Digitalboard/digitalboard.core
5
2
Fork 0
Code Pull requests Releases Packages Activity Actions

chore: rename reverseproxy role to traffic

Browse source 
in case we get a nginx role oa in the future
This commit is contained in:
Bert-Jan Fikse 2025-11-07 15:03:56 +01:00
parent 24b4f291a3
commit 69bc95b992
Signed by: bert-jan
GPG key ID: C1E0AB516AC16D1A
12 changed files with 19 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

0
roles/reverseproxy/README.md → roles/traefik/README.md
View file

8
roles/reverseproxy/defaults/main.yml → roles/traefik/defaults/main.yml
View file

@ -1,20 +1,20 @@
#SPDX-License-Identifier: MIT-0 #SPDX-License-Identifier: MIT-0
--- ---
# defaults file for reverseproxy # defaults file for traefik
# Base directory configuration (inherited from base role or defined here) # Base directory configuration (inherited from base role or defined here)
docker_compose_base_dir: /etc/docker/compose docker_compose_base_dir: /etc/docker/compose
docker_volume_base_dir: /srv/data docker_volume_base_dir: /srv/data
# Service-specific configuration # Service-specific configuration
service_name: reverseproxy service_name: traefik
docker_compose_dir: "{{ docker_compose_base_dir }}/{{ service_name }}" docker_compose_dir: "{{ docker_compose_base_dir }}/{{ service_name }}"
docker_volume_dir: "{{ docker_volume_base_dir }}/{{ service_name }}" docker_volume_dir: "{{ docker_volume_base_dir }}/{{ service_name }}"
# Deployment mode: 'dmz' or 'backend' # Deployment mode: 'dmz' or 'backend'
# - dmz: Public-facing reverse proxy that routes to backend servers using file provider # - dmz: Public-facing reverse proxy that routes to backend servers using file provider
# - backend: Application server with docker provider for local container discovery # - backend: Application server with docker provider for local container discovery
reverseproxy_mode: "backend" traefik_mode: "backend"
# SSL configuration # SSL configuration
use_ssl: true use_ssl: true
@ -52,7 +52,7 @@ traefik_network: "proxy"
# Services to expose (defined by application roles via host_vars or group_vars) # Services to expose (defined by application roles via host_vars or group_vars)
# Each backend server should define this variable with their services # Each backend server should define this variable with their services
# reverseproxy_services: # traefik_services:
# - name: httpbin # - name: httpbin
# domain: httpbin.example.com # domain: httpbin.example.com
# port: 8080 # port: 8080

2
roles/reverseproxy/handlers/main.yml → roles/traefik/handlers/main.yml
View file

@ -1,6 +1,6 @@
#SPDX-License-Identifier: MIT-0 #SPDX-License-Identifier: MIT-0
--- ---
# handlers file for reverseproxy # handlers file for traefik
- name: restart traefik - name: restart traefik
community.docker.docker_compose_v2: community.docker.docker_compose_v2:

0
roles/reverseproxy/meta/main.yml → roles/traefik/meta/main.yml
View file

14
roles/reverseproxy/tasks/main.yml → roles/traefik/tasks/main.yml
View file

@ -1,23 +1,23 @@
#SPDX-License-Identifier: MIT-0 #SPDX-License-Identifier: MIT-0
--- ---
# tasks file for reverseproxy # tasks file for traefik
- name: Determine which backend servers to proxy (DMZ mode) - name: Determine which backend servers to proxy (DMZ mode)
set_fact: set_fact:
_backend_servers: "{{ backend_servers_to_proxy if backend_servers_to_proxy | length > 0 else groups['backend_servers'] | default([]) }}" _backend_servers: "{{ backend_servers_to_proxy if backend_servers_to_proxy | length > 0 else groups['backend_servers'] | default([]) }}"
when: reverseproxy_mode == 'dmz' when: traefik_mode == 'dmz'
- name: Build service registry from backend servers (DMZ mode) - name: Build service registry from backend servers (DMZ mode)
set_fact: set_fact:
proxied_services: "{{ proxied_services | default([]) + hostvars[item].reverseproxy_services | default([]) | map('combine', {'backend_host': hostvars[item].ansible_host | default(item)}) | list }}" proxied_services: "{{ proxied_services | default([]) + hostvars[item].traefik_services | default([]) | map('combine', {'backend_host': hostvars[item].ansible_host | default(item)}) | list }}"
loop: "{{ _backend_servers | default([]) }}" loop: "{{ _backend_servers | default([]) }}"
when: reverseproxy_mode == 'dmz' when: traefik_mode == 'dmz'
- name: Debug service registry - name: Debug service registry
debug: debug:
var: proxied_services var: proxied_services
when: when:
- reverseproxy_mode == 'dmz' - traefik_mode == 'dmz'
- proxied_services is defined - proxied_services is defined
- name: Create docker compose directory - name: Create docker compose directory
@ -37,7 +37,7 @@
path: "{{ docker_volume_dir }}/config" path: "{{ docker_volume_dir }}/config"
state: directory state: directory
mode: '0755' mode: '0755'
when: reverseproxy_mode == 'dmz' when: traefik_mode == 'dmz'
- name: Create letsencrypt directory - name: Create letsencrypt directory
file: file:
@ -64,7 +64,7 @@
dest: "{{ docker_volume_dir }}/config/services.yml" dest: "{{ docker_volume_dir }}/config/services.yml"
mode: '0644' mode: '0644'
notify: restart traefik notify: restart traefik
when: reverseproxy_mode == 'dmz' when: traefik_mode == 'dmz'
- name: Create docker-compose file for traefik - name: Create docker-compose file for traefik
template: template:

6
roles/reverseproxy/templates/docker-compose.yml.j2 → roles/traefik/templates/docker-compose.yml.j2
View file

@ -1,7 +1,7 @@
services: services:
traefik: traefik:
image: traefik:latest image: traefik:latest
container_name: reverseproxy container_name: traefik
restart: always restart: always
{% if cert_mode == 'acme' %} {% if cert_mode == 'acme' %}
environment: environment:
@ -24,10 +24,10 @@ services:
{% if cert_mode == 'acme' %} {% if cert_mode == 'acme' %}
- {{ docker_volume_dir }}/letsencrypt:/letsencrypt - {{ docker_volume_dir }}/letsencrypt:/letsencrypt
{% endif %} {% endif %}
{% if reverseproxy_mode == 'dmz' %} {% if traefik_mode == 'dmz' %}
- {{ docker_volume_dir }}/config:/config:ro - {{ docker_volume_dir }}/config:/config:ro
{% endif %} {% endif %}
{% if reverseproxy_mode == 'backend' %} {% if traefik_mode == 'backend' %}
- /var/run/docker.sock:/var/run/docker.sock:ro - /var/run/docker.sock:/var/run/docker.sock:ro
{% endif %} {% endif %}
networks: networks:

0
roles/reverseproxy/templates/middlewares.yml.j2 → roles/traefik/templates/middlewares.yml.j2
View file

0
roles/reverseproxy/templates/services.yml.j2 → roles/traefik/templates/services.yml.j2
View file

4
roles/reverseproxy/templates/traefik.yml.j2 → roles/traefik/templates/traefik.yml.j2
View file

@ -26,12 +26,12 @@ entryPoints:
address: ":443" address: ":443"
providers: providers:
{% if reverseproxy_mode == 'dmz' %} {% if traefik_mode == 'dmz' %}
file: file:
directory: /config directory: /config
watch: true watch: true
{% endif %} {% endif %}
{% if reverseproxy_mode == 'backend' %} {% if traefik_mode == 'backend' %}
docker: docker:
endpoint: "unix:///var/run/docker.sock" endpoint: "unix:///var/run/docker.sock"
network: {{ traefik_network }} network: {{ traefik_network }}

0
roles/reverseproxy/tests/inventory → roles/traefik/tests/inventory
View file

2
roles/reverseproxy/tests/test.yml → roles/traefik/tests/test.yml
View file

@ -3,4 +3,4 @@
- hosts: localhost - hosts: localhost
remote_user: root remote_user: root
roles: roles:
- reverseproxy - traefik

2
roles/reverseproxy/vars/main.yml → roles/traefik/vars/main.yml
View file

@ -1,3 +1,3 @@
#SPDX-License-Identifier: MIT-0 #SPDX-License-Identifier: MIT-0
--- ---
# vars file for reverseproxy # vars file for traefik