diff options
Diffstat (limited to 'playbooks/roles/traefik/templates/stacks')
| -rw-r--r-- | playbooks/roles/traefik/templates/stacks/docker-compose.yml | 35 | ||||
| -rw-r--r-- | playbooks/roles/traefik/templates/stacks/traefik.yml | 20 |
2 files changed, 28 insertions, 27 deletions
diff --git a/playbooks/roles/traefik/templates/stacks/docker-compose.yml b/playbooks/roles/traefik/templates/stacks/docker-compose.yml index 6b6aee3..7e9daef 100644 --- a/playbooks/roles/traefik/templates/stacks/docker-compose.yml +++ b/playbooks/roles/traefik/templates/stacks/docker-compose.yml @@ -4,11 +4,17 @@ services: hostname: headscale-traefik restart: unless-stopped environment: + - DEPLOYMENT_TIME={{ now() }} + - TZ={{ timezone }} - TS_AUTHKEY={{ headscale_user_auth_key }} - TS_EXTRA_ARGS=--login-server=https://{{ headscale_host }} --accept-dns --stateful-filtering=false --advertise-routes={{ loadbalancer_ip }}/32 - TS_STATE_DIR=/var/lib/tailscale - TS_USERSPACE=false - - TZ={{ timezone }} + healthcheck: + test: ["CMD-SHELL", "tailscale status"] + interval: 1s + timeout: 5s + retries: 10 volumes: - {{ traefik_base }}/volumes/headscale:/var/lib/tailscale - /dev/net/tun:/dev/net/tun @@ -20,20 +26,27 @@ services: deploy: mode: replicated replicas: 1 - placement: - constraints: [node.role == manager] + update_config: + parallelism: 1 + order: stop-first # hostname conflicts + failure_action: rollback + monitor: 8s traefik: image: traefik:v3 restart: unless-stopped depends_on: - headscale-client ports: + # http - 80:80 - 443:443 - - 53:53 - - 53:53/udp - - 3636:3636 + healthcheck: + test: traefik healthcheck --ping + interval: 10s + retries: 2 + timeout: 3s environment: + - DEPLOYMENT_TIME={{ now() }} - TZ={{ timezone }} - CF_API_EMAIL={{ cloudflare_email }} - CF_DNS_API_TOKEN={{ cloudflare_dns_api_token }} @@ -45,9 +58,13 @@ services: - proxy - headnet deploy: - mode: global - placement: - constraints: [node.role == manager] + mode: replicated + replicas: 2 + update_config: + parallelism: 1 + order: start-first + failure_action: rollback + monitor: 8s labels: - traefik.enable=true - traefik.http.routers.dashboard.rule=Host(`{{ traefik_domain }}`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`)) diff --git a/playbooks/roles/traefik/templates/stacks/traefik.yml b/playbooks/roles/traefik/templates/stacks/traefik.yml index 976ad7a..ceeb0cb 100644 --- a/playbooks/roles/traefik/templates/stacks/traefik.yml +++ b/playbooks/roles/traefik/templates/stacks/traefik.yml @@ -1,11 +1,11 @@ ping: {} accessLog: {} log: - level: DEBUG + level: INFO api: dashboard: true insecure: true - debug: false + debug: true entryPoints: web: address: ":80" @@ -16,22 +16,6 @@ entryPoints: scheme: https websecure: address: ":443" - dns_udp: - address: ":53/udp" - dns_tcp: - address: ":53/tcp" - ldaps: - address: ":3636/tcp" - sieve: - address: ":4190/tcp" - imap: - address: ":993/tcp" - smtps: - address: ":465/tcp" - smtp: - address: ":25/tcp" - smtptls: - address: ":587/tcp" serversTransport: insecureSkipVerify: true providers: |