Compare commits

..

No commits in common. "68981f3f66d1977543c9f0d3b42c7d030fb495b1" and "46928480c2aa9ad075c96e919ddbd3e82bb9b265" have entirely different histories.

5 changed files with 19 additions and 9 deletions

View file

@ -33,10 +33,10 @@ All services below are running under Docker, except NSD and Borg.
## TODO ## TODO
- Forward to https not working correctly yet. I think it works now? Should check it.
- Expose treafik dashboard only on local network
- Clear view of what services + which versions we are running. This way, we can track security updates better. - Clear view of what services + which versions we are running. This way, we can track security updates better.
- Delegate pim.kunis.nl to my server - Mastodon links verifications
- Host tobb website?
- Move from Ubuntu to Debian
### NSD ### NSD

View file

@ -1,4 +0,0 @@
dependencies:
- role: common
- role: docker
- role: traefik

View file

@ -0,0 +1,9 @@
$ANSIBLE_VAULT;1.1;AES256
33333836626532396564616664353836636164386437323234333464336432663266663038313138
3563663134333236366433636134653965393932343362360a306236343538663836633761353262
65353961376230333530616465353735626232373132613635653162353634353865386638633365
3762636464663532360a633162646365653764666563383632393738343931656366343336653437
36656535346432313036323433396432303563663836303964643731326364306530636332346163
36353034366562386664376565316339616466323133303464326637366432623164666332313762
38663138613534363361376161376363666134336466303436643035356438303832333639373266
62313730633763633066

View file

@ -20,6 +20,10 @@
copy: copy:
src: "{{ role_path }}/files/services.toml" src: "{{ role_path }}/files/services.toml"
dest: "{{ service_dir }}/services.toml" dest: "{{ service_dir }}/services.toml"
- name: Copy basic_auth_users file
copy:
src: "{{ role_path }}/files/basic_auth_users"
dest: "{{ service_dir }}/basic_auth_users"
- name: Create traefik network - name: Create traefik network
docker_network: docker_network:
name: "traefik" name: "traefik"

View file

@ -18,6 +18,7 @@ services:
- {{ service_dir }}/traefik.toml:/etc/traefik/traefik.toml - {{ service_dir }}/traefik.toml:/etc/traefik/traefik.toml
- {{ service_dir }}/services.toml:/etc/traefik/services.toml - {{ service_dir }}/services.toml:/etc/traefik/services.toml
- {{ service_dir }}/acme.json:/acme.json - {{ service_dir }}/acme.json:/acme.json
- {{ service_dir }}/basic_auth_users:/basic_auth_users
networks: networks:
- traefik - traefik
labels: labels:
@ -34,5 +35,5 @@ services:
- traefik.http.routers.traefik.tls=true - traefik.http.routers.traefik.tls=true
- traefik.http.routers.traefik.tls.certresolver=pizzapim - traefik.http.routers.traefik.tls.certresolver=pizzapim
- traefik.http.routers.traefik.service=api@internal - traefik.http.routers.traefik.service=api@internal
- traefik.http.routers.traefik.middlewares=whitelist-local - traefik.http.routers.traefik.middlewares=basic-auth
- "traefik.http.middlewares.whitelist-local.ipwhitelist.sourcerange=127.0.0.1/32,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,::1,fc00::/7" - traefik.http.middlewares.basic-auth.basicauth.usersfile=/basic_auth_users