WIP: Replace nginx with Traefik

2024-11-15 08:27:19 +00:00 · 2018-11-25 11:07:09 +00:00 · 2018-11-25 11:07:09 +00:00 · 81bd61ea75
commit 81bd61ea75
parent c3712fa219
2 changed files with 183 additions and 0 deletions
--- a/nas.yml
+++ b/nas.yml
@ -5,6 +5,10 @@

  - import_tasks: tasks/docker.yml

+  - import_tasks: tasks/traefik.yml
+    when: traefik_enabled == true
+    tags: traefik
+
  - import_tasks: tasks/portainer.yml
    when: portainer_enabled == true
    tags: portainer
--- a/templates/traefik/traefik.toml
+++ b/templates/traefik/traefik.toml
@ -0,0 +1,179 @@
+################################################################
+# Global configuration
+################################################################
+
+# Enable debug mode
+#
+# Optional
+# Default: false
+#
+debug = true
+
+# Log level
+#
+# Optional
+# Default: "ERROR"
+#
+# logLevel = "DEBUG"
+
+# Entrypoints to be used by frontends that do not specify any entrypoint.
+# Each frontend can specify its own entrypoints.
+#
+# Optional
+# Default: ["http"]
+#
+defaultEntryPoints = ["http", "https"]
+
+################################################################
+# Entrypoints configuration
+################################################################
+
+[entryPoints]
+  [entryPoints.http]
+  address = ":80"
+    [entryPoints.http.redirect]
+    entryPoint = "https"
+
+  [entryPoints.https]
+  address = ":443"
+    [entryPoints.https.tls]
+
+  [entryPoints.traefik]
+  address = ":8083"
+
+################################################################
+# Traefik logs configuration
+################################################################
+
+# Traefik logs
+# Enabled by default and log to stdout
+#
+# Optional
+#
+# [traefikLog]
+
+# Sets the filepath for the traefik log. If not specified, stdout will be used.
+# Intermediate directories are created if necessary.
+#
+# Optional
+# Default: os.Stdout
+#
+# filePath = "log/traefik.log"
+
+# Format is either "json" or "common".
+#
+# Optional
+# Default: "common"
+#
+# format = "common"
+
+################################################################
+# Access logs configuration
+################################################################
+
+# Enable access logs
+# By default it will write to stdout and produce logs in the textual
+# Common Log Format (CLF), extended with additional fields.
+#
+# Optional
+#
+# [accessLog]
+
+# Sets the file path for the access log. If not specified, stdout will be used.
+# Intermediate directories are created if necessary.
+#
+# Optional
+# Default: os.Stdout
+#
+# filePath = "/path/to/log/log.txt"
+
+# Format is either "json" or "common".
+#
+# Optional
+# Default: "common"
+#
+# format = "common"
+
+################################################################
+# API and dashboard configuration
+################################################################
+
+# Enable API and dashboard
+[api]
+
+  # Name of the related entry point
+  #
+  # Optional
+  # Default: "traefik"
+  #
+  entryPoint = "traefik"
+
+  # Enabled Dashboard
+  #
+  # Optional
+  # Default: true
+  #
+  dashboard = true
+
+################################################################
+# Ping configuration
+################################################################
+
+# Enable ping
+[ping]
+
+  # Name of the related entry point
+  #
+  # Optional
+  # Default: "traefik"
+  #
+  # entryPoint = "traefik"
+
+################################################################
+# Docker configuration backend
+################################################################
+
+# Enable Docker configuration backend
+[docker]
+
+# Docker server endpoint. Can be a tcp or a unix socket endpoint.
+#
+# Required
+# Default: "unix:///var/run/docker.sock"
+#
+# endpoint = "tcp://10.10.10.10:2375"
+
+# Default domain used.
+# Can be overridden by setting the "traefik.domain" label on a container.
+#
+# Optional
+# Default: ""
+#
+# domain = "docker.localhost"
+
+# Expose containers by default in traefik
+#
+# Optional
+# Default: true
+exposedByDefault = false
+
+
+[acme]
+email = "{{ ansible_nas_email }}"
+storage = "acme.json"
+entryPoint = "https"
+acmeLogging = true
+onDemand = false # create certificate when container is created
+
+  # [acme.dnsChallenge]
+  # provider = "cloudflare"
+  # delayBeforeCheck = 0
+
+  # [acme.httpChallenge]
+  # entryPoint = "http"
+  
+  [acme.tlsChallenge]
+
+  [[acme.domains]]
+  main = "ansible-nas.{{ ansible_nas_domain }}"
+  sans = ["nextcloud.{{ ansible_nas_domain }}","gitea.{{ ansible_nas_domain }}","guacamole.{{ ansible_nas_domain }}"]