traefik #1: it works

covid-taskforce-cplp · Apr 5, 2020 · 901a1e0 · 901a1e0
1 parent aa298d9
commit 901a1e0
Show file tree

Hide file tree

Showing 8 changed files with 60 additions and 14 deletions.
diff --git a/ansible/inventories/etica.dev/hosts.yml b/ansible/inventories/etica.dev/hosts.yml
@@ -22,3 +22,7 @@ all:
 
     # traefik_version: "2.2.0"
     # traefik_arch: "linux_amd64"
+    ## To force reinstall / update the traefik, please set this to yes
+    # traefik_force_reinstall: yes
+    # traefik_force_reinstall: yes
+    traefik_debug_devel: yes
diff --git a/ansible/playbooks/roles/traefik/defaults/main.yml b/ansible/playbooks/roles/traefik/defaults/main.yml
@@ -6,7 +6,11 @@
 traefik_version: "2.2.0"
 traefik_arch: "linux_amd64"
 traefik_install_base: "/usr/local/bin/"
-traefik_force_reinstall: yes
+
+# To force reinstall / update the traefik, please set this to yes
+traefik_force_reinstall: no
+
+traefik_debug_devel: no
 
 # traefik_download_url: "https://github.com/containous/traefik/releases/download/v2.2.0/traefik_v2.2.0_linux_amd64.tar.gz"
 traefik_download_url: "https://github.com/containous/traefik/releases/download/v{{ traefik_version }}/traefik_v{{ traefik_version }}_{{ traefik_arch }}.tar.gz"
diff --git a/ansible/playbooks/roles/traefik/handlers/main.yml b/ansible/playbooks/roles/traefik/handlers/main.yml
@@ -1,8 +1,14 @@
 ---
 # handlers file for traefik
 
-- name: "restart service"
+- name: "restart traefik"
   systemd:
     name: "traefik.service"
     state: restarted
     daemon_reload: yes
+
+# Dont support reload? We will use "reload traefik" as an alias to restart (but not daemon restart)
+- name: "reload traefik"
+  systemd:
+    name: "traefik.service"
+    state: restarted
diff --git a/ansible/playbooks/roles/traefik/tasks/configure.yml b/ansible/playbooks/roles/traefik/tasks/configure.yml
@@ -4,10 +4,14 @@
 
 # TODO: implement traefik.toml template (fititnt, 2020-04-05 11:08 BRT)
 
-# - name: "Create systemd service"
-#   template:
-#     src: "traefik.toml.j2"
-#     dest: "/etc/systemd/system/traefik.service"
-#     mode: 0664
-#   notify:
-#     - restart service
+- name: "Deploy traefik.toml"
+  template:
+    src: "traefik.toml.j2"
+    dest: "/etc/traefik/traefik.toml"
+    mode: 0664
+    block_start_string: "[[[%"
+    block_end_string: "%]]]"
+    variable_start_string: "[[["
+    variable_end_string: "]]]"
+  notify:
+    - reload traefik
diff --git a/ansible/playbooks/roles/traefik/tasks/install.yml b/ansible/playbooks/roles/traefik/tasks/install.yml
@@ -8,6 +8,13 @@
     suffix: traefik_temp_dir
   register: traefik_temp_dir
 
+- name: "Create /etc/traefik/ it does not exist"
+  file:
+    path: "/etc/traefik/"
+    state: directory
+    mode: '0755'
+  become: yes
+
 - name: "Download {{ traefik_download_url }}"
   unarchive:
     src: "{{ traefik_download_url }}"
@@ -27,4 +34,4 @@
     dest: "/etc/systemd/system/traefik.service"
     mode: 0664
   notify:
-    - restart service
+    - "restart traefik"
diff --git a/ansible/playbooks/roles/traefik/tasks/main.yml b/ansible/playbooks/roles/traefik/tasks/main.yml
@@ -14,7 +14,7 @@
 #   register: out
 # - debug: var=out.stdout_lines
 
-- name: "Check if {{ traefik_install_base }}/traefik exists"
+- name: "Check if {{ traefik_install_base }}traefik exists"
   stat:
     path: "{{ traefik_install_base }}traefik"
   register: stat_result
@@ -26,5 +26,7 @@
   when:
     - "(not stat_result.stat.exists) or (traefik_force_reinstall|bool)"
 
-# - name: "configure.yml"
-#   include: configure.yml
+- name: "configure.yml"
+  include: configure.yml
+
+# TODO: create dedicated user traefik (fititnt, 2020-04-05 11:28 BRT)
diff --git a/ansible/playbooks/roles/traefik/templates/traefik.service.j2 b/ansible/playbooks/roles/traefik/templates/traefik.service.j2
@@ -17,7 +17,7 @@ Documentation=https://docs.traefik.io
 
 # configure service behavior
 Type=notify
-ExecStart=/usr/bin/traefik --configFile=/etc/traefik/traefik.toml
+ExecStart=/usr/local/bin/traefik --configFile=/etc/traefik/traefik.toml
 Restart=always
 WatchdogSec=1s
 

diff --git a/ansible/playbooks/roles/traefik/templates/traefik.toml.j2 b/ansible/playbooks/roles/traefik/templates/traefik.toml.j2
@@ -1,3 +1,5 @@
+# {{ ansible_managed }}
+#jinja2:variable_start_string:'[%' , variable_end_string:'%]'
 ################################################################
 #
 # Configuration sample for Traefik v2.
@@ -101,13 +103,15 @@
   # Default: true
   #
   # insecure = false
+  # insecure = true
 
   # Enabled Dashboard
   #
   # Optional
   # Default: true
   #
   # dashboard = false
+  dashboard = true
 
 ################################################################
 # Ping configuration
@@ -150,3 +154,18 @@
   # Default: true
   #
   # exposedByDefault = false
+
+
+[[[% if (traefik_debug_devel|bool) %]]]
+# Dynamic Configuration
+[http.routers.my-api]
+  rule = "Host(`traefik.hxl.etica.dev`)"
+  service = "api@internal"
+  middlewares = ["auth"]
+
+[http.middlewares.auth.basicAuth]
+  users = [
+    "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",
+    "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
+  ]
+[[[% endif %]]]