8,16 @@ services:
    security_opt:
      - no-new-privileges:true
    networks:
-      - providers
-      - proxy
+      proxy: {}
+      vpn:
+        ipv4_address: {{ server.vpn.reverse_proxy_ip }}
    ports:
      - 80:80
      - 443:443
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./config/traefik.yml:/traefik.yml:ro
+      - ./config/dynamic_conf.yml:/dynamic_conf.yml:ro
      - {{ server.work_dir }}/traefik/base/acme.json:/acme.json:rw
      - {{ server.work_dir }}/traefik/base/access.log:/var/log/traefik/access.log:rw
      - {{ server.work_dir }}/traefik/base/traefik.log:/var/log/traefik/traefik.log:rw
@ -108,18 +110,9 @@ services:
      - "traefik.http.services.grafana.loadbalancer.server.port=3000"
      - "traefik.docker.network=proxy"

-  http_provider:
-    image: httpd:latest
-    restart: unless-stopped
-    container_name: http_provider
-    networks:
-      - internal
-      - providers
-    volumes:
-      - ./config/dynamic_conf.yaml:/usr/local/apache2/htdocs/dynamic_conf.yaml
-
 networks:
-  providers:
  internal:
  proxy:
    external: true
+  vpn:
+    external: true
--- a/roles/whoami/templates/docker-compose.yml.j2
+++ b/roles/whoami/templates/docker-compose.yml.j2
@ -13,7 +13,7 @@ services:
      - "traefik.http.routers.whoami-secure.rule=Host(`whoami.{{ server.domain }}`)"
      - "traefik.http.routers.whoami-secure.tls=true"
      - "traefik.http.routers.whoami-secure.tls.certresolver=sslResolver"
-      - "traefik.http.routers.whoami-secure.middlewares=private-network@http"
+      - "traefik.http.routers.whoami-secure.middlewares=private-network@file"
      - "traefik.docker.network=proxy"

 networks: