Jake Howard
d5c7d94ac8
This required port forwarding, a docker proxy, and a docker network, but the end result should be much more secure!
109 lines
2.7 KiB
YAML
109 lines
2.7 KiB
YAML
- name: Create network
|
|
docker_network:
|
|
name: traefik
|
|
internal: true
|
|
become: true
|
|
|
|
- name: Create install directory
|
|
file:
|
|
path: /opt/traefik
|
|
state: directory
|
|
owner: "{{ docker_user.name }}"
|
|
mode: "{{ docker_compose_directory_mask }}"
|
|
become: true
|
|
|
|
- name: Create config directory
|
|
file:
|
|
path: /opt/traefik/traefik/
|
|
state: directory
|
|
mode: "{{ docker_compose_directory_mask }}"
|
|
owner: "{{ docker_user.name }}"
|
|
become: true
|
|
|
|
- name: Create file provider directory
|
|
file:
|
|
path: /opt/traefik/traefik/conf
|
|
state: directory
|
|
mode: "{{ docker_compose_directory_mask }}"
|
|
owner: "{{ docker_user.name }}"
|
|
become: true
|
|
|
|
- name: Install compose file
|
|
template:
|
|
src: files/docker-compose.yml
|
|
dest: /opt/traefik/docker-compose.yml
|
|
mode: "{{ docker_compose_file_mask }}"
|
|
owner: "{{ docker_user.name }}"
|
|
validate: docker-compose -f %s config
|
|
notify: restart traefik
|
|
become: true
|
|
|
|
- name: Install config
|
|
template:
|
|
src: files/traefik.yml
|
|
dest: /opt/traefik/traefik/traefik.yml
|
|
mode: "{{ docker_compose_file_mask }}"
|
|
owner: "{{ docker_user.name }}"
|
|
notify: restart traefik
|
|
become: true
|
|
|
|
- name: Install file provider
|
|
template:
|
|
src: files/file-provider-main.yml
|
|
dest: /opt/traefik/traefik/conf/main.yml
|
|
mode: "{{ docker_compose_file_mask }}"
|
|
owner: "{{ docker_user.name }}"
|
|
notify: restart traefik
|
|
become: true
|
|
|
|
- name: Install homeassistant provider
|
|
template:
|
|
src: files/file-provider-homeassistant.yml
|
|
dest: /opt/traefik/traefik/conf/homeassistant.yml
|
|
mode: "{{ docker_compose_file_mask }}"
|
|
owner: "{{ docker_user.name }}"
|
|
notify: restart traefik
|
|
when: traefik_provider_homeassistant
|
|
become: true
|
|
|
|
- name: Install jellyfin provider
|
|
template:
|
|
src: files/file-provider-jellyfin.yml
|
|
dest: /opt/traefik/traefik/conf/jellyfin.yml
|
|
mode: "{{ docker_compose_file_mask }}"
|
|
owner: "{{ docker_user.name }}"
|
|
notify: restart traefik
|
|
when: traefik_provider_jellyfin
|
|
become: true
|
|
|
|
- name: Install grafana provider
|
|
template:
|
|
src: files/file-provider-grafana.yml
|
|
dest: /opt/traefik/traefik/conf/grafana.yml
|
|
mode: "{{ docker_compose_file_mask }}"
|
|
owner: "{{ docker_user.name }}"
|
|
notify: restart traefik
|
|
when: traefik_provider_grafana
|
|
become: true
|
|
|
|
- name: Install gitlab provider
|
|
template:
|
|
src: files/file-provider-gitlab.yml
|
|
dest: /opt/traefik/traefik/conf/gitlab.yml
|
|
mode: "{{ docker_compose_file_mask }}"
|
|
owner: "{{ docker_user.name }}"
|
|
notify: restart traefik
|
|
when: traefik_provider_gitlab
|
|
become: true
|
|
|
|
- name: logrotate config
|
|
template:
|
|
src: files/logrotate.conf
|
|
dest: /etc/logrotate.d/traefik
|
|
mode: "0600"
|
|
become: true
|
|
|
|
- name: fail2ban
|
|
include: fail2ban.yml
|
|
when: with_fail2ban
|