first commit

2022-07-10 10:51:06 +02:00 · 2022-07-10 10:51:06 +02:00 · 9767258726
commit 9767258726
2 changed files with 80 additions and 0 deletions
--- a/README.md
+++ b/README.md
--- a/router.yml
+++ b/router.yml
@ -0,0 +1,80 @@
+- name: Router-WebGUI-Traefik-setup
+  hosts: all
+  tasks:
+
+    - name: /usr/local/sbin/router-over-traefik.sh
+      blockinfile:
+        path: /usr/local/sbin/router-over-traefik.sh
+        create: yes
+        mode: 0550
+        owner: root
+        group: docker
+        marker: "# {mark} ANSIBLE MANAGED BLOCK"
+        block: |
+          . /etc/bash/gaboshlib.include
+          g_lockfile
+          g_nice
+          g_all-to-syslog
+
+          defaultgw=$(ip route | awk '/default/ { print $3 }')
+          if wget -q -t1 --timeout=30  http://${defaultgw} -O /dev/null
+          then
+            echo "
+          http:
+            routers:
+              router:
+                rule: \"Host(\`router.{{inventory_hostname}}\`)\"
+                service: router
+                entryPoints:
+                  - \"https\"
+                tls:
+                  certresolver:
+                    - \"letsencrypt\"
+                middlewares: 
+                    - \"secHeaders@file\"
+                    - \"auth-router\"
+            services:
+              router:
+                loadBalancer:
+                  servers:
+                    - url: \"http://${defaultgw}:80\"
+            middlewares:
+              auth-router:
+                basicauth:
+                  users: \"admin:\$apr1\$XLxGs/Ba\$3phZ1a2RtfExOp8x6NFjZ.\"
+          " >/home/docker/traefik/providers/router.yml
+          else
+            rm -f /home/docker/traefik/providers/router.yml
+          fi
+        backup: yes
+        validate: /bin/bash -n %s
+      notify: router-over-traefik
+
+    - name: /usr/local/sbin/router-over-traefik.sh shebang
+      lineinfile:
+        path: /usr/local/sbin/router-over-traefik.sh
+        insertbefore: BOF
+        line: "#!/bin/bash"
+
+    - name: Gen initial passwords if not exists
+      ansible.builtin.shell: /usr/local/sbin/router-over-traefik.sh
+      args:
+        creates: /home/docker/traefik/providers/router.yml
+
+    - name: /etc/cron.d/router-over-traefik_local
+      blockinfile:
+        path: /etc/cron.d/router-over-traefik
+        mode: "0400"
+        owner: root
+        group: root
+        create: yes
+        marker: "# {mark} ANSIBLE MANAGED BLOCK"
+        block: |
+          ## Auto-Update
+          1 1 * * * root /usr/local/sbin/router-over-traefik.sh
+        backup: yes
+
+  handlers:
+    name: router-over-traefik
+    ansible.builtin.shell: /usr/local/sbin/router-over-traefik.sh
+