From 2051052ad6d504e9ae59cc2ed66afb2531da2eab Mon Sep 17 00:00:00 2001
From: olli <olli@gabosh.net>
Date: Sun, 10 Jul 2022 10:51:05 +0200
Subject: [PATCH] first commit

---
 README.md     |  0
 portainer.yml | 58 +++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 58 insertions(+)
 create mode 100644 README.md
 create mode 100644 portainer.yml

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..e69de29
diff --git a/portainer.yml b/portainer.yml
new file mode 100644
index 0000000..030b1f3
--- /dev/null
+++ b/portainer.yml
@@ -0,0 +1,58 @@
+---
+- name: portainer
+  hosts: tor-nas.dedyn.io ds9.dedyn.io
+  tasks:
+
+    - name: Create portainer dir
+      ansible.builtin.file:
+        path: /home/docker/portainer
+        owner: root
+        group: docker
+        state: directory
+        mode: '0770'
+
+    - name: /home/docker/portainer/docker-compose.yml Portainer Container Configuration
+      blockinfile:
+        path: /home/docker/portainer/docker-compose.yml
+        create: yes
+        mode: 0440
+        owner: root
+        group: docker
+        marker: "# {mark} ANSIBLE MANAGED BLOCK"
+        block: |
+          version: "3.3"
+          services:
+            portainer:
+              image: portainer/portainer-ce:latest
+              # htpasswd -nb -B admin "PASSWORD" | cut -d ":" -f 2 | sed -e s/\\$/\\$\\$/g
+              command: --admin-password $$2y$$05$$zpNgDI6UufemwrBAg022QezGKJKFGziKudMjVdcHvQMFkiL1jmJCm
+              restart: unless-stopped
+              networks:
+                - traefik
+              volumes:
+                - /var/run/docker.sock:/var/run/docker.sock
+                - ./data:/data
+              labels:
+                - traefik.enable=true
+                - traefik.http.routers.portainer.rule=Host(`portainer.{{inventory_hostname}}`)
+                - traefik.http.routers.portainer.entrypoints=https
+                - traefik.http.routers.portainer.middlewares=secHeaders@file
+                - traefik.http.services.portainer.loadbalancer.server.port=9000
+                - traefik.http.routers.portainer.service=portainer
+                - traefik.http.routers.portainer.tls=true
+                - traefik.http.routers.portainer.tls.certresolver=letsencrypt
+                - traefik.http.middlewares.to-https.redirectscheme.scheme=https
+                #- traefik.http.middlewares.auth.basicauth.users=admin:$$apr1$$M3diLTQ/$$HCIbrgRtFpUWqoQ9wJtXi1
+          networks:
+            traefik:
+              external: true
+        backup: yes
+      notify: Restart portainer
+
+
+  handlers:
+
+    - name: Restart portainer
+      ansible.builtin.shell: docker-compose up -d
+      args:
+        chdir: /home/docker/portainer