From fb7e6890d8516618fa3baec0edf84048e2b6601d Mon Sep 17 00:00:00 2001
From: Elizabeth Hunt <me@liz.coffee>
Date: Sat, 15 Mar 2025 00:50:34 -0700
Subject: a docker swarm

---
 playbooks/roles/nginx-proxy/handlers/main.yml      |  7 ++++
 playbooks/roles/nginx-proxy/tasks/main.yml         | 17 ++++++++++
 .../roles/nginx-proxy/templates/docker-compose.yml | 38 ++++++++++++++++++++++
 3 files changed, 62 insertions(+)
 create mode 100644 playbooks/roles/nginx-proxy/handlers/main.yml
 create mode 100644 playbooks/roles/nginx-proxy/tasks/main.yml
 create mode 100644 playbooks/roles/nginx-proxy/templates/docker-compose.yml

(limited to 'playbooks/roles/nginx-proxy')

diff --git a/playbooks/roles/nginx-proxy/handlers/main.yml b/playbooks/roles/nginx-proxy/handlers/main.yml
new file mode 100644
index 0000000..43302b5
--- /dev/null
+++ b/playbooks/roles/nginx-proxy/handlers/main.yml
@@ -0,0 +1,7 @@
+---
+
+- name: (Re)start nginx-proxy
+  ansible.builtin.service:
+    name: docker-compose@nginx-proxy
+    state: restarted
+    enabled: true
diff --git a/playbooks/roles/nginx-proxy/tasks/main.yml b/playbooks/roles/nginx-proxy/tasks/main.yml
new file mode 100644
index 0000000..9c14072
--- /dev/null
+++ b/playbooks/roles/nginx-proxy/tasks/main.yml
@@ -0,0 +1,17 @@
+---
+
+- name: Build nginx-proxy compose dirs
+  ansible.builtin.file:
+    state: directory
+    dest: '/etc/docker/compose/nginx-proxy/{{ item.path }}'
+  with_filetree: '../templates'
+  when: item.state == 'directory'
+
+- name: Build nginx-proxy compose files
+  ansible.builtin.template:
+    src: '{{ item.src }}'
+    dest: '/etc/docker/compose/nginx-proxy/{{ item.path }}'
+  with_filetree: '../templates'
+  when: item.state == 'file'
+  notify:
+    - (Re)start nginx-proxy
diff --git a/playbooks/roles/nginx-proxy/templates/docker-compose.yml b/playbooks/roles/nginx-proxy/templates/docker-compose.yml
new file mode 100644
index 0000000..fd49712
--- /dev/null
+++ b/playbooks/roles/nginx-proxy/templates/docker-compose.yml
@@ -0,0 +1,38 @@
+---
+
+services:
+  nginx-proxy:
+    image: nginxproxy/nginx-proxy
+    container_name: nginx-proxy
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - /var/run/docker.sock:/tmp/docker.sock:ro
+      - ./certs:/etc/nginx/certs
+    networks:
+      - proxy
+    labels:
+      - com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy
+
+  nginx-acme-companion:
+    image: nginxproxy/acme-companion
+    depends_on:
+      - nginx-proxy
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - acme:/etc/acme.sh
+      - ./certs:/etc/nginx/certs
+    environment:
+      - "DEFAULT_EMAIL={{ certs_email }}"
+      - "ACME_CHALLENGE=DNS-01"
+      - "ACMESH_DNS_API_CONFIG={'DNS_API': 'dns_cf', 'CF_Key': '{{ cloudflare_token }}', 'CF_Email': '{{ cloudflare_email }}'}"
+    networks:
+      - proxy
+
+volumes:
+  acme:
+
+networks:
+  proxy:
+    name: proxy
-- 
cgit v1.2.3-70-g09d2