move traefik acme.json to NFS

This commit is contained in:
Pim Kunis 2023-06-19 11:24:48 +02:00
parent f41cbb0251
commit 038b1a3c55
3 changed files with 16 additions and 4 deletions

View file

@ -16,6 +16,8 @@ nfs_shares:
path: /mnt/data/pihole/dnsmasq
- name: hedgedoc_uploads
path: /mnt/data/hedgedoc/uploads
- name: traefik_acme
path: /mnt/data/traefik/acme
database_passwords:
nextcloud: !vault |

View file

@ -15,6 +15,6 @@
- {role: kms, tags: kms}
- {role: swarm_dashboard, tags: swarm_dashboard}
- {role: shephard, tags: shephard}
- {role: jitsi, tags: jitsi}
# - {role: jitsi, tags: jitsi}
- {role: pihole, tags: pihole}
- {role: nextcloud, tags: nextcloud}

View file

@ -10,6 +10,13 @@ configs:
external: true
name: "{{ services.config_name }}"
volumes:
acme:
driver_opts:
type: "nfs"
o: "addr=192.168.30.10,nolock,soft,rw"
device: ":/mnt/data/traefik/acme"
services:
traefik:
image: traefik:3.0
@ -66,9 +73,11 @@ services:
- type: bind
source: /var/run/docker.sock
target: /var/run/docker.sock
- type: bind
source: /mnt/data/traefik/acme.json
target: /acme.json
- type: volume
source: acme
target: /acme
volume:
nocopy: true
configs:
- source: services
target: /etc/traefik/services.yml
@ -96,6 +105,7 @@ services:
- --certificatesresolvers.letsencrypt.acme=true
- --certificatesresolvers.letsencrypt.acme.email=pim@kunis.nl
- --certificatesresolvers.letsencrypt.acme.storage=/acme/acme.json
- --certificatesresolvers.letsencrypt.acme.httpchallenge=true
- --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web