Add Monitoring host

2023-03-30 21:51:23 +02:00
parent 936bbf7ecd
commit f2cd3c991b
9 changed files with 226 additions and 17 deletions
--- a/coreos-config/roles/compose_project/tasks/main.yml
+++ b/coreos-config/roles/compose_project/tasks/main.yml
@ -2,11 +2,11 @@

 - name: Set service_dir
  ansible.builtin.set_fact:
-    service_dir: "{{ compose_dir | mandatory }}/{{ service | mandatory }}"
+    service_dir: "{{ compose_dir | mandatory }}/{{ service | mandatory }}{% if service_name is defined %}-{{ service_name }}{% endif %}"
    cacheable: true

 - ansible.builtin.debug:
-    msg: "Working on {{ service }}"
+    msg: "Working on {{ service }}{% if service_name is defined %}-{{ service_name }}{% endif %}"
    verbosity: 0

 - include_tasks: create.yml
--- a/coreos-config/roles/compose_project/templates/kuma/.env
+++ b/coreos-config/roles/compose_project/templates/kuma/.env
@ -0,0 +1 @@
+COMPOSE_PROJECT_NAME=kuma-{{ service_name|default("kuma") }}
--- a/coreos-config/roles/compose_project/templates/kuma/docker-compose.yaml
+++ b/coreos-config/roles/compose_project/templates/kuma/docker-compose.yaml
@ -0,0 +1,28 @@
+{% set _name = service_name|default("kuma") %}
+{% set _url = url|default(kuma.url)|mandatory %}
+---
+services:
+  kuma:
+    image: louislam/uptime-kuma:latest
+    restart: unless-stopped
+    volumes:
+      - data:/app/data
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.kuma-{{ _name }}.rule=Host(`{{ _url | mandatory }}`)"
+      - "traefik.http.routers.kuma-{{ _name }}.entryPoints=websecure"
+      - "traefik.http.services.kuma-{{ _name }}.loadbalancer.server.port=3001"
+    networks:
+      - default
+      - gateway
+      - pantalaimon
+
+volumes:
+  data:
+
+networks:
+  gateway:
+    external: true
+  pantalaimon:
+    external: true
+...
--- a/coreos-config/roles/compose_project/templates/traefik/docker-compose.yaml
+++ b/coreos-config/roles/compose_project/templates/traefik/docker-compose.yaml
@ -1,3 +1,4 @@
+{% set deploy_traefik_fa = with_fa|default(false) %}
 ---
 version: '3.9'
 services:
@ -17,9 +18,8 @@ services:
    networks:
      - gateway
      - default
-    environment:
-      CLOUDFLARE_DNS_API_TOKEN: "{{ traefik.CLOUDFLARE_DNS_API_TOKEN }}"

+{% if deploy_traefik_fa %}
  traefik-fa:
    image: thomseddon/traefik-forward-auth:latest
    restart: always
@ -38,16 +38,7 @@ services:
      - "traefik.http.services.traefik-fa.loadbalancer.server.port=4181"
      - "traefik.http.routers.traefik-fa.middlewares=sso@file"

-  # whoami:
-  #   image: containous/whoami
-  #   networks:
-  #     - gateway
-  #   labels:
-  #     - "traefik.enable=true"
-  #     - "traefik.http.services.whoami.loadbalancer.server.port=80"
-  #     - "traefik.http.routers.whoami.rule=Host(`test.tobiasmanske.de`)"
-  #     - "traefik.http.routers.whoami.entryPoints=websecure"
-  #     - "traefik.http.routers.whoami.middlewares=sso@file"
+{% endif %}

 volumes:
  acme:
--- a/coreos-config/roles/compose_project/templates/traefik/traefik-fa.ini
+++ b/coreos-config/roles/compose_project/templates/traefik/traefik-fa.ini
@ -1,3 +1,4 @@
+{% if with_fa|default(false) %}
 default-provider = oidc

 # Cookie signing nonce, replace this with something random
@ -18,3 +19,4 @@ auth-host = traefik-fa.tobiasmanske.de
 whitelist = {{ user }}
 {% endfor %}

+{% endif %}
--- a/coreos-config/roles/compose_project/templates/traefik/traefik.yaml
+++ b/coreos-config/roles/compose_project/templates/traefik/traefik.yaml
@ -27,5 +27,4 @@ certificatesResolvers:
      email: webmaster@tobiasmanske.de
      storage: /acme/acme.json
      # caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
-      dnsChallenge:
-        provider: cloudflare
+      tlsChallenge: true
				`@ -0,0 +1 @@`
				`COMPOSE_PROJECT_NAME=kuma-{{ service_name\|default("kuma") }}`