59 lines
2.0 KiB
YAML
59 lines
2.0 KiB
YAML
---
|
|
- name: portainer
|
|
hosts: all
|
|
tasks:
|
|
|
|
- name: Create portainer dir
|
|
ansible.builtin.file:
|
|
path: /home/docker/portainer
|
|
owner: root
|
|
group: docker
|
|
state: directory
|
|
mode: '0770'
|
|
|
|
- name: /home/docker/portainer/docker-compose.yml Portainer Container Configuration
|
|
blockinfile:
|
|
path: /home/docker/portainer/docker-compose.yml
|
|
create: yes
|
|
mode: 0440
|
|
owner: root
|
|
group: docker
|
|
marker: "# {mark} ANSIBLE MANAGED BLOCK"
|
|
block: |
|
|
version: "3.3"
|
|
services:
|
|
portainer:
|
|
image: portainer/portainer-ce:latest
|
|
# htpasswd -nb -B admin "PASSWORD" | cut -d ":" -f 2 | sed -e s/\\$/\\$\\$/g
|
|
command: --admin-password $$2y$$05$$zpNgDI6UufemwrBAg022QezGKJKFGziKudMjVdcHvQMFkiL1jmJCm
|
|
restart: unless-stopped
|
|
networks:
|
|
- traefik
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
- ./data:/data
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.portainer.rule=Host(`portainer.{{inventory_hostname}}`)
|
|
- traefik.http.routers.portainer.entrypoints=https
|
|
- traefik.http.routers.portainer.middlewares=secHeaders@file
|
|
- traefik.http.services.portainer.loadbalancer.server.port=9000
|
|
- traefik.http.routers.portainer.service=portainer
|
|
- traefik.http.routers.portainer.tls=true
|
|
- traefik.http.routers.portainer.tls.certresolver=letsencrypt
|
|
- traefik.http.middlewares.to-https.redirectscheme.scheme=https
|
|
#- traefik.http.middlewares.auth.basicauth.users=admin:$$apr1$$M3diLTQ/$$HCIbrgRtFpUWqoQ9wJtXi1
|
|
networks:
|
|
traefik:
|
|
external: true
|
|
backup: yes
|
|
notify: Restart portainer
|
|
|
|
|
|
handlers:
|
|
|
|
- name: Restart portainer
|
|
ansible.builtin.shell: docker-compose up -d
|
|
args:
|
|
chdir: /home/docker/portainer
|