clean up traefik

main.yml

@@ -3,6 +3,8 @@
   roles:
     - role: traefik
       tags: traefik_deploy
+      vars:
+        server: "jade"
 
   tasks:
     - name: Deploy Glance
@@ -95,6 +97,8 @@
   roles:
     - role: traefik
       tags: traefik_deploy
+      vars:
+        server: "jackson"
 
   tasks:
     - name: Deploy Gitea
@@ -115,10 +119,6 @@
 
 - hosts: nas
 
-  roles:
-    - role: traefik
-      tags: traefik_deploy
-
   tasks:
     - name: Deploy Plex
       import_tasks: tasks/plex.yml

roles/traefik/tasks/main.yml

@@ -14,11 +14,24 @@
     tag: latest
     source: pull
 
+# create static configuration for traefik
 - name: Create Traefik Configuration
   template:
     src: config.yml.j2
     dest: "{{ data_dir }}/traefik/traefik.yml"
 
+# create dynamic provider files for each system
+- name: Create Traefik Dynamic File (Local)
+  template:
+    src: local-dynamic.yml.j2
+    dest: "{{ data_dir }}/traefik/dynamic.yml"
+  when: server == "jade" or server == "nas"
+- name: Create Traefik Dynamic File (Remote)
+  template:
+    src: remote-dynamic.yml.j2
+    dest: "{{ data_dir }}/traefik/dynamic.yml"
+  when: server == "jackson"
+
 - name: Deploy Traefik Docker Container
   docker_container:
     name: traefik
@@ -38,24 +51,6 @@
       - /var/run/docker.sock:/var/run/docker.sock:ro
       - "{{ data_dir }}/traefik/data:/data"
       - "{{ data_dir }}/traefik/traefik.yml:/traefik.yml"
-    labels:
-      traefik.enable: "true"
-      traefik.http.routers.traefik.service: traefik
-      traefik.http.routers.traefik.rule: "Host(`traefik.fntz.net`)"
-      traefik.http.routers.traefik.entrypoints: webSecure
-      traefik.http.routers.traefik.tls.certresolver: letsencrypt
-      traefik.http.services.traefik.loadbalancer.server.port: "8080"
-
-      traefik.http.routers.jtraefik.service: jtraefik
-      traefik.http.routers.jtraefik.rule: "Host(`traefik-jackson.fntz.net`)"
-      traefik.http.routers.jtraefik.entrypoints: webSecure
-      traefik.http.routers.jtraefik.tls.certresolver: letsencrypt
-      traefik.http.services.jtraefik.loadbalancer.server.url: "http://jackson:8080"
-
-      traefik.http.routers.nflproxy.service: nflproxy
-      traefik.http.routers.nflproxy.rule: "Host(`nfl.fntz.net`)"
-      traefik.http.routers.nflproxy.entrypoints: webSecure
-      traefik.http.routers.nflproxy.tls.certresolver: letsencrypt
-      traefik.http.services.nflproxy.loadbalancer.server.url: "http://172.16.0.25:5000"
+      - "{{ data_dir }}/traefik/dynamic.yml:/dynamic.yml"
     networks:
       - name: "{{ docker_network_name }}"

roles/traefik/templates/config.yml.j2

@@ -19,6 +19,9 @@ providers:
     endpoint: "unix:///var/run/docker.sock"
     exposedByDefault: false
     network: homelab
+  file:
+    filename: /dynamic.yml
+    watch: true
 certificatesResolvers:
   letsencrypt:
     acme:

roles/traefik/templates/local-dynamic.yml.j2

@@ -0,0 +1,60 @@
+http:
+  routers:
+    plex:
+      rule: "Host(`tv.fntz.net`)"
+      service: plex
+      entryPoints:  
+        - webSecure
+      tls:
+        certResolver: letsencrypt
+    jtraefik:
+      rule: "Host(`traefik-jackson.fntz.net`)"
+      service: jtraefik
+      entryPoints:
+        - webSecure
+      tls:
+        certResolver: letsencrypt
+    traefik:
+      rule: "Host(`traefik.fntz.net`)"
+      service: traefik
+      entryPoints:
+        - webSecure
+      tls:
+        certResolver: letsencrypt
+    nflproxy:
+      rule: "Host(`nfl.fntz.net`)"
+      service: nflproxy
+      entryPoints:
+        - webSecure
+      tls:
+        certResolver: letsencrypt
+    nvr:
+      rule: "Host(`nvr.fntz.net`)"
+      service: nvr
+      entryPoints:
+        - webSecure
+      tls:
+        certResolver: letsencrypt
+    
+  
+  services:
+    plex:
+      loadBalancer:
+        servers:
+          - url: "http://172.16.0.29:32400"
+    jtraefik:
+      loadBalancer:
+        servers:
+          - url: "http://jackson:8080/"
+    traefik:
+      loadBalancer:
+        servers:
+          - url: "http://jade:8080/"
+    nflproxy:
+      loadBalancer:
+        servers:
+          - url: "http://jade:5000/"
+    nvr:
+      loadBalancer:
+        servers:
+          - url: "http://nas:5000/"

tasks/plex.yml

@@ -30,9 +30,3 @@
     volumes:
       - "{{ data_dir }}/plex:/config"
       - "{{ media_path }}:/media"
-    labels:
-      traefik.enable: "true"
-      traefik.http.routers.plex.rule: Host(`tv.fntz.net`)
-      traefik.http.routers.plex.entrypoints: webSecure
-      traefik.http.routers.plex.tls.certresolver: letsencrypt
-      traefik.http.services.plex.loadbalancer.server.url: "http://172.16.0.29:32400"