forked from HPC/HPCplaybooks
Added role for jwilder nginx proxy.
This is useful when you want to handle ssl or when you want to proxy multiple containers on a single host.
This commit is contained in:
parent
4b91b61b66
commit
593082f710
6
nginx_proxy.yml
Normal file
6
nginx_proxy.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
- hosts: all
|
||||||
|
become: True
|
||||||
|
roles:
|
||||||
|
- docker
|
||||||
|
- nginx-proxy
|
25
roles/docker/main.yml
Normal file
25
roles/docker/main.yml
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
---
|
||||||
|
# Install Docker. Centos needs te be added.
|
||||||
|
|
||||||
|
- apt_key:
|
||||||
|
id: 58118E89F3A912897C070ADBF76221572C52609D
|
||||||
|
keyserver: hkp://p80.pool.sks-keyservers.net:80
|
||||||
|
state: present
|
||||||
|
when: ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'xenial'
|
||||||
|
|
||||||
|
- apt_repository:
|
||||||
|
repo: deb https://apt.dockerproject.org/repo ubuntu-xenial main
|
||||||
|
update_cache: yes
|
||||||
|
when: ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'xenial'
|
||||||
|
|
||||||
|
- name: install docker
|
||||||
|
apt: pkg={{ item }} state=latest
|
||||||
|
with_items:
|
||||||
|
- docker-engine
|
||||||
|
- python-docker
|
||||||
|
when: ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'xenial'
|
||||||
|
|
||||||
|
- name: make sure service is started
|
||||||
|
systemd:
|
||||||
|
name: docker.service
|
||||||
|
state: started
|
20
roles/nginx-proxy/tasks/main.yml
Normal file
20
roles/nginx-proxy/tasks/main.yml
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
# Install a nginx reverse proxy with a systemd unit file.
|
||||||
|
# See https://github.com/jwilder/nginx-proxy
|
||||||
|
---
|
||||||
|
- name: install service file.
|
||||||
|
template:
|
||||||
|
src: templates/nginx-proxy.service
|
||||||
|
dest: /etc/systemd/system/nginx-proxy.service
|
||||||
|
mode: 644
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
|
||||||
|
- command: systemctl daemon-reload
|
||||||
|
|
||||||
|
- name: start service at boot.
|
||||||
|
command: systemctl reenable nginx-proxy.service
|
||||||
|
|
||||||
|
- name: make sure service is started
|
||||||
|
systemd:
|
||||||
|
name: nginx-proxy.service
|
||||||
|
state: restarted
|
16
roles/nginx-proxy/templates/nginx-proxy.service
Normal file
16
roles/nginx-proxy/templates/nginx-proxy.service
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=nginx reverse proxy for docker containers.
|
||||||
|
After=docker.service
|
||||||
|
Requires=docker.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
TimeoutStartSec=0
|
||||||
|
Restart=always
|
||||||
|
ExecStartPre=-/usr/bin/docker kill %n
|
||||||
|
ExecStartPre=-/usr/bin/docker rm %n
|
||||||
|
ExecStart=/usr/bin/docker run --name %n \
|
||||||
|
--rm -d -p 80:80 -p 443:443 -v /srv/certs:/etc/nginx/certs \
|
||||||
|
-v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
Loading…
Reference in New Issue
Block a user