--- - name: portainer hosts: all tasks: - name: Create portainer dir ansible.builtin.file: path: /home/docker/portainer owner: root group: docker state: directory mode: '0770' - name: /home/docker/portainer/docker-compose.yml Portainer Container Configuration blockinfile: path: /home/docker/portainer/docker-compose.yml create: yes mode: 0440 owner: root group: docker marker: "# {mark} ANSIBLE MANAGED BLOCK" block: | services: portainer: image: portainer/portainer-ce:latest # htpasswd -nb -B admin "PASSWORD" | cut -d ":" -f 2 | sed -e s/\\$/\\$\\$/g command: --admin-password $$2y$$05$$zpNgDI6UufemwrBAg022QezGKJKFGziKudMjVdcHvQMFkiL1jmJCm restart: unless-stopped networks: - traefik volumes: - /var/run/docker.sock:/var/run/docker.sock - ./data:/data labels: - traefik.enable=true - traefik.http.routers.portainer.rule=Host(`portainer.{{inventory_hostname}}`) - traefik.http.routers.portainer.entrypoints=https - traefik.http.routers.portainer.middlewares=secHeaders@file - traefik.http.services.portainer.loadbalancer.server.port=9000 - traefik.http.routers.portainer.service=portainer - traefik.http.routers.portainer.tls=true - traefik.http.routers.portainer.tls.certresolver=letsencrypt - traefik.http.middlewares.to-https.redirectscheme.scheme=https #- traefik.http.middlewares.auth.basicauth.users=admin:$$apr1$$M3diLTQ/$$HCIbrgRtFpUWqoQ9wJtXi1 networks: traefik: external: true backup: yes notify: Restart portainer handlers: - name: Restart portainer ansible.builtin.shell: docker-compose up -d --force-recreate args: chdir: /home/docker/portainer