Compare commits
No commits in common. "68981f3f66d1977543c9f0d3b42c7d030fb495b1" and "46928480c2aa9ad075c96e919ddbd3e82bb9b265" have entirely different histories.
68981f3f66
...
46928480c2
5 changed files with 19 additions and 9 deletions
|
@ -33,10 +33,10 @@ All services below are running under Docker, except NSD and Borg.
|
||||||
|
|
||||||
## TODO
|
## TODO
|
||||||
|
|
||||||
|
- Forward to https not working correctly yet. I think it works now? Should check it.
|
||||||
|
- Expose treafik dashboard only on local network
|
||||||
- Clear view of what services + which versions we are running. This way, we can track security updates better.
|
- Clear view of what services + which versions we are running. This way, we can track security updates better.
|
||||||
- Delegate pim.kunis.nl to my server
|
- Mastodon links verifications
|
||||||
- Host tobb website?
|
|
||||||
- Move from Ubuntu to Debian
|
|
||||||
|
|
||||||
### NSD
|
### NSD
|
||||||
|
|
||||||
|
|
|
@ -1,4 +0,0 @@
|
||||||
dependencies:
|
|
||||||
- role: common
|
|
||||||
- role: docker
|
|
||||||
- role: traefik
|
|
9
roles/traefik/files/basic_auth_users
Normal file
9
roles/traefik/files/basic_auth_users
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
33333836626532396564616664353836636164386437323234333464336432663266663038313138
|
||||||
|
3563663134333236366433636134653965393932343362360a306236343538663836633761353262
|
||||||
|
65353961376230333530616465353735626232373132613635653162353634353865386638633365
|
||||||
|
3762636464663532360a633162646365653764666563383632393738343931656366343336653437
|
||||||
|
36656535346432313036323433396432303563663836303964643731326364306530636332346163
|
||||||
|
36353034366562386664376565316339616466323133303464326637366432623164666332313762
|
||||||
|
38663138613534363361376161376363666134336466303436643035356438303832333639373266
|
||||||
|
62313730633763633066
|
|
@ -20,6 +20,10 @@
|
||||||
copy:
|
copy:
|
||||||
src: "{{ role_path }}/files/services.toml"
|
src: "{{ role_path }}/files/services.toml"
|
||||||
dest: "{{ service_dir }}/services.toml"
|
dest: "{{ service_dir }}/services.toml"
|
||||||
|
- name: Copy basic_auth_users file
|
||||||
|
copy:
|
||||||
|
src: "{{ role_path }}/files/basic_auth_users"
|
||||||
|
dest: "{{ service_dir }}/basic_auth_users"
|
||||||
- name: Create traefik network
|
- name: Create traefik network
|
||||||
docker_network:
|
docker_network:
|
||||||
name: "traefik"
|
name: "traefik"
|
||||||
|
|
|
@ -18,6 +18,7 @@ services:
|
||||||
- {{ service_dir }}/traefik.toml:/etc/traefik/traefik.toml
|
- {{ service_dir }}/traefik.toml:/etc/traefik/traefik.toml
|
||||||
- {{ service_dir }}/services.toml:/etc/traefik/services.toml
|
- {{ service_dir }}/services.toml:/etc/traefik/services.toml
|
||||||
- {{ service_dir }}/acme.json:/acme.json
|
- {{ service_dir }}/acme.json:/acme.json
|
||||||
|
- {{ service_dir }}/basic_auth_users:/basic_auth_users
|
||||||
networks:
|
networks:
|
||||||
- traefik
|
- traefik
|
||||||
labels:
|
labels:
|
||||||
|
@ -34,5 +35,5 @@ services:
|
||||||
- traefik.http.routers.traefik.tls=true
|
- traefik.http.routers.traefik.tls=true
|
||||||
- traefik.http.routers.traefik.tls.certresolver=pizzapim
|
- traefik.http.routers.traefik.tls.certresolver=pizzapim
|
||||||
- traefik.http.routers.traefik.service=api@internal
|
- traefik.http.routers.traefik.service=api@internal
|
||||||
- traefik.http.routers.traefik.middlewares=whitelist-local
|
- traefik.http.routers.traefik.middlewares=basic-auth
|
||||||
- "traefik.http.middlewares.whitelist-local.ipwhitelist.sourcerange=127.0.0.1/32,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,::1,fc00::/7"
|
- traefik.http.middlewares.basic-auth.basicauth.usersfile=/basic_auth_users
|
||||||
|
|
Reference in a new issue