From 4678724dcf594315fb438474537125c15b4f61f0 Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Tue, 2 May 2023 12:22:16 +0200
Subject: [PATCH] add simple traefik stack

---
 ansible/inventory/host_vars/manager.yml   |  3 +-
 ansible/playbooks/stacks.yml              |  5 ++++
 ansible/roles/traefik/docker-stack.yml.j2 | 36 +++++++++++++++++++++++
 ansible/roles/traefik/tasks/main.yml      | 20 +++++++++++++
 4 files changed, 63 insertions(+), 1 deletion(-)
 create mode 100644 ansible/playbooks/stacks.yml
 create mode 100644 ansible/roles/traefik/docker-stack.yml.j2
 create mode 100644 ansible/roles/traefik/tasks/main.yml

diff --git a/ansible/inventory/host_vars/manager.yml b/ansible/inventory/host_vars/manager.yml
index 75dcdf9..a1186b2 100644
--- a/ansible/inventory/host_vars/manager.yml
+++ b/ansible/inventory/host_vars/manager.yml
@@ -1,6 +1,7 @@
 docker_node_labels:
   - hostname: maestro
-    labels: {}
+    labels:
+      traefik: "true"
   - hostname: worker1
     labels: {}
 
diff --git a/ansible/playbooks/stacks.yml b/ansible/playbooks/stacks.yml
new file mode 100644
index 0000000..e5642cf
--- /dev/null
+++ b/ansible/playbooks/stacks.yml
@@ -0,0 +1,5 @@
+---
+- name: Start Docker stacks
+  hosts: manager
+  roles:
+    - {role: traefik, tags: traefik}
diff --git a/ansible/roles/traefik/docker-stack.yml.j2 b/ansible/roles/traefik/docker-stack.yml.j2
new file mode 100644
index 0000000..6bdc7cd
--- /dev/null
+++ b/ansible/roles/traefik/docker-stack.yml.j2
@@ -0,0 +1,36 @@
+# vi: ft=yaml
+version: "3.7"
+
+networks:
+  traefik:
+    external: true
+
+services:
+  traefik:
+    image: traefik:3.0
+    networks:
+      - traefik
+    ports:
+      - 80:80
+      - 8080:8080
+    deploy:
+      placement:
+        constraints: [node.labels.traefik == true]
+      labels:
+        - traefik.enable=true
+        - traefik.http.routers.dashboard.rule=Host(`maestro.dmz`)
+        - traefik.http.routers.dashboard.service=api@internal
+        - traefik.http.services.dummy-svc.loadbalancer.server.port=8080
+    volumes:
+      - type: bind
+        source: /var/run/docker.sock
+        target: /var/run/docker.sock
+    command:
+      - --providers.docker
+      - --providers.docker.swarmmode
+      - --providers.docker.watch
+      - --api
+      - --api.insecure=true
+      - --api.dashboard=true
+      - --entrypoints.web.address=:80
+      - --providers.docker.exposedbydefault=false
diff --git a/ansible/roles/traefik/tasks/main.yml b/ansible/roles/traefik/tasks/main.yml
new file mode 100644
index 0000000..0dd74b0
--- /dev/null
+++ b/ansible/roles/traefik/tasks/main.yml
@@ -0,0 +1,20 @@
+- name: Create Traefik network
+  docker_network:
+    name: traefik
+    driver: overlay
+
+- name: Create working directory
+  file:
+    path: /srv/traefik
+    state: directory
+
+- name: Copy Docker stack file
+  template:
+    src: "{{ role_path }}/docker-stack.yml.j2"
+    dest: /srv/traefik/docker-stack.yml
+
+- name: Deploy Docker stack
+  docker_stack:
+    name: traefik
+    compose:
+      - /srv/traefik/docker-stack.yml