traefik.yml aktualisiert

traefik.yml

@@ -4,6 +4,48 @@
   hosts: all
   tasks:
 
+    - name: /home/docker/traefik/default-basic-auth-genpw.sh (generate Random PW for default-basic-auth)
+      blockinfile:
+        path: /home/docker/traefik/default-basic-auth-genpw.sh
+        create: yes
+        mode: 0550
+        owner: root
+        group: docker
+        marker: "# {mark} ANSIBLE MANAGED BLOCK"
+        block: |
+          cd /home/docker/traefik
+          user=admin
+          password=$(pwgen -s 32 1)
+
+          [ -f default-basic-auth-env ] || echo "USER=!USER!
+          PASSWORD=!PASSWORD!
+          " >default-basic-auth-env          
+         
+          chmod 440 default-basic-auth-env
+          chown root:docker default-basic-auth-env
+          sed -i "s/\!USER\!/$user/g" default-basic-auth-env
+          sed -i "s/\!PASSWORD\!/$password/g" default-basic-auth-env
+          
+          . default-basic-auth-env
+          echo $(htpasswd -nb $USER $PASSWORD) >providers/default-basic-auth.usersfile
+
+        backup: yes
+        validate: /bin/bash -n %s
+
+    - name: /home/docker/traefik/default-basic-auth-genpw.sh shebang
+      lineinfile:
+        path: /home/docker/traefik/default-basic-auth-genpw.sh
+        insertbefore: BOF
+        line: "#!/bin/bash -e"
+
+    - name: Gen initial password if not exists
+      ansible.builtin.shell: ./default-basic-auth-genpw.sh
+      args:
+        chdir: /home/docker/traefik
+        creates: /home/docker/traefik/providers/default-basic-auth.usersfile
+
+
+
     - name: Create a network
       community.docker.docker_network:
         name: traefik