Waow

author: Elizabeth Hunt <me@liz.coffee> 2025-04-27 21:15:30 -0700
committer: Elizabeth Hunt <me@liz.coffee> 2025-04-27 21:25:52 -0700
commit: daef0cf448af17357b552245f39067a9d340ce3d (patch)
tree: f65a660f7232f057b0c14e477c166006bfb83f87 /playbooks/roles/traefik/templates/stacks/docker-compose.yml
parent: 1dcdfe34a74708f88aad68af965f4bb5c79adff1 (diff)
download: infra-daef0cf448af17357b552245f39067a9d340ce3d.tar.gz
infra-daef0cf448af17357b552245f39067a9d340ce3d.zip
1 files changed, 26 insertions, 9 deletions
diff --git a/playbooks/roles/traefik/templates/stacks/docker-compose.yml b/playbooks/roles/traefik/templates/stacks/docker-compose.yml
index 6b6aee3..7e9daef 100644
--- a/playbooks/roles/traefik/templates/stacks/docker-compose.yml
+++ b/playbooks/roles/traefik/templates/stacks/docker-compose.yml
@@ -4,11 +4,17 @@ services:
     hostname: headscale-traefik
     restart: unless-stopped
     environment:
+      - DEPLOYMENT_TIME={{ now() }}
+      - TZ={{ timezone }}
       - TS_AUTHKEY={{ headscale_user_auth_key }}
       - TS_EXTRA_ARGS=--login-server=https://{{ headscale_host }} --accept-dns --stateful-filtering=false --advertise-routes={{ loadbalancer_ip }}/32
       - TS_STATE_DIR=/var/lib/tailscale
       - TS_USERSPACE=false
-      - TZ={{ timezone }}
+    healthcheck:
+      test: ["CMD-SHELL", "tailscale status"]
+      interval: 1s
+      timeout: 5s
+      retries: 10
     volumes:
       - {{ traefik_base }}/volumes/headscale:/var/lib/tailscale
       - /dev/net/tun:/dev/net/tun
@@ -20,20 +26,27 @@ services:
     deploy:
       mode: replicated
       replicas: 1
-      placement:
-        constraints: [node.role == manager]
+      update_config:
+        parallelism: 1
+        order: stop-first # hostname conflicts
+        failure_action: rollback
+        monitor: 8s
   traefik:
     image: traefik:v3
     restart: unless-stopped
     depends_on:
       - headscale-client
     ports:
+      # http
       - 80:80
       - 443:443
-      - 53:53
-      - 53:53/udp
-      - 3636:3636
+    healthcheck:
+      test: traefik healthcheck --ping
+      interval: 10s
+      retries: 2
+      timeout: 3s
     environment:
+      - DEPLOYMENT_TIME={{ now() }}
       - TZ={{ timezone }}
       - CF_API_EMAIL={{ cloudflare_email }}
       - CF_DNS_API_TOKEN={{ cloudflare_dns_api_token }}
@@ -45,9 +58,13 @@ services:
       - proxy
       - headnet
     deploy:
-      mode: global
-      placement:
-        constraints: [node.role == manager]
+      mode: replicated
+      replicas: 2
+      update_config:
+        parallelism: 1
+        order: start-first
+        failure_action: rollback
+        monitor: 8s
       labels:
         - traefik.enable=true
         - traefik.http.routers.dashboard.rule=Host(`{{ traefik_domain }}`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))
author	Elizabeth Hunt <me@liz.coffee>	2025-04-27 21:15:30 -0700
committer	Elizabeth Hunt <me@liz.coffee>	2025-04-27 21:25:52 -0700
commit	daef0cf448af17357b552245f39067a9d340ce3d (patch)
tree	f65a660f7232f057b0c14e477c166006bfb83f87 /playbooks/roles/traefik/templates/stacks/docker-compose.yml
parent	1dcdfe34a74708f88aad68af965f4bb5c79adff1 (diff)
download	infra-daef0cf448af17357b552245f39067a9d340ce3d.tar.gz infra-daef0cf448af17357b552245f39067a9d340ce3d.zip