feat(edge_vps): add traefik dynamic config template
This commit is contained in:
Tuan-Dat Tran
@@ -6,10 +6,9 @@
|
|||||||
mode: "0644"
|
mode: "0644"
|
||||||
notify: restart traefik
|
notify: restart traefik
|
||||||
|
|
||||||
- name: Deploy Cloudflare credentials for ACME
|
- name: Deploy Traefik dynamic config
|
||||||
ansible.builtin.copy:
|
ansible.builtin.template:
|
||||||
content: |
|
src: traefik/dynamic_config.yml.j2
|
||||||
CF_DNS_API_TOKEN={{ vault_edge_vps.traefik.cloudflare_api_token }}
|
dest: "{{ edge_vps_traefik_config_dir }}/dynamic_config.yml"
|
||||||
dest: "{{ edge_vps_traefik_config_dir }}/cloudflare.env"
|
mode: "0644"
|
||||||
mode: "0600"
|
notify: restart traefik
|
||||||
no_log: true
|
|
||||||
|
|||||||
67
roles/edge_vps/templates/traefik/dynamic_config.yml.j2
Normal file
67
roles/edge_vps/templates/traefik/dynamic_config.yml.j2
Normal file
@@ -0,0 +1,67 @@
|
|||||||
|
http:
|
||||||
|
middlewares:
|
||||||
|
redirect-to-https:
|
||||||
|
redirectScheme:
|
||||||
|
scheme: https
|
||||||
|
|
||||||
|
routers:
|
||||||
|
main-app-router-redirect:
|
||||||
|
rule: "Host(`{{ edge_vps_pangolin_dashboard_url | regex_replace('^https?://', '') }}`)"
|
||||||
|
service: next-service
|
||||||
|
entryPoints:
|
||||||
|
- web
|
||||||
|
middlewares:
|
||||||
|
- redirect-to-https
|
||||||
|
|
||||||
|
next-router:
|
||||||
|
rule: "Host(`{{ edge_vps_pangolin_dashboard_url | regex_replace('^https?://', '') }}`) && !PathPrefix(`/api/v1`)"
|
||||||
|
service: next-service
|
||||||
|
entryPoints:
|
||||||
|
- websecure
|
||||||
|
tls:
|
||||||
|
certResolver: letsencrypt
|
||||||
|
domains:
|
||||||
|
- main: "{{ edge_vps_pangolin_base_domain }}"
|
||||||
|
sans:
|
||||||
|
- "*.{{ edge_vps_pangolin_base_domain }}"
|
||||||
|
{% for domain in edge_vps_traefik_extra_tls_domains | default([]) %}
|
||||||
|
- main: "{{ domain }}"
|
||||||
|
sans:
|
||||||
|
- "*.{{ domain }}"
|
||||||
|
{% endfor %}
|
||||||
|
|
||||||
|
api-router:
|
||||||
|
rule: "Host(`{{ edge_vps_pangolin_dashboard_url | regex_replace('^https?://', '') }}`) && PathPrefix(`/api/v1`)"
|
||||||
|
service: api-service
|
||||||
|
entryPoints:
|
||||||
|
- websecure
|
||||||
|
tls:
|
||||||
|
certResolver: letsencrypt
|
||||||
|
|
||||||
|
ws-router:
|
||||||
|
rule: "Host(`{{ edge_vps_pangolin_dashboard_url | regex_replace('^https?://', '') }}`)"
|
||||||
|
service: api-service
|
||||||
|
entryPoints:
|
||||||
|
- websecure
|
||||||
|
tls:
|
||||||
|
certResolver: letsencrypt
|
||||||
|
|
||||||
|
services:
|
||||||
|
next-service:
|
||||||
|
loadBalancer:
|
||||||
|
servers:
|
||||||
|
- url: "http://pangolin:3002"
|
||||||
|
|
||||||
|
api-service:
|
||||||
|
loadBalancer:
|
||||||
|
servers:
|
||||||
|
- url: "http://pangolin:3000"
|
||||||
|
|
||||||
|
tcp:
|
||||||
|
serversTransports:
|
||||||
|
pp-transport-v1:
|
||||||
|
proxyProtocol:
|
||||||
|
version: 1
|
||||||
|
pp-transport-v2:
|
||||||
|
proxyProtocol:
|
||||||
|
version: 2
|
||||||
Reference in New Issue
Block a user