From 593082f710b2680b6f673ca991ceb5ef890ec15c Mon Sep 17 00:00:00 2001 From: Egon Rijpkema Date: Tue, 13 Feb 2018 10:07:24 +0100 Subject: [PATCH] Added role for jwilder nginx proxy. This is useful when you want to handle ssl or when you want to proxy multiple containers on a single host. --- nginx_proxy.yml | 6 +++++ roles/docker/main.yml | 25 +++++++++++++++++++ roles/nginx-proxy/tasks/main.yml | 20 +++++++++++++++ .../nginx-proxy/templates/nginx-proxy.service | 16 ++++++++++++ 4 files changed, 67 insertions(+) create mode 100644 nginx_proxy.yml create mode 100644 roles/docker/main.yml create mode 100644 roles/nginx-proxy/tasks/main.yml create mode 100644 roles/nginx-proxy/templates/nginx-proxy.service diff --git a/nginx_proxy.yml b/nginx_proxy.yml new file mode 100644 index 0000000..51cb112 --- /dev/null +++ b/nginx_proxy.yml @@ -0,0 +1,6 @@ +--- +- hosts: all + become: True + roles: + - docker + - nginx-proxy diff --git a/roles/docker/main.yml b/roles/docker/main.yml new file mode 100644 index 0000000..dba0db3 --- /dev/null +++ b/roles/docker/main.yml @@ -0,0 +1,25 @@ +--- +# Install Docker. Centos needs te be added. + +- apt_key: + id: 58118E89F3A912897C070ADBF76221572C52609D + keyserver: hkp://p80.pool.sks-keyservers.net:80 + state: present + when: ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'xenial' + +- apt_repository: + repo: deb https://apt.dockerproject.org/repo ubuntu-xenial main + update_cache: yes + when: ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'xenial' + +- name: install docker + apt: pkg={{ item }} state=latest + with_items: + - docker-engine + - python-docker + when: ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'xenial' + +- name: make sure service is started + systemd: + name: docker.service + state: started diff --git a/roles/nginx-proxy/tasks/main.yml b/roles/nginx-proxy/tasks/main.yml new file mode 100644 index 0000000..2d282de --- /dev/null +++ b/roles/nginx-proxy/tasks/main.yml @@ -0,0 +1,20 @@ +# Install a nginx reverse proxy with a systemd unit file. +# See https://github.com/jwilder/nginx-proxy +--- +- name: install service file. + template: + src: templates/nginx-proxy.service + dest: /etc/systemd/system/nginx-proxy.service + mode: 644 + owner: root + group: root + +- command: systemctl daemon-reload + +- name: start service at boot. + command: systemctl reenable nginx-proxy.service + +- name: make sure service is started + systemd: + name: nginx-proxy.service + state: restarted diff --git a/roles/nginx-proxy/templates/nginx-proxy.service b/roles/nginx-proxy/templates/nginx-proxy.service new file mode 100644 index 0000000..46a8572 --- /dev/null +++ b/roles/nginx-proxy/templates/nginx-proxy.service @@ -0,0 +1,16 @@ +[Unit] +Description=nginx reverse proxy for docker containers. +After=docker.service +Requires=docker.service + +[Service] +TimeoutStartSec=0 +Restart=always +ExecStartPre=-/usr/bin/docker kill %n +ExecStartPre=-/usr/bin/docker rm %n +ExecStart=/usr/bin/docker run --name %n \ + --rm -d -p 80:80 -p 443:443 -v /srv/certs:/etc/nginx/certs \ + -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy + +[Install] +WantedBy=multi-user.target