No description
- Jinja 100%
| defaults | ||
| meta | ||
| tasks | ||
| templates | ||
| .gitignore | ||
| README.md | ||
ansible-roles-trafik
This role is designed to provide a reverse proxy in conjuction with another role based deployment such as a metrics stack
Task Configuration
- name: Setup traefik
hosts: somehost
become: true
roles:
- role: traefik
traefik_dashboard: true
traefik_routes:
- name: grafana
host: metrics.example.com
srv: "127.0.0.1:3000"
- name: prometheus
host: promexample.com
srv: "127.0.0.1:9090"
- name: grafana
host: lokiexample.com
srv: "127.0.0.1:3100"
- name: uptime
host: uptime.example.com
srv: "127.0.0.1:3001"
- role: firewalld
firewalld_services:
- http
- https
firewalld_ports:
- 8100/tcp # dashboard insecure mode
firewalld_forwards:
- port: 80
to: 8080
- port: 443
to: 8443
Current configuration generates a single dynamic config file, this could be reconfigured to read from a directory
traefik-static.yml.j2
providers:
providersThrottleDuration: 2s
file:
directory: /etc/traefik/dynamic
watch: {{ traefik_watch }}
Deployment and Removal
Sometimes you need to manually stop the running containers to get a clean run when re-deploying Services must be stopped as the respecitve user or another means to aquire the correct user scope for systemd
systemctl --user stop container-traefik.service
Deploy
ansible-playbook -i hosts site.yml --tags=firewalld,traefik --limit=somehost
Remove
ansible-playbook -i hosts site.yml --tags=firewalld,traefik --extra-vars "container_state=absent firewall_action=remove" --limit=somehost