From 6ff4c4050d9b5981d7d1a7de45f282c5494448bc Mon Sep 17 00:00:00 2001 From: Florian RICHER Date: Sun, 24 Sep 2023 17:20:34 +0200 Subject: [PATCH] Update conf to use file provider instead http provider --- group_vars/all.yml.sample | 1 + roles/traefik/tasks/base.yml | 2 +- .../{dynamic_conf.yaml => dynamic_conf.yml} | 0 roles/traefik/templates/config/traefik.yml | 5 +++-- roles/traefik/templates/docker-compose.yml | 19 ++++++------------- roles/whoami/templates/docker-compose.yml.j2 | 2 +- 6 files changed, 12 insertions(+), 17 deletions(-) rename roles/traefik/templates/config/{dynamic_conf.yaml => dynamic_conf.yml} (100%) diff --git a/group_vars/all.yml.sample b/group_vars/all.yml.sample index acc340d..a7dc8e9 100644 --- a/group_vars/all.yml.sample +++ b/group_vars/all.yml.sample @@ -8,6 +8,7 @@ server: vpn: subnet: 192.168.1.0/24 ip: 192.168.1.254 + reverse_proxy_ip: 192.168.1.254 port: 22 peers: test diff --git a/roles/traefik/tasks/base.yml b/roles/traefik/tasks/base.yml index d2c977f..00275f1 100644 --- a/roles/traefik/tasks/base.yml +++ b/roles/traefik/tasks/base.yml @@ -18,7 +18,7 @@ loop: - { src: 'docker-compose.yml', dest: 'docker-compose.yml' } - { src: 'config/traefik.yml', dest: 'config/traefik.yml' } - - { src: 'config/dynamic_conf.yaml', dest: 'config/dynamic_conf.yaml' } + - { src: 'config/dynamic_conf.yml', dest: 'config/dynamic_conf.yml' } register: traefik_copy_templates_results - name: Create proxy network diff --git a/roles/traefik/templates/config/dynamic_conf.yaml b/roles/traefik/templates/config/dynamic_conf.yml similarity index 100% rename from roles/traefik/templates/config/dynamic_conf.yaml rename to roles/traefik/templates/config/dynamic_conf.yml diff --git a/roles/traefik/templates/config/traefik.yml b/roles/traefik/templates/config/traefik.yml index f08a4d3..b9d4fe9 100644 --- a/roles/traefik/templates/config/traefik.yml +++ b/roles/traefik/templates/config/traefik.yml @@ -38,8 +38,9 @@ providers: docker: endpoint: "unix:///var/run/docker.sock" exposedByDefault: false - http: - endpoint: "http://http_provider/dynamic_conf.yaml" + file: + filename: /dynamic_conf.yml + watch: true certificatesResolvers: sslResolver: diff --git a/roles/traefik/templates/docker-compose.yml b/roles/traefik/templates/docker-compose.yml index 9cdbc92..23ec1aa 100644 --- a/roles/traefik/templates/docker-compose.yml +++ b/roles/traefik/templates/docker-compose.yml @@ -8,14 +8,16 @@ services: security_opt: - no-new-privileges:true networks: - - providers - - proxy + proxy: {} + vpn: + ipv4_address: {{ server.vpn.reverse_proxy_ip }} ports: - 80:80 - 443:443 volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - ./config/traefik.yml:/traefik.yml:ro + - ./config/dynamic_conf.yml:/dynamic_conf.yml:ro - {{ server.work_dir }}/traefik/base/acme.json:/acme.json:rw - {{ server.work_dir }}/traefik/base/access.log:/var/log/traefik/access.log:rw - {{ server.work_dir }}/traefik/base/traefik.log:/var/log/traefik/traefik.log:rw @@ -108,18 +110,9 @@ services: - "traefik.http.services.grafana.loadbalancer.server.port=3000" - "traefik.docker.network=proxy" - http_provider: - image: httpd:latest - restart: unless-stopped - container_name: http_provider - networks: - - internal - - providers - volumes: - - ./config/dynamic_conf.yaml:/usr/local/apache2/htdocs/dynamic_conf.yaml - networks: - providers: internal: proxy: external: true + vpn: + external: true diff --git a/roles/whoami/templates/docker-compose.yml.j2 b/roles/whoami/templates/docker-compose.yml.j2 index 04b961a..a57520c 100644 --- a/roles/whoami/templates/docker-compose.yml.j2 +++ b/roles/whoami/templates/docker-compose.yml.j2 @@ -13,7 +13,7 @@ services: - "traefik.http.routers.whoami-secure.rule=Host(`whoami.{{ server.domain }}`)" - "traefik.http.routers.whoami-secure.tls=true" - "traefik.http.routers.whoami-secure.tls.certresolver=sslResolver" - - "traefik.http.routers.whoami-secure.middlewares=private-network@http" + - "traefik.http.routers.whoami-secure.middlewares=private-network@file" - "traefik.docker.network=proxy" networks: